cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.9.7.137 Por Nicolas Coolman (2015/09/7)
~ iniciado por Usuario (Administrator) (2015/09/08 01:03:45)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Status da versão: Version OK
~ Modo: Scanner
~ Relatório: C:\Users\Usuario\Desktop\ZHPDiag.txt
~ Relatório: C:\Users\Usuario\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Inicialização do sistema: Normal (Normal boot)
Windows 8.1 Pro, 64-bit (Build 9600)

---\\ Navegadores Internet (3) - 0s
GCIE: Google Chrome v45.0.2454.85
MFIE: Mozilla Firefox 40.0.3 (x86 pt-BR) v40.0.3
MSIE: Internet Explorer v11.0.9600.17031

---\\ Informações sobre os produtos Windows (4) - 1s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Key Management Service client information : KO
Windows Automatic Updates : KO

---\\ Softwares de proteçao do sistema (2) - 3s
Avast Free Antivirus v10.3.2225
Windows Defender (Deactivate)

---\\ Monitoramento dos softwares (2) - 4s
Adobe Flash Player 13 ActiveX
Adobe Reader XI

---\\ Informações sobre o sistema (6) - 0s
~ Operating System: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 7816.86 MB (85% free)
~ System Restore: Activé (Enable)
~ System drive C: has 218 GB free of 476 GB

---\\ Modo de conexão ao sistema (3) - 0s
~ Computer Name: USER-PC
~ User Name: Usuario
~ Logged in as Administrator

---\\ Enumeração das unidades dos discos (2) - 0s
~ Drive C: has 218 GB free of 476 GB (System)
~ Drive E: has GB free of 5 GB

---\\ Estado do Centro de Segurança do Windows (10) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Pesquisa particular de ficheiros genéricos (24) - 1s
[MD5.4CE0C733CDCF1D2F78532BBD9CE3441D] - (.Microsoft Corporation - Windows Explorer.) () -- C:\Windows\Explorer.exe [2373784] ©
[MD5.6E0BDFBEEED65B017F2E4C2C910B0520] - (.Microsoft Corporation - Processo de host do Windows (Rundll32).) () -- C:\Windows\System32\rundll32.exe [52736] ©
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) () -- C:\Windows\System32\Wininit.exe [144384] ©
[MD5.65C36A29A131A3A5D64B29FAC4EF6DD6] - (.Microsoft Corporation - Internet Extensions para Win32.) () -- C:\Windows\System32\wininet.dll [2262016] ©
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) () -- C:\Windows\System32\Winlogon.exe [562176] ©
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) () -- C:\Windows\System32\sppcomapi.dll [447488] ©
[MD5.5A2020DDCCBB0ED08BAC2355A075F303] - (.Microsoft Corporation - DLL da API de cliente DNS.) () -- C:\Windows\System32\dnsapi.dll [656384] ©
[MD5.2B9EED6835D269F35B310DC03D0F5768] - (.Microsoft Corporation - DLL da API de cliente DNS.) () -- C:\Windows\Syswow64\dnsapi.dll [492544] ©
[MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [567296] ©
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [26464] ©
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [88576] ©
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [164352] ©
[MD5.414686EF104910BA41DF66E83BDCD495] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [134656] ©
[MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [78336] ©
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Driver de porta i8042.) () -- C:\Windows\System32\drivers\i8042prt.sys [107520] ©
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [142848] ©
[MD5.16FFC07D36FD83ACA189A641385168B3] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) () -- C:\Windows\System32\drivers\MRxSmb.sys [402944] ©
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [282624] ©
[MD5.9AEB38B451A7B84ACB7CD3D664F87BF0] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) () -- C:\Windows\System32\drivers\ntfs.sys [2013016] ©
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Driver de porta paralela.) () -- C:\Windows\System32\drivers\Parport.sys [94208] ©
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [120832] ©
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Micros.) () -- C:\Windows\System32\drivers\rdpdr.sys [195584] ©
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [107520] ©
[MD5.3595FBDF25F8BA6256072D103937D7D6] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) () -- C:\Windows\System32\drivers\volsnap.sys [311640] ©

---\\ Processos lançados (27) - 3s
[MD5.78CC42364F47A889CBC4E66E8BA4DB9D] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe [587576] [PID.928]
[MD5.4956380A54B1C9E6BFDF3D80DACB9698] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600] [PID.1232] ©
[MD5.4C72FDD915D62EAEF149BD9C73AB9CF4] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.1096] ©
[MD5.6EB87FDB59AABF6D19C927492DEA0D36] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128] [PID.2132] ©
[MD5.EBBCD5DFBB1DE70E8F4AF8FA59E401FD] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [462184] [PID.2156] ©
[MD5.1512820A57E2FF6F4103242EE7F39F1C] - (...) -- C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsvAEFA.tmp [721920] [PID.2608] =>PUP.Optional.CrossRider
[MD5.6BAE8D679B877E2DF99EFB18435D908B] - (...) -- C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsgB391.tmp [721920] [PID.2884] =>PUP.Optional.CrossRider
[MD5.4635935FC972C582632BF45C26BFCB0E] - (...) -- C:\Windows\SysWOW64\srvany.exe [8192] [PID.3056]
[MD5.BCA43E19E7013331D99FF788EA6B42A0] - (...) -- C:\Windows\KMService.exe [151552] [PID.2052]
[MD5.988CDC4DAE2186F3A5ED6EE7D3E6B5CA] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe [786256] [PID.1444] ©
[MD5.4C5A162F20C58B523B29795291BEE6CC] - (.TODO: <公司名> - TODO: <文件说明>.) -- C:\Program Files (x86)\SFK\SSFK.exe [411648] [PID.2896]
[MD5.3AF1E5ADFC3E0DEE256FF115259B0AF1] - (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) -- C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [105112] [PID.2940]
[MD5.CFC9B7B465283378D374D5E380D5D244] - (.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280] [PID.1500] ©
[MD5.D342D91C92AC6DEDC692B183B1887652] - (.Copyright (C) 2015 - The Desktop Weather Service.) -- C:\Program Files (x86)\WeatherTool\1.2.0.9153\WeatherService.exe [76264] [PID.2216]
[MD5.A8334B73F0DB3E0B9612E6120A205A25] - (.ShenZhen Enode Techology co,.Ltd - Windows weather tool.) -- C:\Program Files (x86)\WeatherTool\1.2.0.9153\weather.exe [1594856] [PID.1512] ©
[MD5.E0DA271341411C06CD94035AEA6D008F] - (.DTools LIMITED - DTools.) -- C:\ProgramData\5WdsManPro5\WdsManPro.exe [709288] [PID.3172] =>PUP.Optional.WdsManPro
[MD5.28B2F630A8D33CC953A3F42A779B7876] - (...) -- C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knss9343.tmp [663040] [PID.3196] =>PUP.Optional.CrossRider
[MD5.3375EFA8964C402A11A0593E7FB41269] - (...) -- C:\Program Files (x86)\SFK\SFKEX64.exe [122880] [PID.3208]
[MD5.78CC42364F47A889CBC4E66E8BA4DB9D] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe [587576] [PID.4052]
[MD5.838258B7655F2309F7BE63F844AF51BB] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [170256] [PID.1460] ©
[MD5.77C01F1850E55373280A1B865D824F58] - (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Usuario\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008] [PID.4156] ©
[MD5.E8D96F840994291789F0CDE6800AC1A4] - (.Apple Inc. - iPodService Module (64-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [644880] [PID.4212] ©
[MD5.F66203AF9C159E2CBD54DF981654F499] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [6111824] [PID.5072] ©
[MD5.BC357FBB821D5B30F801ED59C2EC7602] - (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) -- C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848] [PID.3696]
[MD5.E912744B9E45C9D44845AB49FDC3B14A] - (.Goobzo LTD - .) -- C:\Program Files (x86)\ShopperPro\ShopperPro.exe [1111984] [PID.1812] =>PUP.Optional.ShopperPro
[MD5.277789334263C78BD58231766AD7C015] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Usuario\AppData\Roaming\ZHP\ZHPDiag3.exe [1923072] [PID.4276] ©
[MD5.277789334263C78BD58231766AD7C015] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Usuario\AppData\Roaming\ZHP\ZHPDiag3.exe [1923072] [PID.1308] ©

---\\ Google Chrome, Arranque,Pesquisa,Extensões (20) - 1s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://a.thanksearch.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://adplus.goo.mx/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ajax.googleapis.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://bd.xingcloud.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://d.thanksearch.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://deliver.goo.mx/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://odin.goo.mx/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://static.zoom.com.br/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
G0 - GCSP: Preferences [User Data\Default][HomePage] http://accounts.google.com/
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (20) - 4s
M0 - MFSP: prefs.js [Usuario - wy9su83x.default] http://www.mystartsearch.com/?type=hp&ts=1441641290&z=f89b18f6eb51cea9abf9b51gezbz7g8qez0g9g3z8b&from=cmi&uid=ST500LM012XHN-M500MBB_S2ZYJ9BF301169 =>PUP.Optional.StartSearch
P2 - EXT FILE: (...) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\searchplugins\bing-.xml
P2 - EXT FILE: (...) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\searchplugins\search-provided-by-yahoo.xml =>PUP.Optional.BDYahoo
P2 - EXT FILE: (...) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\searchplugins\yahoo-search.xml =>PUP.Optional.BDYahoo
P2 - EXT FILE: (...) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\searchplugins\yahoo_ff.xml
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ©
P2 - EXT: (. - bestadblocker.) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\0Mk@YEBUIS.com
P2 - EXT: (...) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\1441508975_xpi
P2 - EXT: (.Microsoft Corporation - Bing Search.) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\bingsearch.full@microsoft.com ©
P2 - EXT: (. - PriceMinuS.) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\bX@of1.org
P2 - EXT: (.roc - Default SearchProtected .) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\defsearchp@gmail.com
P2 - EXT: (.lightningnewtab.com - deskCut.) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\deskCutv2@gmail.com =>PUP.Optional.LightningNewTab
P2 - EXT: (.Goobzo - Shopper-Pro.) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} =>PUP.Optional.Goobzo
P2 - EXT: (. - Web Protector.) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\{8a167a0d-2593-78be-dffa-baa301a8d989}
P2 - FPN: [HKCU] [@hola.org/vlc] - (.Hola.) -- C:\Users\Usuario\AppData\Local\Hola\firefox\app\vlc\npvlc.dll
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb] - (.GAS Tecnologia.) -- C:\Users\Usuario\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb64] - (.GAS Tecnologia.) -- C:\Users\Usuario\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ©
P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=10] - (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate
P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=4] - (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate

---\\ Internet Explorer, Arranque, Pesquisa, Phishing (17) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://br.search.yahoo.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://br.yahoo.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://br.search.yahoo.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://br.search.yahoo.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1

---\\ Internet Explorer, Gestão do Proxy (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Análise das linhas, Carregamento Automático de programas (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Redireção do ficheiro Hosts (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Browser Helper Objects do navegador (7) - 0s
O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL ©
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll ©
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll ©
O2 - BHO: ShopperProBHO [64Bits] - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} . (.Goobzo Ltd. - ShopperPro Extension.) -- C:\ProgramData\ShopperPro\ShopperPro64.dll =>PUP.Optional.ShopperPro
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll ©
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL ©
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll ©

---\\ Aplicações iniciadas por registo & pastas (23) - 2s
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe ©
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe ©
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe ©
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe ©
O4 - HKCU\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (.not file.)
O4 - HKCU\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Usuario\AppData\Local\Microsoft\BingSvc\BingSvc.exe ©
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE ©
O4 - HKCU\..\Run: [CrashService] C:\Users\Usuario\AppData\Local\BoBrowser\Application\crash_service.exe (.not file.) =>PUP.Optional.BoBrowser
O4 - HKCU\..\Run: [YTDownloader] C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.) =>PUP.Optional.YTDownloader
O4 - HKCU\..\Run: [EADM] . (.Electronic Arts - Origin.) -- C:\Program Files (x86)\Origin\Origin.exe ©
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe ©
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ©
O4 - HKLM\..\Wow6432Node\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe ©
O4 - HKLM\..\Wow6432Node\Run: [YTDownloader] C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.) =>PUP.Optional.YTDownloader
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe ©
O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (.not file.)
O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Usuario\AppData\Local\Microsoft\BingSvc\BingSvc.exe ©
O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE ©
O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [CrashService] C:\Users\Usuario\AppData\Local\BoBrowser\Application\crash_service.exe (.not file.) =>PUP.Optional.BoBrowser
O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [YTDownloader] C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.) =>PUP.Optional.YTDownloader
O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [EADM] . (.Electronic Arts - Origin.) -- C:\Program Files (x86)\Origin\Origin.exe ©

---\\ Atalhos globais Startup (3) - 2s
O4 - GS\Desktop [Administrador]: AnyProtect.lnk . (.AnyProtect.com - AnyProtect.) C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe =>PUP.Optional.AnyProtect
O4 - GS\Desktop [Convidado]: AnyProtect.lnk . (.AnyProtect.com - AnyProtect.) C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe =>PUP.Optional.AnyProtect
O4 - GS\Desktop [Usuario]: AnyProtect.lnk . (.AnyProtect.com - AnyProtect.) C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe =>PUP.Optional.AnyProtect

---\\ Alteração Dominio/Clientes DNS (8) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = oficina.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpDomain = oficina.local

---\\ Protocolo adicional (22) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\System32\MSVidCtl.dll ©
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll ©
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll ©
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\System32\MSVidCtl.dll ©
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll ©
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL ©

---\\ Serviços NT não Microsoft e não desativados (24) - 3s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe ©
O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe ©
O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe ©
O23 - Service: Serviço do Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe ©
O23 - Service: Compatible Cut (cikepiqu) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsvAEFA.tmp =>PUP.Optional.CrossRider
O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
O23 - Service: Kerning Down (gopibeko) . (...) - C:\Users\Usuario\AppData\Local\57F31BB0-1441371115-11E2-8047-874860FC3600\snsmC3B4.tmp =>PUP.Optional.CrossRider
O23 - Service: Click Hyphen (goxezecy) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsgB391.tmp =>PUP.Optional.CrossRider
O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
O23 - Service: Cool Barcode (jimocoso) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\jnse252F.tmp =>PUP.Optional.CrossRider
O23 - Service: KMService (KMService) . (...) - C:\Windows\System32\srvany.exe (.not file.) =>PUP.Optional.Office
O23 - Service: Nero Update (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files (x86)\Nero\Update\NASvc.exe ©
O23 - Service: NixSrv Service (NixSrv) . (...) - C:\Program Files\NixSrv\NixSrv.exe =>PUP.Optional.Amonetize
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe ©
O23 - Service: SSFK (SSFK) . (.TODO: <公司名> - TODO: <文件说明>.) - C:\Program Files (x86)\SFK\SSFK.exe =>PUP.Optional.MyWebSearch
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_W (SystemUsageReportSvc_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
O23 - Service: TeamViewer 10 (TeamViewer) . (.TeamViewer GmbH - TeamViewer 10.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ©
O23 - Service: TheDesktopWeatherService (TheDesktopWeatherService) . (.Copyright (C) 2015 - The Desktop Weather Service.) - C:\Program Files (x86)\WeatherTool\1.2.0.9153\WeatherService.exe
O23 - Service: Delete Exit (totyseku) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\hnsd3C24.tmp =>PUP.Optional.CrossRider
O23 - Service: Strongdex (updaie) . (...) - C:\Users\Usuario\AppData\Local\opeline.exe
O23 - Service: Util Steel Cut (Util Steel Cut) . (...) - C:\Program Files (x86)\Steel Cut\bin\utilSteelCut.exe (.not file.) =>PUP.Optional.SteelCut*
O23 - Service: WdsManPro Service (WdsManPro) . (.DTools LIMITED - DTools.) - C:\ProgramData\5WdsManPro5\WdsManPro.exe =>PUP.Optional.WpManager
O23 - Service: Protocol Space Bar (wimikimo) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knss9343.tmp =>PUP.Optional.CrossRider

---\\ Listagem dos dados do BootExecute (1) - 0s
O34 - HKLM BootExecute: (aswBoot.exe /M:54d3bb1c /wow /dir:"C:\Program Files\AVAST Software\Avast")

---\\ Software instalados (75) - 23s
O42 - Logiciel: doPDF 7.3 printer - (.Softland.) [HKLM][64Bits] -- doPDF 7 printer_is1 ©
O42 - Logiciel: DriverEasy 4.9.2 - (.Easeware.) [HKLM][64Bits] -- DriverEasy_is1 ©
O42 - Logiciel: The Desktop Weather 1.2 - (.ShenZhen Enode Techology co,.Ltd.) [HKLM][64Bits] -- WeatherTool ©
O42 - Logiciel: Web Protector Plus (uninstall only) - (...) [HKLM][64Bits] -- WebProtectorPlus =>PUP.Optional.WebProtector
O42 - Logiciel: Java 7 Update 60 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F06417060FF} ©
O42 - Logiciel: SolidWorks eDrawings 2013 x64 - (.Dassault Systèmes SolidWorks Corp.) [HKLM][64Bits] -- {3F831724-DD10-4BC1-A1C3-92DD69169674} ©
O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel Corporation.) [HKLM][64Bits] -- {5CA7FC9B-8508-4494-B365-6FBCBAEB8E89} ©
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {5D61F006-168C-4B8B-B7FD-F113C10AE0E4} ©
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} ©
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} ©
O42 - Logiciel: Suporte para Aplicativos Apple Apple (64-bit) - (.Apple Inc..) [HKLM][64Bits] -- {B255D495-4734-4E9B-B4F5-96702FD4A7B9} ©
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {BFEAB774-C7DC-4032-B05A-DA5F7CB7B365} ©
O42 - Logiciel: Adobe Flash Player 13 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX ©
O42 - Logiciel: AnyProtect - (.CMI Limited.) [HKLM][64Bits] -- AnyProtect =>PUP.Optional.AnyProtect
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- Avast ©
O42 - Logiciel: Nextel - Fatura Web 3.0 - (.NEXTEL TELECOMUNICACOES LTDA.) [HKLM][64Bits] -- br.com.nextel.apps.Fatura3G
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite ©
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome ©
O42 - Logiciel: K-Lite Mega Codec Pack 1.38 - (...) [HKLM][64Bits] -- KLiteCodecPack_is1
O42 - Logiciel: LiveUpdateWPP - (.Anti-phishing database updater for Web Protector Plus. This service keeps your computer updated with the newest database of known Internet threats..) [HKLM][64Bits] -- LiveUpdateWPP =>PUP.Optional.WebProtector
O42 - Logiciel: Mozilla Firefox 40.0.3 (x86 pt-BR) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 40.0.3 (x86 pt-BR) ©
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService ©
O42 - Logiciel: mystartsearch uninstall - (.mystartsearch.) [HKLM][64Bits] -- mystartsearch uninstall =>PUP.Optional.StartSearch
O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM][64Bits] -- Origin ©
O42 - Logiciel: TeamViewer 10 - (.TeamViewer.) [HKLM][64Bits] -- TeamViewer ©
O42 - Logiciel: The Sims 4 Spa Day Addon Pack with Bonus - (...) [HKLM][64Bits] -- VGhlU2ltczQ=_is1
O42 - Logiciel: Web Protector IE - (.WebProtector.) [HKLM][64Bits] -- WebProtector =>PUP.Optional.WebProtector
O42 - Logiciel: Arquivo do WinRAR - (...) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Nero Video Samples - (.Nero AG.) [HKLM][64Bits] -- {05C6B128-1B40-4495-9CB9-090B368BFA0A} ©
O42 - Logiciel: Nero Kwik Themes Basic - (.Nero AG.) [HKLM][64Bits] -- {1B6F5E51-575E-4693-BCA2-7543570D076D} ©
O42 - Logiciel: Nero Blu-ray Player - (.Nero AG.) [HKLM][64Bits] -- {22124B84-93B2-4603-B212-146665E4B6B1} ©
O42 - Logiciel: Nero SharedVideoCodecs - (.Nero AG.) [HKLM][64Bits] -- {2432E589-6256-4513-B0BF-EFA8E325D5F0} ©
O42 - Logiciel: Skype™ 7.6 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} ©
O42 - Logiciel: MPC-HC 1.6.3.5818 - (.MPC-HC Team.) [HKLM][64Bits] -- {2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1 ©
O42 - Logiciel: Java 7 Update 60 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F03217060FF} ©
O42 - Logiciel: Nero Effects Basic - (.Nero AG.) [HKLM][64Bits] -- {29F67D84-3A70-456E-806A-52301B02070B} ©
O42 - Logiciel: Módulo de Segurança - Banco do Brasil - (...) [HKLM][64Bits] -- {36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1
O42 - Logiciel: Nero RescueAgent - (.Nero AG.) [HKLM][64Bits] -- {38BC5B60-4E70-470A-AE76-E06C15700C68} ©
O42 - Logiciel: Intel(R) Driver Update Utility 2.2 - (.Intel.) [HKLM][64Bits] -- {3EE9923D-3045-46AB-9CAA-E375993AEB4A} ©
O42 - Logiciel: The Sims™ 4 - (.Electronic Arts Inc..) [HKLM][64Bits] -- {48EBEBBF-B9F8-4520-A3CF-89A730721917} ©
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} ©
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726} ©
O42 - Logiciel: Nero MediaHome - (.Nero AG.) [HKLM][64Bits] -- {62CFAD8C-4A87-490F-95F7-D10ED7501AD0} ©
O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM][64Bits] -- {65BB0407-4CC8-4DC7-952E-3EEFDF05602A} ©
O42 - Logiciel: Nero Recode - (.Nero AG.) [HKLM][64Bits] -- {6B14A50A-389F-4628-BE69-DC56122F982B} ©
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} ©
O42 - Logiciel: Nero Express - (.Nero AG.) [HKLM][64Bits] -- {6EEF61AB-CC0B-4917-A3F2-97902CD11073} ©
O42 - Logiciel: Nextel - Fatura Web 3.0 - (.NEXTEL TELECOMUNICACOES LTDA.) [HKLM][64Bits] -- {7426D890-3D8D-37E1-F7D4-CACE0F69A967}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} ©
O42 - Logiciel: Suporte para Aplicativos Apple (32-bit) - (.Apple Inc..) [HKLM][64Bits] -- {7FE25256-B7C1-480D-B736-10A67A833AEA} ©
O42 - Logiciel: Nero Disc to Device - (.Nero AG.) [HKLM][64Bits] -- {82BF7616-508E-44A5-848F-41FE2C0829F1} ©
O42 - Logiciel: Claro 3G - (...) [HKLM][64Bits] -- {93D34EE3-99B3-4DB1-8B0A-0A657466F90D}
O42 - Logiciel: Software de dispositivo do Chipset Intel® - (.Intel(R) Corporation.) [HKLM][64Bits] -- {98f335cd-0a32-4b3f-b74c-ef9480e834f0} ©
O42 - Logiciel: Nero Launcher - (.Nero AG.) [HKLM][64Bits] -- {9D780839-6E97-4E2A-A5F7-711AF221B609} ©
O42 - Logiciel: Nero Audio Pack 1 - (.Nero AG.) [HKLM][64Bits] -- {A7A0BF2E-31CC-49E3-9913-52C503EB969D} ©
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ©
O42 - Logiciel: Nero Device Updates - (.Nero AG.) [HKLM][64Bits] -- {ABA7F64A-8CEB-4B59-84D9-B4D98CCD32D4} ©
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {ABC88553-8770-4B97-B43E-5A90647A5B63} ©
O42 - Logiciel: Adobe Reader XI (11.0.10) - Português - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1046-7B44-AB0000000001} ©
O42 - Logiciel: Nero PiP Effects Basic - (.Nero AG.) [HKLM][64Bits] -- {ACE49D50-19CD-44A6-B192-46F985283B26} ©
O42 - Logiciel: Nero Video - (.Nero AG.) [HKLM][64Bits] -- {AF604D6A-9BE8-45FE-855E-B1AF13BEE88C} ©
O42 - Logiciel: Nero Burning ROM - (.Nero AG.) [HKLM][64Bits] -- {B3756FCF-13D3-460B-88D5-33CB88CE6CFA} ©
O42 - Logiciel: Nero Core Components - (.Nero AG.) [HKLM][64Bits] -- {BEBEE34D-84A2-4EDD-8BEA-96CC54371263} ©
O42 - Logiciel: The Sims™ 3 - (.Electronic Arts.) [HKLM][64Bits] -- {C05D8CDB-417D-4335-A38C-A0659EDFD6B8} ©
O42 - Logiciel: Intel Driver Update Utility - (.Intel.) [HKLM][64Bits] -- {ca4bc3a8-b99c-4416-90d8-351a8ceab458} ©
O42 - Logiciel: SoundDown version 0.1 - (.NK Software.) [HKLM][64Bits] -- {DAFD1AE9-61A0-4B35-B4C6-D2367D77633A}_is1
O42 - Logiciel: Nero Disc Menus Basic - (.Nero AG.) [HKLM][64Bits] -- {E17BCB76-9924-4BD5-B6D6-50D3407B4E74} ©
O42 - Logiciel: Microsoft WSE 3.0 Runtime - (.Microsoft Corp..) [HKLM][64Bits] -- {E3E71D07-CD27-46CB-8448-16D4FB29AA13} ©
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} ©
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} ©
O42 - Logiciel: Nero 2015 - (.Nero AG.) [HKLM][64Bits] -- {F9592BA0-AA0D-454C-95AA-9782DF00CB4B} ©
O42 - Logiciel: Nero Burning Core - (.Nero AG.) [HKLM][64Bits] -- {FB41E96F-CE95-4181-9488-A501E9240978} ©
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573} ©
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent
O42 - Logiciel: WindowsAndroid version 4.0.3 - (.SocketeQ, Inc..) [HKCU][64Bits] -- {7E07052F-A4CE-4932-B066-B9203888439F}_is1

---\\ HKCU & HKLM Software Keys (161) - 23s
HKLM\SOFTWARE\Wow6432Node\3ivx
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AppDataLow
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\ArenaHD =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\AVAST Software
HKLM\SOFTWARE\Wow6432Node\baidu
HKLM\SOFTWARE\Wow6432Node\Baidu Security
HKLM\SOFTWARE\Wow6432Node\Baidu_Drp_pos
HKLM\SOFTWARE\Wow6432Node\Canneverbe Limited
HKLM\SOFTWARE\Wow6432Node\Clara =>PUP.Optional.SupTab
HKLM\SOFTWARE\Wow6432Node\Claro 3G
HKLM\SOFTWARE\Wow6432Node\Crossbrowse =>PUP.Optional.CrossBrowse
HKLM\SOFTWARE\Wow6432Node\Cyberlink
HKLM\SOFTWARE\Wow6432Node\Disc Soft
HKLM\SOFTWARE\Wow6432Node\downchecker =>PUP.Optional.DownChecker
HKLM\SOFTWARE\Wow6432Node\Electronic Arts
HKLM\SOFTWARE\Wow6432Node\FFPluginHp =>PUP.Optional.SweetSearch
HKLM\SOFTWARE\Wow6432Node\GlobalUpdate =>PUP.Optional.GlobalUpdate
HKLM\SOFTWARE\Wow6432Node\GNU
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\HaaliMkx
HKLM\SOFTWARE\Wow6432Node\HighDefAction =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\KLCodecPack
HKLM\SOFTWARE\Wow6432Node\LiveUpdateWPP =>PUP.Optional.WebProtector
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Maxis
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\MYBESTOFFERSTODAY =>PUP.Optional.MyBestOffersToday
HKLM\SOFTWARE\Wow6432Node\MyBrowser
HKLM\SOFTWARE\Wow6432Node\mystartsearchSoftware =>PUP.Optional.StartSearch
HKLM\SOFTWARE\Wow6432Node\Nero
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\On2 Technologies
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\Origin
HKLM\SOFTWARE\Wow6432Node\RealNetworks
HKLM\SOFTWARE\Wow6432Node\Reg
HKLM\SOFTWARE\Wow6432Node\ShopperPro =>PUP.Optional.ShopperPro
HKLM\SOFTWARE\Wow6432Node\Sims
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\sweet-pageSoftware =>PUP.Optional.SweetPage
HKLM\SOFTWARE\Wow6432Node\Symantec
HKLM\SOFTWARE\Wow6432Node\Systweak =>PUP.Optional.Systweak
HKLM\SOFTWARE\Wow6432Node\TeamViewer
HKLM\SOFTWARE\Wow6432Node\TermBlazer_1.10.0.16 =>PUP.Optional.TermBlazer
HKLM\SOFTWARE\Wow6432Node\TermCoach_1.10.0.24 =>PUP.Optional.TermCoach
HKLM\SOFTWARE\Wow6432Node\Torch =>PUP.Optional.Torch
HKLM\SOFTWARE\Wow6432Node\TuneUp
HKLM\SOFTWARE\Wow6432Node\Tutorials =>PUP.Optional.AgenceExclusive
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\Virtools
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\WdsManPro =>PUP.Optional.WdsManPro
HKLM\SOFTWARE\Wow6432Node\WebProtector =>PUP.Optional.BProtector
HKLM\SOFTWARE\Wow6432Node\webssearchesSoftware =>PUP.Optional.WebsSearches
HKLM\SOFTWARE\Wow6432Node\WebZen
HKLM\SOFTWARE\Wow6432Node\YorkNewCin =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\3ivx
HKCU\SOFTWARE\AC3filter
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AnyProtect =>PUP.Optional.AnyProtect
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Ares
HKCU\SOFTWARE\AutoHelpDesk
HKCU\SOFTWARE\AVAST Software
HKCU\SOFTWARE\Baidu Security
HKCU\SOFTWARE\Baixaki
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\BoBrowser =>PUP.Optional.BoBrowser
HKCU\SOFTWARE\btr7psaa4s7
HKCU\SOFTWARE\Canneverbe Limited
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\CinemaPlus_1.3dV28.08-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse
HKCU\SOFTWARE\CrossBrowser =>PUP.Optional.CrossBrowser
HKCU\SOFTWARE\Disc Soft
HKCU\SOFTWARE\DivXNetworks
HKCU\SOFTWARE\DriverToolkit
HKCU\SOFTWARE\drpsu
HKCU\SOFTWARE\eDrawings
HKCU\SOFTWARE\Electronic Arts
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\Gameo =>PUP.Optional.Gameo
HKCU\SOFTWARE\GbAs
HKCU\SOFTWARE\GbPlugin
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\GSpot Appliance Corp
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\HaaliMkx
HKCU\SOFTWARE\hGbZpg9u7J7ijJ
HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Hola
HKCU\SOFTWARE\I - Cinema-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Mine
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\mybestofferstoday =>PUP.Optional.MyBestOffersToday
HKCU\SOFTWARE\MyBrowser
HKCU\SOFTWARE\MyBrowser 1.0.2V05.09-nv-ie =>PUP.Optional.MyBrowser
HKCU\SOFTWARE\Nero
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\OuhSUVFd7E6x7cWHF
HKCU\SOFTWARE\PDFConvert
HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore
HKCU\SOFTWARE\QuickTime Alternative
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\Reg
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\shockwave.com
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\Softland
HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic
HKCU\SOFTWARE\systweak =>PUP.Optional.Systweak
HKCU\SOFTWARE\TeamViewer
HKCU\SOFTWARE\teras games
HKCU\SOFTWARE\Torch =>PUP.Optional.Torch
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\TuneUp
HKCU\SOFTWARE\Tutorials =>PUP.Optional.AgenceExclusive
HKCU\SOFTWARE\TutoTag =>PUP.Optional.AgenceExclusive
HKCU\SOFTWARE\UA7ucDhV
HKCU\SOFTWARE\Vonteera Safe ads =>Trojan.Vonteera
HKCU\SOFTWARE\WeatherTool
HKCU\SOFTWARE\WebApp
HKCU\SOFTWARE\Webzen
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\Adobe
HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\DynConIE =>PUP.Optional.DynConIE
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\Macromedia

---\\ Conteúdo das pastas Programs (269) - 39s
O43 - CFD: 2015/09/07 18:27:13 - [] D -- C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600 =>PUP.Optional.CrossRider
O43 - CFD: 2015/09/04 12:58:11 - [] D -- C:\Program Files (x86)\57F31BB0-1441382290-11E2-8047-874860FC3600 =>PUP.Optional.CrossRider
O43 - CFD: 2015/09/06 13:53:35 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2015/09/07 23:01:39 - [] D -- C:\Program Files (x86)\AnyProtectEx =>PUP.Optional.AnyProtect
O43 - CFD: 2014/10/16 23:13:51 - [] D -- C:\Program Files (x86)\Apple Software Update
O43 - CFD: 2015/04/23 11:48:28 - [] D -- C:\Program Files (x86)\Baidu Security
O43 - CFD: 2015/06/10 11:36:39 - [] D -- C:\Program Files (x86)\bestadblocker =>PUP.Optional.Adblocker
O43 - CFD: 2015/08/01 02:20:09 - [] D -- C:\Program Files (x86)\Bonjour
O43 - CFD: 2014/08/04 09:34:42 - [] D -- C:\Program Files (x86)\Claro 3G
O43 - CFD: 2015/08/10 07:22:46 - [] D -- C:\Program Files (x86)\Cliente MuVenon
O43 - CFD: 2015/09/06 13:53:38 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2015/09/05 20:42:23 - [] D -- C:\Program Files (x86)\Convertor
O43 - CFD: 2014/12/31 16:56:48 - [] D -- C:\Program Files (x86)\DAEMON Tools Lite
O43 - CFD: 2014/08/04 09:34:42 - [] D -- C:\Program Files (x86)\Deal Keeper
O43 - CFD: 2014/08/01 00:12:25 - [] D -- C:\Program Files (x86)\Devworks
O43 - CFD: 2015/04/15 11:33:39 - [] HD -- C:\Program Files (x86)\Diebold
O43 - CFD: 2015/07/09 00:12:10 - [] D -- C:\Program Files (x86)\DriverToolkit
O43 - CFD: 2015/08/15 15:09:15 - [] D -- C:\Program Files (x86)\Electronic Arts
O43 - CFD: 2015/09/08 00:55:09 - [] AD -- C:\Program Files (x86)\GbPlugin
O43 - CFD: 2015/09/05 22:53:10 - [] D -- C:\Program Files (x86)\globalUpdate =>PUP.Optional.GlobalUpdate
O43 - CFD: 2014/07/07 13:05:43 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2014/08/04 09:34:42 - [] D -- C:\Program Files (x86)\InstallAffixationInfo
O43 - CFD: 2015/09/04 11:51:14 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2015/06/08 02:10:27 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2015/09/05 23:11:25 - [] D -- C:\Program Files (x86)\Intel Driver Update Utility
O43 - CFD: 2014/03/18 08:09:47 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2015/08/13 20:25:40 - [] D -- C:\Program Files (x86)\iTunes
O43 - CFD: 2014/07/07 13:06:22 - [] D -- C:\Program Files (x86)\Java
O43 - CFD: 2014/07/07 13:07:26 - [] D -- C:\Program Files (x86)\K-Lite Codec Pack
O43 - CFD: 2015/06/23 13:24:16 - [] D -- C:\Program Files (x86)\LiveUpdateWPP =>PUP.Optional.WebProtector
O43 - CFD: 2015/09/05 23:00:28 - [] D -- C:\Program Files (x86)\mbot_br_014010080
O43 - CFD: 2014/07/07 13:10:26 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 2014/07/07 13:12:03 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2014/09/12 18:22:40 - [] D -- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 2014/07/07 13:12:02 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 2014/07/07 13:12:02 - [] D -- C:\Program Files (x86)\Microsoft Sync Framework
O43 - CFD: 2014/07/07 13:12:11 - [] D -- C:\Program Files (x86)\Microsoft Synchronization Services
O43 - CFD: 2014/07/07 13:10:41 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 2014/09/23 22:09:15 - [] D -- C:\Program Files (x86)\Microsoft WSE
O43 - CFD: 2014/07/07 13:12:02 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/09/06 00:33:22 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2015/06/04 18:55:01 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 2014/07/07 13:07:47 - [] D -- C:\Program Files (x86)\MPC-HC
O43 - CFD: 2014/07/07 13:12:21 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2015/04/20 21:10:48 - [] D -- C:\Program Files (x86)\MuLosT
O43 - CFD: 2015/08/10 18:43:03 - [] D -- C:\Program Files (x86)\Nero
O43 - CFD: 2015/04/21 11:54:41 - [] D -- C:\Program Files (x86)\Nextel Fatura Web 3.0
O43 - CFD: 2015/09/04 13:00:07 - [] D -- C:\Program Files (x86)\Opera
O43 - CFD: 2015/09/05 18:34:33 - [] D -- C:\Program Files (x86)\Origin
O43 - CFD: 2015/09/05 18:37:20 - [0] D -- C:\Program Files (x86)\Origin Games
O43 - CFD: 2015/09/05 20:25:39 - [0] D -- C:\Program Files (x86)\predm =>PUP.Optional.Downware
O43 - CFD: 2015/06/10 11:36:39 - [] D -- C:\Program Files (x86)\PriceMinuS =>PUP.Optional.Multiplug
O43 - CFD: 2014/08/04 09:34:40 - [] D -- C:\Program Files (x86)\Real
O43 - CFD: 2014/08/04 09:34:40 - [] D -- C:\Program Files (x86)\RealNetworks
O43 - CFD: 2014/07/07 12:53:08 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2015/09/08 00:55:00 - [] D -- C:\Program Files (x86)\SFK =>PUP.Optional.MyWebSearch
O43 - CFD: 2015/09/05 22:58:50 - [] D -- C:\Program Files (x86)\ShopperPro =>PUP.Optional.ShopperPro
O43 - CFD: 2014/07/29 21:08:14 - [0] D -- C:\Program Files (x86)\SiteLookup =>PUP.Optional.SiteLookup
O43 - CFD: 2015/08/05 00:53:47 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 2015/08/07 18:42:35 - [] D -- C:\Program Files (x86)\SoundDown
O43 - CFD: 2015/08/22 11:10:27 - [] D -- C:\Program Files (x86)\TeamViewer
O43 - CFD: 2015/08/17 01:33:32 - [] D -- C:\Program Files (x86)\The Sims 4
O43 - CFD: 2015/09/05 23:27:57 - [] D -- C:\Program Files (x86)\UPCleaner
O43 - CFD: 2014/07/29 21:21:49 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 2015/04/30 15:33:16 - [] D -- C:\Program Files (x86)\WeatherTool
O43 - CFD: 2015/09/05 21:09:18 - [] D -- C:\Program Files (x86)\WebProtector =>PUP.Optional.WebProtect
O43 - CFD: 2015/09/05 21:09:19 - [] D -- C:\Program Files (x86)\WebProtectorPlus =>PUP.Optional.WebProtect
O43 - CFD: 2014/03/18 08:09:35 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2014/03/18 06:45:20 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2014/03/18 08:09:35 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2014/03/18 08:09:35 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 2013/08/22 12:36:30 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2014/03/18 06:45:20 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2014/03/18 08:09:35 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2013/08/22 12:36:30 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2013/08/22 12:36:30 - [] D -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 2014/07/07 13:07:39 - [] D -- C:\Program Files (x86)\WinRAR
O43 - CFD: 2015/09/05 20:42:27 - [] D -- C:\Program Files (x86)\Winsta
O43 - CFD: 2013/08/22 12:36:33 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2015/01/01 00:16:41 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2014/03/18 08:09:42 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/02/16 18:22:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares
O43 - CFD: 2015/09/05 20:22:39 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
O43 - CFD: 2014/08/04 09:34:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Claro 3G
O43 - CFD: 2014/12/31 16:56:58 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
O43 - CFD: 2014/07/07 13:07:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doPDF 7
O43 - CFD: 2015/06/08 01:06:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverEasy
O43 - CFD: 2014/09/24 11:22:40 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/05/14 23:39:38 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gametrack
O43 - CFD: 2014/08/04 09:34:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/08/15 19:08:23 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
O43 - CFD: 2015/09/05 23:11:56 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
O43 - CFD: 2015/08/13 20:26:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 2014/07/07 13:06:28 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 2013/08/22 12:36:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2014/07/07 13:12:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 2014/09/12 18:22:55 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2014/07/07 13:07:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
O43 - CFD: 2015/09/04 12:52:34 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY =>PUP.Optional.MyBestOffersToday
O43 - CFD: 2015/08/10 18:43:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
O43 - CFD: 2015/09/05 18:34:59 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
O43 - CFD: 2014/07/07 13:12:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
O43 - CFD: 2014/10/10 22:58:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2014/07/07 13:04:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolidWorks 2013
O43 - CFD: 2015/08/07 18:42:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundDown
O43 - CFD: 2013/08/22 12:36:33 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 2014/03/18 08:09:42 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2014/03/18 07:03:09 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/06/23 00:52:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Web Protector Plus =>PUP.Optional.WebProtector
O43 - CFD: 2014/07/07 13:07:38 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/06/08 01:17:21 - [] D -- C:\ProgramData\18145712802912383320
O43 - CFD: 2015/08/01 02:22:09 - [] D -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 2015/06/23 00:11:28 - [] D -- C:\ProgramData\3DVIA
O43 - CFD: 2015/09/07 12:56:05 - [] D -- C:\ProgramData\3WdsManPro3 =>PUP.Optional.WdsManPro
O43 - CFD: 2015/09/07 22:58:22 - [] D -- C:\ProgramData\5WdsManPro5 =>PUP.Optional.WdsManPro
O43 - CFD: 2015/04/21 11:54:47 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2014/10/16 23:13:43 - [] D -- C:\ProgramData\Apple
O43 - CFD: 2014/10/16 23:21:30 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2015/06/10 20:32:10 - [] D -- C:\ProgramData\Ashampoo
O43 - CFD: 2015/09/05 20:03:34 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 2015/04/29 15:11:09 - [] D -- C:\ProgramData\baidu
O43 - CFD: 2015/05/27 13:53:10 - [] D -- C:\ProgramData\Baidu Security
O43 - CFD: 2015/03/22 16:20:57 - [] D -- C:\ProgramData\BlueStacksSetup
O43 - CFD: 2015/04/15 12:01:09 - [0] D -- C:\ProgramData\boost_interprocess
O43 - CFD: 2015/06/10 11:36:39 - [] D -- C:\ProgramData\Browser =>PUP.Optional.SpeedBrowser
O43 - CFD: 2015/04/23 13:19:03 - [] D -- C:\ProgramData\Canneverbe Limited
O43 - CFD: 2015/04/23 13:23:08 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 2015/09/08 00:06:15 - [] D -- C:\ProgramData\Convertor
O43 - CFD: 2014/07/07 11:29:42 - [0] SHD -- C:\ProgramData\Dados de Aplicativos
O43 - CFD: 2014/12/31 18:29:16 - [] D -- C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2014/07/07 11:29:42 - [0] SHD -- C:\ProgramData\Documentos
O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2014/09/24 11:10:09 - [] D -- C:\ProgramData\EA Core
O43 - CFD: 2015/09/05 18:34:36 - [] D -- C:\ProgramData\Electronic Arts
O43 - CFD: 2015/04/15 11:29:58 - [] D -- C:\ProgramData\GAS Tecnologia
O43 - CFD: 2015/08/29 19:22:26 - [] D -- C:\ProgramData\GbPlugin
O43 - CFD: 2015/09/05 23:11:33 - [] D -- C:\ProgramData\Intel
O43 - CFD: 2015/09/05 23:19:13 - [] D -- C:\ProgramData\IntelDLM
O43 - CFD: 2015/09/05 23:28:31 - [] D -- C:\ProgramData\iWdsManProi =>PUP.Optional.WdsManPro
O43 - CFD: 2015/06/08 01:15:32 - [] D -- C:\ProgramData\koifhalnfoonpogbgiickmiggnkkhflf
O43 - CFD: 2014/07/07 11:29:42 - [0] SHD -- C:\ProgramData\Menu Iniciar
O43 - CFD: 2014/09/12 18:22:58 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2014/07/07 13:13:30 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2014/07/07 11:29:42 - [0] SHD -- C:\ProgramData\Modelos
O43 - CFD: 2014/07/07 13:04:51 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2015/09/05 20:09:20 - [] D -- C:\ProgramData\MWdsManProM =>PUP.Optional.WdsManPro
O43 - CFD: 2015/08/10 18:43:15 - [] D -- C:\ProgramData\Nero
O43 - CFD: 2015/09/05 18:37:25 - [] D -- C:\ProgramData\Origin
O43 - CFD: 2015/09/05 23:23:36 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 2014/07/29 21:41:07 - [] D -- C:\ProgramData\Real
O43 - CFD: 2014/07/29 21:35:09 - [] D -- C:\ProgramData\RealNetworks
O43 - CFD: 2014/03/18 07:03:09 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2015/09/06 00:12:10 - [] D -- C:\ProgramData\rWdsManPror =>PUP.Optional.WdsManPro
O43 - CFD: 2015/09/04 12:50:09 - [] D -- C:\ProgramData\ShopperPro =>PUP.Optional.ShopperPro
O43 - CFD: 2015/08/05 00:53:46 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2014/07/07 13:06:31 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2015/04/15 12:01:38 - [] D -- C:\ProgramData\Temp
O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/04/23 13:25:32 - [] D -- C:\ProgramData\TuneUp Software
O43 - CFD: 2015/06/08 01:20:22 - [] D -- C:\ProgramData\{f53b1ccf-bc55-15c7-f53b-b1ccfbc5733e}
O43 - CFD: 2015/04/23 13:23:16 - [] SHD -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 2014/07/07 13:05:09 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2015/08/01 02:22:09 - [] D -- C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 2014/07/07 13:12:11 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 2015/06/04 14:11:13 - [] HD -- C:\Program Files (x86)\Common Files\EAInstaller
O43 - CFD: 2014/07/07 13:06:30 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 2014/07/07 13:12:25 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 2015/08/15 15:23:52 - [] D -- C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 2013/08/22 12:36:33 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2014/10/10 22:58:07 - [] D -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 2014/07/07 13:10:33 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2015/04/21 11:54:09 - [] D -- C:\Users\Usuario\AppData\Roaming\Adobe
O43 - CFD: 2015/09/06 00:15:47 - [] SHD -- C:\Users\Usuario\AppData\Roaming\AnyProtectEx =>PUP.Optional.AnyProtect
O43 - CFD: 2015/08/01 02:23:33 - [] D -- C:\Users\Usuario\AppData\Roaming\Apple Computer
O43 - CFD: 2015/05/10 18:25:14 - [] D -- C:\Users\Usuario\AppData\Roaming\Ashampoo
O43 - CFD: 2015/09/07 17:15:31 - [0] D -- C:\Users\Usuario\AppData\Roaming\ASP
O43 - CFD: 2015/09/05 22:50:50 - [0] D -- C:\Users\Usuario\AppData\Roaming\ASPackage =>PUP.Optional.ASPackage
O43 - CFD: 2015/09/05 20:24:50 - [] D -- C:\Users\Usuario\AppData\Roaming\AVAST Software
O43 - CFD: 2015/04/21 11:54:51 - [] D -- C:\Users\Usuario\AppData\Roaming\br.com.nextel.apps.Fatura3G
O43 - CFD: 2015/04/23 13:14:17 - [] D -- C:\Users\Usuario\AppData\Roaming\Canneverbe Limited
O43 - CFD: 2014/12/31 18:29:13 - [] D -- C:\Users\Usuario\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 2015/06/08 01:06:24 - [] D -- C:\Users\Usuario\AppData\Roaming\Easeware
O43 - CFD: 2014/07/07 13:04:13 - [] D -- C:\Users\Usuario\AppData\Roaming\help_images_otherUI
O43 - CFD: 2015/08/15 15:08:44 - [0] D -- C:\Users\Usuario\AppData\Roaming\Hola
O43 - CFD: 2015/09/04 22:12:11 - [] D -- C:\Users\Usuario\AppData\Roaming\Identities
O43 - CFD: 2014/07/18 23:41:07 - [] D -- C:\Users\Usuario\AppData\Roaming\Macromedia
O43 - CFD: 2014/07/07 13:43:28 - [] D -- C:\Users\Usuario\AppData\Roaming\Media Player Classic
O43 - CFD: 2015/07/01 02:02:28 - [] SD -- C:\Users\Usuario\AppData\Roaming\Microsoft
O43 - CFD: 2014/07/30 21:26:13 - [] D -- C:\Users\Usuario\AppData\Roaming\Mozilla
O43 - CFD: 2015/09/07 22:58:04 - [] D -- C:\Users\Usuario\AppData\Roaming\mystartsearch =>PUP.Optional.StartSearch
O43 - CFD: 2015/02/16 15:00:42 - [] D -- C:\Users\Usuario\AppData\Roaming\Nero
O43 - CFD: 2015/06/02 10:59:19 - [] D -- C:\Users\Usuario\AppData\Roaming\OpenCandy =>PUP.Optional.OpenCandy
O43 - CFD: 2014/07/30 21:32:31 - [0] D -- C:\Users\Usuario\AppData\Roaming\Opera Software
O43 - CFD: 2015/09/05 18:36:18 - [] D -- C:\Users\Usuario\AppData\Roaming\Origin
O43 - CFD: 2015/09/05 20:42:21 - [] D -- C:\Users\Usuario\AppData\Roaming\PDFConvert
O43 - CFD: 2015/09/08 00:06:15 - [] D -- C:\Users\Usuario\AppData\Roaming\PlusN
O43 - CFD: 2014/07/29 21:41:00 - [] D -- C:\Users\Usuario\AppData\Roaming\Real
O43 - CFD: 2014/07/29 21:36:06 - [] D -- C:\Users\Usuario\AppData\Roaming\RealNetworks
O43 - CFD: 2014/07/29 21:08:04 - [0] D -- C:\Users\Usuario\AppData\Roaming\SimilarAddon =>PUP.Optional.SimilarAddon
O43 - CFD: 2015/08/05 01:09:41 - [] D -- C:\Users\Usuario\AppData\Roaming\Skype
O43 - CFD: 2014/07/07 13:07:44 - [] D -- C:\Users\Usuario\AppData\Roaming\Softland
O43 - CFD: 2015/09/05 20:08:42 - [] D -- C:\Users\Usuario\AppData\Roaming\sweet-page =>PUP.Optional.SweetPage
O43 - CFD: 2015/09/07 17:38:54 - [0] D -- C:\Users\Usuario\AppData\Roaming\systweak =>PUP.Optional.Systweak
O43 - CFD: 2015/04/17 22:33:39 - [] D -- C:\Users\Usuario\AppData\Roaming\TeamViewer
O43 - CFD: 2015/04/23 13:24:57 - [] D -- C:\Users\Usuario\AppData\Roaming\TuneUp Software
O43 - CFD: 2015/08/27 00:51:10 - [] D -- C:\Users\Usuario\AppData\Roaming\uTorrent
O43 - CFD: 2014/08/04 09:34:35 - [] D -- C:\Users\Usuario\AppData\Roaming\vlc
O43 - CFD: 2015/09/08 00:55:06 - [] D -- C:\Users\Usuario\AppData\Roaming\WeatherTool
O43 - CFD: 2015/06/23 00:51:53 - [0] D -- C:\Users\Usuario\AppData\Roaming\WebExtend
O43 - CFD: 2014/09/24 11:02:58 - [0] D -- C:\Users\Usuario\AppData\Roaming\WinRAR
O43 - CFD: 2015/09/08 01:03:58 - [] D -- C:\Users\Usuario\AppData\Roaming\ZHP
O43 - CFD: 2015/06/29 04:50:34 - [] SHD -- C:\Users\Usuario\AppData\Local\.#
O43 - CFD: 2015/09/05 07:18:39 - [] D -- C:\Users\Usuario\AppData\Local\57F31BB0-1441371115-11E2-8047-874860FC3600
O43 - CFD: 2015/04/21 11:52:05 - [] D -- C:\Users\Usuario\AppData\Local\Adobe
O43 - CFD: 2014/10/16 23:13:53 - [] D -- C:\Users\Usuario\AppData\Local\Apple
O43 - CFD: 2014/10/16 23:22:22 - [] D -- C:\Users\Usuario\AppData\Local\Apple Computer
O43 - CFD: 2015/08/08 22:27:00 - [] D -- C:\Users\Usuario\AppData\Local\Ares
O43 - CFD: 2015/05/10 18:25:19 - [] D -- C:\Users\Usuario\AppData\Local\ashampoo
O43 - CFD: 2015/09/04 12:50:42 - [] D -- C:\Users\Usuario\AppData\Local\BrowserHelper =>PUP.Optional.BrowserHelper
O43 - CFD: 2015/09/04 12:48:36 - [] D -- C:\Users\Usuario\AppData\Local\CrashRpt =>.Superfluous.CrashReports
O43 - CFD: 2015/09/08 00:06:11 - [] D -- C:\Users\Usuario\AppData\Local\cu
O43 - CFD: 2014/07/07 11:41:07 - [0] SHD -- C:\Users\Usuario\AppData\Local\Dados de Aplicativos
O43 - CFD: 2015/09/04 12:20:25 - [] D -- C:\Users\Usuario\AppData\Local\Diagnostics
O43 - CFD: 2014/09/20 21:37:06 - [0] D -- C:\Users\Usuario\AppData\Local\DriverToolkit
O43 - CFD: 2015/08/15 14:59:05 - [] D -- C:\Users\Usuario\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2014/07/07 13:04:26 - [] SHD -- C:\Users\Usuario\AppData\Local\EmieSiteList
O43 - CFD: 2014/07/07 13:04:26 - [] SHD -- C:\Users\Usuario\AppData\Local\EmieUserList
O43 - CFD: 2015/04/29 15:13:13 - [] D -- C:\Users\Usuario\AppData\Local\Gameo =>PUP.Optional.Gameo
O43 - CFD: 2015/04/15 12:01:09 - [] D -- C:\Users\Usuario\AppData\Local\GAS Tecnologia
O43 - CFD: 2015/09/04 12:50:36 - [] D -- C:\Users\Usuario\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate
O43 - CFD: 2015/08/02 08:38:59 - [] D -- C:\Users\Usuario\AppData\Local\Google
O43 - CFD: 2014/07/07 11:41:07 - [0] SHD -- C:\Users\Usuario\AppData\Local\Histórico
O43 - CFD: 2015/08/10 15:12:34 - [] D -- C:\Users\Usuario\AppData\Local\Hola
O43 - CFD: 2015/09/04 12:48:38 - [] D -- C:\Users\Usuario\AppData\Local\Installer =>PUP.Optional.InstallPedia
O43 - CFD: 2015/09/05 23:12:15 - [] D -- C:\Users\Usuario\AppData\Local\Intel
O43 - CFD: 2015/09/04 12:58:07 - [] D -- C:\Users\Usuario\AppData\Local\macasoft
O43 - CFD: 2015/09/05 22:45:55 - [] D -- C:\Users\Usuario\AppData\Local\mbot_br_014010080
O43 - CFD: 2015/09/04 22:12:10 - [] D -- C:\Users\Usuario\AppData\Local\Microsoft
O43 - CFD: 2014/07/07 13:10:20 - [0] D -- C:\Users\Usuario\AppData\Local\Microsoft Help
O43 - CFD: 2014/07/30 21:26:16 - [] D -- C:\Users\Usuario\AppData\Local\Mozilla
O43 - CFD: 2015/02/16 16:05:12 - [] D -- C:\Users\Usuario\AppData\Local\Nero
O43 - CFD: 2015/02/16 15:01:03 - [] D -- C:\Users\Usuario\AppData\Local\Nero_AG
O43 - CFD: 2015/09/04 12:59:57 - [0] D -- C:\Users\Usuario\AppData\Local\Opera Software
O43 - CFD: 2015/09/05 18:36:33 - [] D -- C:\Users\Usuario\AppData\Local\Origin
O43 - CFD: 2014/07/07 11:42:14 - [] D -- C:\Users\Usuario\AppData\Local\Packages
O43 - CFD: 2014/07/07 13:02:31 - [] D -- C:\Users\Usuario\AppData\Local\Programs
O43 - CFD: 2014/07/07 13:07:16 - [] D -- C:\Users\Usuario\AppData\Local\Skype
O43 - CFD: 2015/07/01 22:46:01 - [] D -- C:\Users\Usuario\AppData\Local\TeamViewer
O43 - CFD: 2015/09/08 01:05:00 - [] D -- C:\Users\Usuario\AppData\Local\Temp
O43 - CFD: 2014/07/07 11:41:07 - [0] SHD -- C:\Users\Usuario\AppData\Local\Temporary Internet Files
O43 - CFD: 2014/11/08 01:47:51 - [] D -- C:\Users\Usuario\AppData\Local\Torch =>PUP.Optional.Torch
O43 - CFD: 2015/04/23 13:24:57 - [] D -- C:\Users\Usuario\AppData\Local\TuneUp Software
O43 - CFD: 2015/06/29 04:46:42 - [] D -- C:\Users\Usuario\AppData\Local\VirtualStore
O43 - CFD: 2015/09/04 13:01:42 - [] D -- C:\Users\Usuario\AppData\Local\VLCUpdate
O43 - CFD: 2015/09/08 00:05:58 - [] D -- C:\Users\Usuario\AppData\Local\{8560CE30-E8DF-44C5-8EB3-21DF67860E6F}
O43 - CFD: 2014/03/18 08:09:42 - [] RD -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2013/08/22 12:36:32 - [] RD -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/09/05 23:35:12 - [] RD -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/09/07 23:01:39 - [] D -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup =>PUP.Optional.AnyProtect
O43 - CFD: 2015/09/04 12:58:11 - [] D -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage =>PUP.Optional.ASPackage
O43 - CFD: 2013/08/22 12:36:32 - [] D -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/06/03 06:06:09 - [] D -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mu Invasion Season 6 Epi1
O43 - CFD: 2015/09/05 23:35:12 - [] RD -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2014/03/18 08:09:42 - [] RD -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2015/03/22 16:48:30 - [] D -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WindowsAndroid
O43 - CFD: 2014/07/07 13:07:38 - [] D -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

---\\ Últimos arquivos criados no Windows Prefetcher (7) - 25s
O45 - LFCP:[MD5.1F15B736DC5B7E8A2EA95EA81F91B3B2] 2015/09/07 23:24:10 A -- C:\Windows\Prefetch\ANYPROTECT.EXE-1996592C.pf =>PUP.Optional.AnyProtect
O45 - LFCP:[MD5.35221E842637E064BC8C0EE06632A727] 2015/09/04 12:51:43 A -- C:\Windows\Prefetch\BOBROWSER.EXE-CEE8FFB5.pf =>PUP.Optional.BoBrowser
O45 - LFCP:[MD5.71EDFEDF1BA780205B1467988F66A393] 2015/09/04 12:53:20 A -- C:\Windows\Prefetch\GLOBALUPDATE.EXE-FAFA2450.pf =>PUP.Optional.GlobalUpdate
O45 - LFCP:[MD5.C633A403FD75D637B814535A927A1FF0] 2015/09/04 13:00:33 A -- C:\Windows\Prefetch\PACKAGE_PCROSSBROWSER_INSTALL-6C9F09A0.pf =>PUP.Optional.CrossBrowser
O45 - LFCP:[MD5.863DE1C0CE7452AB52F2B125D626CE01] 2015/09/05 20:26:27 A -- C:\Windows\Prefetch\PREDM.TMP-9A360438.pf =>PUP.Optional.Downware
O45 - LFCP:[MD5.D637D86E43BE665ABD492D563B8FB20D] 2015/09/05 20:38:34 A -- C:\Windows\Prefetch\PREDM.TMP-B39B700A.pf =>PUP.Optional.Downware
O45 - LFCP:[MD5.7FB87DDD43AD25E61B6EB8FED3EFB826] 2015/09/07 17:14:32 A -- C:\Windows\Prefetch\SYSTWEAKASP.TMP-9DCAAC84.pf =>PUP.Optional.Systweak

---\\ Lista dos drivers do sistema (50) - 6s
O58 - SDL:2013/08/22 09:43:41 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys [108896] ©
O58 - SDL:2013/08/22 09:43:41 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\Windows\System32\drivers\adp80xx.sys [782176] ©
O58 - SDL:2013/08/22 09:43:41 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [79200] ©
O58 - SDL:2013/08/22 09:43:41 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [259424] ©
O58 - SDL:2013/08/22 09:43:40 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [25952] ©
O58 - SDL:2013/08/22 09:43:41 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [114016] ©
O58 - SDL:2015/09/05 20:20:26 A . (.AVAST Software - avast! HWID.) -- C:\Windows\System32\drivers\aswHwid.sys [28656] ©
O58 - SDL:2015/09/05 20:20:26 A . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\drivers\aswMonFlt.sys [90968] ©
O58 - SDL:2015/09/05 20:20:25 A . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\drivers\aswRdr2.sys [93528] ©
O58 - SDL:2015/09/05 20:20:26 A . (.AVAST Software - avast! Revert.) -- C:\Windows\System32\drivers\aswRvrt.sys [65224] ©
O58 - SDL:2015/09/05 22:52:22 A . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswsnx.sys [1048344] ©
O58 - SDL:2015/09/05 20:20:26 A . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\drivers\aswSP.sys [447944] ©
O58 - SDL:2015/09/05 20:20:26 A . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\drivers\aswStm.sys [150672] ©
O58 - SDL:2015/09/05 20:20:26 A . (.AVAST Software - avast! VM Monitor.) -- C:\Windows\System32\drivers\aswVmm.sys [274808] ©
O58 - SDL:2013/08/12 20:25:46 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\drivers\bcmfn2.sys [17624] ©
O58 - SDL:2013/08/22 09:43:41 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [531296] ©
O58 - SDL:2014/12/31 16:56:48 A . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\drivers\dtsoftbus01.sys [283064] ©
O58 - SDL:2013/08/22 09:43:45 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3357024] ©
O58 - SDL:2012/08/21 13:01:20 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys [33240] ©
O58 - SDL:2013/08/22 09:43:45 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [64352] ©
O58 - SDL:2013/07/30 15:47:35 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568] ©
O58 - SDL:2013/07/25 16:05:39 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320] ©
O58 - SDL:2013/08/09 21:39:30 A . (.Intel Corporation - Intel Rapid Storage Technology driver (inbo.) -- C:\Windows\System32\drivers\iaStorAV.sys [651248] ©
O58 - SDL:2013/08/22 09:43:45 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [412000] ©
O58 - SDL:2015/05/26 21:02:50 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [5375448] ©
O58 - SDL:2012/10/02 09:34:28 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys [342528] ©
O58 - SDL:2013/04/26 04:40:22 A . (.JMicron Technology Corporation - JMicron PCIe Flash Media Controller Driver.) -- C:\Windows\System32\drivers\jmcr.sys [176880]
O58 - SDL:2013/08/22 09:43:44 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [109408] ©
O58 - SDL:2013/08/22 09:43:45 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [93536] ©
O58 - SDL:2013/08/22 09:43:44 A . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas3.sys [81760] ©
O58 - SDL:2013/08/22 09:43:45 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys [82784] ©
O58 - SDL:2013/08/22 09:43:45 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [56672] ©
O58 - SDL:2013/08/22 09:43:45 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\megasr.sys [575840] ©
O58 - SDL:2013/08/22 09:43:49 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys [63840] ©
O58 - SDL:2015/01/16 17:22:32 A . (.Apple Inc. - Apple Mobile Device Ethernet.) -- C:\Windows\System32\drivers\netaapl64.sys [23040] ©
O58 - SDL:2013/06/18 11:46:02 A . (.JMicron Technology Corp. - JMicron NDIS6.30 Driver.) -- C:\Windows\System32\drivers\NETJME.sys [137728]
O58 - SDL:2013/08/22 09:43:31 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [150368] ©
O58 - SDL:2013/08/22 09:43:32 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [168288] ©
O58 - SDL:2014/02/18 17:43:42 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [3867224] ©
O58 - SDL:2014/01/10 07:08:56 A . (.Realtek Semiconductor Corporation - Realtek PCIE NDIS Driverr.) -- C:\Windows\System32\drivers\rtwlane.sys [3068120] ©
O58 - SDL:2013/08/22 12:35:09 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] ©
O58 - SDL:2015/06/04 03:33:50 A . (...) -- C:\Windows\System32\drivers\semav6msr64.sys [21984]
O58 - SDL:2013/08/22 09:43:31 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [44896] ©
O58 - SDL:2013/08/22 09:43:32 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [81760] ©
O58 - SDL:2013/08/22 09:43:32 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys [31072] ©
O58 - SDL:2013/08/22 09:40:24 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\drivers\tap0901.sys [40664] ©
O58 - SDL:2015/06/10 23:08:36 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\drivers\usbaapl64.sys [54784] ©
O58 - SDL:2013/08/22 09:43:34 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [19808] ©
O58 - SDL:2013/08/22 09:43:34 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [168800] ©
O58 - SDL:2013/08/22 09:43:34 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS [305504] ©

---\\ Últimos ficheiros alterados ou criados (Utilizador) (43) - 92s
O61 - LFC: 2015/09/08 00:05:34 A . (..) -- C:\Users\Usuario\AppData\Roaming\5.exe [1587531]
O61 - LFC: 2015/09/07 04:36:52 A . (.TODO: .) -- C:\Users\Usuario\AppData\Roaming\mystartsearch\UninstallManager.exe [375808] =>PUP.Optional.StartSearch
O61 - LFC: 2015/09/05 20:44:08 A . (..) -- C:\Users\Usuario\AppData\Local\opeline.exe [77312]
O61 - LFC: 2015/09/08 00:05:58 A . (.Alexander Roshal.) -- C:\Users\Usuario\AppData\Local\{8560CE30-E8DF-44C5-8EB3-21DF67860E6F}\Unrar.exe [309848]
O61 - LFC: 2015/09/06 01:22:55 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\Sqm\Manifest\Sqm10248.bin [269992]
O61 - LFC: 2015/09/07 12:56:08 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\cb369ad7b027b8588a356348424ef3c4[1].exe [85598]
O61 - LFC: 2015/09/04 12:48:28 A . (.C.L.A.R.A.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55[1].exe [152688] =>PUP.Optional.SupTab
O61 - LFC: 2015/09/07 12:56:22 A . (.CinePlus-1.44V07.09.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\setup[1].exe [13889904]
O61 - LFC: 2015/09/04 13:01:28 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\vlcDisN[1].exe [257184]
O61 - LFC: 2015/09/04 12:56:28 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\VOPackage[1].exe [1079196] =>PUP.Optional.Downware
O61 - LFC: 2015/09/06 23:27:20 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\W1[1].exe [1587531]
O61 - LFC: 2015/09/07 12:56:20 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\4bbda52393b575e64d530bd478a6717b[1].exe [59769]
O61 - LFC: 2015/09/07 23:03:12 A . (.AnyProtect.com.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\AnyProtect[1].exe [6434816] =>PUP.Optional.AnyProtect
O61 - LFC: 2015/09/04 12:47:51 A . (.ClaraLabs.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\bfc5086e-c794-4413-9b71-1f6565be7466[1].exe [926832] =>PUP.Optional.BoBrowser
O61 - LFC: 2015/09/05 20:13:23 A . (.YFFGH.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\Reimage[1].exe [284672] =>PUP.Optional.ReImageRepair
O61 - LFC: 2015/09/04 12:51:57 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\runasu[1].exe [479232]
O61 - LFC: 2015/09/07 22:58:33 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\setup_362[2].exe [254464]
O61 - LFC: 2015/09/07 12:54:26 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\tiwr[1].exe [82914]
O61 - LFC: 2015/09/07 23:00:33 A . (.Copyright 2013.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\Validate[1].exe [61981]
O61 - LFC: 2015/09/07 12:54:35 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\4ba4c7c85b016c4112353cb428af62e9[1].exe [67295]
O61 - LFC: 2015/09/06 23:02:51 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\4diXZO[1].exe [1628019]
O61 - LFC: 2015/09/05 23:27:42 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\bc595c310903369e50e3e112aefc06dc[1].exe [67786]
O61 - LFC: 2015/09/07 23:00:16 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\BiTool[1].dll [0]
O61 - LFC: 2015/09/07 22:58:11 A . (.WillLink.net.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\cmi_mystartsearch[1].exe [350328] =>PUP.Optional.StartSearch
O61 - LFC: 2015/09/07 22:58:15 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\df4a6a3ed77e60d6758afca091ca0c1f[1].exe [83223]
O61 - LFC: 2015/09/04 12:55:16 A . (.OperaChecker.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\OperaChecker25-6[1].exe [50225]
O61 - LFC: 2015/09/04 12:56:42 A . (.Optimal Software s.r.o..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\pcspeedup[1].exe [2889583]
O61 - LFC: 2015/09/07 17:13:08 A . (.systweak.com.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\rcpsetup_17970[1].exe [4445480]
O61 - LFC: 2015/09/05 20:13:55 A . (.MEIDX.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\Reimage[1].exe [112640] =>PUP.Optional.ReImageRepair
O61 - LFC: 2015/09/07 22:58:02 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\SearchUpdater[1].exe [124154]
O61 - LFC: 2015/09/07 23:00:11 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\smt[2].exe [211114]
O61 - LFC: 2015/09/05 23:27:00 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\8a919eab391df79420aa04a8eab4a225[1].exe [74207]
O61 - LFC: 2015/09/07 23:02:31 A . (.CMI Limited.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\AnyProtectSetup[2].exe [613255] =>PUP.Optional.AnyProtect
O61 - LFC: 2015/09/05 20:42:11 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\pdfconv[1].exe [2380368]
O61 - LFC: 2015/09/04 12:55:45 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\setup[1].exe [298960]
O61 - LFC: 2015/09/04 12:51:58 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\Update_Notifier[1].exe [514560]
O61 - LFC: 2015/09/07 00:15:19 A . (.Copyright 2013.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\Validate[1].exe [61981]
O61 - LFC: 2015/09/07 23:00:34 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\VuuPC_VO2_8907[1].exe [228302] =>PUP.Optional.VuuPC
O61 - LFC: 2015/09/05 18:32:50 A . (..) -- C:\Users\Usuario\AppData\Local\mbot_br_014010080\Download\myoffergroup_br4.exe [4191432]
O61 - LFC: 2015/09/02 04:08:21 A . (..) -- C:\Users\Usuario\AppData\Local\macasoft\ntsvc.exe [109440]
O61 - LFC: 2015/09/08 01:05:00 A . (..) -- C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [674082]
O61 - LFC: 2015/09/04 12:51:57 A . (..) -- C:\Users\Usuario\AppData\Local\57F31BB0-1441371115-11E2-8047-874860FC3600\rnsmC3B5.exe [479232]
O61 - LFC: 2015/09/04 12:51:59 A . (..) -- C:\Users\Usuario\AppData\Local\57F31BB0-1441371115-11E2-8047-874860FC3600\Uninstall.exe [51745]

---\\ Associações Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe ©
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos.) -- C:\Windows\System32\eventvwr.exe ©
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ©
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe ©
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe ©
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S

---\\ Menu de inicialização Internet (12) - 1s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.mystartsearch.com/ ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/ ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- iexplore.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe ©

---\\ Pesquisa de infeção nos navegadores da Internet (15) - 1s
O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.newtab.url", "http://www.mystartsearch.com/newtab/?type=nt&ts=1441677446&z=c166da768c5193ed39bc5fdg7z3zdg7qdm3m[...] =>PUP.Optional.StartSearch
O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.alias", "mystartsearch"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.iconURL", "http://www.mystartsearch.com/favicon.ico"); =>PUP.Optional.StartSearch
O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.name", "mystartsearch"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.ptid", "cmi"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.uid", "ST500LM012XHN-M500MBB_S2ZYJ9BF301169"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.url", "http://www.mystartsearch.com/web/?type=ds&ts=1441677446&z=c166da768c5193ed39bc5fdg7z[...] =>PUP.Optional.StartSearch
O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.startup.homepage", "http://www.mystartsearch.com/?type=hp&ts=1441641290&z=f89b18f6eb51cea9abf9b51gezbz7g8qez0g9[...] =>PUP.Optional.StartSearch
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Search Provided by Yahoo) - http://br.yhs4.search.yahoo.com/ =>PUP.Optional.Browser
O69 - SBI: SearchScopes [HKCU] {2f23ab71-4ac6-41f2-a955-ea576e553146} - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {86c83f9e-48a4-4cd2-a763-64fea5df35f7} - (Baixaki) - http://br.yhs4.search.yahoo.com/ =>PUP.Optional.Browser
O69 - SBI: SearchScopes [HKCU] {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} - (Yahoo! (Avast)) - http://br.yhs4.search.yahoo.com/ =>PUP.Optional.Browser
O69 - SBI: SearchScopes [HKCU] {9B7E7224-E90A-4DDC-BAB5-3E1BA9B10F1E} - (Yahoo) - http://search.yahoo.com/
O69 - SBI: SearchScopes [HKCU] {9CB96984-43C3-4D44-90EF-01466EFCF7BB} - (Search Provided by Yahoo) - http://br.yhs4.search.yahoo.com/ =>PUP.Optional.Browser

---\\ Listagem dos serviços iniciados pelo Svchost (36) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\Windows\System32\aelupsvc.dll [208896] ©
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\Windows\System32\certprop.dll [155136] ©
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\Windows\System32\certprop.dll [155136] ©
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\Windows\system32\srvsvc.dll [324608] ©
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Política de Grupo.) -- C:\Windows\System32\gpsvc.dll [1311744] ©
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\System32\ikeext.dll [1104384] ©
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em u.) -- C:\Windows\System32\iphlpsvc.dll [903168] ©
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\Windows\system32\seclogon.dll [30720] ©
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\Windows\System32\appinfo.dll [109568] ©
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\Windows\system32\iscsiexe.dll [150528] ©
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\Windows\System32\eapsvc.dll [107008] ©
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\Windows\system32\schedsvc.dll [1214976] ©
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [220672] ©
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço Agendador de Classes de Multimídia.) -- C:\Windows\system32\mmcss.dll [70656] ©
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\Windows\System32\browser.dll [134144] ©
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [220160] ©
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho.) -- C:\Windows\System32\SessEnv.dll [326656] ©
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\Windows\System32\wercplsupport.dll [81408] ©
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\Windows\system32\kmsvc.dll [97792] ©
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\Windows\System32\bdesvc.dll [339456] ©
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Serviço de Estrutura de Localização do Wind.) -- C:\Windows\System32\GeofenceMonitorService.dll [491520] ©
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Serviço Conta da Microsoft®.) -- C:\Windows\system32\wlidsvc.dll [1576960] ©
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\Windows\system32\themeservice.dll [50688] ©
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gerenciador de Instalação de Dispositivo.) -- C:\Windows\System32\DeviceSetupManager.dll [201728] ©
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Serviço Assistente de Conectividade de Rede.) -- C:\Windows\System32\ncasvc.dll [164352] ©
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acess.) -- C:\Windows\System32\rasauto.dll [101376] ©
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\Windows\System32\rasmans.dll [534528] ©
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll [223744] ©
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistem.) -- C:\Windows\System32\sens.dll [71680] ©
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\Windows\System32\ipnathlp.dll [433664] ©
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft(R) Windo.) -- C:\Windows\System32\tapisrv.dll [306688] ©
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [3408384] ©
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de tel.) -- C:\Windows\System32\qmgr.dll [1017856] ©
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [629760] ©
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Serviço de instalação do software.) -- C:\Windows\System32\appmgmts.dll [183296] ©
O83 - Search Svchost Services: MsKeyboardFilter (MsKeyboardFilter) . (.Microsoft Corporation - SvcHost Service for Microsoft Keyboard Filt.) -- C:\Windows\System32\KeyboardFilterSvc.dll [90464] ©

---\\ Lista das exceções do FireWall (FirewallRules) (37) - 8s
O87 - FAEL: "{E1BD2A40-E2F6-48C6-AD02-8805BA0903F2}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\KMSELDI.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{210D7DAE-88DC-481D-B7CC-7C61048BEE39}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\KMSELDI.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{4814FCF4-5096-4833-8EEC-2D5C29A4DE17}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{4C6C616A-271E-4712-BE9E-4B8A64F387CD}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{9A267A55-90BA-401E-AF47-1945D175F233}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\Service_KMS.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{7F1E6C94-F340-4C5D-BED1-E580ACA0C93B}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\Service_KMS.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{74EF8B76-583A-4A14-A4E2-8D824C30D57C}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\Service_KMS.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{F7774D6D-28F3-4781-8C3C-739B3B3D2AEF}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\Service_KMS.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{43121148-DD49-4804-B7E5-C719A8035EAA}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{F7AA6F13-24C2-401C-9F9D-B0A5AF20A410}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{A5F6F663-0C61-4ADD-8673-908455629424}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (.not file.)
O87 - FAEL: "{1A800430-B91B-4B6E-8B1D-75E922A08A68}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (.not file.)
O87 - FAEL: "{F99ACA02-C991-405A-8D86-64C141263A2B}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (.not file.)
O87 - FAEL: "{2B7F5B03-057B-4E7B-B19C-DB7B06D2E4D3}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (.not file.)
O87 - FAEL: "TCP Query User{3A6FA88F-05D0-4510-9195-A31F15627317}C:\program files (x86)\ares\ares.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\ares\ares.exe (.not file.)
O87 - FAEL: "UDP Query User{F1D1E0BF-D43E-427B-89D4-6540A772DEB5}C:\program files (x86)\ares\ares.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\ares\ares.exe (.not file.)
O87 - FAEL: "TCP Query User{DB08F5CE-7CF0-4C9F-97FF-664B3D6DEC11}C:\program files (x86)\ares\ares.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\ares\ares.exe (.not file.)
O87 - FAEL: "UDP Query User{5B3B67C0-97E6-43FE-A879-4D37DC8333BC}C:\program files (x86)\ares\ares.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\ares\ares.exe (.not file.)
O87 - FAEL: "{3E681E18-277A-40C1-A4BA-B75FEEAACC91}" [In-None-P6-TRUE] .(...) -- C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe (.not file.)
O87 - FAEL: "{578000EB-97D7-4048-8A3F-930CF8FC9152}" [In-None-P17-TRUE] .(...) -- C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe (.not file.)
O87 - FAEL: "{A16C3730-7DA6-4B45-A73D-9B08F267E6A8}" [In-None-P17-TRUE] .(...) -- C:\Users\Usuario\AppData\Local\Chromium\Application\chrome.exe (.not file.)
O87 - FAEL: "{257D6602-4544-4CFF-BBF7-727797B61911}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Hola\app\hola_updater.exe (.not file.)
O87 - FAEL: "{48A77A51-0A68-42E5-9F61-CFEFF06EC89C}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Hola\app\hola_updater.exe (.not file.)
O87 - FAEL: "{B5C4D06D-7F12-4EE6-B34F-C07F8C908109}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Hola\app\hola_svc.exe (.not file.)
O87 - FAEL: "{430C7100-78AE-41EE-9D72-2E51D1EACEDB}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Hola\app\hola_svc.exe (.not file.)
O87 - FAEL: "{67C7A295-EBF6-4059-93BC-00A2F399CE1F}" [In-None-P6-TRUE] .(...) -- C:\Users\Usuario\AppData\Local\Hola\firefox_hola\app\hola_plugin.exe (.not file.)
O87 - FAEL: "{EF7DD9D1-81AF-4FD4-A932-330FDAFD3A00}" [In-None-P17-TRUE] .(...) -- C:\Users\Usuario\AppData\Local\Hola\firefox_hola\app\hola_plugin.exe (.not file.)
O87 - FAEL: "TCP Query User{AF42ED1A-3D18-43C9-AC9D-D18E71D9E4CA}C:\program files (x86)\electronic arts\eadm\core.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\electronic arts\eadm\core.exe (.not file.)
O87 - FAEL: "UDP Query User{B59305B2-5B2E-4CEB-96AE-ED593DEDF0F8}C:\program files (x86)\electronic arts\eadm\core.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\electronic arts\eadm\core.exe (.not file.)
O87 - FAEL: "{D2B90792-A79F-48C8-AD7C-F0DB8930377B}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{2F45F081-A080-4EF7-9488-9DA287CD30BA}" [Out-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{1EEC1E25-6F12-46D6-ADF2-528F3F13C3D7}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{EA10A06B-493F-45C2-8510-498486DA31DA}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{11F60FB4-C41B-4157-8833-FF5AD674AA2B}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{62323EE3-D449-4B28-AAD7-5DF38B19E086}" [Out-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "TCP Query User{0C6489BA-5BB8-4491-878F-2161790978D3}C:\program files (x86)\electronic arts\eadm\core.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\electronic arts\eadm\core.exe (.not file.)
O87 - FAEL: "UDP Query User{36096AC1-D582-43A2-81B7-0582EBB890E7}C:\program files (x86)\electronic arts\eadm\core.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\electronic arts\eadm\core.exe (.not file.)

---\\ Serviços não Microsoft (SR=Executados, SS=Parados) (29) - 74s

SR - Auto [2014/12/03 03:31:16] [ 81088] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe ©
SR - Auto [2015/05/29 18:51:26] [ 77128] Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe ©
SR - Auto [2015/09/05 20:20:12] [ 146600] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe ©
SR - Auto [2011/08/30 23:05:32] [ 462184] Serviço do Bonjour (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe ©
SR - Auto [2015/09/07 13:12:18] [ 721920] Compatible Cut (cikepiqu) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsvAEFA.tmp =>PUP.Optional.CrossRider
SS - Demand [2015/06/04 22:21:38] [ 280680] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe ©
SR - Auto [2015/07/16 05:52:52] [ 413848] Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese.) - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
SR - Auto [2015/08/12 18:25:54] [ 587576] Gbp Service (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SS - Auto [2015/09/05 20:43:50] [ 120832] Kerning Down (gopibeko) . (...) - C:\Users\Usuario\AppData\Local\57F31BB0-1441371115-11E2-8047-874860FC3600\snsmC3B4.tmp =>PUP.Optional.CrossRider
SR - Auto [2015/09/07 16:52:32] [ 721920] Click Hyphen (goxezecy) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsgB391.tmp =>PUP.Optional.CrossRider
SS - Auto [2015/08/29 00:35:06] [ 144200] Serviço do Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
SS - Demand [2015/08/29 00:35:06] [ 144200] Serviço do Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
SS - Demand [2012/04/24 14:37:56] [ 169752] Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe ©
SR - Demand [2015/08/13 02:43:14] [ 644880] iPod Service (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe ©
SS - Auto [2015/09/05 20:43:52] [ 227328] Cool Barcode (jimocoso) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\jnse252F.tmp =>PUP.Optional.CrossRider
SS - Disabled [2015/06/04 15:40:20] [ 148080] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe ©
SR - Auto [2014/07/15 08:46:00] [ 786256] Nero Update (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe ©
SS - Auto [2015/09/05 20:43:57] [ 379904] NixSrv Service (NixSrv) . (...) - C:\Program Files\NixSrv\NixSrv.exe =>PUP.Optional.Amonetize
SS - Auto [2015/06/03 16:42:38] [ 327296] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe ©
SR - Auto [2015/09/07 22:58:18] [ 411648] SSFK (SSFK) . (.TODO: <公司名>.) - C:\Program Files (x86)\SFK\SSFK.exe =>PUP.Optional.MyWebSearch
SR - Auto [2015/07/16 05:45:02] [ 105112] Intel(R) System Usage Report Service SystemUsageReportSvc_W (SystemUsageReportSvc_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese.) - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
SR - Auto [2015/08/07 03:30:32] [ 5611280] TeamViewer 10 (TeamViewer) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ©
SR - Auto [2015/04/23 06:52:54] [ 76264] TheDesktopWeatherService (TheDesktopWeatherService) . (.Copyright (C) 2015.) - C:\Program Files (x86)\WeatherTool\1.2.0.9153\WeatherService.exe
SS - Auto [2015/09/05 20:44:02] [ 137728] Delete Exit (totyseku) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\hnsd3C24.tmp =>PUP.Optional.CrossRider
SS - Auto [2015/09/05 20:44:08] [ 77312] Strongdex (updaie) . (...) - C:\Users\Usuario\AppData\Local\opeline.exe
SS - Demand [2015/07/16 05:52:52] [ 413848] User Energy Server Service WILLAMETTE (USER_ESRV_SVC_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese.) - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
SR - Auto [2015/09/07 22:58:12] [ 709288] WdsManPro Service (WdsManPro) . (.DTools LIMITED.) - C:\ProgramData\5WdsManPro5\WdsManPro.exe =>PUP.Optional.WpManager
SR - Auto [2015/09/06 16:32:50] [ 663040] Protocol Space Bar (wimikimo) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knss9343.tmp =>PUP.Optional.CrossRider

---\\ Claves Tracing (2) - 5s
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32 =>PUP.Optional.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS =>PUP.Optional.Wajam

---\\ Scâner Aditional (134) - 0s
C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsvAEFA.tmp =>PUP.Optional.CrossRider
C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsgB391.tmp =>PUP.Optional.CrossRider
C:\ProgramData\5WdsManPro5\WdsManPro.exe =>PUP.Optional.WdsManPro
C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knss9343.tmp =>PUP.Optional.CrossRider
C:\Program Files (x86)\ShopperPro\ShopperPro.exe =>PUP.Optional.ShopperPro
C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\searchplugins\search-provided-by-yahoo.xml =>PUP.Optional.BDYahoo
C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\searchplugins\yahoo-search.xml =>PUP.Optional.BDYahoo
C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\deskCutv2@gmail.com =>PUP.Optional.LightningNewTab
C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} =>PUP.Optional.Goobzo
C:\ProgramData\ShopperPro\ShopperPro64.dll =>PUP.Optional.ShopperPro
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} =>PUP.Optional.ShopperPro
HKLM\SYSTEM\CurrentControlSet\Services\cikepiqu =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\gopibeko =>PUP.Optional.CrossRider
C:\Users\Usuario\AppData\Local\57F31BB0-1441371115-11E2-8047-874860FC3600\snsmC3B4.tmp =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\goxezecy =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\jimocoso =>PUP.Optional.CrossRider
C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\jnse252F.tmp =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\KMService =>PUP.Optional.Office
HKLM\SYSTEM\CurrentControlSet\Services\NixSrv =>PUP.Optional.Amonetize
C:\Program Files\NixSrv\NixSrv.exe =>PUP.Optional.Amonetize
HKLM\SYSTEM\CurrentControlSet\Services\SSFK =>PUP.Optional.MyWebSearch
C:\Program Files (x86)\SFK\SSFK.exe =>PUP.Optional.MyWebSearch
HKLM\SYSTEM\CurrentControlSet\Services\totyseku =>PUP.Optional.CrossRider
C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\hnsd3C24.tmp =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\Util Steel Cut =>PUP.Optional.SteelCut*
HKLM\SYSTEM\CurrentControlSet\Services\WdsManPro =>PUP.Optional.WpManager
C:\ProgramData\5WdsManPro5\WdsManPro.exe =>PUP.Optional.WpManager
HKLM\SYSTEM\CurrentControlSet\Services\wimikimo =>PUP.Optional.CrossRider
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebProtectorPlus =>PUP.Optional.WebProtector
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect =>PUP.Optional.AnyProtect
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LiveUpdateWPP =>PUP.Optional.WebProtector
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\mystartsearch uninstall =>PUP.Optional.StartSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WebProtector =>PUP.Optional.WebProtector
HKLM\SOFTWARE\Wow6432Node\ArenaHD =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Clara =>PUP.Optional.SupTab
HKLM\SOFTWARE\Wow6432Node\Crossbrowse =>PUP.Optional.CrossBrowse
HKLM\SOFTWARE\Wow6432Node\downchecker =>PUP.Optional.DownChecker
HKLM\SOFTWARE\Wow6432Node\FFPluginHp =>PUP.Optional.SweetSearch
HKLM\SOFTWARE\Wow6432Node\GlobalUpdate =>PUP.Optional.GlobalUpdate
HKLM\SOFTWARE\Wow6432Node\HighDefAction =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKLM\SOFTWARE\Wow6432Node\LiveUpdateWPP =>PUP.Optional.WebProtector
HKLM\SOFTWARE\Wow6432Node\MYBESTOFFERSTODAY =>PUP.Optional.MyBestOffersToday
HKLM\SOFTWARE\Wow6432Node\mystartsearchSoftware =>PUP.Optional.StartSearch
HKLM\SOFTWARE\Wow6432Node\ShopperPro =>PUP.Optional.ShopperPro
HKLM\SOFTWARE\Wow6432Node\sweet-pageSoftware =>PUP.Optional.SweetPage
HKLM\SOFTWARE\Wow6432Node\Systweak =>PUP.Optional.Systweak
HKLM\SOFTWARE\Wow6432Node\TermBlazer_1.10.0.16 =>PUP.Optional.TermBlazer
HKLM\SOFTWARE\Wow6432Node\TermCoach_1.10.0.24 =>PUP.Optional.TermCoach
HKLM\SOFTWARE\Wow6432Node\Torch =>PUP.Optional.Torch
HKLM\SOFTWARE\Wow6432Node\Tutorials =>PUP.Optional.AgenceExclusive
HKLM\SOFTWARE\Wow6432Node\WdsManPro =>PUP.Optional.WdsManPro
HKLM\SOFTWARE\Wow6432Node\WebProtector =>PUP.Optional.BProtector
HKLM\SOFTWARE\Wow6432Node\webssearchesSoftware =>PUP.Optional.WebsSearches
HKLM\SOFTWARE\Wow6432Node\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AnyProtect =>PUP.Optional.AnyProtect
HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider
HKCU\SOFTWARE\BoBrowser =>PUP.Optional.BoBrowser
HKCU\SOFTWARE\CinemaPlus_1.3dV28.08-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse
HKCU\SOFTWARE\CrossBrowser =>PUP.Optional.CrossBrowser
HKCU\SOFTWARE\Gameo =>PUP.Optional.Gameo
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider
HKCU\SOFTWARE\I - Cinema-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKCU\SOFTWARE\mybestofferstoday =>PUP.Optional.MyBestOffersToday
HKCU\SOFTWARE\MyBrowser 1.0.2V05.09-nv-ie =>PUP.Optional.MyBrowser
HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore
HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic
HKCU\SOFTWARE\systweak =>PUP.Optional.Systweak
HKCU\SOFTWARE\Torch =>PUP.Optional.Torch
HKCU\SOFTWARE\Tutorials =>PUP.Optional.AgenceExclusive
HKCU\SOFTWARE\TutoTag =>PUP.Optional.AgenceExclusive
HKCU\SOFTWARE\Vonteera Safe ads =>Trojan.Vonteera
HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\DynConIE =>PUP.Optional.DynConIE
C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600 =>PUP.Optional.CrossRider
C:\Program Files (x86)\57F31BB0-1441382290-11E2-8047-874860FC3600 =>PUP.Optional.CrossRider
C:\Program Files (x86)\AnyProtectEx =>PUP.Optional.AnyProtect
C:\Program Files (x86)\bestadblocker =>PUP.Optional.Adblocker
C:\Program Files (x86)\globalUpdate =>PUP.Optional.GlobalUpdate
C:\Program Files (x86)\LiveUpdateWPP =>PUP.Optional.WebProtector
C:\Program Files (x86)\predm =>PUP.Optional.Downware
C:\Program Files (x86)\PriceMinuS =>PUP.Optional.Multiplug
C:\Program Files (x86)\SFK =>PUP.Optional.MyWebSearch
C:\Program Files (x86)\ShopperPro =>PUP.Optional.ShopperPro
C:\Program Files (x86)\SiteLookup =>PUP.Optional.SiteLookup
C:\Program Files (x86)\WebProtector =>PUP.Optional.WebProtect
C:\Program Files (x86)\WebProtectorPlus =>PUP.Optional.WebProtect
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY =>PUP.Optional.MyBestOffersToday
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Web Protector Plus =>PUP.Optional.WebProtector
C:\ProgramData\3WdsManPro3 =>PUP.Optional.WdsManPro
C:\ProgramData\5WdsManPro5 =>PUP.Optional.WdsManPro
C:\ProgramData\Browser =>PUP.Optional.SpeedBrowser
C:\ProgramData\iWdsManProi =>PUP.Optional.WdsManPro
C:\ProgramData\MWdsManProM =>PUP.Optional.WdsManPro
C:\ProgramData\rWdsManPror =>PUP.Optional.WdsManPro
C:\ProgramData\ShopperPro =>PUP.Optional.ShopperPro
C:\Users\Usuario\AppData\Roaming\AnyProtectEx =>PUP.Optional.AnyProtect
C:\Users\Usuario\AppData\Roaming\ASPackage =>PUP.Optional.ASPackage
C:\Users\Usuario\AppData\Roaming\mystartsearch =>PUP.Optional.StartSearch
C:\Users\Usuario\AppData\Roaming\OpenCandy =>PUP.Optional.OpenCandy
C:\Users\Usuario\AppData\Roaming\SimilarAddon =>PUP.Optional.SimilarAddon
C:\Users\Usuario\AppData\Roaming\sweet-page =>PUP.Optional.SweetPage
C:\Users\Usuario\AppData\Roaming\systweak =>PUP.Optional.Systweak
C:\Users\Usuario\AppData\Local\BrowserHelper =>PUP.Optional.BrowserHelper
C:\Users\Usuario\AppData\Local\CrashRpt =>.Superfluous.CrashReports
C:\Users\Usuario\AppData\Local\Gameo =>PUP.Optional.Gameo
C:\Users\Usuario\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate
C:\Users\Usuario\AppData\Local\Installer =>PUP.Optional.InstallPedia
C:\Users\Usuario\AppData\Local\Torch =>PUP.Optional.Torch
C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup =>PUP.Optional.AnyProtect
C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage =>PUP.Optional.ASPackage
C:\Windows\Prefetch\ANYPROTECT.EXE-1996592C.pf =>PUP.Optional.AnyProtect
C:\Windows\Prefetch\BOBROWSER.EXE-CEE8FFB5.pf =>PUP.Optional.BoBrowser
C:\Windows\Prefetch\GLOBALUPDATE.EXE-FAFA2450.pf =>PUP.Optional.GlobalUpdate
C:\Windows\Prefetch\PACKAGE_PCROSSBROWSER_INSTALL-6C9F09A0.pf =>PUP.Optional.CrossBrowser
C:\Windows\Prefetch\PREDM.TMP-9A360438.pf =>PUP.Optional.Downware
C:\Windows\Prefetch\PREDM.TMP-B39B700A.pf =>PUP.Optional.Downware
C:\Windows\Prefetch\SYSTWEAKASP.TMP-9DCAAC84.pf =>PUP.Optional.Systweak
C:\Users\Usuario\AppData\Roaming\mystartsearch\UninstallManager.exe =>PUP.Optional.StartSearch
C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55[1].exe =>PUP.Optional.SupTab
C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\VOPackage[1].exe =>PUP.Optional.Downware
C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\AnyProtect[1].exe =>PUP.Optional.AnyProtect
C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\bfc5086e-c794-4413-9b71-1f6565be7466[1].exe =>PUP.Optional.BoBrowser
C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\Reimage[1].exe =>PUP.Optional.ReImageRepair
C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\cmi_mystartsearch[1].exe =>PUP.Optional.StartSearch
C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\Reimage[1].exe =>PUP.Optional.ReImageRepair
C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\AnyProtectSetup[2].exe =>PUP.Optional.AnyProtect
C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\VuuPC_VO2_8907[1].exe =>PUP.Optional.VuuPC
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32 =>PUP.Optional.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS =>PUP.Optional.Wajam

---\\ Resumo dos elementos encontrados na sua estação de trabalho (56) - 0s
http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/blog =>PUP.Optional.WdsManPro
http://www.nicolascoolman.fr/pup-shopperpro/ =>PUP.Optional.ShopperPro
http://www.nicolascoolman.fr/pup-optional-startsearch/ =>PUP.Optional.StartSearch
http://www.nicolascoolman.fr/blog =>PUP.Optional.BDYahoo
http://www.nicolascoolman.fr/blog =>PUP.Optional.LightningNewTab
http://www.nicolascoolman.fr/pup-goobzo/ =>PUP.Optional.Goobzo
http://www.nicolascoolman.fr/pup-globalupdate/ =>PUP.Optional.GlobalUpdate
http://www.nicolascoolman.fr/blog =>PUP.Optional.BoBrowser
http://www.nicolascoolman.fr/pup-ytdownloader/ =>PUP.Optional.YTDownloader
http://www.nicolascoolman.fr/pup-anyprotect/ =>PUP.Optional.AnyProtect
http://www.nicolascoolman.fr/hijacker-office/ =>PUP.Optional.Office
http://www.nicolascoolman.fr/pup-amonetize/ =>PUP.Optional.Amonetize
http://www.nicolascoolman.fr/adware-mywebsearch/ =>PUP.Optional.MyWebSearch
http://www.nicolascoolman.fr/blog =>PUP.Optional.SteelCut*
http://www.nicolascoolman.fr/pup-wpmanager/ =>PUP.Optional.WpManager
http://www.nicolascoolman.fr/blog =>PUP.Optional.WebProtector
http://www.nicolascoolman.fr/pup-suptab/ =>PUP.Optional.SupTab
http://www.nicolascoolman.fr/blog =>PUP.Optional.CrossBrowse
http://www.nicolascoolman.fr/blog =>PUP.Optional.DownChecker
http://www.nicolascoolman.fr/blog =>PUP.Optional.SweetSearch
http://www.nicolascoolman.fr/blog =>PUP.Optional.BrowserExtensions
http://www.nicolascoolman.fr/blog =>PUP.Optional.MyBestOffersToday
http://www.nicolascoolman.fr/pup-sweetpage/ =>PUP.Optional.SweetPage
http://www.nicolascoolman.fr/pup-systweak/ =>PUP.Optional.Systweak
http://www.nicolascoolman.fr/pup-termBlazer/ =>PUP.Optional.TermBlazer
http://www.nicolascoolman.fr/pup-optional-termcoach =>PUP.Optional.TermCoach
http://www.nicolascoolman.fr/blog =>PUP.Optional.Torch
http://www.nicolascoolman.fr/spyware-agenceexclusive/ =>PUP.Optional.AgenceExclusive
http://www.nicolascoolman.fr/pup-bprotector/ =>PUP.Optional.BProtector
http://www.nicolascoolman.fr/hijacker-webssearches/ =>PUP.Optional.WebsSearches
http://www.nicolascoolman.fr/blog =>PUP.Optional.CrossBrowser
http://www.nicolascoolman.fr/blog =>PUP.Optional.Gameo
http://www.nicolascoolman.fr/blog =>PUP.Optional.MyBrowser
http://www.nicolascoolman.fr/adware-installcore/ =>Adware.InstallCore
http://www.nicolascoolman.fr/blog =>PUP.Optional.Softonic
http://www.nicolascoolman.fr/trojan-vonteera/ =>Trojan.Vonteera
http://www.nicolascoolman.fr/blog =>PUP.Optional.DynConIE
http://www.nicolascoolman.fr/blog =>PUP.Optional.Adblocker
http://www.nicolascoolman.fr/adware-downware/ =>PUP.Optional.Downware
http://www.nicolascoolman.fr/pup-mutiplug/ =>PUP.Optional.Multiplug
http://www.nicolascoolman.fr/blog =>PUP.Optional.SiteLookup
http://www.nicolascoolman.fr/blog =>PUP.Optional.WebProtect
http://www.nicolascoolman.fr/blog =>PUP.Optional.SpeedBrowser
http://www.nicolascoolman.fr/blog =>PUP.Optional.ASPackage
http://www.nicolascoolman.fr/adware-opencandy/ =>PUP.Optional.OpenCandy
http://www.nicolascoolman.fr/blog =>PUP.Optional.SimilarAddon
http://www.nicolascoolman.fr/blog =>PUP.Optional.BrowserHelper
http://www.nicolascoolman.fr/blog =>.Superfluous.CrashReports
http://www.nicolascoolman.fr/adware-installpedia/ =>PUP.Optional.InstallPedia
http://www.nicolascoolman.fr/rogue-reimagerepair/ =>PUP.Optional.ReImageRepair
http://www.nicolascoolman.fr/pup-vuupc/ =>PUP.Optional.VuuPC
http://www.nicolascoolman.fr/blog =>PUP.Optional.SearchEngine
http://www.nicolascoolman.fr/hijacker-browsers/ =>PUP.Optional.Browser
http://www.nicolascoolman.fr/pup-kmspico/ =>HackTool.KMSpico
http://www.nicolascoolman.fr/pup-wajam/ =>PUP.Optional.Wajam

~ End of the scan, 20432 items in 346 seconds (1210)(0)()
---\\ Navegadores Internet (3) - 0s
GCIE: Google Chrome v45.0.2454.85
MFIE: Mozilla Firefox 40.0.3 (x86 pt-BR) v40.0.3
MSIE: Internet Explorer v11.0.9600.17031

---\\ Informações sobre os produtos Windows (4) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Key Management Service client information : KO
Windows Automatic Updates : KO

---\\ Softwares de proteçao do sistema (2) - 3s
Avast Free Antivirus v10.3.2225
Windows Defender (Deactivate)

---\\ Monitoramento dos softwares (2) - 4s
Adobe Flash Player 13 ActiveX
Adobe Reader XI

---\\ Informações sobre o sistema (6) - 0s
~ Operating System: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 7816.86 MB (85% free)
~ System Restore: Activé (Enable)
~ System drive C: has 218 GB free of 476 GB

---\\ Modo de conexão ao sistema (3) - 0s
~ Computer Name: USER-PC
~ User Name: Usuario
~ Logged in as Administrator

---\\ Enumeração das unidades dos discos (2) - 0s
~ Drive C: has 218 GB free of 476 GB (System)
~ Drive E: has GB free of 5 GB

---\\ Estado do Centro de Segurança do Windows (10) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Pesquisa particular de ficheiros genéricos (24) - 1s
[MD5.4CE0C733CDCF1D2F78532BBD9CE3441D] - (.Microsoft Corporation - Windows Explorer.) () -- C:\Windows\Explorer.exe [2373784] ©
[MD5.6E0BDFBEEED65B017F2E4C2C910B0520] - (.Microsoft Corporation - Processo de host do Windows (Rundll32).) () -- C:\Windows\System32\rundll32.exe [52736] ©
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) () -- C:\Windows\System32\Wininit.exe [144384] ©
[MD5.65C36A29A131A3A5D64B29FAC4EF6DD6] - (.Microsoft Corporation - Internet Extensions para Win32.) () -- C:\Windows\System32\wininet.dll [2262016] ©
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) () -- C:\Windows\System32\Winlogon.exe [562176] ©
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) () -- C:\Windows\System32\sppcomapi.dll [447488] ©
[MD5.5A2020DDCCBB0ED08BAC2355A075F303] - (.Microsoft Corporation - DLL da API de cliente DNS.) () -- C:\Windows\System32\dnsapi.dll [656384] ©
[MD5.2B9EED6835D269F35B310DC03D0F5768] - (.Microsoft Corporation - DLL da API de cliente DNS.) () -- C:\Windows\Syswow64\dnsapi.dll [492544] ©
[MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [567296] ©
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [26464] ©
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [88576] ©
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [164352] ©
[MD5.414686EF104910BA41DF66E83BDCD495] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [134656] ©
[MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [78336] ©
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Driver de porta i8042.) () -- C:\Windows\System32\drivers\i8042prt.sys [107520] ©
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [142848] ©
[MD5.16FFC07D36FD83ACA189A641385168B3] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) () -- C:\Windows\System32\drivers\MRxSmb.sys [402944] ©
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [282624] ©
[MD5.9AEB38B451A7B84ACB7CD3D664F87BF0] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) () -- C:\Windows\System32\drivers\ntfs.sys [2013016] ©
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Driver de porta paralela.) () -- C:\Windows\System32\drivers\Parport.sys [94208] ©
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [120832] ©
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Micros.) () -- C:\Windows\System32\drivers\rdpdr.sys [195584] ©
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [107520] ©
[MD5.3595FBDF25F8BA6256072D103937D7D6] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) () -- C:\Windows\System32\drivers\volsnap.sys [311640] ©

---\\ Processos lançados (27) - 2s
[MD5.78CC42364F47A889CBC4E66E8BA4DB9D] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe [587576] [PID.928]
[MD5.4956380A54B1C9E6BFDF3D80DACB9698] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600] [PID.1232] ©
[MD5.4C72FDD915D62EAEF149BD9C73AB9CF4] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.1096] ©
[MD5.6EB87FDB59AABF6D19C927492DEA0D36] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128] [PID.2132] ©
[MD5.EBBCD5DFBB1DE70E8F4AF8FA59E401FD] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [462184] [PID.2156] ©
[MD5.1512820A57E2FF6F4103242EE7F39F1C] - (...) -- C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsvAEFA.tmp [721920] [PID.2608] =>PUP.Optional.CrossRider
[MD5.6BAE8D679B877E2DF99EFB18435D908B] - (...) -- C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsgB391.tmp [721920] [PID.2884] =>PUP.Optional.CrossRider
[MD5.4635935FC972C582632BF45C26BFCB0E] - (...) -- C:\Windows\SysWOW64\srvany.exe [8192] [PID.3056]
[MD5.BCA43E19E7013331D99FF788EA6B42A0] - (...) -- C:\Windows\KMService.exe [151552] [PID.2052]
[MD5.988CDC4DAE2186F3A5ED6EE7D3E6B5CA] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe [786256] [PID.1444] ©
[MD5.4C5A162F20C58B523B29795291BEE6CC] - (.TODO: <公司名> - TODO: <文件说明>.) -- C:\Program Files (x86)\SFK\SSFK.exe [411648] [PID.2896]
[MD5.3AF1E5ADFC3E0DEE256FF115259B0AF1] - (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) -- C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [105112] [PID.2940]
[MD5.CFC9B7B465283378D374D5E380D5D244] - (.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280] [PID.1500] ©
[MD5.D342D91C92AC6DEDC692B183B1887652] - (.Copyright (C) 2015 - The Desktop Weather Service.) -- C:\Program Files (x86)\WeatherTool\1.2.0.9153\WeatherService.exe [76264] [PID.2216]
[MD5.A8334B73F0DB3E0B9612E6120A205A25] - (.ShenZhen Enode Techology co,.Ltd - Windows weather tool.) -- C:\Program Files (x86)\WeatherTool\1.2.0.9153\weather.exe [1594856] [PID.1512] ©
[MD5.E0DA271341411C06CD94035AEA6D008F] - (.DTools LIMITED - DTools.) -- C:\ProgramData\5WdsManPro5\WdsManPro.exe [709288] [PID.3172] =>PUP.Optional.WdsManPro
[MD5.28B2F630A8D33CC953A3F42A779B7876] - (...) -- C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knss9343.tmp [663040] [PID.3196] =>PUP.Optional.CrossRider
[MD5.3375EFA8964C402A11A0593E7FB41269] - (...) -- C:\Program Files (x86)\SFK\SFKEX64.exe [122880] [PID.3208]
[MD5.78CC42364F47A889CBC4E66E8BA4DB9D] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe [587576] [PID.4052]
[MD5.838258B7655F2309F7BE63F844AF51BB] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [170256] [PID.1460] ©
[MD5.77C01F1850E55373280A1B865D824F58] - (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Usuario\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008] [PID.4156] ©
[MD5.E8D96F840994291789F0CDE6800AC1A4] - (.Apple Inc. - iPodService Module (64-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [644880] [PID.4212] ©
[MD5.F66203AF9C159E2CBD54DF981654F499] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [6111824] [PID.5072] ©
[MD5.BC357FBB821D5B30F801ED59C2EC7602] - (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) -- C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848] [PID.3696]
[MD5.E912744B9E45C9D44845AB49FDC3B14A] - (.Goobzo LTD - .) -- C:\Program Files (x86)\ShopperPro\ShopperPro.exe [1111984] [PID.1812] =>PUP.Optional.ShopperPro
[MD5.277789334263C78BD58231766AD7C015] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Usuario\AppData\Roaming\ZHP\ZHPDiag3.exe [1923072] [PID.4276] ©
[MD5.277789334263C78BD58231766AD7C015] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Usuario\AppData\Roaming\ZHP\ZHPDiag3.exe [1923072] [PID.1308] ©

---\\ Google Chrome, Arranque,Pesquisa,Extensões (20) - 1s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://a.thanksearch.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://adplus.goo.mx/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ajax.googleapis.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://bd.xingcloud.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://d.thanksearch.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://deliver.goo.mx/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://odin.goo.mx/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://static.zoom.com.br/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
G0 - GCSP: Preferences [User Data\Default][HomePage] http://accounts.google.com/
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (20) - 3s
M0 - MFSP: prefs.js [Usuario - wy9su83x.default] http://www.mystartsearch.com/?type=hp&ts=1441641290&z=f89b18f6eb51cea9abf9b51gezbz7g8qez0g9g3z8b&from=cmi&uid=ST500LM012XHN-M500MBB_S2ZYJ9BF301169 =>PUP.Optional.StartSearch
P2 - EXT FILE: (...) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\searchplugins\bing-.xml
P2 - EXT FILE: (...) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\searchplugins\search-provided-by-yahoo.xml =>PUP.Optional.BDYahoo
P2 - EXT FILE: (...) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\searchplugins\yahoo-search.xml =>PUP.Optional.BDYahoo
P2 - EXT FILE: (...) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\searchplugins\yahoo_ff.xml
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ©
P2 - EXT: (. - bestadblocker.) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\0Mk@YEBUIS.com
P2 - EXT: (...) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\1441508975_xpi
P2 - EXT: (.Microsoft Corporation - Bing Search.) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\bingsearch.full@microsoft.com ©
P2 - EXT: (. - PriceMinuS.) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\bX@of1.org
P2 - EXT: (.roc - Default SearchProtected .) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\defsearchp@gmail.com
P2 - EXT: (.lightningnewtab.com - deskCut.) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\deskCutv2@gmail.com =>PUP.Optional.LightningNewTab
P2 - EXT: (.Goobzo - Shopper-Pro.) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} =>PUP.Optional.Goobzo
P2 - EXT: (. - Web Protector.) -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\{8a167a0d-2593-78be-dffa-baa301a8d989}
P2 - FPN: [HKCU] [@hola.org/vlc] - (.Hola.) -- C:\Users\Usuario\AppData\Local\Hola\firefox\app\vlc\npvlc.dll
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb] - (.GAS Tecnologia.) -- C:\Users\Usuario\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb64] - (.GAS Tecnologia.) -- C:\Users\Usuario\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ©
P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=10] - (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate
P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=4] - (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate

---\\ Internet Explorer, Arranque, Pesquisa, Phishing (17) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://br.search.yahoo.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://br.yahoo.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://br.search.yahoo.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://br.search.yahoo.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1

---\\ Internet Explorer, Gestão do Proxy (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Análise das linhas, Carregamento Automático de programas (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Redireção do ficheiro Hosts (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Browser Helper Objects do navegador (7) - 0s
O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL ©
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll ©
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll ©
O2 - BHO: ShopperProBHO [64Bits] - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} . (.Goobzo Ltd. - ShopperPro Extension.) -- C:\ProgramData\ShopperPro\ShopperPro64.dll =>PUP.Optional.ShopperPro
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll ©
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL ©
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll ©

---\\ Aplicações iniciadas por registo & pastas (23) - 1s
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe ©
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe ©
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe ©
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe ©
O4 - HKCU\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (.not file.)
O4 - HKCU\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Usuario\AppData\Local\Microsoft\BingSvc\BingSvc.exe ©
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE ©
O4 - HKCU\..\Run: [CrashService] C:\Users\Usuario\AppData\Local\BoBrowser\Application\crash_service.exe (.not file.) =>PUP.Optional.BoBrowser
O4 - HKCU\..\Run: [YTDownloader] C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.) =>PUP.Optional.YTDownloader
O4 - HKCU\..\Run: [EADM] . (.Electronic Arts - Origin.) -- C:\Program Files (x86)\Origin\Origin.exe ©
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe ©
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ©
O4 - HKLM\..\Wow6432Node\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe ©
O4 - HKLM\..\Wow6432Node\Run: [YTDownloader] C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.) =>PUP.Optional.YTDownloader
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe ©
O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (.not file.)
O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Usuario\AppData\Local\Microsoft\BingSvc\BingSvc.exe ©
O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE ©
O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [CrashService] C:\Users\Usuario\AppData\Local\BoBrowser\Application\crash_service.exe (.not file.) =>PUP.Optional.BoBrowser
O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [YTDownloader] C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.) =>PUP.Optional.YTDownloader
O4 - HKUS\S-1-5-21-3892239938-4071799185-2743430885-1001\..\Run: [EADM] . (.Electronic Arts - Origin.) -- C:\Program Files (x86)\Origin\Origin.exe ©

---\\ Atalhos globais Startup (3) - 3s
O4 - GS\Desktop [Administrador]: AnyProtect.lnk . (.AnyProtect.com - AnyProtect.) C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe =>PUP.Optional.AnyProtect
O4 - GS\Desktop [Convidado]: AnyProtect.lnk . (.AnyProtect.com - AnyProtect.) C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe =>PUP.Optional.AnyProtect
O4 - GS\Desktop [Usuario]: AnyProtect.lnk . (.AnyProtect.com - AnyProtect.) C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe =>PUP.Optional.AnyProtect

---\\ Alteração Dominio/Clientes DNS (8) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = oficina.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpDomain = oficina.local

---\\ Protocolo adicional (22) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\System32\MSVidCtl.dll ©
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll ©
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll ©
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\System32\MSVidCtl.dll ©
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll ©
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL ©

---\\ Serviços NT não Microsoft e não desativados (24) - 3s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe ©
O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe ©
O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe ©
O23 - Service: Serviço do Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe ©
O23 - Service: Compatible Cut (cikepiqu) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsvAEFA.tmp =>PUP.Optional.CrossRider
O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
O23 - Service: Kerning Down (gopibeko) . (...) - C:\Users\Usuario\AppData\Local\57F31BB0-1441371115-11E2-8047-874860FC3600\snsmC3B4.tmp =>PUP.Optional.CrossRider
O23 - Service: Click Hyphen (goxezecy) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsgB391.tmp =>PUP.Optional.CrossRider
O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
O23 - Service: Cool Barcode (jimocoso) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\jnse252F.tmp =>PUP.Optional.CrossRider
O23 - Service: KMService (KMService) . (...) - C:\Windows\System32\srvany.exe (.not file.) =>PUP.Optional.Office
O23 - Service: Nero Update (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files (x86)\Nero\Update\NASvc.exe ©
O23 - Service: NixSrv Service (NixSrv) . (...) - C:\Program Files\NixSrv\NixSrv.exe =>PUP.Optional.Amonetize
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe ©
O23 - Service: SSFK (SSFK) . (.TODO: <公司名> - TODO: <文件说明>.) - C:\Program Files (x86)\SFK\SSFK.exe =>PUP.Optional.MyWebSearch
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_W (SystemUsageReportSvc_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
O23 - Service: TeamViewer 10 (TeamViewer) . (.TeamViewer GmbH - TeamViewer 10.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ©
O23 - Service: TheDesktopWeatherService (TheDesktopWeatherService) . (.Copyright (C) 2015 - The Desktop Weather Service.) - C:\Program Files (x86)\WeatherTool\1.2.0.9153\WeatherService.exe
O23 - Service: Delete Exit (totyseku) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\hnsd3C24.tmp =>PUP.Optional.CrossRider
O23 - Service: Strongdex (updaie) . (...) - C:\Users\Usuario\AppData\Local\opeline.exe
O23 - Service: Util Steel Cut (Util Steel Cut) . (...) - C:\Program Files (x86)\Steel Cut\bin\utilSteelCut.exe (.not file.) =>PUP.Optional.SteelCut*
O23 - Service: WdsManPro Service (WdsManPro) . (.DTools LIMITED - DTools.) - C:\ProgramData\5WdsManPro5\WdsManPro.exe =>PUP.Optional.WpManager
O23 - Service: Protocol Space Bar (wimikimo) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knss9343.tmp =>PUP.Optional.CrossRider

---\\ Listagem dos dados do BootExecute (1) - 0s
O34 - HKLM BootExecute: (aswBoot.exe /M:54d3bb1c /wow /dir:"C:\Program Files\AVAST Software\Avast")

---\\ Software instalados (75) - 23s
O42 - Logiciel: doPDF 7.3 printer - (.Softland.) [HKLM][64Bits] -- doPDF 7 printer_is1 ©
O42 - Logiciel: DriverEasy 4.9.2 - (.Easeware.) [HKLM][64Bits] -- DriverEasy_is1 ©
O42 - Logiciel: The Desktop Weather 1.2 - (.ShenZhen Enode Techology co,.Ltd.) [HKLM][64Bits] -- WeatherTool ©
O42 - Logiciel: Web Protector Plus (uninstall only) - (...) [HKLM][64Bits] -- WebProtectorPlus =>PUP.Optional.WebProtector
O42 - Logiciel: Java 7 Update 60 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F06417060FF} ©
O42 - Logiciel: SolidWorks eDrawings 2013 x64 - (.Dassault Systèmes SolidWorks Corp.) [HKLM][64Bits] -- {3F831724-DD10-4BC1-A1C3-92DD69169674} ©
O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel Corporation.) [HKLM][64Bits] -- {5CA7FC9B-8508-4494-B365-6FBCBAEB8E89} ©
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {5D61F006-168C-4B8B-B7FD-F113C10AE0E4} ©
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} ©
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} ©
O42 - Logiciel: Suporte para Aplicativos Apple Apple (64-bit) - (.Apple Inc..) [HKLM][64Bits] -- {B255D495-4734-4E9B-B4F5-96702FD4A7B9} ©
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {BFEAB774-C7DC-4032-B05A-DA5F7CB7B365} ©
O42 - Logiciel: Adobe Flash Player 13 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX ©
O42 - Logiciel: AnyProtect - (.CMI Limited.) [HKLM][64Bits] -- AnyProtect =>PUP.Optional.AnyProtect
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- Avast ©
O42 - Logiciel: Nextel - Fatura Web 3.0 - (.NEXTEL TELECOMUNICACOES LTDA.) [HKLM][64Bits] -- br.com.nextel.apps.Fatura3G
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite ©
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome ©
O42 - Logiciel: K-Lite Mega Codec Pack 1.38 - (...) [HKLM][64Bits] -- KLiteCodecPack_is1
O42 - Logiciel: LiveUpdateWPP - (.Anti-phishing database updater for Web Protector Plus. This service keeps your computer updated with the newest database of known Internet threats..) [HKLM][64Bits] -- LiveUpdateWPP =>PUP.Optional.WebProtector
O42 - Logiciel: Mozilla Firefox 40.0.3 (x86 pt-BR) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 40.0.3 (x86 pt-BR) ©
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService ©
O42 - Logiciel: mystartsearch uninstall - (.mystartsearch.) [HKLM][64Bits] -- mystartsearch uninstall =>PUP.Optional.StartSearch
O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM][64Bits] -- Origin ©
O42 - Logiciel: TeamViewer 10 - (.TeamViewer.) [HKLM][64Bits] -- TeamViewer ©
O42 - Logiciel: The Sims 4 Spa Day Addon Pack with Bonus - (...) [HKLM][64Bits] -- VGhlU2ltczQ=_is1
O42 - Logiciel: Web Protector IE - (.WebProtector.) [HKLM][64Bits] -- WebProtector =>PUP.Optional.WebProtector
O42 - Logiciel: Arquivo do WinRAR - (...) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Nero Video Samples - (.Nero AG.) [HKLM][64Bits] -- {05C6B128-1B40-4495-9CB9-090B368BFA0A} ©
O42 - Logiciel: Nero Kwik Themes Basic - (.Nero AG.) [HKLM][64Bits] -- {1B6F5E51-575E-4693-BCA2-7543570D076D} ©
O42 - Logiciel: Nero Blu-ray Player - (.Nero AG.) [HKLM][64Bits] -- {22124B84-93B2-4603-B212-146665E4B6B1} ©
O42 - Logiciel: Nero SharedVideoCodecs - (.Nero AG.) [HKLM][64Bits] -- {2432E589-6256-4513-B0BF-EFA8E325D5F0} ©
O42 - Logiciel: Skype™ 7.6 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} ©
O42 - Logiciel: MPC-HC 1.6.3.5818 - (.MPC-HC Team.) [HKLM][64Bits] -- {2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1 ©
O42 - Logiciel: Java 7 Update 60 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F03217060FF} ©
O42 - Logiciel: Nero Effects Basic - (.Nero AG.) [HKLM][64Bits] -- {29F67D84-3A70-456E-806A-52301B02070B} ©
O42 - Logiciel: Módulo de Segurança - Banco do Brasil - (...) [HKLM][64Bits] -- {36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1
O42 - Logiciel: Nero RescueAgent - (.Nero AG.) [HKLM][64Bits] -- {38BC5B60-4E70-470A-AE76-E06C15700C68} ©
O42 - Logiciel: Intel(R) Driver Update Utility 2.2 - (.Intel.) [HKLM][64Bits] -- {3EE9923D-3045-46AB-9CAA-E375993AEB4A} ©
O42 - Logiciel: The Sims™ 4 - (.Electronic Arts Inc..) [HKLM][64Bits] -- {48EBEBBF-B9F8-4520-A3CF-89A730721917} ©
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} ©
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726} ©
O42 - Logiciel: Nero MediaHome - (.Nero AG.) [HKLM][64Bits] -- {62CFAD8C-4A87-490F-95F7-D10ED7501AD0} ©
O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM][64Bits] -- {65BB0407-4CC8-4DC7-952E-3EEFDF05602A} ©
O42 - Logiciel: Nero Recode - (.Nero AG.) [HKLM][64Bits] -- {6B14A50A-389F-4628-BE69-DC56122F982B} ©
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} ©
O42 - Logiciel: Nero Express - (.Nero AG.) [HKLM][64Bits] -- {6EEF61AB-CC0B-4917-A3F2-97902CD11073} ©
O42 - Logiciel: Nextel - Fatura Web 3.0 - (.NEXTEL TELECOMUNICACOES LTDA.) [HKLM][64Bits] -- {7426D890-3D8D-37E1-F7D4-CACE0F69A967}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} ©
O42 - Logiciel: Suporte para Aplicativos Apple (32-bit) - (.Apple Inc..) [HKLM][64Bits] -- {7FE25256-B7C1-480D-B736-10A67A833AEA} ©
O42 - Logiciel: Nero Disc to Device - (.Nero AG.) [HKLM][64Bits] -- {82BF7616-508E-44A5-848F-41FE2C0829F1} ©
O42 - Logiciel: Claro 3G - (...) [HKLM][64Bits] -- {93D34EE3-99B3-4DB1-8B0A-0A657466F90D}
O42 - Logiciel: Software de dispositivo do Chipset Intel® - (.Intel(R) Corporation.) [HKLM][64Bits] -- {98f335cd-0a32-4b3f-b74c-ef9480e834f0} ©
O42 - Logiciel: Nero Launcher - (.Nero AG.) [HKLM][64Bits] -- {9D780839-6E97-4E2A-A5F7-711AF221B609} ©
O42 - Logiciel: Nero Audio Pack 1 - (.Nero AG.) [HKLM][64Bits] -- {A7A0BF2E-31CC-49E3-9913-52C503EB969D} ©
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ©
O42 - Logiciel: Nero Device Updates - (.Nero AG.) [HKLM][64Bits] -- {ABA7F64A-8CEB-4B59-84D9-B4D98CCD32D4} ©
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {ABC88553-8770-4B97-B43E-5A90647A5B63} ©
O42 - Logiciel: Adobe Reader XI (11.0.10) - Português - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1046-7B44-AB0000000001} ©
O42 - Logiciel: Nero PiP Effects Basic - (.Nero AG.) [HKLM][64Bits] -- {ACE49D50-19CD-44A6-B192-46F985283B26} ©
O42 - Logiciel: Nero Video - (.Nero AG.) [HKLM][64Bits] -- {AF604D6A-9BE8-45FE-855E-B1AF13BEE88C} ©
O42 - Logiciel: Nero Burning ROM - (.Nero AG.) [HKLM][64Bits] -- {B3756FCF-13D3-460B-88D5-33CB88CE6CFA} ©
O42 - Logiciel: Nero Core Components - (.Nero AG.) [HKLM][64Bits] -- {BEBEE34D-84A2-4EDD-8BEA-96CC54371263} ©
O42 - Logiciel: The Sims™ 3 - (.Electronic Arts.) [HKLM][64Bits] -- {C05D8CDB-417D-4335-A38C-A0659EDFD6B8} ©
O42 - Logiciel: Intel Driver Update Utility - (.Intel.) [HKLM][64Bits] -- {ca4bc3a8-b99c-4416-90d8-351a8ceab458} ©
O42 - Logiciel: SoundDown version 0.1 - (.NK Software.) [HKLM][64Bits] -- {DAFD1AE9-61A0-4B35-B4C6-D2367D77633A}_is1
O42 - Logiciel: Nero Disc Menus Basic - (.Nero AG.) [HKLM][64Bits] -- {E17BCB76-9924-4BD5-B6D6-50D3407B4E74} ©
O42 - Logiciel: Microsoft WSE 3.0 Runtime - (.Microsoft Corp..) [HKLM][64Bits] -- {E3E71D07-CD27-46CB-8448-16D4FB29AA13} ©
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} ©
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} ©
O42 - Logiciel: Nero 2015 - (.Nero AG.) [HKLM][64Bits] -- {F9592BA0-AA0D-454C-95AA-9782DF00CB4B} ©
O42 - Logiciel: Nero Burning Core - (.Nero AG.) [HKLM][64Bits] -- {FB41E96F-CE95-4181-9488-A501E9240978} ©
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573} ©
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent
O42 - Logiciel: WindowsAndroid version 4.0.3 - (.SocketeQ, Inc..) [HKCU][64Bits] -- {7E07052F-A4CE-4932-B066-B9203888439F}_is1

---\\ HKCU & HKLM Software Keys (161) - 23s
HKLM\SOFTWARE\Wow6432Node\3ivx
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AppDataLow
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\ArenaHD =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\AVAST Software
HKLM\SOFTWARE\Wow6432Node\baidu
HKLM\SOFTWARE\Wow6432Node\Baidu Security
HKLM\SOFTWARE\Wow6432Node\Baidu_Drp_pos
HKLM\SOFTWARE\Wow6432Node\Canneverbe Limited
HKLM\SOFTWARE\Wow6432Node\Clara =>PUP.Optional.SupTab
HKLM\SOFTWARE\Wow6432Node\Claro 3G
HKLM\SOFTWARE\Wow6432Node\Crossbrowse =>PUP.Optional.CrossBrowse
HKLM\SOFTWARE\Wow6432Node\Cyberlink
HKLM\SOFTWARE\Wow6432Node\Disc Soft
HKLM\SOFTWARE\Wow6432Node\downchecker =>PUP.Optional.DownChecker
HKLM\SOFTWARE\Wow6432Node\Electronic Arts
HKLM\SOFTWARE\Wow6432Node\FFPluginHp =>PUP.Optional.SweetSearch
HKLM\SOFTWARE\Wow6432Node\GlobalUpdate =>PUP.Optional.GlobalUpdate
HKLM\SOFTWARE\Wow6432Node\GNU
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\HaaliMkx
HKLM\SOFTWARE\Wow6432Node\HighDefAction =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\KLCodecPack
HKLM\SOFTWARE\Wow6432Node\LiveUpdateWPP =>PUP.Optional.WebProtector
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Maxis
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\MYBESTOFFERSTODAY =>PUP.Optional.MyBestOffersToday
HKLM\SOFTWARE\Wow6432Node\MyBrowser
HKLM\SOFTWARE\Wow6432Node\mystartsearchSoftware =>PUP.Optional.StartSearch
HKLM\SOFTWARE\Wow6432Node\Nero
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\On2 Technologies
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\Origin
HKLM\SOFTWARE\Wow6432Node\RealNetworks
HKLM\SOFTWARE\Wow6432Node\Reg
HKLM\SOFTWARE\Wow6432Node\ShopperPro =>PUP.Optional.ShopperPro
HKLM\SOFTWARE\Wow6432Node\Sims
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\sweet-pageSoftware =>PUP.Optional.SweetPage
HKLM\SOFTWARE\Wow6432Node\Symantec
HKLM\SOFTWARE\Wow6432Node\Systweak =>PUP.Optional.Systweak
HKLM\SOFTWARE\Wow6432Node\TeamViewer
HKLM\SOFTWARE\Wow6432Node\TermBlazer_1.10.0.16 =>PUP.Optional.TermBlazer
HKLM\SOFTWARE\Wow6432Node\TermCoach_1.10.0.24 =>PUP.Optional.TermCoach
HKLM\SOFTWARE\Wow6432Node\Torch =>PUP.Optional.Torch
HKLM\SOFTWARE\Wow6432Node\TuneUp
HKLM\SOFTWARE\Wow6432Node\Tutorials =>PUP.Optional.AgenceExclusive
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\Virtools
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\WdsManPro =>PUP.Optional.WdsManPro
HKLM\SOFTWARE\Wow6432Node\WebProtector =>PUP.Optional.BProtector
HKLM\SOFTWARE\Wow6432Node\webssearchesSoftware =>PUP.Optional.WebsSearches
HKLM\SOFTWARE\Wow6432Node\WebZen
HKLM\SOFTWARE\Wow6432Node\YorkNewCin =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\3ivx
HKCU\SOFTWARE\AC3filter
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AnyProtect =>PUP.Optional.AnyProtect
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Ares
HKCU\SOFTWARE\AutoHelpDesk
HKCU\SOFTWARE\AVAST Software
HKCU\SOFTWARE\Baidu Security
HKCU\SOFTWARE\Baixaki
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\BoBrowser =>PUP.Optional.BoBrowser
HKCU\SOFTWARE\btr7psaa4s7
HKCU\SOFTWARE\Canneverbe Limited
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\CinemaPlus_1.3dV28.08-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse
HKCU\SOFTWARE\CrossBrowser =>PUP.Optional.CrossBrowser
HKCU\SOFTWARE\Disc Soft
HKCU\SOFTWARE\DivXNetworks
HKCU\SOFTWARE\DriverToolkit
HKCU\SOFTWARE\drpsu
HKCU\SOFTWARE\eDrawings
HKCU\SOFTWARE\Electronic Arts
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\Gameo =>PUP.Optional.Gameo
HKCU\SOFTWARE\GbAs
HKCU\SOFTWARE\GbPlugin
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\GSpot Appliance Corp
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\HaaliMkx
HKCU\SOFTWARE\hGbZpg9u7J7ijJ
HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Hola
HKCU\SOFTWARE\I - Cinema-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Mine
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\mybestofferstoday =>PUP.Optional.MyBestOffersToday
HKCU\SOFTWARE\MyBrowser
HKCU\SOFTWARE\MyBrowser 1.0.2V05.09-nv-ie =>PUP.Optional.MyBrowser
HKCU\SOFTWARE\Nero
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\OuhSUVFd7E6x7cWHF
HKCU\SOFTWARE\PDFConvert
HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore
HKCU\SOFTWARE\QuickTime Alternative
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\Reg
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\shockwave.com
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\Softland
HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic
HKCU\SOFTWARE\systweak =>PUP.Optional.Systweak
HKCU\SOFTWARE\TeamViewer
HKCU\SOFTWARE\teras games
HKCU\SOFTWARE\Torch =>PUP.Optional.Torch
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\TuneUp
HKCU\SOFTWARE\Tutorials =>PUP.Optional.AgenceExclusive
HKCU\SOFTWARE\TutoTag =>PUP.Optional.AgenceExclusive
HKCU\SOFTWARE\UA7ucDhV
HKCU\SOFTWARE\Vonteera Safe ads =>Trojan.Vonteera
HKCU\SOFTWARE\WeatherTool
HKCU\SOFTWARE\WebApp
HKCU\SOFTWARE\Webzen
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\Adobe
HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\DynConIE =>PUP.Optional.DynConIE
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\Macromedia

---\\ Conteúdo das pastas Programs (269) - 39s
O43 - CFD: 2015/09/07 18:27:13 - [] D -- C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600 =>PUP.Optional.CrossRider
O43 - CFD: 2015/09/04 12:58:11 - [] D -- C:\Program Files (x86)\57F31BB0-1441382290-11E2-8047-874860FC3600 =>PUP.Optional.CrossRider
O43 - CFD: 2015/09/06 13:53:35 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2015/09/07 23:01:39 - [] D -- C:\Program Files (x86)\AnyProtectEx =>PUP.Optional.AnyProtect
O43 - CFD: 2014/10/16 23:13:51 - [] D -- C:\Program Files (x86)\Apple Software Update
O43 - CFD: 2015/04/23 11:48:28 - [] D -- C:\Program Files (x86)\Baidu Security
O43 - CFD: 2015/06/10 11:36:39 - [] D -- C:\Program Files (x86)\bestadblocker =>PUP.Optional.Adblocker
O43 - CFD: 2015/08/01 02:20:09 - [] D -- C:\Program Files (x86)\Bonjour
O43 - CFD: 2014/08/04 09:34:42 - [] D -- C:\Program Files (x86)\Claro 3G
O43 - CFD: 2015/08/10 07:22:46 - [] D -- C:\Program Files (x86)\Cliente MuVenon
O43 - CFD: 2015/09/06 13:53:38 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2015/09/05 20:42:23 - [] D -- C:\Program Files (x86)\Convertor
O43 - CFD: 2014/12/31 16:56:48 - [] D -- C:\Program Files (x86)\DAEMON Tools Lite
O43 - CFD: 2014/08/04 09:34:42 - [] D -- C:\Program Files (x86)\Deal Keeper
O43 - CFD: 2014/08/01 00:12:25 - [] D -- C:\Program Files (x86)\Devworks
O43 - CFD: 2015/04/15 11:33:39 - [] HD -- C:\Program Files (x86)\Diebold
O43 - CFD: 2015/07/09 00:12:10 - [] D -- C:\Program Files (x86)\DriverToolkit
O43 - CFD: 2015/08/15 15:09:15 - [] D -- C:\Program Files (x86)\Electronic Arts
O43 - CFD: 2015/09/08 00:55:09 - [] AD -- C:\Program Files (x86)\GbPlugin
O43 - CFD: 2015/09/05 22:53:10 - [] D -- C:\Program Files (x86)\globalUpdate =>PUP.Optional.GlobalUpdate
O43 - CFD: 2014/07/07 13:05:43 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2014/08/04 09:34:42 - [] D -- C:\Program Files (x86)\InstallAffixationInfo
O43 - CFD: 2015/09/04 11:51:14 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2015/06/08 02:10:27 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2015/09/05 23:11:25 - [] D -- C:\Program Files (x86)\Intel Driver Update Utility
O43 - CFD: 2014/03/18 08:09:47 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2015/08/13 20:25:40 - [] D -- C:\Program Files (x86)\iTunes
O43 - CFD: 2014/07/07 13:06:22 - [] D -- C:\Program Files (x86)\Java
O43 - CFD: 2014/07/07 13:07:26 - [] D -- C:\Program Files (x86)\K-Lite Codec Pack
O43 - CFD: 2015/06/23 13:24:16 - [] D -- C:\Program Files (x86)\LiveUpdateWPP =>PUP.Optional.WebProtector
O43 - CFD: 2015/09/05 23:00:28 - [] D -- C:\Program Files (x86)\mbot_br_014010080
O43 - CFD: 2014/07/07 13:10:26 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 2014/07/07 13:12:03 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2014/09/12 18:22:40 - [] D -- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 2014/07/07 13:12:02 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 2014/07/07 13:12:02 - [] D -- C:\Program Files (x86)\Microsoft Sync Framework
O43 - CFD: 2014/07/07 13:12:11 - [] D -- C:\Program Files (x86)\Microsoft Synchronization Services
O43 - CFD: 2014/07/07 13:10:41 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 2014/09/23 22:09:15 - [] D -- C:\Program Files (x86)\Microsoft WSE
O43 - CFD: 2014/07/07 13:12:02 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/09/06 00:33:22 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2015/06/04 18:55:01 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 2014/07/07 13:07:47 - [] D -- C:\Program Files (x86)\MPC-HC
O43 - CFD: 2014/07/07 13:12:21 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2015/04/20 21:10:48 - [] D -- C:\Program Files (x86)\MuLosT
O43 - CFD: 2015/08/10 18:43:03 - [] D -- C:\Program Files (x86)\Nero
O43 - CFD: 2015/04/21 11:54:41 - [] D -- C:\Program Files (x86)\Nextel Fatura Web 3.0
O43 - CFD: 2015/09/04 13:00:07 - [] D -- C:\Program Files (x86)\Opera
O43 - CFD: 2015/09/05 18:34:33 - [] D -- C:\Program Files (x86)\Origin
O43 - CFD: 2015/09/05 18:37:20 - [0] D -- C:\Program Files (x86)\Origin Games
O43 - CFD: 2015/09/05 20:25:39 - [0] D -- C:\Program Files (x86)\predm =>PUP.Optional.Downware
O43 - CFD: 2015/06/10 11:36:39 - [] D -- C:\Program Files (x86)\PriceMinuS =>PUP.Optional.Multiplug
O43 - CFD: 2014/08/04 09:34:40 - [] D -- C:\Program Files (x86)\Real
O43 - CFD: 2014/08/04 09:34:40 - [] D -- C:\Program Files (x86)\RealNetworks
O43 - CFD: 2014/07/07 12:53:08 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2015/09/08 00:55:00 - [] D -- C:\Program Files (x86)\SFK =>PUP.Optional.MyWebSearch
O43 - CFD: 2015/09/05 22:58:50 - [] D -- C:\Program Files (x86)\ShopperPro =>PUP.Optional.ShopperPro
O43 - CFD: 2014/07/29 21:08:14 - [0] D -- C:\Program Files (x86)\SiteLookup =>PUP.Optional.SiteLookup
O43 - CFD: 2015/08/05 00:53:47 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 2015/08/07 18:42:35 - [] D -- C:\Program Files (x86)\SoundDown
O43 - CFD: 2015/08/22 11:10:27 - [] D -- C:\Program Files (x86)\TeamViewer
O43 - CFD: 2015/08/17 01:33:32 - [] D -- C:\Program Files (x86)\The Sims 4
O43 - CFD: 2015/09/05 23:27:57 - [] D -- C:\Program Files (x86)\UPCleaner
O43 - CFD: 2014/07/29 21:21:49 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 2015/04/30 15:33:16 - [] D -- C:\Program Files (x86)\WeatherTool
O43 - CFD: 2015/09/05 21:09:18 - [] D -- C:\Program Files (x86)\WebProtector =>PUP.Optional.WebProtect
O43 - CFD: 2015/09/05 21:09:19 - [] D -- C:\Program Files (x86)\WebProtectorPlus =>PUP.Optional.WebProtect
O43 - CFD: 2014/03/18 08:09:35 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2014/03/18 06:45:20 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2014/03/18 08:09:35 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2014/03/18 08:09:35 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 2013/08/22 12:36:30 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2014/03/18 06:45:20 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2014/03/18 08:09:35 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2013/08/22 12:36:30 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2013/08/22 12:36:30 - [] D -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 2014/07/07 13:07:39 - [] D -- C:\Program Files (x86)\WinRAR
O43 - CFD: 2015/09/05 20:42:27 - [] D -- C:\Program Files (x86)\Winsta
O43 - CFD: 2013/08/22 12:36:33 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2015/01/01 00:16:41 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2014/03/18 08:09:42 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/02/16 18:22:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares
O43 - CFD: 2015/09/05 20:22:39 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
O43 - CFD: 2014/08/04 09:34:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Claro 3G
O43 - CFD: 2014/12/31 16:56:58 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
O43 - CFD: 2014/07/07 13:07:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doPDF 7
O43 - CFD: 2015/06/08 01:06:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverEasy
O43 - CFD: 2014/09/24 11:22:40 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/05/14 23:39:38 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gametrack
O43 - CFD: 2014/08/04 09:34:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/08/15 19:08:23 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
O43 - CFD: 2015/09/05 23:11:56 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
O43 - CFD: 2015/08/13 20:26:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 2014/07/07 13:06:28 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 2013/08/22 12:36:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2014/07/07 13:12:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 2014/09/12 18:22:55 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2014/07/07 13:07:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
O43 - CFD: 2015/09/04 12:52:34 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY =>PUP.Optional.MyBestOffersToday
O43 - CFD: 2015/08/10 18:43:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
O43 - CFD: 2015/09/05 18:34:59 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
O43 - CFD: 2014/07/07 13:12:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
O43 - CFD: 2014/10/10 22:58:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2014/07/07 13:04:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolidWorks 2013
O43 - CFD: 2015/08/07 18:42:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundDown
O43 - CFD: 2013/08/22 12:36:33 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 2014/03/18 08:09:42 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2014/03/18 07:03:09 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/06/23 00:52:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Web Protector Plus =>PUP.Optional.WebProtector
O43 - CFD: 2014/07/07 13:07:38 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/06/08 01:17:21 - [] D -- C:\ProgramData\18145712802912383320
O43 - CFD: 2015/08/01 02:22:09 - [] D -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 2015/06/23 00:11:28 - [] D -- C:\ProgramData\3DVIA
O43 - CFD: 2015/09/07 12:56:05 - [] D -- C:\ProgramData\3WdsManPro3 =>PUP.Optional.WdsManPro
O43 - CFD: 2015/09/07 22:58:22 - [] D -- C:\ProgramData\5WdsManPro5 =>PUP.Optional.WdsManPro
O43 - CFD: 2015/04/21 11:54:47 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2014/10/16 23:13:43 - [] D -- C:\ProgramData\Apple
O43 - CFD: 2014/10/16 23:21:30 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2015/06/10 20:32:10 - [] D -- C:\ProgramData\Ashampoo
O43 - CFD: 2015/09/05 20:03:34 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 2015/04/29 15:11:09 - [] D -- C:\ProgramData\baidu
O43 - CFD: 2015/05/27 13:53:10 - [] D -- C:\ProgramData\Baidu Security
O43 - CFD: 2015/03/22 16:20:57 - [] D -- C:\ProgramData\BlueStacksSetup
O43 - CFD: 2015/04/15 12:01:09 - [0] D -- C:\ProgramData\boost_interprocess
O43 - CFD: 2015/06/10 11:36:39 - [] D -- C:\ProgramData\Browser =>PUP.Optional.SpeedBrowser
O43 - CFD: 2015/04/23 13:19:03 - [] D -- C:\ProgramData\Canneverbe Limited
O43 - CFD: 2015/04/23 13:23:08 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 2015/09/08 00:06:15 - [] D -- C:\ProgramData\Convertor
O43 - CFD: 2014/07/07 11:29:42 - [0] SHD -- C:\ProgramData\Dados de Aplicativos
O43 - CFD: 2014/12/31 18:29:16 - [] D -- C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2014/07/07 11:29:42 - [0] SHD -- C:\ProgramData\Documentos
O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2014/09/24 11:10:09 - [] D -- C:\ProgramData\EA Core
O43 - CFD: 2015/09/05 18:34:36 - [] D -- C:\ProgramData\Electronic Arts
O43 - CFD: 2015/04/15 11:29:58 - [] D -- C:\ProgramData\GAS Tecnologia
O43 - CFD: 2015/08/29 19:22:26 - [] D -- C:\ProgramData\GbPlugin
O43 - CFD: 2015/09/05 23:11:33 - [] D -- C:\ProgramData\Intel
O43 - CFD: 2015/09/05 23:19:13 - [] D -- C:\ProgramData\IntelDLM
O43 - CFD: 2015/09/05 23:28:31 - [] D -- C:\ProgramData\iWdsManProi =>PUP.Optional.WdsManPro
O43 - CFD: 2015/06/08 01:15:32 - [] D -- C:\ProgramData\koifhalnfoonpogbgiickmiggnkkhflf
O43 - CFD: 2014/07/07 11:29:42 - [0] SHD -- C:\ProgramData\Menu Iniciar
O43 - CFD: 2014/09/12 18:22:58 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2014/07/07 13:13:30 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2014/07/07 11:29:42 - [0] SHD -- C:\ProgramData\Modelos
O43 - CFD: 2014/07/07 13:04:51 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2015/09/05 20:09:20 - [] D -- C:\ProgramData\MWdsManProM =>PUP.Optional.WdsManPro
O43 - CFD: 2015/08/10 18:43:15 - [] D -- C:\ProgramData\Nero
O43 - CFD: 2015/09/05 18:37:25 - [] D -- C:\ProgramData\Origin
O43 - CFD: 2015/09/05 23:23:36 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 2014/07/29 21:41:07 - [] D -- C:\ProgramData\Real
O43 - CFD: 2014/07/29 21:35:09 - [] D -- C:\ProgramData\RealNetworks
O43 - CFD: 2014/03/18 07:03:09 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2015/09/06 00:12:10 - [] D -- C:\ProgramData\rWdsManPror =>PUP.Optional.WdsManPro
O43 - CFD: 2015/09/04 12:50:09 - [] D -- C:\ProgramData\ShopperPro =>PUP.Optional.ShopperPro
O43 - CFD: 2015/08/05 00:53:46 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2014/07/07 13:06:31 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2015/04/15 12:01:38 - [] D -- C:\ProgramData\Temp
O43 - CFD: 2013/08/22 11:45:52 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/04/23 13:25:32 - [] D -- C:\ProgramData\TuneUp Software
O43 - CFD: 2015/06/08 01:20:22 - [] D -- C:\ProgramData\{f53b1ccf-bc55-15c7-f53b-b1ccfbc5733e}
O43 - CFD: 2015/04/23 13:23:16 - [] SHD -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 2014/07/07 13:05:09 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2015/08/01 02:22:09 - [] D -- C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 2014/07/07 13:12:11 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 2015/06/04 14:11:13 - [] HD -- C:\Program Files (x86)\Common Files\EAInstaller
O43 - CFD: 2014/07/07 13:06:30 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 2014/07/07 13:12:25 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 2015/08/15 15:23:52 - [] D -- C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 2013/08/22 12:36:33 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2014/10/10 22:58:07 - [] D -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 2014/07/07 13:10:33 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2015/04/21 11:54:09 - [] D -- C:\Users\Usuario\AppData\Roaming\Adobe
O43 - CFD: 2015/09/06 00:15:47 - [] SHD -- C:\Users\Usuario\AppData\Roaming\AnyProtectEx =>PUP.Optional.AnyProtect
O43 - CFD: 2015/08/01 02:23:33 - [] D -- C:\Users\Usuario\AppData\Roaming\Apple Computer
O43 - CFD: 2015/05/10 18:25:14 - [] D -- C:\Users\Usuario\AppData\Roaming\Ashampoo
O43 - CFD: 2015/09/07 17:15:31 - [0] D -- C:\Users\Usuario\AppData\Roaming\ASP
O43 - CFD: 2015/09/05 22:50:50 - [0] D -- C:\Users\Usuario\AppData\Roaming\ASPackage =>PUP.Optional.ASPackage
O43 - CFD: 2015/09/05 20:24:50 - [] D -- C:\Users\Usuario\AppData\Roaming\AVAST Software
O43 - CFD: 2015/04/21 11:54:51 - [] D -- C:\Users\Usuario\AppData\Roaming\br.com.nextel.apps.Fatura3G
O43 - CFD: 2015/04/23 13:14:17 - [] D -- C:\Users\Usuario\AppData\Roaming\Canneverbe Limited
O43 - CFD: 2014/12/31 18:29:13 - [] D -- C:\Users\Usuario\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 2015/06/08 01:06:24 - [] D -- C:\Users\Usuario\AppData\Roaming\Easeware
O43 - CFD: 2014/07/07 13:04:13 - [] D -- C:\Users\Usuario\AppData\Roaming\help_images_otherUI
O43 - CFD: 2015/08/15 15:08:44 - [0] D -- C:\Users\Usuario\AppData\Roaming\Hola
O43 - CFD: 2015/09/04 22:12:11 - [] D -- C:\Users\Usuario\AppData\Roaming\Identities
O43 - CFD: 2014/07/18 23:41:07 - [] D -- C:\Users\Usuario\AppData\Roaming\Macromedia
O43 - CFD: 2014/07/07 13:43:28 - [] D -- C:\Users\Usuario\AppData\Roaming\Media Player Classic
O43 - CFD: 2015/07/01 02:02:28 - [] SD -- C:\Users\Usuario\AppData\Roaming\Microsoft
O43 - CFD: 2014/07/30 21:26:13 - [] D -- C:\Users\Usuario\AppData\Roaming\Mozilla
O43 - CFD: 2015/09/07 22:58:04 - [] D -- C:\Users\Usuario\AppData\Roaming\mystartsearch =>PUP.Optional.StartSearch
O43 - CFD: 2015/02/16 15:00:42 - [] D -- C:\Users\Usuario\AppData\Roaming\Nero
O43 - CFD: 2015/06/02 10:59:19 - [] D -- C:\Users\Usuario\AppData\Roaming\OpenCandy =>PUP.Optional.OpenCandy
O43 - CFD: 2014/07/30 21:32:31 - [0] D -- C:\Users\Usuario\AppData\Roaming\Opera Software
O43 - CFD: 2015/09/05 18:36:18 - [] D -- C:\Users\Usuario\AppData\Roaming\Origin
O43 - CFD: 2015/09/05 20:42:21 - [] D -- C:\Users\Usuario\AppData\Roaming\PDFConvert
O43 - CFD: 2015/09/08 00:06:15 - [] D -- C:\Users\Usuario\AppData\Roaming\PlusN
O43 - CFD: 2014/07/29 21:41:00 - [] D -- C:\Users\Usuario\AppData\Roaming\Real
O43 - CFD: 2014/07/29 21:36:06 - [] D -- C:\Users\Usuario\AppData\Roaming\RealNetworks
O43 - CFD: 2014/07/29 21:08:04 - [0] D -- C:\Users\Usuario\AppData\Roaming\SimilarAddon =>PUP.Optional.SimilarAddon
O43 - CFD: 2015/08/05 01:09:41 - [] D -- C:\Users\Usuario\AppData\Roaming\Skype
O43 - CFD: 2014/07/07 13:07:44 - [] D -- C:\Users\Usuario\AppData\Roaming\Softland
O43 - CFD: 2015/09/05 20:08:42 - [] D -- C:\Users\Usuario\AppData\Roaming\sweet-page =>PUP.Optional.SweetPage
O43 - CFD: 2015/09/07 17:38:54 - [0] D -- C:\Users\Usuario\AppData\Roaming\systweak =>PUP.Optional.Systweak
O43 - CFD: 2015/04/17 22:33:39 - [] D -- C:\Users\Usuario\AppData\Roaming\TeamViewer
O43 - CFD: 2015/04/23 13:24:57 - [] D -- C:\Users\Usuario\AppData\Roaming\TuneUp Software
O43 - CFD: 2015/08/27 00:51:10 - [] D -- C:\Users\Usuario\AppData\Roaming\uTorrent
O43 - CFD: 2014/08/04 09:34:35 - [] D -- C:\Users\Usuario\AppData\Roaming\vlc
O43 - CFD: 2015/09/08 00:55:06 - [] D -- C:\Users\Usuario\AppData\Roaming\WeatherTool
O43 - CFD: 2015/06/23 00:51:53 - [0] D -- C:\Users\Usuario\AppData\Roaming\WebExtend
O43 - CFD: 2014/09/24 11:02:58 - [0] D -- C:\Users\Usuario\AppData\Roaming\WinRAR
O43 - CFD: 2015/09/08 01:03:58 - [] D -- C:\Users\Usuario\AppData\Roaming\ZHP
O43 - CFD: 2015/06/29 04:50:34 - [] SHD -- C:\Users\Usuario\AppData\Local\.#
O43 - CFD: 2015/09/05 07:18:39 - [] D -- C:\Users\Usuario\AppData\Local\57F31BB0-1441371115-11E2-8047-874860FC3600
O43 - CFD: 2015/04/21 11:52:05 - [] D -- C:\Users\Usuario\AppData\Local\Adobe
O43 - CFD: 2014/10/16 23:13:53 - [] D -- C:\Users\Usuario\AppData\Local\Apple
O43 - CFD: 2014/10/16 23:22:22 - [] D -- C:\Users\Usuario\AppData\Local\Apple Computer
O43 - CFD: 2015/08/08 22:27:00 - [] D -- C:\Users\Usuario\AppData\Local\Ares
O43 - CFD: 2015/05/10 18:25:19 - [] D -- C:\Users\Usuario\AppData\Local\ashampoo
O43 - CFD: 2015/09/04 12:50:42 - [] D -- C:\Users\Usuario\AppData\Local\BrowserHelper =>PUP.Optional.BrowserHelper
O43 - CFD: 2015/09/04 12:48:36 - [] D -- C:\Users\Usuario\AppData\Local\CrashRpt =>.Superfluous.CrashReports
O43 - CFD: 2015/09/08 00:06:11 - [] D -- C:\Users\Usuario\AppData\Local\cu
O43 - CFD: 2014/07/07 11:41:07 - [0] SHD -- C:\Users\Usuario\AppData\Local\Dados de Aplicativos
O43 - CFD: 2015/09/04 12:20:25 - [] D -- C:\Users\Usuario\AppData\Local\Diagnostics
O43 - CFD: 2014/09/20 21:37:06 - [0] D -- C:\Users\Usuario\AppData\Local\DriverToolkit
O43 - CFD: 2015/08/15 14:59:05 - [] D -- C:\Users\Usuario\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2014/07/07 13:04:26 - [] SHD -- C:\Users\Usuario\AppData\Local\EmieSiteList
O43 - CFD: 2014/07/07 13:04:26 - [] SHD -- C:\Users\Usuario\AppData\Local\EmieUserList
O43 - CFD: 2015/04/29 15:13:13 - [] D -- C:\Users\Usuario\AppData\Local\Gameo =>PUP.Optional.Gameo
O43 - CFD: 2015/04/15 12:01:09 - [] D -- C:\Users\Usuario\AppData\Local\GAS Tecnologia
O43 - CFD: 2015/09/04 12:50:36 - [] D -- C:\Users\Usuario\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate
O43 - CFD: 2015/08/02 08:38:59 - [] D -- C:\Users\Usuario\AppData\Local\Google
O43 - CFD: 2014/07/07 11:41:07 - [0] SHD -- C:\Users\Usuario\AppData\Local\Histórico
O43 - CFD: 2015/08/10 15:12:34 - [] D -- C:\Users\Usuario\AppData\Local\Hola
O43 - CFD: 2015/09/04 12:48:38 - [] D -- C:\Users\Usuario\AppData\Local\Installer =>PUP.Optional.InstallPedia
O43 - CFD: 2015/09/05 23:12:15 - [] D -- C:\Users\Usuario\AppData\Local\Intel
O43 - CFD: 2015/09/04 12:58:07 - [] D -- C:\Users\Usuario\AppData\Local\macasoft
O43 - CFD: 2015/09/05 22:45:55 - [] D -- C:\Users\Usuario\AppData\Local\mbot_br_014010080
O43 - CFD: 2015/09/04 22:12:10 - [] D -- C:\Users\Usuario\AppData\Local\Microsoft
O43 - CFD: 2014/07/07 13:10:20 - [0] D -- C:\Users\Usuario\AppData\Local\Microsoft Help
O43 - CFD: 2014/07/30 21:26:16 - [] D -- C:\Users\Usuario\AppData\Local\Mozilla
O43 - CFD: 2015/02/16 16:05:12 - [] D -- C:\Users\Usuario\AppData\Local\Nero
O43 - CFD: 2015/02/16 15:01:03 - [] D -- C:\Users\Usuario\AppData\Local\Nero_AG
O43 - CFD: 2015/09/04 12:59:57 - [0] D -- C:\Users\Usuario\AppData\Local\Opera Software
O43 - CFD: 2015/09/05 18:36:33 - [] D -- C:\Users\Usuario\AppData\Local\Origin
O43 - CFD: 2014/07/07 11:42:14 - [] D -- C:\Users\Usuario\AppData\Local\Packages
O43 - CFD: 2014/07/07 13:02:31 - [] D -- C:\Users\Usuario\AppData\Local\Programs
O43 - CFD: 2014/07/07 13:07:16 - [] D -- C:\Users\Usuario\AppData\Local\Skype
O43 - CFD: 2015/07/01 22:46:01 - [] D -- C:\Users\Usuario\AppData\Local\TeamViewer
O43 - CFD: 2015/09/08 01:05:00 - [] D -- C:\Users\Usuario\AppData\Local\Temp
O43 - CFD: 2014/07/07 11:41:07 - [0] SHD -- C:\Users\Usuario\AppData\Local\Temporary Internet Files
O43 - CFD: 2014/11/08 01:47:51 - [] D -- C:\Users\Usuario\AppData\Local\Torch =>PUP.Optional.Torch
O43 - CFD: 2015/04/23 13:24:57 - [] D -- C:\Users\Usuario\AppData\Local\TuneUp Software
O43 - CFD: 2015/06/29 04:46:42 - [] D -- C:\Users\Usuario\AppData\Local\VirtualStore
O43 - CFD: 2015/09/04 13:01:42 - [] D -- C:\Users\Usuario\AppData\Local\VLCUpdate
O43 - CFD: 2015/09/08 00:05:58 - [] D -- C:\Users\Usuario\AppData\Local\{8560CE30-E8DF-44C5-8EB3-21DF67860E6F}
O43 - CFD: 2014/03/18 08:09:42 - [] RD -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2013/08/22 12:36:32 - [] RD -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/09/05 23:35:12 - [] RD -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/09/07 23:01:39 - [] D -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup =>PUP.Optional.AnyProtect
O43 - CFD: 2015/09/04 12:58:11 - [] D -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage =>PUP.Optional.ASPackage
O43 - CFD: 2013/08/22 12:36:32 - [] D -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/06/03 06:06:09 - [] D -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mu Invasion Season 6 Epi1
O43 - CFD: 2015/09/05 23:35:12 - [] RD -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2014/03/18 08:09:42 - [] RD -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2015/03/22 16:48:30 - [] D -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WindowsAndroid
O43 - CFD: 2014/07/07 13:07:38 - [] D -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

---\\ Últimos arquivos criados no Windows Prefetcher (7) - 25s
O45 - LFCP:[MD5.1F15B736DC5B7E8A2EA95EA81F91B3B2] 2015/09/07 23:24:10 A -- C:\Windows\Prefetch\ANYPROTECT.EXE-1996592C.pf =>PUP.Optional.AnyProtect
O45 - LFCP:[MD5.35221E842637E064BC8C0EE06632A727] 2015/09/04 12:51:43 A -- C:\Windows\Prefetch\BOBROWSER.EXE-CEE8FFB5.pf =>PUP.Optional.BoBrowser
O45 - LFCP:[MD5.71EDFEDF1BA780205B1467988F66A393] 2015/09/04 12:53:20 A -- C:\Windows\Prefetch\GLOBALUPDATE.EXE-FAFA2450.pf =>PUP.Optional.GlobalUpdate
O45 - LFCP:[MD5.C633A403FD75D637B814535A927A1FF0] 2015/09/04 13:00:33 A -- C:\Windows\Prefetch\PACKAGE_PCROSSBROWSER_INSTALL-6C9F09A0.pf =>PUP.Optional.CrossBrowser
O45 - LFCP:[MD5.863DE1C0CE7452AB52F2B125D626CE01] 2015/09/05 20:26:27 A -- C:\Windows\Prefetch\PREDM.TMP-9A360438.pf =>PUP.Optional.Downware
O45 - LFCP:[MD5.D637D86E43BE665ABD492D563B8FB20D] 2015/09/05 20:38:34 A -- C:\Windows\Prefetch\PREDM.TMP-B39B700A.pf =>PUP.Optional.Downware
O45 - LFCP:[MD5.7FB87DDD43AD25E61B6EB8FED3EFB826] 2015/09/07 17:14:32 A -- C:\Windows\Prefetch\SYSTWEAKASP.TMP-9DCAAC84.pf =>PUP.Optional.Systweak

---\\ Lista dos drivers do sistema (50) - 6s
O58 - SDL:2013/08/22 09:43:41 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys [108896] ©
O58 - SDL:2013/08/22 09:43:41 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\Windows\System32\drivers\adp80xx.sys [782176] ©
O58 - SDL:2013/08/22 09:43:41 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [79200] ©
O58 - SDL:2013/08/22 09:43:41 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [259424] ©
O58 - SDL:2013/08/22 09:43:40 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [25952] ©
O58 - SDL:2013/08/22 09:43:41 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [114016] ©
O58 - SDL:2015/09/05 20:20:26 A . (.AVAST Software - avast! HWID.) -- C:\Windows\System32\drivers\aswHwid.sys [28656] ©
O58 - SDL:2015/09/05 20:20:26 A . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\drivers\aswMonFlt.sys [90968] ©
O58 - SDL:2015/09/05 20:20:25 A . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\drivers\aswRdr2.sys [93528] ©
O58 - SDL:2015/09/05 20:20:26 A . (.AVAST Software - avast! Revert.) -- C:\Windows\System32\drivers\aswRvrt.sys [65224] ©
O58 - SDL:2015/09/05 22:52:22 A . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswsnx.sys [1048344] ©
O58 - SDL:2015/09/05 20:20:26 A . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\drivers\aswSP.sys [447944] ©
O58 - SDL:2015/09/05 20:20:26 A . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\drivers\aswStm.sys [150672] ©
O58 - SDL:2015/09/05 20:20:26 A . (.AVAST Software - avast! VM Monitor.) -- C:\Windows\System32\drivers\aswVmm.sys [274808] ©
O58 - SDL:2013/08/12 20:25:46 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\drivers\bcmfn2.sys [17624] ©
O58 - SDL:2013/08/22 09:43:41 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [531296] ©
O58 - SDL:2014/12/31 16:56:48 A . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\drivers\dtsoftbus01.sys [283064] ©
O58 - SDL:2013/08/22 09:43:45 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3357024] ©
O58 - SDL:2012/08/21 13:01:20 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys [33240] ©
O58 - SDL:2013/08/22 09:43:45 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [64352] ©
O58 - SDL:2013/07/30 15:47:35 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568] ©
O58 - SDL:2013/07/25 16:05:39 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320] ©
O58 - SDL:2013/08/09 21:39:30 A . (.Intel Corporation - Intel Rapid Storage Technology driver (inbo.) -- C:\Windows\System32\drivers\iaStorAV.sys [651248] ©
O58 - SDL:2013/08/22 09:43:45 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [412000] ©
O58 - SDL:2015/05/26 21:02:50 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [5375448] ©
O58 - SDL:2012/10/02 09:34:28 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys [342528] ©
O58 - SDL:2013/04/26 04:40:22 A . (.JMicron Technology Corporation - JMicron PCIe Flash Media Controller Driver.) -- C:\Windows\System32\drivers\jmcr.sys [176880]
O58 - SDL:2013/08/22 09:43:44 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [109408] ©
O58 - SDL:2013/08/22 09:43:45 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [93536] ©
O58 - SDL:2013/08/22 09:43:44 A . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas3.sys [81760] ©
O58 - SDL:2013/08/22 09:43:45 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys [82784] ©
O58 - SDL:2013/08/22 09:43:45 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [56672] ©
O58 - SDL:2013/08/22 09:43:45 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\megasr.sys [575840] ©
O58 - SDL:2013/08/22 09:43:49 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys [63840] ©
O58 - SDL:2015/01/16 17:22:32 A . (.Apple Inc. - Apple Mobile Device Ethernet.) -- C:\Windows\System32\drivers\netaapl64.sys [23040] ©
O58 - SDL:2013/06/18 11:46:02 A . (.JMicron Technology Corp. - JMicron NDIS6.30 Driver.) -- C:\Windows\System32\drivers\NETJME.sys [137728]
O58 - SDL:2013/08/22 09:43:31 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [150368] ©
O58 - SDL:2013/08/22 09:43:32 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [168288] ©
O58 - SDL:2014/02/18 17:43:42 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [3867224] ©
O58 - SDL:2014/01/10 07:08:56 A . (.Realtek Semiconductor Corporation - Realtek PCIE NDIS Driverr.) -- C:\Windows\System32\drivers\rtwlane.sys [3068120] ©
O58 - SDL:2013/08/22 12:35:09 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] ©
O58 - SDL:2015/06/04 03:33:50 A . (...) -- C:\Windows\System32\drivers\semav6msr64.sys [21984]
O58 - SDL:2013/08/22 09:43:31 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [44896] ©
O58 - SDL:2013/08/22 09:43:32 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [81760] ©
O58 - SDL:2013/08/22 09:43:32 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys [31072] ©
O58 - SDL:2013/08/22 09:40:24 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\drivers\tap0901.sys [40664] ©
O58 - SDL:2015/06/10 23:08:36 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\drivers\usbaapl64.sys [54784] ©
O58 - SDL:2013/08/22 09:43:34 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [19808] ©
O58 - SDL:2013/08/22 09:43:34 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [168800] ©
O58 - SDL:2013/08/22 09:43:34 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS [305504] ©

---\\ Últimos ficheiros alterados ou criados (Utilizador) (43) - 92s
O61 - LFC: 2015/09/08 00:05:34 A . (..) -- C:\Users\Usuario\AppData\Roaming\5.exe [1587531]
O61 - LFC: 2015/09/07 04:36:52 A . (.TODO: .) -- C:\Users\Usuario\AppData\Roaming\mystartsearch\UninstallManager.exe [375808] =>PUP.Optional.StartSearch
O61 - LFC: 2015/09/05 20:44:08 A . (..) -- C:\Users\Usuario\AppData\Local\opeline.exe [77312]
O61 - LFC: 2015/09/08 00:05:58 A . (.Alexander Roshal.) -- C:\Users\Usuario\AppData\Local\{8560CE30-E8DF-44C5-8EB3-21DF67860E6F}\Unrar.exe [309848]
O61 - LFC: 2015/09/06 01:22:55 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\Sqm\Manifest\Sqm10248.bin [269992]
O61 - LFC: 2015/09/07 12:56:08 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\cb369ad7b027b8588a356348424ef3c4[1].exe [85598]
O61 - LFC: 2015/09/04 12:48:28 A . (.C.L.A.R.A.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55[1].exe [152688] =>PUP.Optional.SupTab
O61 - LFC: 2015/09/07 12:56:22 A . (.CinePlus-1.44V07.09.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\setup[1].exe [13889904]
O61 - LFC: 2015/09/04 13:01:28 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\vlcDisN[1].exe [257184]
O61 - LFC: 2015/09/04 12:56:28 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\VOPackage[1].exe [1079196] =>PUP.Optional.Downware
O61 - LFC: 2015/09/06 23:27:20 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\W1[1].exe [1587531]
O61 - LFC: 2015/09/07 12:56:20 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\4bbda52393b575e64d530bd478a6717b[1].exe [59769]
O61 - LFC: 2015/09/07 23:03:12 A . (.AnyProtect.com.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\AnyProtect[1].exe [6434816] =>PUP.Optional.AnyProtect
O61 - LFC: 2015/09/04 12:47:51 A . (.ClaraLabs.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\bfc5086e-c794-4413-9b71-1f6565be7466[1].exe [926832] =>PUP.Optional.BoBrowser
O61 - LFC: 2015/09/05 20:13:23 A . (.YFFGH.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\Reimage[1].exe [284672] =>PUP.Optional.ReImageRepair
O61 - LFC: 2015/09/04 12:51:57 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\runasu[1].exe [479232]
O61 - LFC: 2015/09/07 22:58:33 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\setup_362[2].exe [254464]
O61 - LFC: 2015/09/07 12:54:26 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\tiwr[1].exe [82914]
O61 - LFC: 2015/09/07 23:00:33 A . (.Copyright 2013.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\Validate[1].exe [61981]
O61 - LFC: 2015/09/07 12:54:35 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\4ba4c7c85b016c4112353cb428af62e9[1].exe [67295]
O61 - LFC: 2015/09/06 23:02:51 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\4diXZO[1].exe [1628019]
O61 - LFC: 2015/09/05 23:27:42 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\bc595c310903369e50e3e112aefc06dc[1].exe [67786]
O61 - LFC: 2015/09/07 23:00:16 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\BiTool[1].dll [0]
O61 - LFC: 2015/09/07 22:58:11 A . (.WillLink.net.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\cmi_mystartsearch[1].exe [350328] =>PUP.Optional.StartSearch
O61 - LFC: 2015/09/07 22:58:15 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\df4a6a3ed77e60d6758afca091ca0c1f[1].exe [83223]
O61 - LFC: 2015/09/04 12:55:16 A . (.OperaChecker.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\OperaChecker25-6[1].exe [50225]
O61 - LFC: 2015/09/04 12:56:42 A . (.Optimal Software s.r.o..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\pcspeedup[1].exe [2889583]
O61 - LFC: 2015/09/07 17:13:08 A . (.systweak.com.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\rcpsetup_17970[1].exe [4445480]
O61 - LFC: 2015/09/05 20:13:55 A . (.MEIDX.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\Reimage[1].exe [112640] =>PUP.Optional.ReImageRepair
O61 - LFC: 2015/09/07 22:58:02 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\SearchUpdater[1].exe [124154]
O61 - LFC: 2015/09/07 23:00:11 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\smt[2].exe [211114]
O61 - LFC: 2015/09/05 23:27:00 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\8a919eab391df79420aa04a8eab4a225[1].exe [74207]
O61 - LFC: 2015/09/07 23:02:31 A . (.CMI Limited.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\AnyProtectSetup[2].exe [613255] =>PUP.Optional.AnyProtect
O61 - LFC: 2015/09/05 20:42:11 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\pdfconv[1].exe [2380368]
O61 - LFC: 2015/09/04 12:55:45 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\setup[1].exe [298960]
O61 - LFC: 2015/09/04 12:51:58 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\Update_Notifier[1].exe [514560]
O61 - LFC: 2015/09/07 00:15:19 A . (.Copyright 2013.) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\Validate[1].exe [61981]
O61 - LFC: 2015/09/07 23:00:34 A . (..) -- C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\VuuPC_VO2_8907[1].exe [228302] =>PUP.Optional.VuuPC
O61 - LFC: 2015/09/05 18:32:50 A . (..) -- C:\Users\Usuario\AppData\Local\mbot_br_014010080\Download\myoffergroup_br4.exe [4191432]
O61 - LFC: 2015/09/02 04:08:21 A . (..) -- C:\Users\Usuario\AppData\Local\macasoft\ntsvc.exe [109440]
O61 - LFC: 2015/09/08 01:05:00 A . (..) -- C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [674082]
O61 - LFC: 2015/09/04 12:51:57 A . (..) -- C:\Users\Usuario\AppData\Local\57F31BB0-1441371115-11E2-8047-874860FC3600\rnsmC3B5.exe [479232]
O61 - LFC: 2015/09/04 12:51:59 A . (..) -- C:\Users\Usuario\AppData\Local\57F31BB0-1441371115-11E2-8047-874860FC3600\Uninstall.exe [51745]

---\\ Associações Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe ©
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos.) -- C:\Windows\System32\eventvwr.exe ©
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ©
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe ©
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe ©
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S

---\\ Menu de inicialização Internet (12) - 1s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.mystartsearch.com/ ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/ ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- iexplore.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe ©

---\\ Pesquisa de infeção nos navegadores da Internet (15) - 1s
O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.newtab.url", "http://www.mystartsearch.com/newtab/?type=nt&ts=1441677446&z=c166da768c5193ed39bc5fdg7z3zdg7qdm3m[...] =>PUP.Optional.StartSearch
O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.alias", "mystartsearch"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.iconURL", "http://www.mystartsearch.com/favicon.ico"); =>PUP.Optional.StartSearch
O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.name", "mystartsearch"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.ptid", "cmi"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.uid", "ST500LM012XHN-M500MBB_S2ZYJ9BF301169"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.search.searchengine.url", "http://www.mystartsearch.com/web/?type=ds&ts=1441677446&z=c166da768c5193ed39bc5fdg7z[...] =>PUP.Optional.StartSearch
O69 - SBI: prefs.js [Usuario - wy9su83x.default] user_pref("browser.startup.homepage", "http://www.mystartsearch.com/?type=hp&ts=1441641290&z=f89b18f6eb51cea9abf9b51gezbz7g8qez0g9[...] =>PUP.Optional.StartSearch
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Search Provided by Yahoo) - http://br.yhs4.search.yahoo.com/ =>PUP.Optional.Browser
O69 - SBI: SearchScopes [HKCU] {2f23ab71-4ac6-41f2-a955-ea576e553146} - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {86c83f9e-48a4-4cd2-a763-64fea5df35f7} - (Baixaki) - http://br.yhs4.search.yahoo.com/ =>PUP.Optional.Browser
O69 - SBI: SearchScopes [HKCU] {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} - (Yahoo! (Avast)) - http://br.yhs4.search.yahoo.com/ =>PUP.Optional.Browser
O69 - SBI: SearchScopes [HKCU] {9B7E7224-E90A-4DDC-BAB5-3E1BA9B10F1E} - (Yahoo) - http://search.yahoo.com/
O69 - SBI: SearchScopes [HKCU] {9CB96984-43C3-4D44-90EF-01466EFCF7BB} - (Search Provided by Yahoo) - http://br.yhs4.search.yahoo.com/ =>PUP.Optional.Browser

---\\ Listagem dos serviços iniciados pelo Svchost (36) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\Windows\System32\aelupsvc.dll [208896] ©
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\Windows\System32\certprop.dll [155136] ©
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\Windows\System32\certprop.dll [155136] ©
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\Windows\system32\srvsvc.dll [324608] ©
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Política de Grupo.) -- C:\Windows\System32\gpsvc.dll [1311744] ©
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\System32\ikeext.dll [1104384] ©
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em u.) -- C:\Windows\System32\iphlpsvc.dll [903168] ©
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\Windows\system32\seclogon.dll [30720] ©
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\Windows\System32\appinfo.dll [109568] ©
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\Windows\system32\iscsiexe.dll [150528] ©
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\Windows\System32\eapsvc.dll [107008] ©
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\Windows\system32\schedsvc.dll [1214976] ©
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [220672] ©
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço Agendador de Classes de Multimídia.) -- C:\Windows\system32\mmcss.dll [70656] ©
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\Windows\System32\browser.dll [134144] ©
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [220160] ©
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho.) -- C:\Windows\System32\SessEnv.dll [326656] ©
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\Windows\System32\wercplsupport.dll [81408] ©
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\Windows\system32\kmsvc.dll [97792] ©
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\Windows\System32\bdesvc.dll [339456] ©
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Serviço de Estrutura de Localização do Wind.) -- C:\Windows\System32\GeofenceMonitorService.dll [491520] ©
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Serviço Conta da Microsoft®.) -- C:\Windows\system32\wlidsvc.dll [1576960] ©
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\Windows\system32\themeservice.dll [50688] ©
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gerenciador de Instalação de Dispositivo.) -- C:\Windows\System32\DeviceSetupManager.dll [201728] ©
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Serviço Assistente de Conectividade de Rede.) -- C:\Windows\System32\ncasvc.dll [164352] ©
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acess.) -- C:\Windows\System32\rasauto.dll [101376] ©
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\Windows\System32\rasmans.dll [534528] ©
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll [223744] ©
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistem.) -- C:\Windows\System32\sens.dll [71680] ©
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\Windows\System32\ipnathlp.dll [433664] ©
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft(R) Windo.) -- C:\Windows\System32\tapisrv.dll [306688] ©
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [3408384] ©
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de tel.) -- C:\Windows\System32\qmgr.dll [1017856] ©
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [629760] ©
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Serviço de instalação do software.) -- C:\Windows\System32\appmgmts.dll [183296] ©
O83 - Search Svchost Services: MsKeyboardFilter (MsKeyboardFilter) . (.Microsoft Corporation - SvcHost Service for Microsoft Keyboard Filt.) -- C:\Windows\System32\KeyboardFilterSvc.dll [90464] ©

---\\ Lista das exceções do FireWall (FirewallRules) (37) - 8s
O87 - FAEL: "{E1BD2A40-E2F6-48C6-AD02-8805BA0903F2}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\KMSELDI.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{210D7DAE-88DC-481D-B7CC-7C61048BEE39}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\KMSELDI.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{4814FCF4-5096-4833-8EEC-2D5C29A4DE17}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{4C6C616A-271E-4712-BE9E-4B8A64F387CD}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{9A267A55-90BA-401E-AF47-1945D175F233}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\Service_KMS.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{7F1E6C94-F340-4C5D-BED1-E580ACA0C93B}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\Service_KMS.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{74EF8B76-583A-4A14-A4E2-8D824C30D57C}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\Service_KMS.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{F7774D6D-28F3-4781-8C3C-739B3B3D2AEF}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\Service_KMS.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{43121148-DD49-4804-B7E5-C719A8035EAA}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{F7AA6F13-24C2-401C-9F9D-B0A5AF20A410}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{A5F6F663-0C61-4ADD-8673-908455629424}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (.not file.)
O87 - FAEL: "{1A800430-B91B-4B6E-8B1D-75E922A08A68}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (.not file.)
O87 - FAEL: "{F99ACA02-C991-405A-8D86-64C141263A2B}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (.not file.)
O87 - FAEL: "{2B7F5B03-057B-4E7B-B19C-DB7B06D2E4D3}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (.not file.)
O87 - FAEL: "TCP Query User{3A6FA88F-05D0-4510-9195-A31F15627317}C:\program files (x86)\ares\ares.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\ares\ares.exe (.not file.)
O87 - FAEL: "UDP Query User{F1D1E0BF-D43E-427B-89D4-6540A772DEB5}C:\program files (x86)\ares\ares.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\ares\ares.exe (.not file.)
O87 - FAEL: "TCP Query User{DB08F5CE-7CF0-4C9F-97FF-664B3D6DEC11}C:\program files (x86)\ares\ares.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\ares\ares.exe (.not file.)
O87 - FAEL: "UDP Query User{5B3B67C0-97E6-43FE-A879-4D37DC8333BC}C:\program files (x86)\ares\ares.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\ares\ares.exe (.not file.)
O87 - FAEL: "{3E681E18-277A-40C1-A4BA-B75FEEAACC91}" [In-None-P6-TRUE] .(...) -- C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe (.not file.)
O87 - FAEL: "{578000EB-97D7-4048-8A3F-930CF8FC9152}" [In-None-P17-TRUE] .(...) -- C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe (.not file.)
O87 - FAEL: "{A16C3730-7DA6-4B45-A73D-9B08F267E6A8}" [In-None-P17-TRUE] .(...) -- C:\Users\Usuario\AppData\Local\Chromium\Application\chrome.exe (.not file.)
O87 - FAEL: "{257D6602-4544-4CFF-BBF7-727797B61911}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Hola\app\hola_updater.exe (.not file.)
O87 - FAEL: "{48A77A51-0A68-42E5-9F61-CFEFF06EC89C}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Hola\app\hola_updater.exe (.not file.)
O87 - FAEL: "{B5C4D06D-7F12-4EE6-B34F-C07F8C908109}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Hola\app\hola_svc.exe (.not file.)
O87 - FAEL: "{430C7100-78AE-41EE-9D72-2E51D1EACEDB}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Hola\app\hola_svc.exe (.not file.)
O87 - FAEL: "{67C7A295-EBF6-4059-93BC-00A2F399CE1F}" [In-None-P6-TRUE] .(...) -- C:\Users\Usuario\AppData\Local\Hola\firefox_hola\app\hola_plugin.exe (.not file.)
O87 - FAEL: "{EF7DD9D1-81AF-4FD4-A932-330FDAFD3A00}" [In-None-P17-TRUE] .(...) -- C:\Users\Usuario\AppData\Local\Hola\firefox_hola\app\hola_plugin.exe (.not file.)
O87 - FAEL: "TCP Query User{AF42ED1A-3D18-43C9-AC9D-D18E71D9E4CA}C:\program files (x86)\electronic arts\eadm\core.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\electronic arts\eadm\core.exe (.not file.)
O87 - FAEL: "UDP Query User{B59305B2-5B2E-4CEB-96AE-ED593DEDF0F8}C:\program files (x86)\electronic arts\eadm\core.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\electronic arts\eadm\core.exe (.not file.)
O87 - FAEL: "{D2B90792-A79F-48C8-AD7C-F0DB8930377B}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{2F45F081-A080-4EF7-9488-9DA287CD30BA}" [Out-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{1EEC1E25-6F12-46D6-ADF2-528F3F13C3D7}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{EA10A06B-493F-45C2-8510-498486DA31DA}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{11F60FB4-C41B-4157-8833-FF5AD674AA2B}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{62323EE3-D449-4B28-AAD7-5DF38B19E086}" [Out-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "TCP Query User{0C6489BA-5BB8-4491-878F-2161790978D3}C:\program files (x86)\electronic arts\eadm\core.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\electronic arts\eadm\core.exe (.not file.)
O87 - FAEL: "UDP Query User{36096AC1-D582-43A2-81B7-0582EBB890E7}C:\program files (x86)\electronic arts\eadm\core.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\electronic arts\eadm\core.exe (.not file.)

---\\ Serviços não Microsoft (SR=Executados, SS=Parados) (29) - 74s

SR - Auto [2014/12/03 03:31:16] [ 81088] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe ©
SR - Auto [2015/05/29 18:51:26] [ 77128] Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe ©
SR - Auto [2015/09/05 20:20:12] [ 146600] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe ©
SR - Auto [2011/08/30 23:05:32] [ 462184] Serviço do Bonjour (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe ©
SR - Auto [2015/09/07 13:12:18] [ 721920] Compatible Cut (cikepiqu) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsvAEFA.tmp =>PUP.Optional.CrossRider
SS - Demand [2015/06/04 22:21:38] [ 280680] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe ©
SR - Auto [2015/07/16 05:52:52] [ 413848] Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese.) - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
SR - Auto [2015/08/12 18:25:54] [ 587576] Gbp Service (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SS - Auto [2015/09/05 20:43:50] [ 120832] Kerning Down (gopibeko) . (...) - C:\Users\Usuario\AppData\Local\57F31BB0-1441371115-11E2-8047-874860FC3600\snsmC3B4.tmp =>PUP.Optional.CrossRider
SR - Auto [2015/09/07 16:52:32] [ 721920] Click Hyphen (goxezecy) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsgB391.tmp =>PUP.Optional.CrossRider
SS - Auto [2015/08/29 00:35:06] [ 144200] Serviço do Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
SS - Demand [2015/08/29 00:35:06] [ 144200] Serviço do Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
SS - Demand [2012/04/24 14:37:56] [ 169752] Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe ©
SR - Demand [2015/08/13 02:43:14] [ 644880] iPod Service (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe ©
SS - Auto [2015/09/05 20:43:52] [ 227328] Cool Barcode (jimocoso) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\jnse252F.tmp =>PUP.Optional.CrossRider
SS - Disabled [2015/06/04 15:40:20] [ 148080] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe ©
SR - Auto [2014/07/15 08:46:00] [ 786256] Nero Update (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe ©
SS - Auto [2015/09/05 20:43:57] [ 379904] NixSrv Service (NixSrv) . (...) - C:\Program Files\NixSrv\NixSrv.exe =>PUP.Optional.Amonetize
SS - Auto [2015/06/03 16:42:38] [ 327296] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe ©
SR - Auto [2015/09/07 22:58:18] [ 411648] SSFK (SSFK) . (.TODO: <公司名>.) - C:\Program Files (x86)\SFK\SSFK.exe =>PUP.Optional.MyWebSearch
SR - Auto [2015/07/16 05:45:02] [ 105112] Intel(R) System Usage Report Service SystemUsageReportSvc_W (SystemUsageReportSvc_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese.) - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
SR - Auto [2015/08/07 03:30:32] [ 5611280] TeamViewer 10 (TeamViewer) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ©
SR - Auto [2015/04/23 06:52:54] [ 76264] TheDesktopWeatherService (TheDesktopWeatherService) . (.Copyright (C) 2015.) - C:\Program Files (x86)\WeatherTool\1.2.0.9153\WeatherService.exe
SS - Auto [2015/09/05 20:44:02] [ 137728] Delete Exit (totyseku) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\hnsd3C24.tmp =>PUP.Optional.CrossRider
SS - Auto [2015/09/05 20:44:08] [ 77312] Strongdex (updaie) . (...) - C:\Users\Usuario\AppData\Local\opeline.exe
SS - Demand [2015/07/16 05:52:52] [ 413848] User Energy Server Service WILLAMETTE (USER_ESRV_SVC_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese.) - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
SR - Auto [2015/09/07 22:58:12] [ 709288] WdsManPro Service (WdsManPro) . (.DTools LIMITED.) - C:\ProgramData\5WdsManPro5\WdsManPro.exe =>PUP.Optional.WpManager
SR - Auto [2015/09/06 16:32:50] [ 663040] Protocol Space Bar (wimikimo) . (...) - C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knss9343.tmp =>PUP.Optional.CrossRider

---\\ Claves Tracing (2) - 4s
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32 =>PUP.Optional.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS =>PUP.Optional.Wajam

---\\ Scâner Aditional (134) - 0s
C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsvAEFA.tmp =>PUP.Optional.CrossRider
C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knsgB391.tmp =>PUP.Optional.CrossRider
C:\ProgramData\5WdsManPro5\WdsManPro.exe =>PUP.Optional.WdsManPro
C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\knss9343.tmp =>PUP.Optional.CrossRider
C:\Program Files (x86)\ShopperPro\ShopperPro.exe =>PUP.Optional.ShopperPro
C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\searchplugins\search-provided-by-yahoo.xml =>PUP.Optional.BDYahoo
C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\searchplugins\yahoo-search.xml =>PUP.Optional.BDYahoo
C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\deskCutv2@gmail.com =>PUP.Optional.LightningNewTab
C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\wy9su83x.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} =>PUP.Optional.Goobzo
C:\ProgramData\ShopperPro\ShopperPro64.dll =>PUP.Optional.ShopperPro
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} =>PUP.Optional.ShopperPro
HKLM\SYSTEM\CurrentControlSet\Services\cikepiqu =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\gopibeko =>PUP.Optional.CrossRider
C:\Users\Usuario\AppData\Local\57F31BB0-1441371115-11E2-8047-874860FC3600\snsmC3B4.tmp =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\goxezecy =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\jimocoso =>PUP.Optional.CrossRider
C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\jnse252F.tmp =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\KMService =>PUP.Optional.Office
HKLM\SYSTEM\CurrentControlSet\Services\NixSrv =>PUP.Optional.Amonetize
C:\Program Files\NixSrv\NixSrv.exe =>PUP.Optional.Amonetize
HKLM\SYSTEM\CurrentControlSet\Services\SSFK =>PUP.Optional.MyWebSearch
C:\Program Files (x86)\SFK\SSFK.exe =>PUP.Optional.MyWebSearch
HKLM\SYSTEM\CurrentControlSet\Services\totyseku =>PUP.Optional.CrossRider
C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600\hnsd3C24.tmp =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\Util Steel Cut =>PUP.Optional.SteelCut*
HKLM\SYSTEM\CurrentControlSet\Services\WdsManPro =>PUP.Optional.WpManager
C:\ProgramData\5WdsManPro5\WdsManPro.exe =>PUP.Optional.WpManager
HKLM\SYSTEM\CurrentControlSet\Services\wimikimo =>PUP.Optional.CrossRider
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebProtectorPlus =>PUP.Optional.WebProtector
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect =>PUP.Optional.AnyProtect
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LiveUpdateWPP =>PUP.Optional.WebProtector
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\mystartsearch uninstall =>PUP.Optional.StartSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WebProtector =>PUP.Optional.WebProtector
HKLM\SOFTWARE\Wow6432Node\ArenaHD =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Clara =>PUP.Optional.SupTab
HKLM\SOFTWARE\Wow6432Node\Crossbrowse =>PUP.Optional.CrossBrowse
HKLM\SOFTWARE\Wow6432Node\downchecker =>PUP.Optional.DownChecker
HKLM\SOFTWARE\Wow6432Node\FFPluginHp =>PUP.Optional.SweetSearch
HKLM\SOFTWARE\Wow6432Node\GlobalUpdate =>PUP.Optional.GlobalUpdate
HKLM\SOFTWARE\Wow6432Node\HighDefAction =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKLM\SOFTWARE\Wow6432Node\LiveUpdateWPP =>PUP.Optional.WebProtector
HKLM\SOFTWARE\Wow6432Node\MYBESTOFFERSTODAY =>PUP.Optional.MyBestOffersToday
HKLM\SOFTWARE\Wow6432Node\mystartsearchSoftware =>PUP.Optional.StartSearch
HKLM\SOFTWARE\Wow6432Node\ShopperPro =>PUP.Optional.ShopperPro
HKLM\SOFTWARE\Wow6432Node\sweet-pageSoftware =>PUP.Optional.SweetPage
HKLM\SOFTWARE\Wow6432Node\Systweak =>PUP.Optional.Systweak
HKLM\SOFTWARE\Wow6432Node\TermBlazer_1.10.0.16 =>PUP.Optional.TermBlazer
HKLM\SOFTWARE\Wow6432Node\TermCoach_1.10.0.24 =>PUP.Optional.TermCoach
HKLM\SOFTWARE\Wow6432Node\Torch =>PUP.Optional.Torch
HKLM\SOFTWARE\Wow6432Node\Tutorials =>PUP.Optional.AgenceExclusive
HKLM\SOFTWARE\Wow6432Node\WdsManPro =>PUP.Optional.WdsManPro
HKLM\SOFTWARE\Wow6432Node\WebProtector =>PUP.Optional.BProtector
HKLM\SOFTWARE\Wow6432Node\webssearchesSoftware =>PUP.Optional.WebsSearches
HKLM\SOFTWARE\Wow6432Node\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AnyProtect =>PUP.Optional.AnyProtect
HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider
HKCU\SOFTWARE\BoBrowser =>PUP.Optional.BoBrowser
HKCU\SOFTWARE\CinemaPlus_1.3dV28.08-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse
HKCU\SOFTWARE\CrossBrowser =>PUP.Optional.CrossBrowser
HKCU\SOFTWARE\Gameo =>PUP.Optional.Gameo
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider
HKCU\SOFTWARE\I - Cinema-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKCU\SOFTWARE\mybestofferstoday =>PUP.Optional.MyBestOffersToday
HKCU\SOFTWARE\MyBrowser 1.0.2V05.09-nv-ie =>PUP.Optional.MyBrowser
HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore
HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic
HKCU\SOFTWARE\systweak =>PUP.Optional.Systweak
HKCU\SOFTWARE\Torch =>PUP.Optional.Torch
HKCU\SOFTWARE\Tutorials =>PUP.Optional.AgenceExclusive
HKCU\SOFTWARE\TutoTag =>PUP.Optional.AgenceExclusive
HKCU\SOFTWARE\Vonteera Safe ads =>Trojan.Vonteera
HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\DynConIE =>PUP.Optional.DynConIE
C:\Program Files (x86)\57F31BB0-1441381863-11E2-8047-874860FC3600 =>PUP.Optional.CrossRider
C:\Program Files (x86)\57F31BB0-1441382290-11E2-8047-874860FC3600 =>PUP.Optional.CrossRider
C:\Program Files (x86)\AnyProtectEx =>PUP.Optional.AnyProtect
C:\Program Files (x86)\bestadblocker =>PUP.Optional.Adblocker
C:\Program Files (x86)\globalUpdate =>PUP.Optional.GlobalUpdate
C:\Program Files (x86)\LiveUpdateWPP =>PUP.Optional.WebProtector
C:\Program Files (x86)\predm =>PUP.Optional.Downware
C:\Program Files (x86)\PriceMinuS =>PUP.Optional.Multiplug
C:\Program Files (x86)\SFK =>PUP.Optional.MyWebSearch
C:\Program Files (x86)\ShopperPro =>PUP.Optional.ShopperPro
C:\Program Files (x86)\SiteLookup =>PUP.Optional.SiteLookup
C:\Program Files (x86)\WebProtector =>PUP.Optional.WebProtect
C:\Program Files (x86)\WebProtectorPlus =>PUP.Optional.WebProtect
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY =>PUP.Optional.MyBestOffersToday
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Web Protector Plus =>PUP.Optional.WebProtector
C:\ProgramData\3WdsManPro3 =>PUP.Optional.WdsManPro
C:\ProgramData\5WdsManPro5 =>PUP.Optional.WdsManPro
C:\ProgramData\Browser =>PUP.Optional.SpeedBrowser
C:\ProgramData\iWdsManProi =>PUP.Optional.WdsManPro
C:\ProgramData\MWdsManProM =>PUP.Optional.WdsManPro
C:\ProgramData\rWdsManPror =>PUP.Optional.WdsManPro
C:\ProgramData\ShopperPro =>PUP.Optional.ShopperPro
C:\Users\Usuario\AppData\Roaming\AnyProtectEx =>PUP.Optional.AnyProtect
C:\Users\Usuario\AppData\Roaming\ASPackage =>PUP.Optional.ASPackage
C:\Users\Usuario\AppData\Roaming\mystartsearch =>PUP.Optional.StartSearch
C:\Users\Usuario\AppData\Roaming\OpenCandy =>PUP.Optional.OpenCandy
C:\Users\Usuario\AppData\Roaming\SimilarAddon =>PUP.Optional.SimilarAddon
C:\Users\Usuario\AppData\Roaming\sweet-page =>PUP.Optional.SweetPage
C:\Users\Usuario\AppData\Roaming\systweak =>PUP.Optional.Systweak
C:\Users\Usuario\AppData\Local\BrowserHelper =>PUP.Optional.BrowserHelper
C:\Users\Usuario\AppData\Local\CrashRpt =>.Superfluous.CrashReports
C:\Users\Usuario\AppData\Local\Gameo =>PUP.Optional.Gameo
C:\Users\Usuario\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate
C:\Users\Usuario\AppData\Local\Installer =>PUP.Optional.InstallPedia
C:\Users\Usuario\AppData\Local\Torch =>PUP.Optional.Torch
C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup =>PUP.Optional.AnyProtect
C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage =>PUP.Optional.ASPackage
C:\Windows\Prefetch\ANYPROTECT.EXE-1996592C.pf =>PUP.Optional.AnyProtect
C:\Windows\Prefetch\BOBROWSER.EXE-CEE8FFB5.pf =>PUP.Optional.BoBrowser
C:\Windows\Prefetch\GLOBALUPDATE.EXE-FAFA2450.pf =>PUP.Optional.GlobalUpdate
C:\Windows\Prefetch\PACKAGE_PCROSSBROWSER_INSTALL-6C9F09A0.pf =>PUP.Optional.CrossBrowser
C:\Windows\Prefetch\PREDM.TMP-9A360438.pf =>PUP.Optional.Downware
C:\Windows\Prefetch\PREDM.TMP-B39B700A.pf =>PUP.Optional.Downware
C:\Windows\Prefetch\SYSTWEAKASP.TMP-9DCAAC84.pf =>PUP.Optional.Systweak
C:\Users\Usuario\AppData\Roaming\mystartsearch\UninstallManager.exe =>PUP.Optional.StartSearch
C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55[1].exe =>PUP.Optional.SupTab
C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\VMPGX4CU\VOPackage[1].exe =>PUP.Optional.Downware
C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\AnyProtect[1].exe =>PUP.Optional.AnyProtect
C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\bfc5086e-c794-4413-9b71-1f6565be7466[1].exe =>PUP.Optional.BoBrowser
C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\OZ1178LO\Reimage[1].exe =>PUP.Optional.ReImageRepair
C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\cmi_mystartsearch[1].exe =>PUP.Optional.StartSearch
C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\6TQBE0K1\Reimage[1].exe =>PUP.Optional.ReImageRepair
C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\AnyProtectSetup[2].exe =>PUP.Optional.AnyProtect
C:\Users\Usuario\AppData\Local\Microsoft\Windows\INetCache\IE\35YVWHYB\VuuPC_VO2_8907[1].exe =>PUP.Optional.VuuPC
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32 =>PUP.Optional.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS =>PUP.Optional.Wajam

---\\ Resumo dos elementos encontrados na sua estação de trabalho (56) - 0s
http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/blog =>PUP.Optional.WdsManPro
http://www.nicolascoolman.fr/pup-shopperpro/ =>PUP.Optional.ShopperPro
http://www.nicolascoolman.fr/pup-optional-startsearch/ =>PUP.Optional.StartSearch
http://www.nicolascoolman.fr/blog =>PUP.Optional.BDYahoo
http://www.nicolascoolman.fr/blog =>PUP.Optional.LightningNewTab
http://www.nicolascoolman.fr/pup-goobzo/ =>PUP.Optional.Goobzo
http://www.nicolascoolman.fr/pup-globalupdate/ =>PUP.Optional.GlobalUpdate
http://www.nicolascoolman.fr/blog =>PUP.Optional.BoBrowser
http://www.nicolascoolman.fr/pup-ytdownloader/ =>PUP.Optional.YTDownloader
http://www.nicolascoolman.fr/pup-anyprotect/ =>PUP.Optional.AnyProtect
http://www.nicolascoolman.fr/hijacker-office/ =>PUP.Optional.Office
http://www.nicolascoolman.fr/pup-amonetize/ =>PUP.Optional.Amonetize
http://www.nicolascoolman.fr/adware-mywebsearch/ =>PUP.Optional.MyWebSearch
http://www.nicolascoolman.fr/blog =>PUP.Optional.SteelCut*
http://www.nicolascoolman.fr/pup-wpmanager/ =>PUP.Optional.WpManager
http://www.nicolascoolman.fr/blog =>PUP.Optional.WebProtector
http://www.nicolascoolman.fr/pup-suptab/ =>PUP.Optional.SupTab
http://www.nicolascoolman.fr/blog =>PUP.Optional.CrossBrowse
http://www.nicolascoolman.fr/blog =>PUP.Optional.DownChecker
http://www.nicolascoolman.fr/blog =>PUP.Optional.SweetSearch
http://www.nicolascoolman.fr/blog =>PUP.Optional.BrowserExtensions
http://www.nicolascoolman.fr/blog =>PUP.Optional.MyBestOffersToday
http://www.nicolascoolman.fr/pup-sweetpage/ =>PUP.Optional.SweetPage
http://www.nicolascoolman.fr/pup-systweak/ =>PUP.Optional.Systweak
http://www.nicolascoolman.fr/pup-termBlazer/ =>PUP.Optional.TermBlazer
http://www.nicolascoolman.fr/pup-optional-termcoach =>PUP.Optional.TermCoach
http://www.nicolascoolman.fr/blog =>PUP.Optional.Torch
http://www.nicolascoolman.fr/spyware-agenceexclusive/ =>PUP.Optional.AgenceExclusive
http://www.nicolascoolman.fr/pup-bprotector/ =>PUP.Optional.BProtector
http://www.nicolascoolman.fr/hijacker-webssearches/ =>PUP.Optional.WebsSearches
http://www.nicolascoolman.fr/blog =>PUP.Optional.CrossBrowser
http://www.nicolascoolman.fr/blog =>PUP.Optional.Gameo
http://www.nicolascoolman.fr/blog =>PUP.Optional.MyBrowser
http://www.nicolascoolman.fr/adware-installcore/ =>Adware.InstallCore
http://www.nicolascoolman.fr/blog =>PUP.Optional.Softonic
http://www.nicolascoolman.fr/trojan-vonteera/ =>Trojan.Vonteera
http://www.nicolascoolman.fr/blog =>PUP.Optional.DynConIE
http://www.nicolascoolman.fr/blog =>PUP.Optional.Adblocker
http://www.nicolascoolman.fr/adware-downware/ =>PUP.Optional.Downware
http://www.nicolascoolman.fr/pup-mutiplug/ =>PUP.Optional.Multiplug
http://www.nicolascoolman.fr/blog =>PUP.Optional.SiteLookup
http://www.nicolascoolman.fr/blog =>PUP.Optional.WebProtect
http://www.nicolascoolman.fr/blog =>PUP.Optional.SpeedBrowser
http://www.nicolascoolman.fr/blog =>PUP.Optional.ASPackage
http://www.nicolascoolman.fr/adware-opencandy/ =>PUP.Optional.OpenCandy
http://www.nicolascoolman.fr/blog =>PUP.Optional.SimilarAddon
http://www.nicolascoolman.fr/blog =>PUP.Optional.BrowserHelper
http://www.nicolascoolman.fr/blog =>.Superfluous.CrashReports
http://www.nicolascoolman.fr/adware-installpedia/ =>PUP.Optional.InstallPedia
http://www.nicolascoolman.fr/rogue-reimagerepair/ =>PUP.Optional.ReImageRepair
http://www.nicolascoolman.fr/pup-vuupc/ =>PUP.Optional.VuuPC
http://www.nicolascoolman.fr/blog =>PUP.Optional.SearchEngine
http://www.nicolascoolman.fr/hijacker-browsers/ =>PUP.Optional.Browser
http://www.nicolascoolman.fr/pup-kmspico/ =>HackTool.KMSpico
http://www.nicolascoolman.fr/pup-wajam/ =>PUP.Optional.Wajam

~ End of the scan, 20432 items in 342 seconds (1210)(0)()

Publicité


Signaler le contenu de ce document

Publicité