cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão:05-12-2015
Executado por Natalia (administrador) em NATALIA-PC (08-12-2015 21:52:34)
Executando a partir de C:\Users\Natalia\Downloads
Perfis Carregados: Natalia (Perfis Disponíveis: Natalia & Convidado)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeSvc2.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(TODO: <公司名>) C:\ProgramData\upgsvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\Elex-tech\YAC\iDesk.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\ProgramData\WindowsMsg\osmsg.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Skillbrains) C:\Program Files\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
(Sony Creative Software Inc.) C:\Program Files\Sony\Vegas Pro 11.0\vegas110.exe
(Sony Creative Software Inc.) C:\Program Files\Sony\Vegas Pro 11.0\ErrorReportLauncher.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-11] (Avast Software s.r.o.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [rec_en_77] => [X]
HKLM\...\Run: [ospd_us_013010123] => [X]
HKLM\...\Run: [mbot_br_014010123] => [X]
HKLM\...\Run: [dply_en_036020129] => [X]
HKLM\...\Run: [HomePageHelper] => c:\programdata\homepage.exe [1100288 2015-11-25] ()
HKLM\...\Run: [LightGate] => c:\programdata\lightgate.exe [1081344 2015-12-04] ()
HKU\S-1-5-21-4059545775-3362581037-2508284383-1000\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [2920448 2015-12-02] ()
HKU\S-1-5-21-4059545775-3362581037-2508284383-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4059545775-3362581037-2508284383-1000\...\MountPoints2: {a7098d17-886a-11e5-9151-80ee7339bea9} - F:\LGAutoRun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2015-06-08] (Microsoft Corporation)
IFEO\DatamngrCoordinator.exe: [Debugger]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-06-11] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => Nenhum Arquivo
Startup: C:\Users\Convidado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.HTML [2015-03-31] ()
Startup: C:\Users\Convidado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.PNG [2015-03-31] ()
Startup: C:\Users\Convidado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.TXT [2015-03-31] ()
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

ProxyEnable: [.DEFAULT] => Proxy está habilitado.
ProxyServer: [.DEFAULT] => http=127.0.0.1:60304;https=127.0.0.1:60304;
AutoConfigURL: [.DEFAULT] => http=127.0.0.1:60304;https=127.0.0.1:60304;
Tcpip\..\Interfaces\{FED12B9F-8598-4DAA-9BFF-30F5901318E6}: [NameServer] 186.227.184.2 8.8.8.8

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKU\S-1-5-21-4059545775-3362581037-2508284383-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130902972889931433&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130902972889941434&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-21-4059545775-3362581037-2508284383-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://br.yhs4.search.yahoo.com/yhs/search?hspart=baixaki&hsimp=yhs-baixaki_br_solimba_01&p={searchTerms}
HKU\S-1-5-21-4059545775-3362581037-2508284383-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.baixaki.com.br/portal/?utm_source=newportalhomesl&utm_medium=partners
HKU\S-1-5-21-4059545775-3362581037-2508284383-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130902972889951435&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-21-4059545775-3362581037-2508284383-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://uportal.upcleaner.net/
URLSearchHook: HKLM -> Padrão = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM -> DefaultScope valor está ausente
SearchScopes: HKLM -> OldSearch URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQpdBQhCGFcVbQFaWVpcFVATIRRZUAsQDAcbIw8KWAtHFlFCIx9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs=&q={searchTerms}
SearchScopes: HKLM -> {86c83f9e-48a4-4cd2-a763-64fea5df35f7} URL = hxxp://br.yhs4.search.yahoo.com/yhs/search?hspart=baixaki&hsimp=yhs-baixaki_br_installcore_01&type=p&p={searchTerms}
SearchScopes: HKLM -> {FDC320A9-B4B2-491E-B140-815C11613CB6} URL = hxxp://search.yahoo.com/search?p={searchTerms}
SearchScopes: HKU\S-1-5-21-4059545775-3362581037-2508284383-1000 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4059545775-3362581037-2508284383-1000 -> OldSearch URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4059545775-3362581037-2508284383-1000 -> Web URL = hxxp://br.yhs4.search.yahoo.com/yhs/search?hspart=baixaki&hsimp=yhs-baixaki_br_solimba_01&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4059545775-3362581037-2508284383-1000 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4059545775-3362581037-2508284383-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4059545775-3362581037-2508284383-1000 -> {86c83f9e-48a4-4cd2-a763-64fea5df35f7} URL = hxxp://br.yhs4.search.yahoo.com/yhs/search?hspart=baixaki&hsimp=yhs-baixaki_br_installcore_01&type=p&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4059545775-3362581037-2508284383-1000 -> {9AE82C95-88BB-40C7-923F-6C5632A1FD18} URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-dd__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4059545775-3362581037-2508284383-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL =
SearchScopes: HKU\S-1-5-21-4059545775-3362581037-2508284383-1000 -> {FDC320A9-B4B2-491E-B140-815C11613CB6} URL = hxxp://search.yahoo.com/search?p={searchTerms}
BHO: Oasis Space 1.0.0.7 -> {567dbf58-4713-45f4-a623-e7b41f898209} -> C:\Program Files\Oasis Space\OasisSpacebho.dll => Nenhum Arquivo
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-19] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-11] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-19] (Oracle Corporation)
BHO: Sem Nome -> {e95bd6c5-5a83-42a4-8ba7-0c45016bbc51} -> Nenhum Arquivo
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-4059545775-3362581037-2508284383-1000 -> hxxp://uportal.upcleaner.net/

FireFox:
========
FF ProfilePath: C:\Users\Natalia\AppData\Roaming\Mozilla\Firefox\Profiles\j5v0h3me.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-29] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-19] (Oracle Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @omaha.maxiget.com/Maxiget Updater;version=3 -> C:\Program Files\Maxiget\Updater\70.3.29.7018\npMaxigetUpdater3.dll [Nenhum Arquivo]
FF Plugin: @omaha.maxiget.com/Maxiget Updater;version=9 -> C:\Program Files\Maxiget\Updater\70.3.29.7018\npMaxigetUpdater3.dll [Nenhum Arquivo]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin HKU\S-1-5-21-4059545775-3362581037-2508284383-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Natalia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-09-01] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Natalia\AppData\Roaming\Mozilla\Firefox\Profiles\j5v0h3me.default\user.js [2015-11-20]
FF Extension: Oasis Space 1.0.1 - C:\Users\Natalia\AppData\Roaming\Mozilla\Firefox\Profiles\j5v0h3me.default\Extensions\{eeea1470-a34b-421d-8578-085229e78f50}.xpi [2015-11-20] [não assinado]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-10-29] [não assinado]

Chrome:
=======
CHR Profile: C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-11-12]
CHR Extension: (Google Slides) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-19] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATENÇÃO
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\addibmjelefaholbfacfnekmojekodaf [2015-11-05]
CHR Extension: (Google Docs) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-19] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATENÇÃO
CHR Extension: (Google Drive) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-21]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2015-11-06]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bffcllnfdoihnefjhalnfanpcfplkdip [2015-11-06]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\biiammgklaefagjclmnlialkmaemifgo [2015-10-29]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2015-11-06]
CHR Extension: (YouTube) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-19]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bobgnmijljonenlachekpkgikohcghon [2015-10-31]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-10-31]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde [2015-11-12]
CHR Extension: (Google Search) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-26]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp [2015-11-05]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbepggeogbaibhgnhhndojpepiihcmeb [2015-10-29]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\defjbpbaeipkllhdmgjfbdefjnpoocga [2015-11-19]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\dffhipnliikkblkhpjapbecpmoilcama [2015-11-20]
CHR Extension: (Tampermonkey) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-12-05]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\efjjgphedlaihnlgaibiaihhmhaejjdd [2015-11-21]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2015-11-19]
CHR Extension: (Avast SafePrice) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-06-20]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\eokdcgmibpioegghefegkcdjcbiggefe [2015-11-20]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\fanogbnclpilemkifpjeglokomebpnef [2015-10-29]
CHR Extension: (Google Sheets) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-19] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATENÇÃO
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl [2015-10-29]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\focpimmchclfkeblconjjlclhopahlnf [2015-11-17]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcalenpjmijncebpfijmoaglllgpjagf [2015-11-13]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2015-11-18]
CHR Extension: (Avast Online Security) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-14]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdmclgnbhdiklglmmdcaelggigiiigpm [2015-11-12]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgaofoblihpmholkpioedjelemgjpafl [2015-11-12]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlngmmdolgbdnnimbmblfhhndibdipaf [2015-11-17]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkkhbbhipldmgjflneimpacklkiogpo [2015-11-21]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihjbpjahiibmjdlcgodcnmpelpmilamk [2015-11-16]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijanohecbcpdgnpiabdfehfjgcapepbm [2015-10-28]
CHR Extension: (jafknefnkiolhmhbdpojkpdempbdmfap) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jafknefnkiolhmhbdpojkpdempbdmfap [2015-11-12]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbhiigbgcmeeknmajflllpcllcccheeb [2015-11-16]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbnkffmindojffecdhbbmekbmkkfpmjd [2015-11-15]
CHR Extension: (EasyCalendar) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk [2015-08-19]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jchepaljijgokkoflakjioknkfolenbk [2015-11-12]
CHR Extension: (Sem Nome) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jliolpcnkmolaaecncdfeofombdekjcp [2015-10-30]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlpkojjdgbllmedoapgfodplfhcbnbpn [2015-11-19]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnnkijcihjiopdcfliikldphgdjadekf [2015-11-12]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kagejfgngcmkbaacpmcnbpkhmhoeccee [2015-11-18]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdliiojahgmpdhebagjlmompdkkfckee [2015-11-13]
CHR Extension: (Web Protector - Reliable Phishing Protection) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfecnpmgnlnbmipaogfhoacoioifjgko [2015-08-10]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfphhfdokdamioolhjfdohhkodbieida [2015-11-18]
CHR Extension: (kglfocodeikakacbeoajjhnplhlaoook) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kglfocodeikakacbeoajjhnplhlaoook [2015-11-12]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpcanbeojalbkpgpmjpdkjnkfcgfkhb [2015-11-12]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kloiceblkijlknknaibcaieiicafajlo [2015-11-20]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmbcoebcjaiiejopnadjlknjhifadnlg [2015-11-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-30]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfefckpdealogpcfjdhinecfbcgedam [2015-11-04]
CHR Extension: (Channel Sub Box for YouTube™) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhbmojliagbancdcmookpmaaoipjifmc [2015-07-26]
CHR Extension: (Skype Click to Call) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-06-20]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljamgkbcojbnmcaonjokopmcblmmpfch [2015-11-19]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdapmeleikeppmfgadilffngabfpibok [2015-11-12]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfgdmpfihlmdekaclngibpjhdebndhdj [2015-11-12]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhcchbdblkggcenfmmpgkpgphfhfcbe [2015-11-13]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-10-29]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaaneppndljkmpgdcglnpfagfhjhipc [2015-10-30]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbhfeiddhndihdjeganjggkmjapkffm [2015-10-31]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\namcaplenodjnggbfkbopdbfngponici [2015-11-20]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbmblkkmdeobfklgefdnoakgkmcekhcg [2015-11-12]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbokbjkabcmbfdlbddjidfmibcpneigj [2015-11-12]
CHR Extension: (neebplgakaahbhdphmkckjjcegoiijjo) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2015-11-12]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\neomigpibafpboiknmijddgnncengfnm [2015-11-18]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkcknhokpkilkjgdffiompjikpodghcb [2015-11-17]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlfgnnlnfbpcammlnibfkplpnbbbdeli [2015-11-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-27]
CHR Extension: (noaijdpnepcgjemiklgfkcfbkokogabh) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaijdpnepcgjemiklgfkcfbkokogabh [2015-11-12]
CHR Extension: (oabphaconndgibllomdcjbfdghcmenci) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\oabphaconndgibllomdcjbfdghcmenci [2015-11-16]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2015-11-18]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlencieiipommannpdfcmfdpjjmeolj [2015-12-02]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\oipgklkggfaokcoipmecomffdpebimle [2015-11-04]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-10-24]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk [2015-11-19]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfgjjlnidkopfimlhcfcjhakhifbnmof [2015-11-04]
CHR Extension: (Gmail) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-26]
CHR Extension: (aapbdbdomjkkjkaonfhkkikfgjllcleb) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik [2015-10-30]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-06-11]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-11]
CHR HKLM\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKU\S-1-5-21-4059545775-3362581037-2508284383-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - hxxp://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-11] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-06-11] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 GoogleChromeUpService; C:\ProgramData\upgsvr.exe [1762304 2015-10-16] (TODO: <公司名>) [Arquivo não assinado]
R2 iSafeService; C:\Program Files\Elex-tech\YAC\iSafeSvc.exe [118048 2015-04-16] (Elex do Brasil Participações Ltda)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit)
S2 TcsaZsQZx; C:\ProgramData\OfsNryJhb\TcsaZsQZx.exe [2726776 2014-12-05] (Rational Thought Solutions)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [X]
S2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [X]
S2 CGVPNCliService; "C:\Program Files\CyberGhost 5\Service.exe" [X]
S2 mglupdate; C:\Program Files\Maxiget\Updater\MaxigetUpdater.exe /svc [X]
S3 mglupdatem; C:\Program Files\Maxiget\Updater\MaxigetUpdater.exe /medsvc [X]
S3 MozillaMaintenance; "C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe" [X]
S2 toqypino; C:\Program Files\CDC4B1C0-1445640311-11E1-BEE5-D75B7772AB77\knsqB2F9.tmp [X]
S2 Update CommonShare; "C:\Program Files\CommonShare\updateCommonShare.exe" [X]
S2 Update ToggleMark; "C:\Program Files\ToggleMark\updateToggleMark.exe" [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [32896 2011-11-28] (AnvSoft Inc.) [Arquivo não assinado]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-06-11] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-06-11] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-06-11] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-06-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-06-11] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [428120 2015-07-20] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-06-11] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-06-11] ()
R0 Bhbase; C:\Windows\System32\drivers\Bhbase.sys [47456 2014-03-11] (Baidu, Inc.)
R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [527344 2013-03-05] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [26096 2013-03-05] (Intel Corporation)
R1 iSafeKrnl; C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys [225896 2015-05-14] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [48784 2015-04-16] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys [97912 2015-08-20] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [52712 2015-08-20] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys [73232 2015-10-29] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [58640 2015-09-09] (Elex do Brasil Participações Ltda)
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-02-21] (Intel Corporation)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [48280 2014-12-29] (Visicom Media Inc.)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv.sys [30488 2014-12-29] (Visicom Media Inc.)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1301064 2013-02-08] (Realtek Semiconductor Corporation )
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-06-11] (Avast Software)
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S2 BstHdDrv; \??\C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [X]
S3 NPF; system32\drivers\NPF.sys [X]
S1 qrnfd_1_10_0_12; system32\drivers\qrnfd_1_10_0_12.sys [X]
S2 sbmntr; \??\C:\PROGRA~1\YTDOWN~1\sbmntr.sys [X]
S2 SPDRIVER_1.42.1.2687; \??\C:\Program Files\ShopperPro\JSDriver\1.42.1.2687\jsdrv.sys [X]
S1 swsedrvr_vt_1_10_0_25; system32\drivers\swsedrvr_vt_1_10_0_25.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S1 tbfd_1_10_0_15; system32\drivers\tbfd_1_10_0_15.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S1 wwfd_vt_1_10_0_24; system32\drivers\wwfd_vt_1_10_0_24.sys [X]
S3 XDva423; \??\C:\Windows\system32\XDva423.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2015-12-08 21:52 - 2015-12-08 21:55 - 00033274 _____ C:\Users\Natalia\Downloads\FRST.txt
2015-12-08 17:42 - 2015-12-08 17:48 - 23955700 _____ C:\Users\Natalia\Downloads\Flying Through Space (Epic).mp4
2015-12-08 11:33 - 2015-12-08 11:43 - 00044026 _____ C:\Users\Natalia\Downloads\Addition.txt
2015-12-08 11:30 - 2015-12-08 21:52 - 00000000 ____D C:\FRST
2015-12-08 11:28 - 2015-12-08 11:29 - 01719808 _____ (Farbar) C:\Users\Natalia\Downloads\FRST.exe
2015-12-07 12:50 - 2015-12-07 16:37 - 01435648 _____ C:\Users\Todos os Usuários\test.exe
2015-12-07 12:50 - 2015-12-07 16:37 - 01435648 _____ C:\ProgramData\test.exe
2015-12-06 21:51 - 2015-12-06 21:55 - 02890008 _____ (Microsoft Corporation) C:\Users\Natalia\Downloads\dotnetfx3setup.exe
2015-12-06 20:38 - 2015-12-06 20:38 - 00008192 _____ C:\Users\Natalia\Desktop\Risada_Cazalbé_Em_Tela_Verde.mp4.sfk
2015-12-06 19:59 - 2015-12-06 19:59 - 00001074 _____ C:\Users\Natalia\Desktop\Vegas pro 11.0.lnk
2015-12-06 16:44 - 2015-12-06 16:44 - 00000000 ____D C:\Users\Natalia\AppData\Roaming\eCyber
2015-12-06 11:59 - 2015-12-06 11:59 - 00001815 _____ C:\Users\Public\Desktop\YAC Desktop.lnk
2015-12-06 00:55 - 2015-12-06 00:55 - 00000000 ____D C:\Users\Public\Documents\PC Faster
2015-12-06 00:55 - 2015-12-06 00:55 - 00000000 ____D C:\Users\Natalia\AppData\Local\StormAlert
2015-12-05 23:40 - 2015-12-05 23:40 - 00001824 _____ C:\Users\Public\Desktop\YAC.lnk
2015-12-05 23:40 - 2015-09-09 23:56 - 00058640 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2015-12-05 23:40 - 2015-04-16 06:55 - 00048784 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2015-12-05 19:06 - 2015-12-06 11:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
2015-12-05 19:05 - 2015-12-05 19:05 - 00000000 ____D C:\Program Files\Elex-tech
2015-12-05 18:53 - 2015-12-05 18:53 - 00000000 ____D C:\Users\Natalia\AppData\Roaming\Elex-tech
2015-12-05 17:16 - 2015-12-05 17:17 - 01378217 _____ C:\Users\Natalia\Downloads\comintrep_2103.zip
2015-12-05 14:26 - 2015-12-05 14:26 - 00000000 ____D C:\Users\Natalia\AppData\Roaming\Google
2015-12-04 11:31 - 2015-12-04 11:32 - 00000000 ____D C:\Users\Natalia\Desktop\Pkmn Essentials 6GEN
2015-12-04 09:52 - 2015-12-04 13:14 - 01081344 _____ C:\Users\Todos os Usuários\LightGate.exe
2015-12-04 09:52 - 2015-12-04 13:14 - 01081344 _____ C:\ProgramData\LightGate.exe
2015-12-03 19:04 - 2015-12-03 19:04 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-03 00:39 - 2015-12-03 00:45 - 00000000 ____D C:\Users\Natalia\AppData\Local\UNDERTALE
2015-12-03 00:37 - 2015-12-03 00:37 - 00000774 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Undertale.lnk
2015-12-03 00:37 - 2015-12-03 00:37 - 00000762 _____ C:\Users\Public\Desktop\Undertale.lnk
2015-12-03 00:36 - 2015-12-03 00:37 - 00000000 ____D C:\Program Files\Undertale
2015-12-02 22:48 - 2015-12-05 18:34 - 00005833 _____ C:\Users\Natalia\AppData\Roaming\wpulog.txt
2015-12-02 22:11 - 2015-12-06 11:55 - 00000000 ____D C:\Program Files\Steam
2015-12-02 22:11 - 2015-12-02 22:11 - 00000885 _____ C:\Users\Public\Desktop\Steam.lnk
2015-12-02 22:11 - 2015-12-02 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-12-02 21:26 - 2015-12-06 00:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pokémon Neo Version
2015-12-02 10:15 - 2015-12-02 12:14 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2015-12-02 10:15 - 2015-12-02 12:14 - 00000000 ____D C:\ProgramData\WindowsMsg
2015-12-02 10:14 - 2015-12-03 21:28 - 01308347 _____ ( ) C:\Users\Todos os Usuários\carss---.exe
2015-12-02 10:14 - 2015-12-03 21:28 - 01308347 _____ ( ) C:\ProgramData\carss---.exe
2015-12-02 10:13 - 2015-11-26 07:58 - 04127064 _____ C:\Users\Todos os Usuários\ch_dl_url
2015-12-02 10:13 - 2015-11-26 07:58 - 04127064 _____ C:\ProgramData\ch_dl_url
2015-12-02 10:11 - 2015-12-02 10:11 - 00001078 ____R C:\Yeabeats Browser.lnk
2015-12-02 10:11 - 2015-11-25 15:31 - 01100288 _____ C:\Users\Todos os Usuários\HomePage.exe
2015-12-02 10:11 - 2015-11-25 15:31 - 01100288 _____ C:\ProgramData\HomePage.exe
2015-12-01 19:03 - 2015-12-01 19:03 - 00000000 ____D C:\Users\Public\Documents\Baidu
2015-12-01 11:28 - 2015-12-01 11:28 - 00000022 _____ C:\Users\Natalia\Documents\É ISSO BESMO!.txt
2015-11-29 21:07 - 2015-11-29 21:07 - 00000000 ____D C:\Program Files\Lenovo
2015-11-26 11:45 - 2015-11-28 17:13 - 00000000 ____D C:\Users\Natalia\Desktop\Memes do João Paladino
2015-11-26 11:07 - 2015-11-26 11:07 - 00000000 ____D C:\Program Files\TAP-Windows
2015-11-25 20:28 - 2015-12-06 11:53 - 00000000 ____D C:\Users\Natalia\AppData\LocalLow\uTorrent
2015-11-25 20:27 - 2015-11-25 20:27 - 00000815 _____ C:\Users\Natalia\Desktop\µTorrent.lnk
2015-11-25 20:27 - 2015-11-25 20:27 - 00000795 _____ C:\Users\Natalia\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-11-25 20:24 - 2015-12-06 16:22 - 00000000 ____D C:\Users\Natalia\AppData\Roaming\uTorrent
2015-11-23 18:36 - 2015-11-23 18:36 - 00000161 _____ C:\Users\Todos os Usuários\xcgui_debug.txt
2015-11-23 18:36 - 2015-11-23 18:36 - 00000161 _____ C:\ProgramData\xcgui_debug.txt
2015-11-23 18:20 - 2015-11-23 18:20 - 00004593 _____ C:\Users\Todos os Usuários\webad.xml
2015-11-23 18:20 - 2015-11-23 18:20 - 00004593 _____ C:\ProgramData\webad.xml
2015-11-21 17:08 - 2012-06-01 02:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2015-11-21 17:08 - 2012-06-01 02:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2015-11-21 17:08 - 2012-06-01 02:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2015-11-21 17:08 - 2012-06-01 02:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2015-11-21 17:08 - 2012-06-01 02:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2015-11-21 17:08 - 2012-06-01 02:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2015-11-20 18:59 - 2015-11-20 18:59 - 00001775 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-11-20 18:59 - 2015-11-20 18:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-11-20 18:59 - 2015-11-20 18:59 - 00000000 ____D C:\Program Files\QuickTime
2015-11-20 15:44 - 2015-11-20 15:44 - 00000000 ____D C:\Windows\system32\BestPractices
2015-11-20 15:44 - 2015-11-20 15:44 - 00000000 ____D C:\inetpub
2015-11-18 22:34 - 2015-11-18 22:35 - 00000000 ____D C:\Users\Natalia\AppData\Roaming\Mozilla
2015-11-18 20:18 - 2015-12-05 18:51 - 00000000 ____D C:\Users\Natalia\AppData\Roaming\Wise Uninstaller
2015-11-17 21:45 - 2015-11-17 21:45 - 00000000 ____D C:\Users\Todos os Usuários\{126CFB2A-3098-4C8B-A9BB-8D922A069FE0}
2015-11-17 21:45 - 2015-11-17 21:45 - 00000000 ____D C:\Users\Natalia\AppData\Roaming\AMCPromote
2015-11-17 21:45 - 2015-11-17 21:45 - 00000000 ____D C:\ProgramData\{126CFB2A-3098-4C8B-A9BB-8D922A069FE0}
2015-11-17 21:44 - 2015-11-17 21:44 - 00000000 ____D C:\Users\Natalia\AppData\Roaming\ProductData
2015-11-17 21:43 - 2015-12-02 10:08 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2015-11-17 21:43 - 2015-12-02 10:08 - 00000000 ____D C:\ProgramData\ProductData
2015-11-17 21:43 - 2015-11-17 21:56 - 00000000 ____D C:\Users\Todos os Usuários\IObit
2015-11-17 21:43 - 2015-11-17 21:56 - 00000000 ____D C:\ProgramData\IObit
2015-11-17 21:43 - 2015-11-17 21:43 - 00000000 ____D C:\Users\Natalia\AppData\LocalLow\IObit
2015-11-17 21:42 - 2015-11-17 21:43 - 00000000 ____D C:\Users\Natalia\AppData\Roaming\IObit
2015-11-17 21:42 - 2015-11-17 21:43 - 00000000 ____D C:\Program Files\IObit
2015-11-17 10:13 - 2015-11-17 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyBrowser
2015-11-17 10:13 - 2015-11-17 10:13 - 00000000 ____D C:\Users\Natalia\AppData\Local\MyBrowser
2015-11-17 10:13 - 2015-11-17 10:13 - 00000000 ____D C:\Users\Convidado\AppData\Local\MyBrowser
2015-11-17 10:12 - 2015-11-17 10:12 - 00000000 ____D C:\Program Files\MyBrowser
2015-11-15 23:10 - 2015-11-15 23:10 - 00235504 _____ C:\Users\Natalia\Desktop\Pica Pau - O Pistoleiro sem Solução.mp4.sfk
2015-11-15 04:38 - 2015-11-15 04:38 - 00039592 _____ C:\Users\Natalia\Desktop\Spongebob I'd like to buy all your chocolate.mp4.sfk
2015-11-15 03:40 - 2015-11-15 03:40 - 00000078 _____ C:\Users\Natalia\Documents\sim.txt
2015-11-14 16:27 - 2015-11-14 16:27 - 00000003 _____ C:\Users\Natalia\Documents\joojjj.txt
2015-11-14 15:12 - 2015-11-14 15:12 - 00000042 _____ C:\Users\Natalia\Documents\vlw.txt
2015-11-14 12:15 - 2015-10-29 15:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-14 12:15 - 2015-10-29 15:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-14 12:15 - 2015-10-29 15:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-14 12:15 - 2015-10-29 15:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-14 12:12 - 2015-10-13 14:31 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-14 12:12 - 2015-10-13 14:31 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-14 12:10 - 2015-10-19 22:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-14 12:10 - 2015-10-19 22:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-14 12:10 - 2015-10-19 22:45 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-14 12:10 - 2015-10-19 22:44 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-14 12:10 - 2015-10-19 22:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-14 12:10 - 2015-10-19 21:29 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-14 12:10 - 2015-10-19 21:28 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-14 12:10 - 2015-10-19 21:28 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-14 12:09 - 2015-10-19 22:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-11-14 12:09 - 2015-10-19 22:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-14 12:09 - 2015-10-19 22:52 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-14 12:09 - 2015-10-19 22:52 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-14 12:09 - 2015-10-19 22:48 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-14 12:09 - 2015-10-19 22:45 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-14 12:09 - 2015-10-19 22:45 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-14 12:09 - 2015-10-19 22:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-14 12:09 - 2015-10-19 22:45 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-14 12:09 - 2015-10-19 22:45 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-14 12:09 - 2015-10-19 22:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-14 12:09 - 2015-10-19 22:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-14 12:09 - 2015-10-19 22:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-14 12:09 - 2015-10-19 22:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-14 12:09 - 2015-10-19 22:45 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-14 12:09 - 2015-10-19 22:45 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-14 12:09 - 2015-10-19 22:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-14 12:09 - 2015-10-19 22:45 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-14 12:09 - 2015-10-19 22:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-14 12:09 - 2015-10-19 22:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-14 12:09 - 2015-10-19 22:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-14 12:09 - 2015-10-19 22:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-14 12:09 - 2015-10-19 22:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-14 12:09 - 2015-10-19 22:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-14 12:09 - 2015-10-13 02:50 - 00712640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-14 12:08 - 2015-11-03 19:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-14 12:08 - 2015-10-30 20:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-14 12:08 - 2015-10-30 20:58 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-14 12:08 - 2015-10-30 20:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-14 12:08 - 2015-10-30 20:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-14 12:08 - 2015-10-30 20:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-14 12:08 - 2015-10-30 20:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-14 12:08 - 2015-10-30 20:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-14 12:08 - 2015-10-30 20:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-14 12:08 - 2015-10-30 20:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-14 12:08 - 2015-10-30 20:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-14 12:08 - 2015-10-30 20:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-14 12:08 - 2015-10-30 20:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-14 12:08 - 2015-10-30 20:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-14 12:08 - 2015-10-30 20:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-14 12:08 - 2015-10-30 20:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-14 12:08 - 2015-10-30 20:36 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-14 12:08 - 2015-10-30 20:31 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-14 12:08 - 2015-10-30 20:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-14 12:08 - 2015-10-30 20:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-14 12:08 - 2015-10-30 20:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-14 12:08 - 2015-10-30 20:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-14 12:08 - 2015-10-30 20:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-14 12:08 - 2015-10-30 20:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-14 12:08 - 2015-10-30 20:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-14 12:08 - 2015-10-30 20:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-14 12:08 - 2015-10-30 20:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-14 12:08 - 2015-10-30 20:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-14 12:08 - 2015-10-30 20:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-14 12:08 - 2015-10-30 20:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-14 12:08 - 2015-10-30 20:09 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-14 12:08 - 2015-10-30 19:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-14 12:08 - 2015-10-30 19:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-14 12:08 - 2015-10-30 19:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-14 12:07 - 2015-11-03 15:46 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-14 12:03 - 2015-09-23 11:09 - 00371920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-14 12:03 - 2015-09-23 11:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-14 12:02 - 2015-10-01 15:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-14 12:02 - 2015-10-01 15:50 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-14 12:01 - 2015-10-20 15:46 - 02955776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-14 12:01 - 2015-10-20 15:46 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-14 12:01 - 2015-10-20 15:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-14 12:01 - 2015-10-20 15:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-14 12:01 - 2015-10-20 15:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-14 12:01 - 2015-10-20 15:46 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-14 12:01 - 2015-10-20 15:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-14 12:01 - 2015-10-20 15:45 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-14 12:01 - 2015-10-20 15:45 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-14 12:01 - 2015-10-20 15:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-14 12:01 - 2015-10-20 15:45 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-13 01:25 - 2015-11-13 01:27 - 00000000 ____D C:\Users\Natalia\Documents\Freemake
2015-11-12 23:46 - 2015-11-13 13:36 - 00000000 ____D C:\Users\Natalia\AppData\Roaming\Adobe
2015-11-09 12:15 - 2015-11-18 01:17 - 00000000 ____D C:\Users\Natalia\Desktop\Programas importantes

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2015-12-08 21:52 - 2014-11-27 17:44 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-08 21:33 - 2014-08-25 13:40 - 00001072 _____ C:\Windows\Tasks\MaxigetUpdaterTaskMachineUA.job
2015-12-08 21:27 - 2014-07-30 17:12 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-08 20:11 - 2015-05-20 01:19 - 00000380 _____ C:\Windows\Tasks\update-S-1-5-21-4059545775-3362581037-2508284383-1000.job
2015-12-08 17:12 - 2009-07-14 02:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-08 17:12 - 2009-07-14 02:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-08 17:03 - 2015-09-21 12:19 - 00000666 _____ C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job
2015-12-08 17:03 - 2014-11-27 17:44 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-08 17:03 - 2014-08-25 13:40 - 00001068 _____ C:\Windows\Tasks\MaxigetUpdaterTaskMachineCore.job
2015-12-08 17:03 - 2009-07-14 02:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-08 11:30 - 2009-07-14 00:37 - 00000000 ____D C:\Windows
2015-12-07 18:33 - 2015-07-31 01:47 - 00000000 ____D C:\Users\Natalia\Desktop\images
2015-12-07 00:55 - 2015-08-27 12:40 - 00007168 ____H C:\Users\Natalia\Desktop\photothumb.db
2015-12-06 19:57 - 2015-10-19 00:44 - 00000000 ____D C:\Program Files\Sony
2015-12-06 18:55 - 2015-10-18 23:24 - 00000000 ____D C:\Users\Natalia\AppData\Roaming\Sony
2015-12-06 16:29 - 2009-07-14 06:31 - 00721928 _____ C:\Windows\system32\prfh0416.dat
2015-12-06 16:29 - 2009-07-14 06:31 - 00159740 _____ C:\Windows\system32\prfc0416.dat
2015-12-06 16:25 - 2009-07-14 00:37 - 00000000 ____D C:\Windows\inf
2015-12-06 11:56 - 2015-03-31 19:35 - 00000000 ____D C:\Users\Natalia\AppData\Roaming\Skype
2015-12-06 00:55 - 2015-09-01 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BattleBlock Theater
2015-12-06 00:52 - 2009-07-14 02:53 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-06 00:49 - 2014-08-13 12:19 - 00000000 ____D C:\Users\Natalia\AppData\Roaming\Baidu
2015-12-05 22:46 - 2014-12-25 17:30 - 00000000 ____D C:\Users\Todos os Usuários\Apple Computer
2015-12-05 22:46 - 2014-12-25 17:30 - 00000000 ____D C:\ProgramData\Apple Computer
2015-12-05 17:38 - 2014-08-31 11:17 - 00000000 ____D C:\Users\Natalia\Desktop\comintrep_2103
2015-12-05 14:42 - 2015-11-01 16:02 - 00000391 _____ C:\Users\Natalia\Documents\txd.txt
2015-12-04 11:24 - 2015-02-23 11:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-04 11:24 - 2014-12-05 23:34 - 00000000 ____D C:\Users\Natalia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-03 00:35 - 2014-12-02 20:02 - 00000000 ____D C:\Program Files\Common Files\Steam
2015-12-02 12:19 - 2015-06-07 00:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Forever
2015-12-02 12:13 - 2014-07-30 15:08 - 01777046 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-01 11:25 - 2015-06-09 03:52 - 00000000 ____D C:\Users\Natalia\Desktop\Reborn15
2015-11-29 08:59 - 2015-10-17 03:59 - 00000000 ____D C:\Users\Todos os Usuários\Freemake
2015-11-29 08:59 - 2015-10-17 03:59 - 00000000 ____D C:\ProgramData\Freemake
2015-11-29 08:58 - 2015-10-17 03:58 - 00000000 ____D C:\Program Files\Freemake
2015-11-28 20:37 - 2009-07-14 00:37 - 00000000 ____D C:\Windows\system32\NDF
2015-11-28 01:25 - 2015-03-28 20:54 - 00000000 ____D C:\Users\Convidado\AppData\Roaming\BitTorrent
2015-11-28 01:20 - 2015-10-08 20:25 - 00000000 ____D C:\Users\Convidado\AppData\LocalLow\BitTorrent
2015-11-28 01:19 - 2014-07-30 20:33 - 00099576 _____ C:\Users\Convidado\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-26 11:07 - 2015-11-06 01:55 - 00000000 ____D C:\Users\Natalia\Desktop\Wise Program Uninstaller
2015-11-25 21:53 - 2014-11-25 18:50 - 00000000 ____D C:\Users\Todos os Usuários\Steam
2015-11-25 21:53 - 2014-11-25 18:50 - 00000000 ____D C:\ProgramData\Steam
2015-11-24 09:07 - 2015-10-04 01:17 - 00000132 _____ C:\Users\Natalia\AppData\Roaming\Preferências do Formato PNG do Adobe CS6
2015-11-23 22:27 - 2015-09-28 00:44 - 00000000 ____D C:\Users\Natalia\AppData\Roaming\Anvsoft
2015-11-23 22:10 - 2015-09-10 21:38 - 00000000 ____D C:\Users\Natalia\Desktop\tudo que tenho
2015-11-23 00:51 - 2009-07-14 00:37 - 00000000 ____D C:\Windows\system32\inetsrv
2015-11-21 00:15 - 2015-10-19 01:41 - 00000000 ____D C:\Program Files\CyberGhost 5
2015-11-20 14:03 - 2015-03-31 19:34 - 00000890 __RSH C:\Users\Todos os Usuários\ntuser.pol
2015-11-20 14:03 - 2015-03-31 19:34 - 00000890 __RSH C:\ProgramData\ntuser.pol
2015-11-18 19:16 - 2015-10-23 22:15 - 00000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-11-17 10:12 - 2014-11-27 18:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-15 12:43 - 2015-07-24 21:06 - 00000000 ____D C:\Windows\system32\MRT
2015-11-15 04:50 - 2009-07-14 02:33 - 00387064 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-15 04:47 - 2009-07-14 06:53 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-14 12:16 - 2015-07-24 21:05 - 143250520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-13 00:13 - 2015-03-28 21:31 - 00000000 ____D C:\Users\Convidado\Downloads\Plants vs. Zombies Garden Warfare PC Game + DLC ^^nosTEAM^^
2015-11-12 12:57 - 2015-10-23 20:45 - 00000000 ____D C:\Program Files\CDC4B1C0-1445640311-11E1-BEE5-D75B7772AB77
2015-11-11 23:41 - 2015-08-30 23:03 - 00000000 ____D C:\Users\Natalia\Desktop\desmume-0.9.11-JIT-32bits-26-13-2014
2015-11-11 09:48 - 2015-09-23 11:21 - 00435248 _____ C:\Windows\ntbtlog.txt
2015-11-09 21:53 - 2015-10-28 22:14 - 00000000 ____D C:\Users\Natalia\Documents\Dolphin Emulator

==================== Arquivos na raiz de alguns diretórios =======

2014-11-27 17:44 - 2014-11-27 17:44 - 6000640 _____ () C:\Program Files\GUT1861.tmp
2015-04-13 21:16 - 2015-04-13 21:16 - 6103040 _____ () C:\Program Files\GUT9EF9.tmp
2015-04-19 10:20 - 2015-10-30 16:20 - 0000626 _____ () C:\Users\Natalia\AppData\Roaming\4XLAlex0FcpG5CEP7jGO
2015-03-27 21:36 - 2015-03-27 22:03 - 0000937 _____ () C:\Users\Natalia\AppData\Roaming\droid4xinstaller.log
2015-04-19 10:20 - 2015-10-30 16:20 - 0000626 _____ () C:\Users\Natalia\AppData\Roaming\msS8pgcW8Q6
2015-04-20 12:05 - 2015-04-20 12:05 - 1579520 _____ () C:\Users\Natalia\AppData\Roaming\msS8pgcW8Q6.exe
2015-10-04 01:17 - 2015-11-24 09:07 - 0000132 _____ () C:\Users\Natalia\AppData\Roaming\Preferências do Formato PNG do Adobe CS6
2015-05-23 13:02 - 2015-06-03 08:27 - 0000069 _____ () C:\Users\Natalia\AppData\Roaming\WB.CFG
2015-12-02 22:48 - 2015-12-05 18:34 - 0005833 _____ () C:\Users\Natalia\AppData\Roaming\wpulog.txt
2015-03-31 15:45 - 2015-03-31 15:45 - 0008706 _____ () C:\Users\Natalia\AppData\Local\HELP_DECRYPT.HTML
2015-03-31 15:45 - 2015-03-31 15:45 - 0045708 _____ () C:\Users\Natalia\AppData\Local\HELP_DECRYPT.PNG
2015-03-31 15:45 - 2015-03-31 15:45 - 0004296 _____ () C:\Users\Natalia\AppData\Local\HELP_DECRYPT.TXT
2014-10-23 20:32 - 2014-10-23 20:32 - 0627680 _____ (CMI Limited) C:\Users\Natalia\AppData\Local\nslB203.tmp
2015-09-20 12:29 - 2015-09-20 12:29 - 0003301 _____ () C:\Users\Natalia\AppData\Local\recently-used.xbel
2014-08-16 17:05 - 2014-08-16 17:05 - 0007640 _____ () C:\Users\Natalia\AppData\Local\Resmon.ResmonCfg
2014-12-28 21:30 - 2014-12-28 21:30 - 0000003 _____ () C:\Users\Natalia\AppData\Local\updater.log
2014-12-28 21:31 - 2015-10-02 21:32 - 0000412 _____ () C:\Users\Natalia\AppData\Local\UserProducts.xml
2015-10-30 12:08 - 2015-10-30 12:08 - 0000000 _____ () C:\Users\Natalia\AppData\Local\{57ED19EF-7F41-4101-95A9-DBB03F98308D}
2015-12-02 10:14 - 2015-12-03 21:28 - 1308347 _____ ( ) C:\ProgramData\carss---.exe
2015-12-02 10:13 - 2015-11-26 07:58 - 4127064 _____ () C:\ProgramData\ch_dl_url
2015-03-31 15:04 - 2015-03-31 15:04 - 0008706 _____ () C:\ProgramData\HELP_DECRYPT.HTML
2015-03-31 15:04 - 2015-03-31 15:04 - 0045708 _____ () C:\ProgramData\HELP_DECRYPT.PNG
2015-03-31 15:04 - 2015-03-31 15:04 - 0004296 _____ () C:\ProgramData\HELP_DECRYPT.TXT
2015-12-02 10:11 - 2015-11-25 15:31 - 1100288 _____ () C:\ProgramData\HomePage.exe
2015-12-04 09:52 - 2015-12-04 13:14 - 1081344 _____ () C:\ProgramData\LightGate.exe
2015-07-20 16:19 - 2015-07-20 16:19 - 1498288 _____ () C:\ProgramData\setup_7342eeef9d1741ad87fec4e523dd34b8.exe
2015-12-07 12:50 - 2015-12-07 16:37 - 1435648 _____ () C:\ProgramData\test.exe
2015-10-16 17:26 - 2015-10-16 07:43 - 1762304 _____ (TODO: <公司名>) C:\ProgramData\upgsvr.exe
2015-11-23 18:20 - 2015-11-23 18:20 - 0004593 _____ () C:\ProgramData\webad.xml
2015-11-23 18:36 - 2015-11-23 18:36 - 0000161 _____ () C:\ProgramData\xcgui_debug.txt
2015-10-27 12:05 - 2015-10-28 13:52 - 0000098 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\carss---.exe
C:\ProgramData\HomePage.exe
C:\ProgramData\LightGate.exe
C:\ProgramData\setup_7342eeef9d1741ad87fec4e523dd34b8.exe
C:\ProgramData\test.exe
C:\ProgramData\upgsvr.exe
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Todos os Usuários\carss---.exe
C:\Users\Todos os Usuários\HomePage.exe
C:\Users\Todos os Usuários\LightGate.exe
C:\Users\Todos os Usuários\setup_7342eeef9d1741ad87fec4e523dd34b8.exe
C:\Users\Todos os Usuários\test.exe
C:\Users\Todos os Usuários\upgsvr.exe
C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job


Alguns arquivos em TEMP:
====================
C:\Users\Convidado\AppData\Local\Temp\cleanup_tool.exe
C:\Users\Convidado\AppData\Local\Temp\UmmyVideoDownloader.exe
C:\Users\Convidado\AppData\Local\Temp\{D1AF06E3-226A-43D1-896C-9AF939272F2C}-42.0.2311.90_chrome_installer.exe
C:\Users\Natalia\AppData\Local\Temp\1016.exe
C:\Users\Natalia\AppData\Local\Temp\1095.exe
C:\Users\Natalia\AppData\Local\Temp\1155.exe
C:\Users\Natalia\AppData\Local\Temp\1194.exe
C:\Users\Natalia\AppData\Local\Temp\12.exe
C:\Users\Natalia\AppData\Local\Temp\1223.exe
C:\Users\Natalia\AppData\Local\Temp\1245.exe
C:\Users\Natalia\AppData\Local\Temp\1252.exe
C:\Users\Natalia\AppData\Local\Temp\1282.exe
C:\Users\Natalia\AppData\Local\Temp\1310.exe
C:\Users\Natalia\AppData\Local\Temp\1445127142.exe
C:\Users\Natalia\AppData\Local\Temp\1445701349.exe
C:\Users\Natalia\AppData\Local\Temp\170.exe
C:\Users\Natalia\AppData\Local\Temp\1711.exe
C:\Users\Natalia\AppData\Local\Temp\1793.exe
C:\Users\Natalia\AppData\Local\Temp\182.exe
C:\Users\Natalia\AppData\Local\Temp\1875.exe
C:\Users\Natalia\AppData\Local\Temp\1885.exe
C:\Users\Natalia\AppData\Local\Temp\2061.exe
C:\Users\Natalia\AppData\Local\Temp\2091.exe
C:\Users\Natalia\AppData\Local\Temp\2120.exe
C:\Users\Natalia\AppData\Local\Temp\22.exe
C:\Users\Natalia\AppData\Local\Temp\2274.exe
C:\Users\Natalia\AppData\Local\Temp\2424.exe
C:\Users\Natalia\AppData\Local\Temp\2469.exe
C:\Users\Natalia\AppData\Local\Temp\2557.exe
C:\Users\Natalia\AppData\Local\Temp\2607.exe
C:\Users\Natalia\AppData\Local\Temp\2645.exe
C:\Users\Natalia\AppData\Local\Temp\2661.exe
C:\Users\Natalia\AppData\Local\Temp\280.exe
C:\Users\Natalia\AppData\Local\Temp\2838.exe
C:\Users\Natalia\AppData\Local\Temp\2920.exe
C:\Users\Natalia\AppData\Local\Temp\3130.exe
C:\Users\Natalia\AppData\Local\Temp\32.exe
C:\Users\Natalia\AppData\Local\Temp\3646.exe
C:\Users\Natalia\AppData\Local\Temp\3786.exe
C:\Users\Natalia\AppData\Local\Temp\3847.exe
C:\Users\Natalia\AppData\Local\Temp\401.exe
C:\Users\Natalia\AppData\Local\Temp\4076.exe
C:\Users\Natalia\AppData\Local\Temp\4149.exe
C:\Users\Natalia\AppData\Local\Temp\4184.exe
C:\Users\Natalia\AppData\Local\Temp\4447.exe
C:\Users\Natalia\AppData\Local\Temp\45.exe
C:\Users\Natalia\AppData\Local\Temp\4571.exe
C:\Users\Natalia\AppData\Local\Temp\4827.exe
C:\Users\Natalia\AppData\Local\Temp\4924.exe
C:\Users\Natalia\AppData\Local\Temp\5045.exe
C:\Users\Natalia\AppData\Local\Temp\5217.exe
C:\Users\Natalia\AppData\Local\Temp\54.exe
C:\Users\Natalia\AppData\Local\Temp\5516.exe
C:\Users\Natalia\AppData\Local\Temp\5554.exe
C:\Users\Natalia\AppData\Local\Temp\5742.exe
C:\Users\Natalia\AppData\Local\Temp\6024.exe
C:\Users\Natalia\AppData\Local\Temp\61.exe
C:\Users\Natalia\AppData\Local\Temp\6119.exe
C:\Users\Natalia\AppData\Local\Temp\6219.exe
C:\Users\Natalia\AppData\Local\Temp\67.exe
C:\Users\Natalia\AppData\Local\Temp\6710.exe
C:\Users\Natalia\AppData\Local\Temp\6796.exe
C:\Users\Natalia\AppData\Local\Temp\6991.exe
C:\Users\Natalia\AppData\Local\Temp\7080.exe
C:\Users\Natalia\AppData\Local\Temp\7203.exe
C:\Users\Natalia\AppData\Local\Temp\74.exe
C:\Users\Natalia\AppData\Local\Temp\7554.exe
C:\Users\Natalia\AppData\Local\Temp\7645.exe
C:\Users\Natalia\AppData\Local\Temp\7753.exe
C:\Users\Natalia\AppData\Local\Temp\7824.exe
C:\Users\Natalia\AppData\Local\Temp\7849.exe
C:\Users\Natalia\AppData\Local\Temp\7864.exe
C:\Users\Natalia\AppData\Local\Temp\7966.exe
C:\Users\Natalia\AppData\Local\Temp\7994.exe
C:\Users\Natalia\AppData\Local\Temp\8024.exe
C:\Users\Natalia\AppData\Local\Temp\8046.exe
C:\Users\Natalia\AppData\Local\Temp\809.exe
C:\Users\Natalia\AppData\Local\Temp\8192.exe
C:\Users\Natalia\AppData\Local\Temp\826.exe
C:\Users\Natalia\AppData\Local\Temp\8413.exe
C:\Users\Natalia\AppData\Local\Temp\8555.exe
C:\Users\Natalia\AppData\Local\Temp\858.exe
C:\Users\Natalia\AppData\Local\Temp\862.exe
C:\Users\Natalia\AppData\Local\Temp\868.exe
C:\Users\Natalia\AppData\Local\Temp\87.exe
C:\Users\Natalia\AppData\Local\Temp\8856.exe
C:\Users\Natalia\AppData\Local\Temp\8916.exe
C:\Users\Natalia\AppData\Local\Temp\8959.exe
C:\Users\Natalia\AppData\Local\Temp\9025.exe
C:\Users\Natalia\AppData\Local\Temp\9064.exe
C:\Users\Natalia\AppData\Local\Temp\9181.exe
C:\Users\Natalia\AppData\Local\Temp\9319.exe
C:\Users\Natalia\AppData\Local\Temp\9497.exe
C:\Users\Natalia\AppData\Local\Temp\9548.exe
C:\Users\Natalia\AppData\Local\Temp\9552.exe
C:\Users\Natalia\AppData\Local\Temp\9617.exe
C:\Users\Natalia\AppData\Local\Temp\beefgdeaih.exe
C:\Users\Natalia\AppData\Local\Temp\beehgceiii.exe
C:\Users\Natalia\AppData\Local\Temp\Cyberghost+VPN+5+Crack+Fu__10924_i1747046327_il728098.exe
C:\Users\Natalia\AppData\Local\Temp\FreemakeVideoDownloaderFull.exe
C:\Users\Natalia\AppData\Local\Temp\ICReinstall_melodyne-32-bits.exe
C:\Users\Natalia\AppData\Local\Temp\InstallHelper.exe
C:\Users\Natalia\AppData\Local\Temp\MBSetup553.exe
C:\Users\Natalia\AppData\Local\Temp\MBSetup684.exe
C:\Users\Natalia\AppData\Local\Temp\MBSetup726.exe
C:\Users\Natalia\AppData\Local\Temp\mytmpinstaller.exe
C:\Users\Natalia\AppData\Local\Temp\nsgE957.exe
C:\Users\Natalia\AppData\Local\Temp\nsgEC05.exe
C:\Users\Natalia\AppData\Local\Temp\setup.exe
C:\Users\Natalia\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Natalia\AppData\Local\Temp\ultimate_pc_cleaner.exe
C:\Users\Natalia\AppData\Local\Temp\Uninstall.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2014-08-07 06:56

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité