Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:05-03-2016 01
Executado por Claudemir (administrador) em CLAUDEMIR-PC (13-03-2016 15:37:53)
Executando a partir de C:\Users\Claudemir\Downloads
Perfis Carregados: Claudemir (Perfis Disponíveis: Claudemir)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
() C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\2C0530A0-1456836757-11B2-8000-C1515901109B\knsyE65E.tmp
() C:\Windows\SysWOW64\config\systemprofile\AppData\Local\2C0530A0-1456826178-11B2-8000-C1515901109B\snszE419.tmp
() C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe
() C:\Program Files\Common Files\ShopperPro3\spbiu.exe
() C:\Program Files (x86)\SFK\SSFK.exe
() C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarServ.exe
(Microsoft Corporation) C:\ProgramData\Windows Security\winsecurity.exe
() C:\Program Files (x86)\CalendarTool\2.0.0.11189\calendar.exe
() C:\Program Files\WNEn\f83d4af839615b06867ba7f633b95f53.exe
() C:\Program Files (x86)\2C0530A0-1456836757-11B2-8000-C1515901109B\hnsdD9BD.tmp
(Microsoft Corporation) C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\XBox\XBLive.exe
() C:\Users\Claudemir\AppData\Local\2C0530A0-1457734033-11B2-8000-C1515901109B\qnsd22AF.tmp
() C:\Program Files (x86)\2C0530A0-1456836757-11B2-8000-C1515901109B\jnst2FC7.tmp
(Irrational Number Applications) C:\ProgramData\UQqrgsa\AdlqwpS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(VLOME) C:\Windows\Temp\is-H4ASA.tmp\print.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe
() C:\Program Files\WNEn\748f455174805346d8a21536e3d2fae6.exe
() C:\Program Files\WNEn\f83d4af839615b06867ba7f633b95f53.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe
() C:\Users\Claudemir\AppData\Local\mpck_en_005030264\upmpck_en_005030264.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(BitTorrent Inc.) C:\Users\Claudemir\AppData\Roaming\uTorrent\uTorrent.exe
(Seekar Ltd) C:\Program Files (x86)\Ares\Ares.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
() C:\ProgramData\msiql.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BitTorrent Inc.) C:\Users\Claudemir\AppData\Roaming\uTorrent\updates\3.4.5_41865\utorrentie.exe
(BitTorrent Inc.) C:\Users\Claudemir\AppData\Roaming\uTorrent\updates\3.4.5_41865\utorrentie.exe
(BitTorrent Inc.) C:\Users\Claudemir\AppData\Roaming\uTorrent\updates\3.4.5_41865\utorrentie.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Windows\SysWOW64\config\systemprofile\AppData\Local\2C0530A0-1456826178-11B2-8000-C1515901109B\pnszE41C.exe
() C:\Windows\SysWOW64\config\systemprofile\AppData\Local\2C0530A0-1456826178-11B2-8000-C1515901109B\onszE41B.tmp
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(YTDownloader) C:\Program Files (x86)\YTDownloader\YTDownloader.exe
() C:\Program Files (x86)\ShopperPro3\JSDriver\1.42.1.10643\jsdrv.exe
() C:\Program Files (x86)\mpck_en_005030264\mpck_en_005030264.exe
() C:\Program Files (x86)\win_en_77\win_en_77.exe
() C:\Program Files (x86)\win_en_77\win_en_77.exe
(Goobzo) C:\Program Files (x86)\YTDownloader\BrowserHelper.exe
() C:\Program Files (x86)\mpck_en_005030264\mpck_en_005030264.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(The Chromium Authors) C:\Users\Claudemir\AppData\Local\Chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Claudemir\AppData\Local\Chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Claudemir\AppData\Local\Chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Claudemir\AppData\Local\Chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Claudemir\AppData\Local\Chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Claudemir\AppData\Local\Chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Claudemir\AppData\Local\Chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Claudemir\AppData\Local\Chromium\Application\chrome.exe
() C:\Program Files (x86)\win_en_77\win_en_77.exe
() C:\Program Files (x86)\mpck_en_005030264\mpck_en_005030264.exe
(The Chromium Authors) C:\Users\Claudemir\AppData\Local\Chromium\Application\chrome.exe
() C:\Program Files (x86)\Common Files\8f23bb0e-d21d-43d3-bd7b-a0fba15a3b5e\Updater.exe
() C:\Program Files (x86)\win_en_77\win_en_77.exe
() C:\Program Files (x86)\mpck_en_005030264\mpck_en_005030264.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [5392896 1999-12-31] (Broadcom Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13874392 1999-12-31] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [IDSCPRODUCT] => C:\Program Files (x86)\Hostify\\idscservice.exe [53760 2016-03-12] ()
HKLM\...\Run: [SpaceSoundPro] => C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe [4203520 2015-08-03] (Space Sound Pro)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [LightGate] => C:\ProgramData\LightGate.exe [1081344 2015-12-04] ()
HKLM-x32\...\Run: [HomePageHelper] => C:\ProgramData\HomePage.exe [1100288 2015-11-25] ()
HKLM-x32\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1991600 2015-10-22] (YTDownloader)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro3\JSDriver\1.42.1.10643\jsdrv.exe [2720256 2016-02-18] ()
HKLM-x32\...\Run: [mpck_en_005030264] => C:\Program Files (x86)\mpck_en_005030264\mpck_en_005030264.exe [3993776 2016-03-11] ()
HKLM-x32\...\Run: [win_en_77] => C:\Program Files (x86)\win_en_77\win_en_77.exe [3992792 2016-03-10] ()
HKLM-x32\...\RunOnce: [CleanBrowserInstaller] => C:\Program Files (x86)\CleanBrowser\uninstall.exe [240640 2016-03-01] ()
HKLM-x32\...\RunOnce: [upmpck_en_005030264.exe] => C:\Users\Claudemir\AppData\Local\mpck_en_005030264\upmpck_en_005030264.exe [3154608 2016-03-11] ()
HKLM-x32\...\runonceex: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [835288 2014-08-13] (BlueStack Systems, Inc.)
HKLM\...\Winlogon: [Userinit] wscript C:\Windows\run.vbs,
HKLM-x32\...\Winlogon: [Userinit] wscript C:\Windows\run.vbs, [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\Run: [uTorrent] => C:\Users\Claudemir\AppData\Roaming\uTorrent\uTorrent.exe [2094080 2016-03-07] (BitTorrent Inc.)
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\Run: [ares] => C:\Program Files (x86)\Ares\Ares.exe [1425408 2015-11-26] (Seekar Ltd)
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\Run: [GoogleChromeAutoLaunch_9872A36F81A7AA7CBE4CEA3EFE225285] => C:\Users\Claudemir\AppData\Local\Chromium\Application\chrome.exe [667136 2015-08-11] (The Chromium Authors)
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2425632 2014-11-07] (IObit)
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\Run: [-] => C:\ProgramData\msdtc.exe [2439168 2015-12-31] ()
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\Run: [GoogleChromeAutoLaunch_4DD60367589B612D58D79E2A2B2B19AC] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [741704 2015-12-11] (Google Inc.)
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\Run: [taskhost] => rundll32.exe C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll Start /DEFAULT
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\Run: [Pritc] => c:\programdata\windows update\tmp\msdtc-.exe [2980352 2016-01-08] (VLOME)
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\Run: [msiql] => C:\ProgramData\msiql.exe [2415616 2016-01-26] ()
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil64_20_0_0_228_ActiveX.exe [878784 2015-12-24] (Adobe Systems Incorporated)
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1991600 2015-10-22] (YTDownloader)
HKU\S-1-5-18\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro3\JSDriver\1.42.1.10643\jsdrv.exe [2720256 2016-02-18] ()
HKU\S-1-5-18\...\Run: [Pritc] => C:\Windows\TEMP\is-H4ASA.tmp\print.exe [2960896 2016-03-03] (VLOME) <===== ATENÇÃO
HKU\S-1-5-18\...\Run: [msiql] => c:\programdata\msiql.exe [2415616 2016-01-26] ()
AppInit_DLLs-x32: C:\PROGRA~3\{87FF6~1\235~1.56\nore.dll => C:\ProgramData\{87FF6F3C-D77D-BEBA-66FB-CE38B6791DB6}\2.3.5.56\nore.dll [1111040 2016-02-18] ()
ShellExecuteHooks: - {7AD1C0F5-07A2-40E5-8608-C6EAA0FF362F} - C:\Users\Claudemir\AppData\Roaming\Microsoft\Windows\Cookies\x64explassist.dll [911448 2015-12-22] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-11-29]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
AutoConfigURL: [S-1-5-21-1295429606-633391922-1787662347-1000] => hxxp://unstopp.me/wpad.dat?79218474293edc4b4574cfc2a1dc021a3117179
Winsock: Catalog5 08 C:\ProgramData\System32\SafeGuard32.dll Nenhum Arquivo
Winsock: Catalog5-x64 08 C:\ProgramData\System32\SafeGuard64.dll [3587000 2015-12-30] ()
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0852FC53-3381-4DE7-9595-1423AABA15F5}: [NameServer] 82.163.143.189,82.163.142.189
Tcpip\..\Interfaces\{0852FC53-3381-4DE7-9595-1423AABA15F5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5DE6053F-F709-4095-A390-D8C29E8FEA92}: [DhcpNameServer] 192.168.0.1
ManualProxies:
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.navegaki.com?q={searchTerms}&uid={173ce13d5ca64f45915eece986de8c42}&r=eg
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yeabests.cc/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yeabests.cc/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.navegaki.com?q={searchTerms}&uid={173ce13d5ca64f45915eece986de8c42}&r=eg
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://nav.brotstation.com?uid={173ce13d5ca64f45915eece986de8c42}&r=eg
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.navegaki.com?q={searchTerms}&uid={173ce13d5ca64f45915eece986de8c42}&r=eg
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.navegaki.com?q={searchTerms}&uid={173ce13d5ca64f45915eece986de8c42}&r=eg
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://nav.brotstation.com?uid={173ce13d5ca64f45915eece986de8c42}&r=eg
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yeabests.cc/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ4NUV8UR1AUbV8BVFxcFQYXcRQBVglCDAETeVtaBFpBRVMRIh9aFQQTSEcFME0FCFwEURNNfWpdAEsSSWJKLl1XFmsUUkBPNEo=&q={searchTerms}
SearchScopes: HKLM -> OldSearch URL = hxxp://www.palikan.com/results.php?f=4&q={searchTerms}&a=plk_nwmeddnld_15_53&cd=2XzuyEtN2Y1L1Qzu0EzztCtCtAtBtDyEtAzyyD0EzzyCzyyDtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyDtFtAtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StD0DzyyC0ByB0DtAtGyDtA0EzztG0FtA0AtCtGyD0BtDyEtGtB0ByBtByCyDtCzzyCyByEtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtAzy0E0ByBtDyEtG0F0F0D0FtGyEyEyDyEtG0Azyzy0EtG0CtCtBzytCyDyDzzyB0B0A0C2QtN0A0LzuyE&cr=1739905912&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ4NUV8UR1AUbV8BVFxcFQYXcRQBVglCDAETeVtaBFpBRVMRIh9aFQQTSEcFME0FCFwEURNNfWpdAEsSSWJKLl1XFmsUUkBPNEo=&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.navegaki.com?q={searchTerms}&uid={173ce13d5ca64f45915eece986de8c42}&r=eg
SearchScopes: HKLM-x32 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.navegaki.com?q={searchTerms}&uid={173ce13d5ca64f45915eece986de8c42}&r=eg
SearchScopes: HKU\.DEFAULT -> DefaultScope {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.navegaki.com?q={searchTerms}&uid={173ce13d5ca64f45915eece986de8c42}&r=eg
SearchScopes: HKU\.DEFAULT -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=vmn&id=mystarttb&v=5_5&ent=ch_5153&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.navegaki.com?q={searchTerms}&uid={173ce13d5ca64f45915eece986de8c42}&r=eg
SearchScopes: HKU\S-1-5-21-1295429606-633391922-1787662347-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ4NUV8UR1AUbV8BVFxcFQYXcRQBVglCDAETeVtaBFpBRVMRIh9aFQQTSEcFME0FCFwEURNNfWpdAEsSSWJKLl1XFmsUUkBPNEo=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1295429606-633391922-1787662347-1000 -> OldSearch URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dnldastr_15_48¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzztCtCtAtBtDyEtAzyyD0EzzyCzyyDtN0D0Tzu0StCyEtBzztN1L2XzutAtFtCyDtFtAtFtBtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyB0ByEyD0E0AtAyEtGtC0EyE0FtG0B0EyB0BtGtDtAtAtBtG0AtBtBzytD0C0E0A0DtB0DtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtAzy0E0ByBtDyEtG0F0F0D0FtGyEyEyDyEtG0Azyzy0EtG0CtCtBzytCyDyDzzyB0B0A0C2QtN0A0LzuyE%26cr%3D1932844731%26a%3Dwncy_dnldastr_15_48%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1295429606-633391922-1787662347-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ4NUV8UR1AUbV8BVFxcFQYXcRQBVglCDAETeVtaBFpBRVMRIh9aFQQTSEcFME0FCFwEURNNfWpdAEsSSWJKLl1XFmsUUkBPNEo=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1295429606-633391922-1787662347-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL =
SearchScopes: HKU\S-1-5-21-1295429606-633391922-1787662347-1000 -> {6586d803-df30-46d3-a89a-4136c8571d45} URL =
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro3\ShopperPro364.dll [2016-02-18] ()
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-12] (Oracle Corporation)
BHO-x32: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro3\ShopperPro3.dll [2016-02-18] ()
BHO-x32: Search Window Results -> {b278c3a7-9980-475f-9450-95df38c6dcd7} -> C:\Program Files (x86)\Search Window Results\Extensions\b278c3a7-9980-475f-9450-95df38c6dcd7.dll [2016-03-13] ()
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-12] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
Toolbar: HKLM - TextAloud Toolbar - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\Program Files (x86)\TextAloud\TAForIE64.dll [2015-12-07] (NextUp.com)
Toolbar: HKLM-x32 - TextAloud Toolbar - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\Program Files (x86)\TextAloud\TAForIE.dll [2015-12-07] (NextUp.com)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-08-28] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-17] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [{5e1bc830-4746-11e5-b970-0800200c9a66}] - C:\Program Files (x86)\TextAloud\TAForFirefox
FF Extension: TextAloud - C:\Program Files (x86)\TextAloud\TAForFirefox [2015-12-16]
Chrome:
=======
CHR HomePage: Default -> search.mpc.am
CHR StartupUrls: Default -> "search.mpc.am"
CHR DefaultSearchURL: Default -> hxxp://www.yessearches.com/chrome.php?q={searchTerms}&ts=AHEpAHMsBH0qB0..&uid=E869F5065975227C2A42351754EC1529&ptid=update&mode=nnnb
CHR DefaultSearchKeyword: Default -> www.yessearches.com
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR Profile: C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-29]
CHR Extension: (Google Docs) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-29]
CHR Extension: (Google Drive) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-29]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2016-01-03]
CHR Extension: (YouTube) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-29]
CHR Extension: (Adblock Plus) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-19]
CHR Extension: (Google Search) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-29]
CHR Extension: (Planilhas do Google) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-29]
CHR Extension: (uTorrent easy client) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfiejlelblhoaflnjajjjjkkgbeifpn [2015-11-29]
CHR Extension: (Documentos Google off-line) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-29]
CHR Extension: (AdBlock) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-19]
CHR Extension: (mysms - SMS from Computer) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkkehjnlfplmdnallbjjdnokolhblgb [2015-11-29]
CHR Extension: (Search Window Results) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikjfgcnikhcjcmineeagblgienekokna [2016-03-13] [UpdateUrl: hxxp://cdn.searchwindowresults.com/update] <==== ATENÇÃO
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-29]
CHR Extension: (Gmail) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-29]
CHR Extension: (scroll back to top) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmopfkbilpnoidiclofkppbgppapnjeh [2016-01-03]
CHR Extension: (Food Component) - C:\Users\Claudemir\AppData\Local\Food Component\Component [2016-03-12]
CHR HKLM\...\Chrome\Extension: [ljibkigjccbegnbeojkoafejpoiachej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1295429606-633391922-1787662347-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1295429606-633391922-1787662347-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ljibkigjccbegnbeojkoafejpoiachej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ijepgjdjkdbopbnaopmlmobimmhjklhd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ljibkigjccbegnbeojkoafejpoiachej] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Claudemir\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-02-29]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AdlqwpS; C:\ProgramData\UQqrgsa\AdlqwpS.exe [3000824 2015-12-24] (Irrational Number Applications)
R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 BrsHelper; C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe [112560 2015-10-22] ()
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [391168 2014-08-17] (BlueStack Systems, Inc.) [Arquivo não assinado]
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-08-13] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [777944 2014-08-13] (BlueStack Systems, Inc.)
S2 GoogleChromeUpService; C:\ProgramData\upgsvr.exe [1762304 2015-11-16] (TODO: <公司名>) [Arquivo não assinado]
S2 GoogleChromeUpSvc; C:\ProgramData\Windows Update\upgsvr--.exe [2786816 2015-12-27] (TODO: ) [Arquivo não assinado]
R2 gylojymezbt; C:\Program Files (x86)\2C0530A0-1456836757-11B2-8000-C1515901109B\knsyE65E.tmp [209920 2016-03-11] () [Arquivo não assinado]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2630432 2014-11-04] (IObit)
S2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [348640 2016-02-26] (DotC United Inc)
R2 rowugoqo; C:\Windows\SysWOW64\config\systemprofile\AppData\Local\2C0530A0-1456826178-11B2-8000-C1515901109B\snszE419.tmp [225792 2016-03-01] () [Arquivo não assinado]
S2 Service Mgr SearchWindowResults; C:\ProgramData\8f23bb0e-d21d-43d3-bd7b-a0fba15a3b5e\plugincontainer.exe [1412824 2016-03-13] () <==== ATENÇÃO
R2 SkypeUpdateEx; C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe [193456 2015-12-10] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro3\spbiu.exe [1220608 2016-02-18] () [Arquivo não assinado]
R2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [152256 2016-03-11] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
R2 TheCalendarService; C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarServ.exe [141960 2015-12-25] ()
R2 Update Mgr SearchWindowResults; C:\Program Files (x86)\Common Files\8f23bb0e-d21d-43d3-bd7b-a0fba15a3b5e\updater.exe [1269464 2016-03-13] () <==== ATENÇÃO
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WindowsSecurity; C:\ProgramData\Windows Security\winsecurity.exe [7244240 2016-03-07] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [4814336 1999-12-31] (Broadcom Corporation) [Arquivo não assinado]
R2 WNEn Monitor; c:\program files\WNEn\f83d4af839615b06867ba7f633b95f53.exe [2972160 2016-03-11] () [Arquivo não assinado]
R2 wucotusy; C:\Program Files (x86)\2C0530A0-1456836757-11B2-8000-C1515901109B\hnsdD9BD.tmp [416256 2016-03-01] () [Arquivo não assinado]
R2 XBox; C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\XBox\XBLive.exe [5359032 2016-02-20] (Microsoft Corporation)
R2 zigipyro; C:\Users\Claudemir\AppData\Local\2C0530A0-1457734033-11B2-8000-C1515901109B\qnsd22AF.tmp [158720 2015-12-26] () [Arquivo não assinado]
R2 zutuzuni; C:\Program Files (x86)\2C0530A0-1456836757-11B2-8000-C1515901109B\jnst2FC7.tmp [307712 2016-03-01] () [Arquivo não assinado]
S2 ginoquci; C:\Users\CLAUDE~1\AppData\Local\Temp\nsw971F.tmp [X]
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-08-13] (BlueStack Systems)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 egg_protect; C:\Windows\DelYAC_x64.sys [16984 2016-02-17] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [59112 2016-02-26] (DotC United Inc)
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2212496 2014-07-04] (MediaTek Inc.)
R2 sbmntr; C:\Program Files (x86)\YTDownloader\sbmntr.sys [58528 2015-10-22] (YTDownloader)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro3\spbiw.sys [43832 2016-02-18] ()
R2 SPDRIVER_1.42.1.10643; C:\Program Files (x86)\ShopperPro3\JSDriver\1.42.1.10643\jsdrv.sys [53048 2016-02-18] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2016-03-13] (SlimWare Utilities, Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-03-13 15:35 - 2016-03-13 15:37 - 00049989 _____ C:\Users\Claudemir\Downloads\Addition.txt
2016-03-13 15:34 - 2016-03-13 15:37 - 00033472 _____ C:\Users\Claudemir\Downloads\FRST.txt
2016-03-13 15:33 - 2016-03-13 15:37 - 00000000 ____D C:\FRST
2016-03-13 15:32 - 2016-03-13 15:32 - 02374144 _____ (Farbar) C:\Users\Claudemir\Downloads\FRST64.exe
2016-03-13 15:15 - 2016-03-13 15:16 - 00123904 ___SH C:\Users\Claudemir\Desktop\Thumbs.db
2016-03-13 15:13 - 2016-03-13 15:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-03-13 15:02 - 2016-03-13 15:14 - 00000000 ____D C:\Users\Todos os Usuários\8f23bb0e-d21d-43d3-bd7b-a0fba15a3b5e
2016-03-13 15:02 - 2016-03-13 15:14 - 00000000 ____D C:\ProgramData\8f23bb0e-d21d-43d3-bd7b-a0fba15a3b5e
2016-03-13 15:02 - 2016-03-13 15:02 - 00000000 ____D C:\Program Files (x86)\Search Window Results
2016-03-12 00:51 - 2016-03-12 00:51 - 00127488 _____ C:\Users\Claudemir\AppData\Roaming\Installer.dat
2016-03-12 00:51 - 2016-03-12 00:51 - 00011568 _____ C:\Users\Claudemir\AppData\Roaming\InstallationConfiguration.xml
2016-03-12 00:49 - 2016-03-12 00:49 - 00000000 ____D C:\Users\Todos os Usuários\WWdMW
2016-03-12 00:49 - 2016-03-12 00:49 - 00000000 ____D C:\ProgramData\WWdMW
2016-03-12 00:48 - 2016-03-12 00:49 - 00000000 ____D C:\Users\Claudemir\AppData\Roaming\mysites123
2016-03-12 00:48 - 2016-03-12 00:48 - 00000991 _____ C:\Users\Claudemir\Desktop\Hostify.lnk
2016-03-11 22:46 - 2016-03-13 15:16 - 00000000 ____D C:\Users\Claudemir\AppData\LocalLow\uTorrent
2016-03-11 22:13 - 2016-03-12 00:48 - 00000000 ____D C:\Program Files (x86)\win_en_77
2016-03-11 22:13 - 2016-03-11 22:13 - 00000000 ____D C:\Users\Claudemir\AppData\Local\win_en_77
2016-03-11 22:11 - 2016-03-13 15:18 - 00000000 ____D C:\Users\Claudemir\AppData\Local\mpck_en_005030264
2016-03-11 22:11 - 2016-03-11 22:41 - 00000292 _____ C:\Windows\Tasks\MAXDriverUpdater_UPDATES.job
2016-03-11 22:11 - 2016-03-11 22:11 - 00003050 _____ C:\Windows\System32\Tasks\MAXDriverUpdater_UPDATES
2016-03-11 22:11 - 2016-03-11 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBILEPCSTARTERKIT
2016-03-11 22:11 - 2016-03-11 22:11 - 00000000 ____D C:\Program Files (x86)\mpck_en_005030264
2016-03-11 22:10 - 2016-03-13 14:40 - 00003150 _____ C:\Windows\System32\Tasks\MAXDriverUpdaterRunAtStartup
2016-03-11 22:10 - 2016-03-12 00:49 - 00000074 _____ C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2016-03-11 22:10 - 2016-03-12 00:49 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2016-03-11 22:10 - 2016-03-11 22:12 - 00000000 ____D C:\Users\Todos os Usuários\DWdMD
2016-03-11 22:10 - 2016-03-11 22:12 - 00000000 ____D C:\ProgramData\DWdMD
2016-03-11 22:10 - 2016-03-11 22:11 - 00000000 ____D C:\Program Files (x86)\SFK
2016-03-11 22:10 - 2016-03-11 22:10 - 00001058 _____ C:\Users\Public\Desktop\Max Driver Updater.lnk
2016-03-11 22:10 - 2016-03-11 22:10 - 00000872 _____ C:\Users\Claudemir\Desktop\SpaceSoundPro.lnk
2016-03-11 22:10 - 2016-03-11 22:10 - 00000000 ____D C:\Users\Claudemir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpaceSoundPro 1.0
2016-03-11 22:10 - 2016-03-11 22:10 - 00000000 ____D C:\Users\Claudemir\AppData\Roaming\csdimedia
2016-03-11 22:10 - 2016-03-11 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Driver Updater
2016-03-11 22:09 - 2016-03-11 22:10 - 00000000 ____D C:\Users\Claudemir\AppData\Roaming\yoursearching
2016-03-11 22:09 - 2016-03-11 22:10 - 00000000 ____D C:\Users\Claudemir\AppData\Roaming\istartpageing
2016-03-11 22:07 - 2016-03-11 22:13 - 00000000 ____D C:\Program Files\SpaceSoundPro
2016-03-11 22:07 - 2016-03-11 22:13 - 00000000 ____D C:\Program Files (x86)\Max Driver Updater
2016-03-11 22:07 - 2016-03-11 22:07 - 00000000 ____D C:\Users\Claudemir\AppData\Local\2C0530A0-1457734033-11B2-8000-C1515901109B
2016-03-11 22:07 - 2016-03-11 22:07 - 00000000 _____ C:\Windows\SysWOW64\Number of results
2016-03-11 21:52 - 2016-03-11 21:55 - 00000000 ____D C:\Users\Claudemir\Desktop\Nova pasta
2016-03-11 21:46 - 2016-01-22 03:27 - 05573056 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-11 21:46 - 2016-01-22 03:27 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-11 21:46 - 2016-01-22 03:27 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-11 21:46 - 2016-01-22 03:24 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-11 21:46 - 2016-01-22 03:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-11 21:46 - 2016-01-22 03:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-11 21:46 - 2016-01-22 03:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-11 21:46 - 2016-01-22 03:20 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-11 21:46 - 2016-01-22 03:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-11 21:46 - 2016-01-22 03:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-11 21:46 - 2016-01-22 03:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-11 21:46 - 2016-01-22 03:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-11 21:46 - 2016-01-22 03:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-11 21:46 - 2016-01-22 03:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-11 21:46 - 2016-01-22 03:19 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-11 21:46 - 2016-01-22 03:19 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-11 21:46 - 2016-01-22 03:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-11 21:46 - 2016-01-22 03:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-03-11 21:46 - 2016-01-22 03:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-03-11 21:46 - 2016-01-22 03:18 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-11 21:46 - 2016-01-22 03:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-11 21:46 - 2016-01-22 03:17 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-11 21:46 - 2016-01-22 03:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-03-11 21:46 - 2016-01-22 03:16 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-11 21:46 - 2016-01-22 03:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-11 21:46 - 2016-01-22 03:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-11 21:46 - 2016-01-22 03:15 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-11 21:46 - 2016-01-22 03:15 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-11 21:46 - 2016-01-22 03:15 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-11 21:46 - 2016-01-22 03:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-11 21:46 - 2016-01-22 03:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-11 21:46 - 2016-01-22 03:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-11 21:46 - 2016-01-22 03:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-11 21:46 - 2016-01-22 03:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:09 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-11 21:46 - 2016-01-22 03:06 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-11 21:46 - 2016-01-22 03:06 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-11 21:46 - 2016-01-22 03:06 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-11 21:46 - 2016-01-22 03:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-11 21:46 - 2016-01-22 03:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-11 21:46 - 2016-01-22 03:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-11 21:46 - 2016-01-22 03:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-11 21:46 - 2016-01-22 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-11 21:46 - 2016-01-22 03:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-11 21:46 - 2016-01-22 03:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-11 21:46 - 2016-01-22 03:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-03-11 21:46 - 2016-01-22 03:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-03-11 21:46 - 2016-01-22 03:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-11 21:46 - 2016-01-22 03:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-11 21:46 - 2016-01-22 03:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-11 21:46 - 2016-01-22 03:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-03-11 21:46 - 2016-01-22 03:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-11 21:46 - 2016-01-22 03:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-03-11 21:46 - 2016-01-22 03:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-11 21:46 - 2016-01-22 02:07 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-11 21:46 - 2016-01-22 02:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-11 21:46 - 2016-01-22 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-11 21:46 - 2016-01-22 01:59 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-11 21:46 - 2016-01-22 01:58 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-11 21:46 - 2016-01-22 01:58 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-11 21:46 - 2016-01-22 01:57 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-11 21:46 - 2016-01-22 01:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-11 21:46 - 2016-01-22 01:53 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-11 21:46 - 2016-01-22 01:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-11 21:46 - 2016-01-22 01:53 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-11 21:46 - 2016-01-22 01:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-11 21:46 - 2016-01-22 01:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-11 21:46 - 2016-01-22 01:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 01:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 01:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 01:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-11 21:41 - 2016-03-13 14:44 - 00001739 ____R C:\Users\Claudemir\Desktop\Yeabeats Browser.lnk
2016-03-11 21:34 - 2016-03-11 21:35 - 00000000 ____D C:\Program Files\WNEn
2016-03-11 21:34 - 2009-07-13 22:47 - 00070224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ref.dat
2016-03-06 16:47 - 2015-11-13 20:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-03-06 16:47 - 2015-11-13 20:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-03-06 16:47 - 2015-11-13 20:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-03-06 16:47 - 2015-11-13 19:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-03-06 16:47 - 2015-11-13 19:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-03-06 16:47 - 2015-11-13 19:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-03-06 16:41 - 2015-12-08 18:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-03-06 16:41 - 2015-12-08 16:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-03-04 21:44 - 2016-03-04 21:45 - 00077640 _____ C:\Users\Claudemir\Downloads\Fatura por Email Telefonica.zip
2016-03-01 10:50 - 2016-03-01 10:50 - 00001058 _____ C:\Windows\run.vbs
2016-03-01 10:22 - 2016-03-12 00:48 - 00000000 ____D C:\Program Files (x86)\Hostify
2016-03-01 10:20 - 2016-03-07 09:47 - 00000000 ____D C:\Program Files (x86)\CleanBrowser
2016-03-01 09:52 - 2016-03-11 21:29 - 00000000 ____D C:\Program Files (x86)\2C0530A0-1456836757-11B2-8000-C1515901109B
2016-03-01 09:47 - 2016-03-01 08:55 - 00940604 _____ C:\Users\Todos os Usuários\YSIns.exe
2016-03-01 09:47 - 2016-03-01 08:55 - 00940604 _____ C:\ProgramData\YSIns.exe
2016-02-29 14:55 - 2015-12-20 15:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-29 14:55 - 2015-12-20 15:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-29 14:55 - 2015-12-20 11:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-28 17:22 - 2016-01-07 14:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-28 16:56 - 2016-01-07 14:53 - 03211776 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-26 12:10 - 2016-02-26 12:10 - 00000000 ____D C:\Users\Todos os Usuários\6af4331c-1513-0
2016-02-26 12:10 - 2016-02-26 12:10 - 00000000 ____D C:\ProgramData\6af4331c-1513-0
2016-02-26 12:08 - 2016-02-26 12:08 - 00000000 ____D C:\Program Files (x86)\CalendarTool
2016-02-26 12:05 - 2016-02-26 12:05 - 00003730 _____ C:\Windows\System32\Tasks\DNS Monitoring
2016-02-26 12:03 - 2016-02-26 12:06 - 00000000 ____D C:\Program Files (x86)\AnyFlix
2016-02-26 12:03 - 2016-02-26 12:03 - 00022830 _____ C:\Windows\System32\Tasks\{7A0A0547-0F0B-0B0F-7811-7D040D0F110B}
2016-02-26 12:03 - 2016-02-26 12:03 - 00000000 ____D C:\Users\Todos os Usuários\6af4331c-4177-1
2016-02-26 12:03 - 2016-02-26 12:03 - 00000000 ____D C:\ProgramData\6af4331c-4177-1
2016-02-24 18:05 - 2016-02-24 06:18 - 01085440 _____ C:\Users\Todos os Usuários\delCalendarReg.exe
2016-02-24 18:05 - 2016-02-24 06:18 - 01085440 _____ C:\ProgramData\delCalendarReg.exe
2016-02-24 15:44 - 2016-02-19 15:30 - 05892175 _____ (MediaDownloader ) C:\Users\Public\Documents\MediaDownloader.exe
2016-02-24 15:30 - 2016-02-24 15:30 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Roaming\IObit
2016-02-24 15:30 - 2016-02-24 15:30 - 00000000 ____D C:\Users\Default\AppData\Roaming\IObit
2016-02-24 15:30 - 2016-02-24 15:30 - 00000000 ____D C:\Users\Default User\AppData\Roaming\IObit
2016-02-24 15:25 - 2016-02-24 15:25 - 44081152 _____ C:\Windows\system32\config\components.iodefrag
2016-02-23 08:47 - 2016-03-07 09:47 - 00000000 ____D C:\Users\Todos os Usuários\Windows Security
2016-02-23 08:47 - 2016-03-07 09:47 - 00000000 ____D C:\ProgramData\Windows Security
2016-02-22 22:44 - 2016-02-22 22:45 - 03536752 _____ C:\Users\Claudemir\Downloads\201602012_SU_SA_B5_2TUNER_1GB_SUPREMO (1).ssu
2016-02-22 22:16 - 2016-02-22 22:16 - 00000000 ____D C:\Users\Claudemir\AppData\Local\Foxit Reader
2016-02-22 22:10 - 2016-02-22 22:10 - 00000000 ____D C:\Windows\7
2016-02-22 22:08 - 2016-02-22 22:09 - 03536752 _____ C:\Users\Claudemir\Downloads\201602012_SU_SA_B5_2TUNER_1GB_SUPREMO.ssu
2016-02-22 21:48 - 2016-02-22 21:48 - 00471196 _____ C:\Users\Claudemir\Downloads\CINEBOX Quick Guide Ver.1.0 (1).pdf
2016-02-22 21:41 - 2016-02-22 21:41 - 00000000 ____D C:\WebShield
2016-02-19 15:32 - 2016-02-24 15:51 - 00003664 _____ C:\Windows\System32\Tasks\PFExe
2016-02-19 12:12 - 2016-02-19 12:12 - 00000104 _____ C:\Users\Claudemir\Desktop\Ajuda e Suporte - Atalho.lnk
2016-02-18 18:38 - 2016-03-05 18:22 - 00000000 ____D C:\Users\Claudemir\AppData\Local\Microsoft Games
2016-02-18 15:09 - 2016-02-18 15:10 - 00000000 ____D C:\Users\Claudemir\AppData\Local\BrowserHelper
2016-02-18 15:08 - 2016-02-18 15:08 - 00000000 ____D C:\Users\Todos os Usuários\ShopperPro3
2016-02-18 15:08 - 2016-02-18 15:08 - 00000000 ____D C:\Users\Public\Documents\ShopperPro3
2016-02-18 15:08 - 2016-02-18 15:08 - 00000000 ____D C:\ProgramData\ShopperPro3
2016-02-18 15:08 - 2016-02-18 15:08 - 00000000 ____D C:\Program Files\Common Files\ShopperPro3
2016-02-18 15:08 - 2016-02-18 15:08 - 00000000 ____D C:\Program Files (x86)\YTDownloader
2016-02-18 15:08 - 2016-02-18 15:08 - 00000000 ____D C:\Program Files (x86)\ShopperPro3
2016-02-18 15:06 - 2016-02-26 12:23 - 00000000 ____D C:\Program Files (x86)\Primary Color
2016-02-18 15:06 - 2016-02-18 15:06 - 00000000 ____D C:\Program Files (x86)\mystarttb
2016-02-18 15:04 - 2016-02-18 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WNEn
2016-02-18 13:07 - 2016-02-18 13:07 - 00001117 _____ C:\Users\Public\Desktop\DriverScanner.lnk
2016-02-18 13:07 - 2016-02-18 13:07 - 00000228 _____ C:\Windows\Tasks\dsmonitor.job
2016-02-18 13:07 - 2016-02-18 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
2016-02-18 13:07 - 2016-02-18 13:07 - 00000000 ____D C:\Program Files (x86)\Uniblue
2016-02-18 13:04 - 2016-02-18 13:04 - 00000000 ____D C:\Users\Todos os Usuários\WebShield
2016-02-18 13:04 - 2016-02-18 13:04 - 00000000 ____D C:\ProgramData\WebShield
2016-02-18 12:51 - 2016-02-18 12:51 - 00000000 ____D C:\Program Files (x86)\OLBPre
2016-02-18 12:50 - 2016-02-24 15:43 - 00000000 ____D C:\Program Files (x86)\MixVideoPlayer
2016-02-17 14:51 - 2016-03-13 15:13 - 00000000 ____D C:\Program Files (x86)\SkypeUpdateEx
2016-02-17 14:51 - 2016-02-17 14:51 - 00016984 _____ C:\Windows\DelYAC_x64.sys
2016-02-17 14:48 - 2016-02-17 14:48 - 00001631 ____R C:\Yeabeats Browser.lnk
2016-02-17 14:45 - 2015-11-25 14:31 - 01100288 _____ C:\Users\Todos os Usuários\HomePage.exe
2016-02-17 14:45 - 2015-11-25 14:31 - 01100288 _____ C:\ProgramData\HomePage.exe
2016-02-17 14:37 - 2016-03-13 15:16 - 00000000 ____D C:\Users\Claudemir\AppData\Roaming\CalendarTool
2016-02-17 14:34 - 2016-02-17 14:34 - 00000000 ____D C:\Users\Public\Documents\Guid
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-03-13 15:36 - 2015-11-29 16:05 - 00000000 ____D C:\Users\Claudemir\AppData\Roaming\uTorrent
2016-03-13 15:32 - 2016-01-27 10:08 - 00000000 ____D C:\Users\Claudemir\AppData\Local\WebShield
2016-03-13 15:15 - 2015-11-29 13:33 - 00002852 _____ C:\Windows\System32\Tasks\SlimDrivers Startup
2016-03-13 15:15 - 2015-11-29 13:33 - 00000418 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2016-03-13 15:13 - 2016-01-27 10:11 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-03-13 15:13 - 2016-01-27 10:11 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-03-13 15:13 - 2016-01-27 10:11 - 00000000 ____D C:\Program Files (x86)\osTip
2016-03-13 15:13 - 2016-01-26 11:39 - 00016056 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2016-03-13 15:13 - 2016-01-26 11:37 - 00001729 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk
2016-03-13 15:13 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-03-13 15:12 - 2015-11-29 14:55 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-13 15:12 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-13 15:03 - 2015-11-29 18:26 - 00000000 ____D C:\Users\Claudemir\AppData\Local\Chromium
2016-03-13 15:02 - 2015-11-29 12:58 - 00000000 ____D C:\Users\Claudemir
2016-03-13 14:50 - 2015-11-29 14:55 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-13 14:44 - 2015-11-29 18:40 - 00001222 ____R C:\Users\Claudemir\Desktop\Opera.lnk
2016-03-13 14:43 - 2015-12-24 18:43 - 00000000 ____D C:\Users\Claudemir\AppData\Roaming\LightGate
2016-03-12 00:52 - 2009-07-14 01:45 - 00020368 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-12 00:52 - 2009-07-14 01:45 - 00020368 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-12 00:48 - 2015-11-29 18:40 - 00001460 _____ C:\Users\Claudemir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-03-11 22:48 - 2010-11-21 06:37 - 00707046 _____ C:\Windows\system32\prfh0416.dat
2016-03-11 22:48 - 2010-11-21 06:37 - 00148384 _____ C:\Windows\system32\prfc0416.dat
2016-03-11 22:48 - 2009-07-14 02:13 - 01639248 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-11 22:45 - 2016-01-01 19:00 - 00001389 _____ C:\Users\Claudemir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-03-11 22:14 - 2015-11-29 15:12 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-03-11 22:14 - 2015-11-29 15:12 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-11 21:34 - 2015-12-07 13:54 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2016-03-11 21:34 - 2015-12-07 13:54 - 00000000 ____D C:\ProgramData\ProductData
2016-03-11 21:32 - 2015-11-29 14:43 - 00000374 _____ C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Claudemir).job
2016-03-11 21:27 - 2016-01-06 09:35 - 00000966 _____ C:\Users\Todos os Usuários\xcgui_debug.txt
2016-03-11 21:27 - 2016-01-06 09:35 - 00000966 _____ C:\ProgramData\xcgui_debug.txt
2016-03-10 19:07 - 2015-12-07 13:53 - 00002181 _____ C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2016-03-07 09:47 - 2016-01-05 10:46 - 00000000 ____D C:\Windows\19
2016-03-06 16:52 - 2009-07-14 01:45 - 04990120 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-06 15:51 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2016-02-29 16:00 - 2015-11-29 18:19 - 00000000 ____D C:\Users\Claudemir\Desktop\My Shared Folder
2016-02-27 21:46 - 2016-01-03 15:46 - 00000000 ____D C:\Users\Claudemir\AppData\LocalLow\Adblock Plus for IE
2016-02-26 10:10 - 2015-12-30 09:29 - 00059112 _____ (DotC United Inc) C:\Windows\system32\Drivers\MPCKpt.sys
2016-02-24 17:45 - 2016-01-27 10:35 - 00010365 _____ C:\Users\Todos os Usuários\webad.xml
2016-02-24 17:45 - 2016-01-27 10:35 - 00010365 _____ C:\ProgramData\webad.xml
2016-02-24 15:25 - 2016-01-26 11:36 - 44081152 _____ C:\Windows\system32\config\components.iodefrag.bak
2016-02-22 22:13 - 2016-01-04 22:03 - 00000000 ____D C:\Users\Claudemir\AppData\Roaming\Foxit Software
2016-02-19 15:08 - 2015-11-29 13:42 - 00000000 ____D C:\Intel
2016-02-19 10:06 - 2016-01-01 18:52 - 00000000 ____D C:\Users\Todos os Usuários\{87FF6F3C-D77D-BEBA-66FB-CE38B6791DB6}
2016-02-19 10:06 - 2016-01-01 18:52 - 00000000 ____D C:\ProgramData\{87FF6F3C-D77D-BEBA-66FB-CE38B6791DB6}
2016-02-18 18:55 - 2016-01-01 18:52 - 00004188 _____ C:\Windows\System32\Tasks\Palikan nore
2016-02-18 12:59 - 2015-12-25 10:27 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-02-17 14:45 - 2015-11-29 14:55 - 00004066 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-17 14:45 - 2015-11-29 14:55 - 00003814 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-17 14:34 - 2015-12-27 18:32 - 00000000 ____D C:\Users\Todos os Usuários\Windows Update
2016-02-17 14:34 - 2015-12-27 18:32 - 00000000 ____D C:\ProgramData\Windows Update
2016-02-17 14:22 - 2015-12-25 23:28 - 00000000 ____D C:\Users\Todos os Usuários\System32
2016-02-17 14:22 - 2015-12-25 23:28 - 00000000 ____D C:\ProgramData\System32
==================== Arquivos na raiz de alguns diretórios =======
2007-10-04 11:00 - 2007-10-04 11:00 - 0003134 __RSH () C:\Program Files (x86)\Common Files\Logo.ico
2015-12-24 18:38 - 2015-12-24 18:37 - 2983664 _____ () C:\Users\Claudemir\AppData\Roaming\72e50f4790c3.exe
2015-12-24 18:35 - 2015-12-24 14:56 - 1888256 _____ () C:\Users\Claudemir\AppData\Roaming\carssn.exe
2015-12-24 19:11 - 2015-12-24 14:56 - 1888256 _____ () C:\Users\Claudemir\AppData\Roaming\carssn.exe.1
2015-12-24 18:39 - 2015-12-10 07:39 - 1015808 _____ (d) C:\Users\Claudemir\AppData\Roaming\download.exe
2016-03-12 00:51 - 2016-03-12 00:51 - 0011568 _____ () C:\Users\Claudemir\AppData\Roaming\InstallationConfiguration.xml
2016-03-12 00:51 - 2016-03-12 00:51 - 0127488 _____ () C:\Users\Claudemir\AppData\Roaming\Installer.dat
2015-12-24 18:37 - 2015-12-23 06:13 - 4524576 _____ (${COMPANY_NAME}) C:\Users\Claudemir\AppData\Roaming\Setup.exe
2015-12-25 21:31 - 2015-12-25 06:18 - 4540096 _____ (${COMPANY_NAME}) C:\Users\Claudemir\AppData\Roaming\setup.exe@ver=1.0.0.0
2015-12-24 18:34 - 2015-11-16 07:01 - 1762304 _____ (TODO: <公司名>) C:\Users\Claudemir\AppData\Roaming\upgsvr.exe
2015-11-29 19:11 - 2016-01-01 19:52 - 0000204 _____ () C:\Users\Claudemir\AppData\Roaming\WB.CFG
2015-12-24 18:37 - 2015-12-27 18:13 - 0000969 _____ () C:\Users\Claudemir\AppData\Roaming\webad.xml
2015-12-24 19:00 - 2015-12-27 18:52 - 0000644 _____ () C:\Users\Claudemir\AppData\Roaming\xcgui_debug.txt
2015-12-24 18:36 - 2015-11-14 20:06 - 2496403 _____ ( ) C:\Users\Claudemir\AppData\Roaming\yeaplayer_51447.exe
2015-12-22 20:34 - 2016-01-04 10:19 - 0001456 _____ () C:\Users\Claudemir\AppData\Local\Adobe Save for Web 12.0 Prefs
2015-12-25 22:27 - 2015-12-25 15:10 - 1888256 _____ () C:\ProgramData\ajkejjakdf.exe
2015-12-24 18:43 - 2015-12-24 14:56 - 1888256 _____ () C:\ProgramData\carssc.exe
2016-02-24 18:05 - 2016-02-24 06:18 - 1085440 _____ () C:\ProgramData\delCalendarReg.exe
2015-11-29 15:28 - 2015-11-29 15:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-02-17 14:45 - 2015-11-25 14:31 - 1100288 _____ () C:\ProgramData\HomePage.exe
2015-12-24 18:48 - 2015-12-04 12:14 - 1081344 _____ () C:\ProgramData\LightGate.exe
2015-12-30 09:35 - 2015-12-31 15:10 - 2439168 _____ () C:\ProgramData\msdtc.exe
2016-01-27 10:30 - 2016-01-26 11:54 - 2415616 _____ () C:\ProgramData\msiql.exe
2015-12-30 09:19 - 2015-12-30 09:19 - 1497744 _____ () C:\ProgramData\setup_165ef86caa33483680aa68b7d179f62d.exe
2015-12-24 18:34 - 2015-11-16 07:01 - 1762304 _____ (TODO: <公司名>) C:\ProgramData\upgsvr.exe
2016-01-27 10:35 - 2016-02-24 17:45 - 0010365 _____ () C:\ProgramData\webad.xml
2016-01-06 09:35 - 2016-03-11 21:27 - 0000966 _____ () C:\ProgramData\xcgui_debug.txt
2015-12-24 18:51 - 2015-12-10 15:43 - 0600312 _____ () C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
2016-03-01 09:47 - 2016-03-01 08:55 - 0940604 _____ () C:\ProgramData\YSIns.exe
2016-03-11 22:10 - 2016-03-12 00:49 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Arquivos para serem movidos ou deletados:
====================
C:\Windows\TEMP\is-H4ASA.tmp\print.exe
C:\ProgramData\ajkejjakdf.exe
C:\ProgramData\carssc.exe
C:\ProgramData\delCalendarReg.exe
C:\ProgramData\HomePage.exe
C:\ProgramData\LightGate.exe
C:\ProgramData\msdtc.exe
C:\ProgramData\msiql.exe
C:\ProgramData\setup_165ef86caa33483680aa68b7d179f62d.exe
C:\ProgramData\upgsvr.exe
C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
C:\ProgramData\YSIns.exe
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Todos os Usuários\ajkejjakdf.exe
C:\Users\Todos os Usuários\carssc.exe
C:\Users\Todos os Usuários\delCalendarReg.exe
C:\Users\Todos os Usuários\HomePage.exe
C:\Users\Todos os Usuários\LightGate.exe
C:\Users\Todos os Usuários\msdtc.exe
C:\Users\Todos os Usuários\msiql.exe
C:\Users\Todos os Usuários\setup_165ef86caa33483680aa68b7d179f62d.exe
C:\Users\Todos os Usuários\upgsvr.exe
C:\Users\Todos os Usuários\YeaPlayer_br_IBD_Bundle.exe
C:\Users\Todos os Usuários\YSIns.exe
C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Alguns arquivos em TEMP:
====================
C:\Users\Claudemir\AppData\Local\Temp\168c-8a93-463c-0ed5.exe
C:\Users\Claudemir\AppData\Local\Temp\526d-a472-04f4-defc.exe
C:\Users\Claudemir\AppData\Local\Temp\7a3d-bf35-4318-8e3e.exe
C:\Users\Claudemir\AppData\Local\Temp\b112-c75a-83f4-b7ab.exe
C:\Users\Claudemir\AppData\Local\Temp\B7MCXSJ70M.exe
C:\Users\Claudemir\AppData\Local\Temp\CV26II08GE.exe
C:\Users\Claudemir\AppData\Local\Temp\fb88-deba-2bd0-a8db.exe
C:\Users\Claudemir\AppData\Local\Temp\FBCC.tmp.exe
C:\Users\Claudemir\AppData\Local\Temp\hib420E.exe
C:\Users\Claudemir\AppData\Local\Temp\hib8FD0.exe
C:\Users\Claudemir\AppData\Local\Temp\hibD91F.exe
C:\Users\Claudemir\AppData\Local\Temp\hibE7DE.exe
C:\Users\Claudemir\AppData\Local\Temp\HPPZ43O2RT.exe
C:\Users\Claudemir\AppData\Local\Temp\setup_781.exe
C:\Users\Claudemir\AppData\Local\Temp\setup_ra.exe
C:\Users\Claudemir\AppData\Local\Temp\tmpC274.tmp.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2015-12-16 11:02
==================== Fim de FRST.txt ============================
Executado por Claudemir (administrador) em CLAUDEMIR-PC (13-03-2016 15:37:53)
Executando a partir de C:\Users\Claudemir\Downloads
Perfis Carregados: Claudemir (Perfis Disponíveis: Claudemir)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
() C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\2C0530A0-1456836757-11B2-8000-C1515901109B\knsyE65E.tmp
() C:\Windows\SysWOW64\config\systemprofile\AppData\Local\2C0530A0-1456826178-11B2-8000-C1515901109B\snszE419.tmp
() C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe
() C:\Program Files\Common Files\ShopperPro3\spbiu.exe
() C:\Program Files (x86)\SFK\SSFK.exe
() C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarServ.exe
(Microsoft Corporation) C:\ProgramData\Windows Security\winsecurity.exe
() C:\Program Files (x86)\CalendarTool\2.0.0.11189\calendar.exe
() C:\Program Files\WNEn\f83d4af839615b06867ba7f633b95f53.exe
() C:\Program Files (x86)\2C0530A0-1456836757-11B2-8000-C1515901109B\hnsdD9BD.tmp
(Microsoft Corporation) C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\XBox\XBLive.exe
() C:\Users\Claudemir\AppData\Local\2C0530A0-1457734033-11B2-8000-C1515901109B\qnsd22AF.tmp
() C:\Program Files (x86)\2C0530A0-1456836757-11B2-8000-C1515901109B\jnst2FC7.tmp
(Irrational Number Applications) C:\ProgramData\UQqrgsa\AdlqwpS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(VLOME) C:\Windows\Temp\is-H4ASA.tmp\print.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe
() C:\Program Files\WNEn\748f455174805346d8a21536e3d2fae6.exe
() C:\Program Files\WNEn\f83d4af839615b06867ba7f633b95f53.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe
() C:\Users\Claudemir\AppData\Local\mpck_en_005030264\upmpck_en_005030264.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(BitTorrent Inc.) C:\Users\Claudemir\AppData\Roaming\uTorrent\uTorrent.exe
(Seekar Ltd) C:\Program Files (x86)\Ares\Ares.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
() C:\ProgramData\msiql.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BitTorrent Inc.) C:\Users\Claudemir\AppData\Roaming\uTorrent\updates\3.4.5_41865\utorrentie.exe
(BitTorrent Inc.) C:\Users\Claudemir\AppData\Roaming\uTorrent\updates\3.4.5_41865\utorrentie.exe
(BitTorrent Inc.) C:\Users\Claudemir\AppData\Roaming\uTorrent\updates\3.4.5_41865\utorrentie.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Windows\SysWOW64\config\systemprofile\AppData\Local\2C0530A0-1456826178-11B2-8000-C1515901109B\pnszE41C.exe
() C:\Windows\SysWOW64\config\systemprofile\AppData\Local\2C0530A0-1456826178-11B2-8000-C1515901109B\onszE41B.tmp
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(YTDownloader) C:\Program Files (x86)\YTDownloader\YTDownloader.exe
() C:\Program Files (x86)\ShopperPro3\JSDriver\1.42.1.10643\jsdrv.exe
() C:\Program Files (x86)\mpck_en_005030264\mpck_en_005030264.exe
() C:\Program Files (x86)\win_en_77\win_en_77.exe
() C:\Program Files (x86)\win_en_77\win_en_77.exe
(Goobzo) C:\Program Files (x86)\YTDownloader\BrowserHelper.exe
() C:\Program Files (x86)\mpck_en_005030264\mpck_en_005030264.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(The Chromium Authors) C:\Users\Claudemir\AppData\Local\Chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Claudemir\AppData\Local\Chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Claudemir\AppData\Local\Chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Claudemir\AppData\Local\Chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Claudemir\AppData\Local\Chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Claudemir\AppData\Local\Chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Claudemir\AppData\Local\Chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Claudemir\AppData\Local\Chromium\Application\chrome.exe
() C:\Program Files (x86)\win_en_77\win_en_77.exe
() C:\Program Files (x86)\mpck_en_005030264\mpck_en_005030264.exe
(The Chromium Authors) C:\Users\Claudemir\AppData\Local\Chromium\Application\chrome.exe
() C:\Program Files (x86)\Common Files\8f23bb0e-d21d-43d3-bd7b-a0fba15a3b5e\Updater.exe
() C:\Program Files (x86)\win_en_77\win_en_77.exe
() C:\Program Files (x86)\mpck_en_005030264\mpck_en_005030264.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [5392896 1999-12-31] (Broadcom Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13874392 1999-12-31] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [IDSCPRODUCT] => C:\Program Files (x86)\Hostify\\idscservice.exe [53760 2016-03-12] ()
HKLM\...\Run: [SpaceSoundPro] => C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe [4203520 2015-08-03] (Space Sound Pro)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [LightGate] => C:\ProgramData\LightGate.exe [1081344 2015-12-04] ()
HKLM-x32\...\Run: [HomePageHelper] => C:\ProgramData\HomePage.exe [1100288 2015-11-25] ()
HKLM-x32\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1991600 2015-10-22] (YTDownloader)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro3\JSDriver\1.42.1.10643\jsdrv.exe [2720256 2016-02-18] ()
HKLM-x32\...\Run: [mpck_en_005030264] => C:\Program Files (x86)\mpck_en_005030264\mpck_en_005030264.exe [3993776 2016-03-11] ()
HKLM-x32\...\Run: [win_en_77] => C:\Program Files (x86)\win_en_77\win_en_77.exe [3992792 2016-03-10] ()
HKLM-x32\...\RunOnce: [CleanBrowserInstaller] => C:\Program Files (x86)\CleanBrowser\uninstall.exe [240640 2016-03-01] ()
HKLM-x32\...\RunOnce: [upmpck_en_005030264.exe] => C:\Users\Claudemir\AppData\Local\mpck_en_005030264\upmpck_en_005030264.exe [3154608 2016-03-11] ()
HKLM-x32\...\runonceex: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [835288 2014-08-13] (BlueStack Systems, Inc.)
HKLM\...\Winlogon: [Userinit] wscript C:\Windows\run.vbs,
HKLM-x32\...\Winlogon: [Userinit] wscript C:\Windows\run.vbs, [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\Run: [uTorrent] => C:\Users\Claudemir\AppData\Roaming\uTorrent\uTorrent.exe [2094080 2016-03-07] (BitTorrent Inc.)
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\Run: [ares] => C:\Program Files (x86)\Ares\Ares.exe [1425408 2015-11-26] (Seekar Ltd)
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\Run: [GoogleChromeAutoLaunch_9872A36F81A7AA7CBE4CEA3EFE225285] => C:\Users\Claudemir\AppData\Local\Chromium\Application\chrome.exe [667136 2015-08-11] (The Chromium Authors)
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2425632 2014-11-07] (IObit)
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\Run: [-] => C:\ProgramData\msdtc.exe [2439168 2015-12-31] ()
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\Run: [GoogleChromeAutoLaunch_4DD60367589B612D58D79E2A2B2B19AC] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [741704 2015-12-11] (Google Inc.)
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\Run: [taskhost] => rundll32.exe C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll Start /DEFAULT
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\Run: [Pritc] => c:\programdata\windows update\tmp\msdtc-.exe [2980352 2016-01-08] (VLOME)
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\Run: [msiql] => C:\ProgramData\msiql.exe [2415616 2016-01-26] ()
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil64_20_0_0_228_ActiveX.exe [878784 2015-12-24] (Adobe Systems Incorporated)
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1991600 2015-10-22] (YTDownloader)
HKU\S-1-5-18\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro3\JSDriver\1.42.1.10643\jsdrv.exe [2720256 2016-02-18] ()
HKU\S-1-5-18\...\Run: [Pritc] => C:\Windows\TEMP\is-H4ASA.tmp\print.exe [2960896 2016-03-03] (VLOME) <===== ATENÇÃO
HKU\S-1-5-18\...\Run: [msiql] => c:\programdata\msiql.exe [2415616 2016-01-26] ()
AppInit_DLLs-x32: C:\PROGRA~3\{87FF6~1\235~1.56\nore.dll => C:\ProgramData\{87FF6F3C-D77D-BEBA-66FB-CE38B6791DB6}\2.3.5.56\nore.dll [1111040 2016-02-18] ()
ShellExecuteHooks: - {7AD1C0F5-07A2-40E5-8608-C6EAA0FF362F} - C:\Users\Claudemir\AppData\Roaming\Microsoft\Windows\Cookies\x64explassist.dll [911448 2015-12-22] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-11-29]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
AutoConfigURL: [S-1-5-21-1295429606-633391922-1787662347-1000] => hxxp://unstopp.me/wpad.dat?79218474293edc4b4574cfc2a1dc021a3117179
Winsock: Catalog5 08 C:\ProgramData\System32\SafeGuard32.dll Nenhum Arquivo
Winsock: Catalog5-x64 08 C:\ProgramData\System32\SafeGuard64.dll [3587000 2015-12-30] ()
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0852FC53-3381-4DE7-9595-1423AABA15F5}: [NameServer] 82.163.143.189,82.163.142.189
Tcpip\..\Interfaces\{0852FC53-3381-4DE7-9595-1423AABA15F5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5DE6053F-F709-4095-A390-D8C29E8FEA92}: [DhcpNameServer] 192.168.0.1
ManualProxies:
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.navegaki.com?q={searchTerms}&uid={173ce13d5ca64f45915eece986de8c42}&r=eg
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yeabests.cc/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yeabests.cc/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.navegaki.com?q={searchTerms}&uid={173ce13d5ca64f45915eece986de8c42}&r=eg
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://nav.brotstation.com?uid={173ce13d5ca64f45915eece986de8c42}&r=eg
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.navegaki.com?q={searchTerms}&uid={173ce13d5ca64f45915eece986de8c42}&r=eg
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.navegaki.com?q={searchTerms}&uid={173ce13d5ca64f45915eece986de8c42}&r=eg
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://nav.brotstation.com?uid={173ce13d5ca64f45915eece986de8c42}&r=eg
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKU\S-1-5-21-1295429606-633391922-1787662347-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yeabests.cc/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ4NUV8UR1AUbV8BVFxcFQYXcRQBVglCDAETeVtaBFpBRVMRIh9aFQQTSEcFME0FCFwEURNNfWpdAEsSSWJKLl1XFmsUUkBPNEo=&q={searchTerms}
SearchScopes: HKLM -> OldSearch URL = hxxp://www.palikan.com/results.php?f=4&q={searchTerms}&a=plk_nwmeddnld_15_53&cd=2XzuyEtN2Y1L1Qzu0EzztCtCtAtBtDyEtAzyyD0EzzyCzyyDtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyDtFtAtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StD0DzyyC0ByB0DtAtGyDtA0EzztG0FtA0AtCtGyD0BtDyEtGtB0ByBtByCyDtCzzyCyByEtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtAzy0E0ByBtDyEtG0F0F0D0FtGyEyEyDyEtG0Azyzy0EtG0CtCtBzytCyDyDzzyB0B0A0C2QtN0A0LzuyE&cr=1739905912&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ4NUV8UR1AUbV8BVFxcFQYXcRQBVglCDAETeVtaBFpBRVMRIh9aFQQTSEcFME0FCFwEURNNfWpdAEsSSWJKLl1XFmsUUkBPNEo=&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.navegaki.com?q={searchTerms}&uid={173ce13d5ca64f45915eece986de8c42}&r=eg
SearchScopes: HKLM-x32 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.navegaki.com?q={searchTerms}&uid={173ce13d5ca64f45915eece986de8c42}&r=eg
SearchScopes: HKU\.DEFAULT -> DefaultScope {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.navegaki.com?q={searchTerms}&uid={173ce13d5ca64f45915eece986de8c42}&r=eg
SearchScopes: HKU\.DEFAULT -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=vmn&id=mystarttb&v=5_5&ent=ch_5153&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.navegaki.com?q={searchTerms}&uid={173ce13d5ca64f45915eece986de8c42}&r=eg
SearchScopes: HKU\S-1-5-21-1295429606-633391922-1787662347-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ4NUV8UR1AUbV8BVFxcFQYXcRQBVglCDAETeVtaBFpBRVMRIh9aFQQTSEcFME0FCFwEURNNfWpdAEsSSWJKLl1XFmsUUkBPNEo=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1295429606-633391922-1787662347-1000 -> OldSearch URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dnldastr_15_48¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzztCtCtAtBtDyEtAzyyD0EzzyCzyyDtN0D0Tzu0StCyEtBzztN1L2XzutAtFtCyDtFtAtFtBtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyB0ByEyD0E0AtAyEtGtC0EyE0FtG0B0EyB0BtGtDtAtAtBtG0AtBtBzytD0C0E0A0DtB0DtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtAzy0E0ByBtDyEtG0F0F0D0FtGyEyEyDyEtG0Azyzy0EtG0CtCtBzytCyDyDzzyB0B0A0C2QtN0A0LzuyE%26cr%3D1932844731%26a%3Dwncy_dnldastr_15_48%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1295429606-633391922-1787662347-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ4NUV8UR1AUbV8BVFxcFQYXcRQBVglCDAETeVtaBFpBRVMRIh9aFQQTSEcFME0FCFwEURNNfWpdAEsSSWJKLl1XFmsUUkBPNEo=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1295429606-633391922-1787662347-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL =
SearchScopes: HKU\S-1-5-21-1295429606-633391922-1787662347-1000 -> {6586d803-df30-46d3-a89a-4136c8571d45} URL =
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro3\ShopperPro364.dll [2016-02-18] ()
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-12] (Oracle Corporation)
BHO-x32: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro3\ShopperPro3.dll [2016-02-18] ()
BHO-x32: Search Window Results -> {b278c3a7-9980-475f-9450-95df38c6dcd7} -> C:\Program Files (x86)\Search Window Results\Extensions\b278c3a7-9980-475f-9450-95df38c6dcd7.dll [2016-03-13] ()
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-12] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
Toolbar: HKLM - TextAloud Toolbar - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\Program Files (x86)\TextAloud\TAForIE64.dll [2015-12-07] (NextUp.com)
Toolbar: HKLM-x32 - TextAloud Toolbar - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\Program Files (x86)\TextAloud\TAForIE.dll [2015-12-07] (NextUp.com)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-08-28] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-17] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [{5e1bc830-4746-11e5-b970-0800200c9a66}] - C:\Program Files (x86)\TextAloud\TAForFirefox
FF Extension: TextAloud - C:\Program Files (x86)\TextAloud\TAForFirefox [2015-12-16]
Chrome:
=======
CHR HomePage: Default -> search.mpc.am
CHR StartupUrls: Default -> "search.mpc.am"
CHR DefaultSearchURL: Default -> hxxp://www.yessearches.com/chrome.php?q={searchTerms}&ts=AHEpAHMsBH0qB0..&uid=E869F5065975227C2A42351754EC1529&ptid=update&mode=nnnb
CHR DefaultSearchKeyword: Default -> www.yessearches.com
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR Profile: C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-29]
CHR Extension: (Google Docs) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-29]
CHR Extension: (Google Drive) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-29]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2016-01-03]
CHR Extension: (YouTube) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-29]
CHR Extension: (Adblock Plus) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-19]
CHR Extension: (Google Search) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-29]
CHR Extension: (Planilhas do Google) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-29]
CHR Extension: (uTorrent easy client) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfiejlelblhoaflnjajjjjkkgbeifpn [2015-11-29]
CHR Extension: (Documentos Google off-line) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-29]
CHR Extension: (AdBlock) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-19]
CHR Extension: (mysms - SMS from Computer) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkkehjnlfplmdnallbjjdnokolhblgb [2015-11-29]
CHR Extension: (Search Window Results) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikjfgcnikhcjcmineeagblgienekokna [2016-03-13] [UpdateUrl: hxxp://cdn.searchwindowresults.com/update] <==== ATENÇÃO
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-29]
CHR Extension: (Gmail) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-29]
CHR Extension: (scroll back to top) - C:\Users\Claudemir\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmopfkbilpnoidiclofkppbgppapnjeh [2016-01-03]
CHR Extension: (Food Component) - C:\Users\Claudemir\AppData\Local\Food Component\Component [2016-03-12]
CHR HKLM\...\Chrome\Extension: [ljibkigjccbegnbeojkoafejpoiachej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1295429606-633391922-1787662347-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1295429606-633391922-1787662347-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ljibkigjccbegnbeojkoafejpoiachej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ijepgjdjkdbopbnaopmlmobimmhjklhd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ljibkigjccbegnbeojkoafejpoiachej] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Claudemir\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-02-29]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AdlqwpS; C:\ProgramData\UQqrgsa\AdlqwpS.exe [3000824 2015-12-24] (Irrational Number Applications)
R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 BrsHelper; C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe [112560 2015-10-22] ()
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [391168 2014-08-17] (BlueStack Systems, Inc.) [Arquivo não assinado]
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-08-13] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [777944 2014-08-13] (BlueStack Systems, Inc.)
S2 GoogleChromeUpService; C:\ProgramData\upgsvr.exe [1762304 2015-11-16] (TODO: <公司名>) [Arquivo não assinado]
S2 GoogleChromeUpSvc; C:\ProgramData\Windows Update\upgsvr--.exe [2786816 2015-12-27] (TODO: ) [Arquivo não assinado]
R2 gylojymezbt; C:\Program Files (x86)\2C0530A0-1456836757-11B2-8000-C1515901109B\knsyE65E.tmp [209920 2016-03-11] () [Arquivo não assinado]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2630432 2014-11-04] (IObit)
S2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [348640 2016-02-26] (DotC United Inc)
R2 rowugoqo; C:\Windows\SysWOW64\config\systemprofile\AppData\Local\2C0530A0-1456826178-11B2-8000-C1515901109B\snszE419.tmp [225792 2016-03-01] () [Arquivo não assinado]
S2 Service Mgr SearchWindowResults; C:\ProgramData\8f23bb0e-d21d-43d3-bd7b-a0fba15a3b5e\plugincontainer.exe [1412824 2016-03-13] () <==== ATENÇÃO
R2 SkypeUpdateEx; C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe [193456 2015-12-10] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro3\spbiu.exe [1220608 2016-02-18] () [Arquivo não assinado]
R2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [152256 2016-03-11] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
R2 TheCalendarService; C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarServ.exe [141960 2015-12-25] ()
R2 Update Mgr SearchWindowResults; C:\Program Files (x86)\Common Files\8f23bb0e-d21d-43d3-bd7b-a0fba15a3b5e\updater.exe [1269464 2016-03-13] () <==== ATENÇÃO
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WindowsSecurity; C:\ProgramData\Windows Security\winsecurity.exe [7244240 2016-03-07] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [4814336 1999-12-31] (Broadcom Corporation) [Arquivo não assinado]
R2 WNEn Monitor; c:\program files\WNEn\f83d4af839615b06867ba7f633b95f53.exe [2972160 2016-03-11] () [Arquivo não assinado]
R2 wucotusy; C:\Program Files (x86)\2C0530A0-1456836757-11B2-8000-C1515901109B\hnsdD9BD.tmp [416256 2016-03-01] () [Arquivo não assinado]
R2 XBox; C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\XBox\XBLive.exe [5359032 2016-02-20] (Microsoft Corporation)
R2 zigipyro; C:\Users\Claudemir\AppData\Local\2C0530A0-1457734033-11B2-8000-C1515901109B\qnsd22AF.tmp [158720 2015-12-26] () [Arquivo não assinado]
R2 zutuzuni; C:\Program Files (x86)\2C0530A0-1456836757-11B2-8000-C1515901109B\jnst2FC7.tmp [307712 2016-03-01] () [Arquivo não assinado]
S2 ginoquci; C:\Users\CLAUDE~1\AppData\Local\Temp\nsw971F.tmp [X]
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-08-13] (BlueStack Systems)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 egg_protect; C:\Windows\DelYAC_x64.sys [16984 2016-02-17] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [59112 2016-02-26] (DotC United Inc)
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2212496 2014-07-04] (MediaTek Inc.)
R2 sbmntr; C:\Program Files (x86)\YTDownloader\sbmntr.sys [58528 2015-10-22] (YTDownloader)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro3\spbiw.sys [43832 2016-02-18] ()
R2 SPDRIVER_1.42.1.10643; C:\Program Files (x86)\ShopperPro3\JSDriver\1.42.1.10643\jsdrv.sys [53048 2016-02-18] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2016-03-13] (SlimWare Utilities, Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-03-13 15:35 - 2016-03-13 15:37 - 00049989 _____ C:\Users\Claudemir\Downloads\Addition.txt
2016-03-13 15:34 - 2016-03-13 15:37 - 00033472 _____ C:\Users\Claudemir\Downloads\FRST.txt
2016-03-13 15:33 - 2016-03-13 15:37 - 00000000 ____D C:\FRST
2016-03-13 15:32 - 2016-03-13 15:32 - 02374144 _____ (Farbar) C:\Users\Claudemir\Downloads\FRST64.exe
2016-03-13 15:15 - 2016-03-13 15:16 - 00123904 ___SH C:\Users\Claudemir\Desktop\Thumbs.db
2016-03-13 15:13 - 2016-03-13 15:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-03-13 15:02 - 2016-03-13 15:14 - 00000000 ____D C:\Users\Todos os Usuários\8f23bb0e-d21d-43d3-bd7b-a0fba15a3b5e
2016-03-13 15:02 - 2016-03-13 15:14 - 00000000 ____D C:\ProgramData\8f23bb0e-d21d-43d3-bd7b-a0fba15a3b5e
2016-03-13 15:02 - 2016-03-13 15:02 - 00000000 ____D C:\Program Files (x86)\Search Window Results
2016-03-12 00:51 - 2016-03-12 00:51 - 00127488 _____ C:\Users\Claudemir\AppData\Roaming\Installer.dat
2016-03-12 00:51 - 2016-03-12 00:51 - 00011568 _____ C:\Users\Claudemir\AppData\Roaming\InstallationConfiguration.xml
2016-03-12 00:49 - 2016-03-12 00:49 - 00000000 ____D C:\Users\Todos os Usuários\WWdMW
2016-03-12 00:49 - 2016-03-12 00:49 - 00000000 ____D C:\ProgramData\WWdMW
2016-03-12 00:48 - 2016-03-12 00:49 - 00000000 ____D C:\Users\Claudemir\AppData\Roaming\mysites123
2016-03-12 00:48 - 2016-03-12 00:48 - 00000991 _____ C:\Users\Claudemir\Desktop\Hostify.lnk
2016-03-11 22:46 - 2016-03-13 15:16 - 00000000 ____D C:\Users\Claudemir\AppData\LocalLow\uTorrent
2016-03-11 22:13 - 2016-03-12 00:48 - 00000000 ____D C:\Program Files (x86)\win_en_77
2016-03-11 22:13 - 2016-03-11 22:13 - 00000000 ____D C:\Users\Claudemir\AppData\Local\win_en_77
2016-03-11 22:11 - 2016-03-13 15:18 - 00000000 ____D C:\Users\Claudemir\AppData\Local\mpck_en_005030264
2016-03-11 22:11 - 2016-03-11 22:41 - 00000292 _____ C:\Windows\Tasks\MAXDriverUpdater_UPDATES.job
2016-03-11 22:11 - 2016-03-11 22:11 - 00003050 _____ C:\Windows\System32\Tasks\MAXDriverUpdater_UPDATES
2016-03-11 22:11 - 2016-03-11 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBILEPCSTARTERKIT
2016-03-11 22:11 - 2016-03-11 22:11 - 00000000 ____D C:\Program Files (x86)\mpck_en_005030264
2016-03-11 22:10 - 2016-03-13 14:40 - 00003150 _____ C:\Windows\System32\Tasks\MAXDriverUpdaterRunAtStartup
2016-03-11 22:10 - 2016-03-12 00:49 - 00000074 _____ C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2016-03-11 22:10 - 2016-03-12 00:49 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2016-03-11 22:10 - 2016-03-11 22:12 - 00000000 ____D C:\Users\Todos os Usuários\DWdMD
2016-03-11 22:10 - 2016-03-11 22:12 - 00000000 ____D C:\ProgramData\DWdMD
2016-03-11 22:10 - 2016-03-11 22:11 - 00000000 ____D C:\Program Files (x86)\SFK
2016-03-11 22:10 - 2016-03-11 22:10 - 00001058 _____ C:\Users\Public\Desktop\Max Driver Updater.lnk
2016-03-11 22:10 - 2016-03-11 22:10 - 00000872 _____ C:\Users\Claudemir\Desktop\SpaceSoundPro.lnk
2016-03-11 22:10 - 2016-03-11 22:10 - 00000000 ____D C:\Users\Claudemir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpaceSoundPro 1.0
2016-03-11 22:10 - 2016-03-11 22:10 - 00000000 ____D C:\Users\Claudemir\AppData\Roaming\csdimedia
2016-03-11 22:10 - 2016-03-11 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Driver Updater
2016-03-11 22:09 - 2016-03-11 22:10 - 00000000 ____D C:\Users\Claudemir\AppData\Roaming\yoursearching
2016-03-11 22:09 - 2016-03-11 22:10 - 00000000 ____D C:\Users\Claudemir\AppData\Roaming\istartpageing
2016-03-11 22:07 - 2016-03-11 22:13 - 00000000 ____D C:\Program Files\SpaceSoundPro
2016-03-11 22:07 - 2016-03-11 22:13 - 00000000 ____D C:\Program Files (x86)\Max Driver Updater
2016-03-11 22:07 - 2016-03-11 22:07 - 00000000 ____D C:\Users\Claudemir\AppData\Local\2C0530A0-1457734033-11B2-8000-C1515901109B
2016-03-11 22:07 - 2016-03-11 22:07 - 00000000 _____ C:\Windows\SysWOW64\Number of results
2016-03-11 21:52 - 2016-03-11 21:55 - 00000000 ____D C:\Users\Claudemir\Desktop\Nova pasta
2016-03-11 21:46 - 2016-01-22 03:27 - 05573056 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-11 21:46 - 2016-01-22 03:27 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-11 21:46 - 2016-01-22 03:27 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-11 21:46 - 2016-01-22 03:24 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-11 21:46 - 2016-01-22 03:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-11 21:46 - 2016-01-22 03:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-11 21:46 - 2016-01-22 03:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-11 21:46 - 2016-01-22 03:20 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-11 21:46 - 2016-01-22 03:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-11 21:46 - 2016-01-22 03:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-11 21:46 - 2016-01-22 03:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-11 21:46 - 2016-01-22 03:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-11 21:46 - 2016-01-22 03:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-11 21:46 - 2016-01-22 03:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-11 21:46 - 2016-01-22 03:19 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-11 21:46 - 2016-01-22 03:19 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-11 21:46 - 2016-01-22 03:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-11 21:46 - 2016-01-22 03:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-03-11 21:46 - 2016-01-22 03:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-03-11 21:46 - 2016-01-22 03:18 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-11 21:46 - 2016-01-22 03:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-11 21:46 - 2016-01-22 03:17 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-11 21:46 - 2016-01-22 03:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-03-11 21:46 - 2016-01-22 03:16 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-11 21:46 - 2016-01-22 03:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-11 21:46 - 2016-01-22 03:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-11 21:46 - 2016-01-22 03:15 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-11 21:46 - 2016-01-22 03:15 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-11 21:46 - 2016-01-22 03:15 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-11 21:46 - 2016-01-22 03:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-11 21:46 - 2016-01-22 03:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-11 21:46 - 2016-01-22 03:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-11 21:46 - 2016-01-22 03:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-11 21:46 - 2016-01-22 03:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 03:09 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-11 21:46 - 2016-01-22 03:06 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-11 21:46 - 2016-01-22 03:06 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-11 21:46 - 2016-01-22 03:06 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-11 21:46 - 2016-01-22 03:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-11 21:46 - 2016-01-22 03:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-11 21:46 - 2016-01-22 03:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-11 21:46 - 2016-01-22 03:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-11 21:46 - 2016-01-22 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-11 21:46 - 2016-01-22 03:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-11 21:46 - 2016-01-22 03:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-11 21:46 - 2016-01-22 03:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-03-11 21:46 - 2016-01-22 03:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-03-11 21:46 - 2016-01-22 03:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-11 21:46 - 2016-01-22 03:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-11 21:46 - 2016-01-22 03:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-11 21:46 - 2016-01-22 03:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-03-11 21:46 - 2016-01-22 03:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-11 21:46 - 2016-01-22 03:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-03-11 21:46 - 2016-01-22 03:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 02:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-11 21:46 - 2016-01-22 02:07 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-11 21:46 - 2016-01-22 02:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-11 21:46 - 2016-01-22 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-11 21:46 - 2016-01-22 01:59 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-11 21:46 - 2016-01-22 01:58 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-11 21:46 - 2016-01-22 01:58 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-11 21:46 - 2016-01-22 01:57 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-11 21:46 - 2016-01-22 01:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-11 21:46 - 2016-01-22 01:53 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-11 21:46 - 2016-01-22 01:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-11 21:46 - 2016-01-22 01:53 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-11 21:46 - 2016-01-22 01:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-11 21:46 - 2016-01-22 01:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-11 21:46 - 2016-01-22 01:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 01:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 01:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-11 21:46 - 2016-01-22 01:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-11 21:41 - 2016-03-13 14:44 - 00001739 ____R C:\Users\Claudemir\Desktop\Yeabeats Browser.lnk
2016-03-11 21:34 - 2016-03-11 21:35 - 00000000 ____D C:\Program Files\WNEn
2016-03-11 21:34 - 2009-07-13 22:47 - 00070224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ref.dat
2016-03-06 16:47 - 2015-11-13 20:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-03-06 16:47 - 2015-11-13 20:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-03-06 16:47 - 2015-11-13 20:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-03-06 16:47 - 2015-11-13 19:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-03-06 16:47 - 2015-11-13 19:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-03-06 16:47 - 2015-11-13 19:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-03-06 16:41 - 2015-12-08 18:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-03-06 16:41 - 2015-12-08 16:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-03-04 21:44 - 2016-03-04 21:45 - 00077640 _____ C:\Users\Claudemir\Downloads\Fatura por Email Telefonica.zip
2016-03-01 10:50 - 2016-03-01 10:50 - 00001058 _____ C:\Windows\run.vbs
2016-03-01 10:22 - 2016-03-12 00:48 - 00000000 ____D C:\Program Files (x86)\Hostify
2016-03-01 10:20 - 2016-03-07 09:47 - 00000000 ____D C:\Program Files (x86)\CleanBrowser
2016-03-01 09:52 - 2016-03-11 21:29 - 00000000 ____D C:\Program Files (x86)\2C0530A0-1456836757-11B2-8000-C1515901109B
2016-03-01 09:47 - 2016-03-01 08:55 - 00940604 _____ C:\Users\Todos os Usuários\YSIns.exe
2016-03-01 09:47 - 2016-03-01 08:55 - 00940604 _____ C:\ProgramData\YSIns.exe
2016-02-29 14:55 - 2015-12-20 15:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-29 14:55 - 2015-12-20 15:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-29 14:55 - 2015-12-20 11:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-28 17:22 - 2016-01-07 14:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-28 16:56 - 2016-01-07 14:53 - 03211776 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-26 12:10 - 2016-02-26 12:10 - 00000000 ____D C:\Users\Todos os Usuários\6af4331c-1513-0
2016-02-26 12:10 - 2016-02-26 12:10 - 00000000 ____D C:\ProgramData\6af4331c-1513-0
2016-02-26 12:08 - 2016-02-26 12:08 - 00000000 ____D C:\Program Files (x86)\CalendarTool
2016-02-26 12:05 - 2016-02-26 12:05 - 00003730 _____ C:\Windows\System32\Tasks\DNS Monitoring
2016-02-26 12:03 - 2016-02-26 12:06 - 00000000 ____D C:\Program Files (x86)\AnyFlix
2016-02-26 12:03 - 2016-02-26 12:03 - 00022830 _____ C:\Windows\System32\Tasks\{7A0A0547-0F0B-0B0F-7811-7D040D0F110B}
2016-02-26 12:03 - 2016-02-26 12:03 - 00000000 ____D C:\Users\Todos os Usuários\6af4331c-4177-1
2016-02-26 12:03 - 2016-02-26 12:03 - 00000000 ____D C:\ProgramData\6af4331c-4177-1
2016-02-24 18:05 - 2016-02-24 06:18 - 01085440 _____ C:\Users\Todos os Usuários\delCalendarReg.exe
2016-02-24 18:05 - 2016-02-24 06:18 - 01085440 _____ C:\ProgramData\delCalendarReg.exe
2016-02-24 15:44 - 2016-02-19 15:30 - 05892175 _____ (MediaDownloader ) C:\Users\Public\Documents\MediaDownloader.exe
2016-02-24 15:30 - 2016-02-24 15:30 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Roaming\IObit
2016-02-24 15:30 - 2016-02-24 15:30 - 00000000 ____D C:\Users\Default\AppData\Roaming\IObit
2016-02-24 15:30 - 2016-02-24 15:30 - 00000000 ____D C:\Users\Default User\AppData\Roaming\IObit
2016-02-24 15:25 - 2016-02-24 15:25 - 44081152 _____ C:\Windows\system32\config\components.iodefrag
2016-02-23 08:47 - 2016-03-07 09:47 - 00000000 ____D C:\Users\Todos os Usuários\Windows Security
2016-02-23 08:47 - 2016-03-07 09:47 - 00000000 ____D C:\ProgramData\Windows Security
2016-02-22 22:44 - 2016-02-22 22:45 - 03536752 _____ C:\Users\Claudemir\Downloads\201602012_SU_SA_B5_2TUNER_1GB_SUPREMO (1).ssu
2016-02-22 22:16 - 2016-02-22 22:16 - 00000000 ____D C:\Users\Claudemir\AppData\Local\Foxit Reader
2016-02-22 22:10 - 2016-02-22 22:10 - 00000000 ____D C:\Windows\7
2016-02-22 22:08 - 2016-02-22 22:09 - 03536752 _____ C:\Users\Claudemir\Downloads\201602012_SU_SA_B5_2TUNER_1GB_SUPREMO.ssu
2016-02-22 21:48 - 2016-02-22 21:48 - 00471196 _____ C:\Users\Claudemir\Downloads\CINEBOX Quick Guide Ver.1.0 (1).pdf
2016-02-22 21:41 - 2016-02-22 21:41 - 00000000 ____D C:\WebShield
2016-02-19 15:32 - 2016-02-24 15:51 - 00003664 _____ C:\Windows\System32\Tasks\PFExe
2016-02-19 12:12 - 2016-02-19 12:12 - 00000104 _____ C:\Users\Claudemir\Desktop\Ajuda e Suporte - Atalho.lnk
2016-02-18 18:38 - 2016-03-05 18:22 - 00000000 ____D C:\Users\Claudemir\AppData\Local\Microsoft Games
2016-02-18 15:09 - 2016-02-18 15:10 - 00000000 ____D C:\Users\Claudemir\AppData\Local\BrowserHelper
2016-02-18 15:08 - 2016-02-18 15:08 - 00000000 ____D C:\Users\Todos os Usuários\ShopperPro3
2016-02-18 15:08 - 2016-02-18 15:08 - 00000000 ____D C:\Users\Public\Documents\ShopperPro3
2016-02-18 15:08 - 2016-02-18 15:08 - 00000000 ____D C:\ProgramData\ShopperPro3
2016-02-18 15:08 - 2016-02-18 15:08 - 00000000 ____D C:\Program Files\Common Files\ShopperPro3
2016-02-18 15:08 - 2016-02-18 15:08 - 00000000 ____D C:\Program Files (x86)\YTDownloader
2016-02-18 15:08 - 2016-02-18 15:08 - 00000000 ____D C:\Program Files (x86)\ShopperPro3
2016-02-18 15:06 - 2016-02-26 12:23 - 00000000 ____D C:\Program Files (x86)\Primary Color
2016-02-18 15:06 - 2016-02-18 15:06 - 00000000 ____D C:\Program Files (x86)\mystarttb
2016-02-18 15:04 - 2016-02-18 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WNEn
2016-02-18 13:07 - 2016-02-18 13:07 - 00001117 _____ C:\Users\Public\Desktop\DriverScanner.lnk
2016-02-18 13:07 - 2016-02-18 13:07 - 00000228 _____ C:\Windows\Tasks\dsmonitor.job
2016-02-18 13:07 - 2016-02-18 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
2016-02-18 13:07 - 2016-02-18 13:07 - 00000000 ____D C:\Program Files (x86)\Uniblue
2016-02-18 13:04 - 2016-02-18 13:04 - 00000000 ____D C:\Users\Todos os Usuários\WebShield
2016-02-18 13:04 - 2016-02-18 13:04 - 00000000 ____D C:\ProgramData\WebShield
2016-02-18 12:51 - 2016-02-18 12:51 - 00000000 ____D C:\Program Files (x86)\OLBPre
2016-02-18 12:50 - 2016-02-24 15:43 - 00000000 ____D C:\Program Files (x86)\MixVideoPlayer
2016-02-17 14:51 - 2016-03-13 15:13 - 00000000 ____D C:\Program Files (x86)\SkypeUpdateEx
2016-02-17 14:51 - 2016-02-17 14:51 - 00016984 _____ C:\Windows\DelYAC_x64.sys
2016-02-17 14:48 - 2016-02-17 14:48 - 00001631 ____R C:\Yeabeats Browser.lnk
2016-02-17 14:45 - 2015-11-25 14:31 - 01100288 _____ C:\Users\Todos os Usuários\HomePage.exe
2016-02-17 14:45 - 2015-11-25 14:31 - 01100288 _____ C:\ProgramData\HomePage.exe
2016-02-17 14:37 - 2016-03-13 15:16 - 00000000 ____D C:\Users\Claudemir\AppData\Roaming\CalendarTool
2016-02-17 14:34 - 2016-02-17 14:34 - 00000000 ____D C:\Users\Public\Documents\Guid
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-03-13 15:36 - 2015-11-29 16:05 - 00000000 ____D C:\Users\Claudemir\AppData\Roaming\uTorrent
2016-03-13 15:32 - 2016-01-27 10:08 - 00000000 ____D C:\Users\Claudemir\AppData\Local\WebShield
2016-03-13 15:15 - 2015-11-29 13:33 - 00002852 _____ C:\Windows\System32\Tasks\SlimDrivers Startup
2016-03-13 15:15 - 2015-11-29 13:33 - 00000418 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2016-03-13 15:13 - 2016-01-27 10:11 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-03-13 15:13 - 2016-01-27 10:11 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-03-13 15:13 - 2016-01-27 10:11 - 00000000 ____D C:\Program Files (x86)\osTip
2016-03-13 15:13 - 2016-01-26 11:39 - 00016056 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2016-03-13 15:13 - 2016-01-26 11:37 - 00001729 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk
2016-03-13 15:13 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-03-13 15:12 - 2015-11-29 14:55 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-13 15:12 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-13 15:03 - 2015-11-29 18:26 - 00000000 ____D C:\Users\Claudemir\AppData\Local\Chromium
2016-03-13 15:02 - 2015-11-29 12:58 - 00000000 ____D C:\Users\Claudemir
2016-03-13 14:50 - 2015-11-29 14:55 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-13 14:44 - 2015-11-29 18:40 - 00001222 ____R C:\Users\Claudemir\Desktop\Opera.lnk
2016-03-13 14:43 - 2015-12-24 18:43 - 00000000 ____D C:\Users\Claudemir\AppData\Roaming\LightGate
2016-03-12 00:52 - 2009-07-14 01:45 - 00020368 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-12 00:52 - 2009-07-14 01:45 - 00020368 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-12 00:48 - 2015-11-29 18:40 - 00001460 _____ C:\Users\Claudemir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-03-11 22:48 - 2010-11-21 06:37 - 00707046 _____ C:\Windows\system32\prfh0416.dat
2016-03-11 22:48 - 2010-11-21 06:37 - 00148384 _____ C:\Windows\system32\prfc0416.dat
2016-03-11 22:48 - 2009-07-14 02:13 - 01639248 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-11 22:45 - 2016-01-01 19:00 - 00001389 _____ C:\Users\Claudemir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-03-11 22:14 - 2015-11-29 15:12 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-03-11 22:14 - 2015-11-29 15:12 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-11 21:34 - 2015-12-07 13:54 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2016-03-11 21:34 - 2015-12-07 13:54 - 00000000 ____D C:\ProgramData\ProductData
2016-03-11 21:32 - 2015-11-29 14:43 - 00000374 _____ C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Claudemir).job
2016-03-11 21:27 - 2016-01-06 09:35 - 00000966 _____ C:\Users\Todos os Usuários\xcgui_debug.txt
2016-03-11 21:27 - 2016-01-06 09:35 - 00000966 _____ C:\ProgramData\xcgui_debug.txt
2016-03-10 19:07 - 2015-12-07 13:53 - 00002181 _____ C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2016-03-07 09:47 - 2016-01-05 10:46 - 00000000 ____D C:\Windows\19
2016-03-06 16:52 - 2009-07-14 01:45 - 04990120 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-06 15:51 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2016-02-29 16:00 - 2015-11-29 18:19 - 00000000 ____D C:\Users\Claudemir\Desktop\My Shared Folder
2016-02-27 21:46 - 2016-01-03 15:46 - 00000000 ____D C:\Users\Claudemir\AppData\LocalLow\Adblock Plus for IE
2016-02-26 10:10 - 2015-12-30 09:29 - 00059112 _____ (DotC United Inc) C:\Windows\system32\Drivers\MPCKpt.sys
2016-02-24 17:45 - 2016-01-27 10:35 - 00010365 _____ C:\Users\Todos os Usuários\webad.xml
2016-02-24 17:45 - 2016-01-27 10:35 - 00010365 _____ C:\ProgramData\webad.xml
2016-02-24 15:25 - 2016-01-26 11:36 - 44081152 _____ C:\Windows\system32\config\components.iodefrag.bak
2016-02-22 22:13 - 2016-01-04 22:03 - 00000000 ____D C:\Users\Claudemir\AppData\Roaming\Foxit Software
2016-02-19 15:08 - 2015-11-29 13:42 - 00000000 ____D C:\Intel
2016-02-19 10:06 - 2016-01-01 18:52 - 00000000 ____D C:\Users\Todos os Usuários\{87FF6F3C-D77D-BEBA-66FB-CE38B6791DB6}
2016-02-19 10:06 - 2016-01-01 18:52 - 00000000 ____D C:\ProgramData\{87FF6F3C-D77D-BEBA-66FB-CE38B6791DB6}
2016-02-18 18:55 - 2016-01-01 18:52 - 00004188 _____ C:\Windows\System32\Tasks\Palikan nore
2016-02-18 12:59 - 2015-12-25 10:27 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-02-17 14:45 - 2015-11-29 14:55 - 00004066 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-17 14:45 - 2015-11-29 14:55 - 00003814 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-17 14:34 - 2015-12-27 18:32 - 00000000 ____D C:\Users\Todos os Usuários\Windows Update
2016-02-17 14:34 - 2015-12-27 18:32 - 00000000 ____D C:\ProgramData\Windows Update
2016-02-17 14:22 - 2015-12-25 23:28 - 00000000 ____D C:\Users\Todos os Usuários\System32
2016-02-17 14:22 - 2015-12-25 23:28 - 00000000 ____D C:\ProgramData\System32
==================== Arquivos na raiz de alguns diretórios =======
2007-10-04 11:00 - 2007-10-04 11:00 - 0003134 __RSH () C:\Program Files (x86)\Common Files\Logo.ico
2015-12-24 18:38 - 2015-12-24 18:37 - 2983664 _____ () C:\Users\Claudemir\AppData\Roaming\72e50f4790c3.exe
2015-12-24 18:35 - 2015-12-24 14:56 - 1888256 _____ () C:\Users\Claudemir\AppData\Roaming\carssn.exe
2015-12-24 19:11 - 2015-12-24 14:56 - 1888256 _____ () C:\Users\Claudemir\AppData\Roaming\carssn.exe.1
2015-12-24 18:39 - 2015-12-10 07:39 - 1015808 _____ (d) C:\Users\Claudemir\AppData\Roaming\download.exe
2016-03-12 00:51 - 2016-03-12 00:51 - 0011568 _____ () C:\Users\Claudemir\AppData\Roaming\InstallationConfiguration.xml
2016-03-12 00:51 - 2016-03-12 00:51 - 0127488 _____ () C:\Users\Claudemir\AppData\Roaming\Installer.dat
2015-12-24 18:37 - 2015-12-23 06:13 - 4524576 _____ (${COMPANY_NAME}) C:\Users\Claudemir\AppData\Roaming\Setup.exe
2015-12-25 21:31 - 2015-12-25 06:18 - 4540096 _____ (${COMPANY_NAME}) C:\Users\Claudemir\AppData\Roaming\setup.exe@ver=1.0.0.0
2015-12-24 18:34 - 2015-11-16 07:01 - 1762304 _____ (TODO: <公司名>) C:\Users\Claudemir\AppData\Roaming\upgsvr.exe
2015-11-29 19:11 - 2016-01-01 19:52 - 0000204 _____ () C:\Users\Claudemir\AppData\Roaming\WB.CFG
2015-12-24 18:37 - 2015-12-27 18:13 - 0000969 _____ () C:\Users\Claudemir\AppData\Roaming\webad.xml
2015-12-24 19:00 - 2015-12-27 18:52 - 0000644 _____ () C:\Users\Claudemir\AppData\Roaming\xcgui_debug.txt
2015-12-24 18:36 - 2015-11-14 20:06 - 2496403 _____ ( ) C:\Users\Claudemir\AppData\Roaming\yeaplayer_51447.exe
2015-12-22 20:34 - 2016-01-04 10:19 - 0001456 _____ () C:\Users\Claudemir\AppData\Local\Adobe Save for Web 12.0 Prefs
2015-12-25 22:27 - 2015-12-25 15:10 - 1888256 _____ () C:\ProgramData\ajkejjakdf.exe
2015-12-24 18:43 - 2015-12-24 14:56 - 1888256 _____ () C:\ProgramData\carssc.exe
2016-02-24 18:05 - 2016-02-24 06:18 - 1085440 _____ () C:\ProgramData\delCalendarReg.exe
2015-11-29 15:28 - 2015-11-29 15:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-02-17 14:45 - 2015-11-25 14:31 - 1100288 _____ () C:\ProgramData\HomePage.exe
2015-12-24 18:48 - 2015-12-04 12:14 - 1081344 _____ () C:\ProgramData\LightGate.exe
2015-12-30 09:35 - 2015-12-31 15:10 - 2439168 _____ () C:\ProgramData\msdtc.exe
2016-01-27 10:30 - 2016-01-26 11:54 - 2415616 _____ () C:\ProgramData\msiql.exe
2015-12-30 09:19 - 2015-12-30 09:19 - 1497744 _____ () C:\ProgramData\setup_165ef86caa33483680aa68b7d179f62d.exe
2015-12-24 18:34 - 2015-11-16 07:01 - 1762304 _____ (TODO: <公司名>) C:\ProgramData\upgsvr.exe
2016-01-27 10:35 - 2016-02-24 17:45 - 0010365 _____ () C:\ProgramData\webad.xml
2016-01-06 09:35 - 2016-03-11 21:27 - 0000966 _____ () C:\ProgramData\xcgui_debug.txt
2015-12-24 18:51 - 2015-12-10 15:43 - 0600312 _____ () C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
2016-03-01 09:47 - 2016-03-01 08:55 - 0940604 _____ () C:\ProgramData\YSIns.exe
2016-03-11 22:10 - 2016-03-12 00:49 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Arquivos para serem movidos ou deletados:
====================
C:\Windows\TEMP\is-H4ASA.tmp\print.exe
C:\ProgramData\ajkejjakdf.exe
C:\ProgramData\carssc.exe
C:\ProgramData\delCalendarReg.exe
C:\ProgramData\HomePage.exe
C:\ProgramData\LightGate.exe
C:\ProgramData\msdtc.exe
C:\ProgramData\msiql.exe
C:\ProgramData\setup_165ef86caa33483680aa68b7d179f62d.exe
C:\ProgramData\upgsvr.exe
C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
C:\ProgramData\YSIns.exe
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Todos os Usuários\ajkejjakdf.exe
C:\Users\Todos os Usuários\carssc.exe
C:\Users\Todos os Usuários\delCalendarReg.exe
C:\Users\Todos os Usuários\HomePage.exe
C:\Users\Todos os Usuários\LightGate.exe
C:\Users\Todos os Usuários\msdtc.exe
C:\Users\Todos os Usuários\msiql.exe
C:\Users\Todos os Usuários\setup_165ef86caa33483680aa68b7d179f62d.exe
C:\Users\Todos os Usuários\upgsvr.exe
C:\Users\Todos os Usuários\YeaPlayer_br_IBD_Bundle.exe
C:\Users\Todos os Usuários\YSIns.exe
C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Alguns arquivos em TEMP:
====================
C:\Users\Claudemir\AppData\Local\Temp\168c-8a93-463c-0ed5.exe
C:\Users\Claudemir\AppData\Local\Temp\526d-a472-04f4-defc.exe
C:\Users\Claudemir\AppData\Local\Temp\7a3d-bf35-4318-8e3e.exe
C:\Users\Claudemir\AppData\Local\Temp\b112-c75a-83f4-b7ab.exe
C:\Users\Claudemir\AppData\Local\Temp\B7MCXSJ70M.exe
C:\Users\Claudemir\AppData\Local\Temp\CV26II08GE.exe
C:\Users\Claudemir\AppData\Local\Temp\fb88-deba-2bd0-a8db.exe
C:\Users\Claudemir\AppData\Local\Temp\FBCC.tmp.exe
C:\Users\Claudemir\AppData\Local\Temp\hib420E.exe
C:\Users\Claudemir\AppData\Local\Temp\hib8FD0.exe
C:\Users\Claudemir\AppData\Local\Temp\hibD91F.exe
C:\Users\Claudemir\AppData\Local\Temp\hibE7DE.exe
C:\Users\Claudemir\AppData\Local\Temp\HPPZ43O2RT.exe
C:\Users\Claudemir\AppData\Local\Temp\setup_781.exe
C:\Users\Claudemir\AppData\Local\Temp\setup_ra.exe
C:\Users\Claudemir\AppData\Local\Temp\tmpC274.tmp.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2015-12-16 11:02
==================== Fim de FRST.txt ============================