Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:06-05-2016 01
Executado por Svc-Pc (administrador) em SVC (05-05-2016 15:11:47)
Executando a partir de C:\Users\Svc-Pc\Downloads
Perfis Carregados: Svc-Pc (Perfis Disponíveis: Svc-Pc)
Platform: Windows 8.1 Pro (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

() C:\Users\Svc-Pc\AppData\Roaming\FofporRagoguq\Rivbig.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\ProgramData\CloudPrinter\CloudPrinter.exe
() C:\Program Files (x86)\03AA02FC-1462467133-05F6-BA06-E10700080009\knspE1CB.tmpfs
() C:\Users\Svc-Pc\AppData\Roaming\Nithut\Nithut.exe
() C:\Users\Svc-Pc\AppData\Roaming\FufikeEopun\Iwutk.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
() C:\Users\Svc-Pc\AppData\Local\Apps\2.0\abril.exe
() C:\Program Files (x86)\03AA02FC-1462467133-05F6-BA06-E10700080009\hnsd1DB3.tmp
() C:\Program Files (x86)\03AA02FC-1462467133-05F6-BA06-E10700080009\jnsd537.tmp
() C:\Users\Svc-Pc\AppData\Roaming\Acaebmagpo\Acaebmagpo.exe
() C:\ProgramData\msiql.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarServ.exe
() C:\Program Files (x86)\CalendarTool\2.0.0.11189\calendar.exe
() C:\Users\Svc-Pc\AppData\Roaming\Nithut\Cacojopbu.exe
() C:\Users\Svc-Pc\AppData\Roaming\Nithut\Necso.exe
() C:\Users\Svc-Pc\AppData\Roaming\Acaebmagpo\Reclisaki.exe
() C:\Users\Svc-Pc\AppData\Roaming\Acaebmagpo\Diwumoflo.exe
(eee) C:\ProgramData\apptj.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray.exe
() C:\ProgramData\adb.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft) C:\Users\Svc-Pc\AppData\Local\Microsoft Windows\winPrsv.exe
() C:\Users\Svc-Pc\AppData\Roaming\msiql.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Users\Svc-Pc\AppData\Roaming\msiql.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCNews.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [IDSCCOMIWP] => "C:\Program Files\Sound+\idsccom_IWP.exe"
HKLM\...\Run: [Sound+] => "C:\Program Files\Sound+\Sound+.exe"
HKLM-x32\...\Run: [Control Network] => C:\Users\Svc-Pc\AppData\Local\Microsoft Windows\winPrsv.exe [1573888 2015-11-05] (Microsoft)
HKLM-x32\...\Run: [sun21] => [X]
HKLM\...\RunOnce: [IDSCPRODUCT] => "C:\Program Files\Sound+\idscservice.exe"
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-742465555-2576082086-511315665-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50385536 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-742465555-2576082086-511315665-1001\...\Run: [Control Network] => C:\Users\Svc-Pc\AppData\Local\Microsoft Windows\winPrsv.exe [1573888 2015-11-05] (Microsoft)
HKU\S-1-5-21-742465555-2576082086-511315665-1001\...\Run: [YeaInstaller] => C:\Users\Svc-Pc\AppData\Local\Temp\MZMGK2CWA\MZMGK2CWA.exe [1970176 2016-05-05] (TZ) <===== ATENÇÃO
HKU\S-1-5-21-742465555-2576082086-511315665-1001\...\Run: [msiql] => c:\users\svc-pc\appdata\roaming\msiql.exe [1916928 2016-04-26] ()
HKU\S-1-5-21-742465555-2576082086-511315665-1001\...\Run: [taskhost] => rundll32.exe C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll Start /AUTORUN
HKU\S-1-5-21-742465555-2576082086-511315665-1001\...\Run: [WindApp] => "C:\Users\Svc-Pc\AppData\Roaming\Store\WindApp\WindApp.exe" /winstartup
HKU\S-1-5-21-742465555-2576082086-511315665-1001\...\MountPoints2: {9b35593d-9f4e-11e5-8265-fcaa14f6bae1} - "D:\LaunchU3.exe" 

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 200.175.182.139 200.175.5.139
Tcpip\..\Interfaces\{42347C30-D042-4F64-8F41-95BAA98333B0}: [DhcpNameServer] 200.175.182.139 200.175.5.139
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 104.197.191.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkc_inner_hp_09_hao123_br&guid=aabcda8fceeba8edebc600af827d15b2
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkc_inner_hp_09_hao123_br&guid=aabcda8fceeba8edebc600af827d15b2
HKU\S-1-5-21-742465555-2576082086-511315665-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://services.eshield.com/general/newhometab.php?hometab=home&partner=14111&guid={A1450750-B613-47BF-BB6A-DA1BE2C50D16}&i=
SearchScopes: HKU\S-1-5-21-742465555-2576082086-511315665-1001 -> {BDDA9195-3A63-4B3B-9D54-61E32287395B} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=14111
SearchScopes: HKU\S-1-5-21-742465555-2576082086-511315665-1001 -> {C222FF24-3A25-40CB-9D5B-A0C0A72A2716} URL = hxxp://search.eshield.com/serp?guid={A1450750-B613-47BF-BB6A-DA1BE2C50D16}&k={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll => Nenhum Arquivo
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2014-10-17] (IObit)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

Chrome: 
=======
CHR HomePage: ChromeDefaultData2 -> hxxp://br.hao123.com/?tn=sdkc_inner_hp_09_hao123_br&guid=aabcda8fceeba8edebc600af827d15b2
CHR StartupUrls: ChromeDefaultData2 -> "hxxp://br.hao123.com/?tn=sdkc_inner_hp_09_hao123_br&guid=aabcda8fceeba8edebc600af827d15b2"
CHR HKLM-x32\...\Chrome\Extension: [dkmjljdbbgogihjcapfhgkonfmccbffp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 Aluqpa; C:\Users\Svc-Pc\AppData\Roaming\FofporRagoguq\Rivbig.exe [125800 2016-05-05] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 CloudPrinter; C:\ProgramData\\CloudPrinter\\CloudPrinter.exe [949248 2016-05-05] () [Arquivo não assinado]
S2 GoogleChromeUpService; C:\ProgramData\service.exe [1755136 2016-04-27] () [Arquivo não assinado]
S2 GoogleChromeUpSvc; C:\ProgramData\Windows Update\svrupg.exe [2783744 2016-05-05] (TODO:  ) [Arquivo não assinado]
R2 Imict; C:\Users\Svc-Pc\AppData\Roaming\Nithut\Nithut.exe [174936 2016-05-05] ()
R2 Iugomfeb; C:\Users\Svc-Pc\AppData\Roaming\FufikeEopun\Iwutk.exe [125784 2016-05-05] ()
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [350688 2016-05-05] (DotC United Inc)
S2 MputyqasiedHostservice; C:\Program Files (x86)\Mputyqasied\MputyqasiedHostservice.exe [999080 2016-05-03] ()
R2 ProntSpooler; C:\Users\Svc-Pc\AppData\Local\Apps\2.0\abril.exe [124928 2016-04-07] () [Arquivo não assinado]
R2 rijufoze; C:\Program Files (x86)\03AA02FC-1462467133-05F6-BA06-E10700080009\hnsd1DB3.tmp [138240 2016-05-05] () [Arquivo não assinado]
R2 rocufyky; C:\Program Files (x86)\03AA02FC-1462467133-05F6-BA06-E10700080009\jnsd537.tmp [389632 2016-05-05] () [Arquivo não assinado]
S2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [254264 2016-05-05] ()
R2 TheCalendarService; C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarServ.exe [141960 2015-12-25] ()
S2 thqControlssrv; C:\Program Files (x86)\Thquse\thqControlssrv.exe [993912 2016-05-03] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-05-15] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-05-15] (Microsoft Corporation)
R2 Xosgukziv; C:\Users\Svc-Pc\AppData\Roaming\Acaebmagpo\Acaebmagpo.exe [174952 2016-05-05] ()
R2 dogyxosezbt; C:\Program Files (x86)\03AA02FC-1462467133-05F6-BA06-E10700080009\knspE1CB.tmpfs [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [65344 2016-05-05] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-12-11] (REALiX(tm))
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-08] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-05-05] (DotC United Inc)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-05-15] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [257880 2014-05-15] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-05-15] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-05-05 15:11 - 2016-05-05 15:11 - 00014477 _____ C:\Users\Svc-Pc\Downloads\FRST.txt
2016-05-05 15:10 - 2016-05-05 15:11 - 00000000 ____D C:\FRST
2016-05-05 15:10 - 2016-05-05 15:10 - 02379776 _____ (Farbar) C:\Users\Svc-Pc\Downloads\FRST64.exe
2016-05-05 14:58 - 2016-05-05 14:58 - 00000000 ____D C:\Users\Svc-Pc\AppData\Roaming\MCorp
2016-05-05 14:55 - 2016-05-05 14:55 - 02783744 _____ (TODO: ) C:\Users\Svc-Pc\AppData\Roaming\svrupg.exe
2016-05-05 14:55 - 2016-05-05 14:55 - 00002303 _____ C:\Users\Svc-Pc\AppData\Roaming\webad.xml
2016-05-05 14:53 - 2016-05-05 14:53 - 00000000 ____D C:\Users\Todos os Usuários\Uniblue
2016-05-05 14:53 - 2016-05-05 14:53 - 00000000 ____D C:\ProgramData\Uniblue
2016-05-05 14:53 - 2016-05-05 14:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-05-05 14:53 - 2016-05-05 14:53 - 00000000 ____D C:\Program Files (x86)\CalendarTool
2016-05-05 14:52 - 2016-05-05 14:52 - 00002303 _____ C:\Users\Todos os Usuários\webad.xml
2016-05-05 14:52 - 2016-05-05 14:52 - 00002303 _____ C:\ProgramData\webad.xml
2016-05-05 14:50 - 2016-05-05 14:50 - 00000000 ____D C:\Users\Svc-Pc\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
2016-05-05 14:49 - 2016-05-05 14:49 - 00000000 ____D C:\Users\Todos os Usuários\ByteFence
2016-05-05 14:49 - 2016-05-05 14:49 - 00000000 ____D C:\ProgramData\ByteFence
2016-05-05 14:39 - 2016-05-05 15:00 - 00000000 ____D C:\Users\Svc-Pc\AppData\Local\app
2016-05-05 14:39 - 2016-05-05 14:57 - 00000000 ____D C:\Program Files\ByteFence
2016-05-05 14:39 - 2016-05-05 14:40 - 00000000 ____D C:\Users\Svc-Pc\AppData\Local\nesi
2016-05-05 14:39 - 2016-05-05 14:39 - 00000000 ____D C:\Users\Svc-Pc\AppData\Local\Setup2040046
2016-05-05 14:38 - 2016-05-05 15:00 - 00000000 ____D C:\Program Files (x86)\CleanBrowser
2016-05-05 14:38 - 2016-05-05 14:58 - 00000000 ____D C:\Program Files\Mabke
2016-05-05 14:38 - 2016-05-05 14:38 - 00060136 _____ (DotC United Inc) C:\Windows\system32\Drivers\MPCKpt.sys
2016-05-05 14:38 - 2016-05-05 14:38 - 00000000 ____D C:\Users\Svc-Pc\AppData\Roaming\FofporRagoguq
2016-05-05 14:38 - 2016-05-05 14:38 - 00000000 ____D C:\Users\Svc-Pc\AppData\Roaming\Acaebmagpo
2016-05-05 14:18 - 2016-05-05 14:18 - 00003062 _____ C:\Windows\System32\Tasks\FusionPlayer browser banner
2016-05-05 14:17 - 2016-05-05 14:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaNetworkEn
2016-05-05 14:17 - 2016-05-05 14:53 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-05-05 14:17 - 2016-05-05 14:17 - 00000000 ____D C:\Users\Todos os Usuários\47dd9010-2f17-0
2016-05-05 14:17 - 2016-05-05 14:17 - 00000000 ____D C:\Users\Todos os Usuários\47dd9010-18c3-1
2016-05-05 14:17 - 2016-05-05 14:17 - 00000000 ____D C:\Users\Svc-Pc\AppData\Local\Setup Wizard
2016-05-05 14:17 - 2016-05-05 14:17 - 00000000 ____D C:\ProgramData\47dd9010-2f17-0
2016-05-05 14:17 - 2016-05-05 14:17 - 00000000 ____D C:\ProgramData\47dd9010-18c3-1
2016-05-05 14:13 - 2016-04-25 12:06 - 01085440 _____ C:\Users\Svc-Pc\AppData\Roaming\delCalendarReg.exe
2016-05-05 14:02 - 2016-05-05 14:03 - 05817344 _____ (GPS Safety) C:\Users\Svc-Pc\AppData\Local\helpmng.exe
2016-05-05 14:02 - 2016-05-05 14:02 - 00008858 _____ C:\Windows\System32\Tasks\Mputyqasied Host
2016-05-05 14:02 - 2016-05-05 14:02 - 00003976 _____ C:\Windows\System32\Tasks\LaunchPreSignup
2016-05-05 14:02 - 2016-05-05 14:02 - 00002401 _____ C:\Windows\SysWOW64\findit.xml
2016-05-05 14:02 - 2016-05-05 14:02 - 00000000 ____D C:\Users\Todos os Usuários\Statdexs
2016-05-05 14:02 - 2016-05-05 14:02 - 00000000 ____D C:\Users\Svc-Pc\AppData\Roaming\Mozilla
2016-05-05 14:02 - 2016-05-05 14:02 - 00000000 ____D C:\ProgramData\Statdexs
2016-05-05 14:01 - 2016-05-05 14:46 - 00000000 ____D C:\Program Files (x86)\hohobnd
2016-05-05 14:01 - 2016-05-05 14:02 - 00000000 ____D C:\Program Files (x86)\Mputyqasied
2016-05-05 14:01 - 2016-05-05 14:01 - 06494208 _____ C:\Users\Svc-Pc\AppData\Roaming\agent.dat
2016-05-05 14:01 - 2016-05-05 14:01 - 01626777 _____ C:\Users\Svc-Pc\AppData\Roaming\Nam-Touch.tst
2016-05-05 14:01 - 2016-05-05 14:01 - 00126464 _____ C:\Users\Svc-Pc\AppData\Roaming\noah.dat
2016-05-05 14:01 - 2016-05-05 14:01 - 00126464 _____ C:\Users\Svc-Pc\AppData\Roaming\lobby.dat
2016-05-05 14:01 - 2016-05-05 14:01 - 00072717 _____ C:\Users\Svc-Pc\AppData\Roaming\Cancancore.tst
2016-05-05 14:01 - 2016-05-05 14:01 - 00065568 _____ C:\Users\Svc-Pc\AppData\Roaming\Config.xml
2016-05-05 14:01 - 2016-05-05 14:01 - 00054272 _____ C:\Users\Svc-Pc\AppData\Roaming\ApplicationHosting.dat
2016-05-05 14:01 - 2016-05-05 14:01 - 00018432 _____ C:\Users\Svc-Pc\AppData\Roaming\Main.dat
2016-05-05 14:01 - 2016-05-05 14:01 - 00005568 _____ C:\Users\Svc-Pc\AppData\Roaming\md.xml
2016-05-05 14:01 - 2016-05-05 14:01 - 00000000 ____D C:\Users\Todos os Usuários\CloudPrinter
2016-05-05 14:01 - 2016-05-05 14:01 - 00000000 ____D C:\ProgramData\CloudPrinter
2016-05-05 14:01 - 2016-05-05 14:00 - 00949248 _____ C:\Users\Svc-Pc\AppData\Roaming\Nam-Touch.exe
2016-05-05 14:01 - 2016-05-05 14:00 - 00949248 _____ C:\Users\Svc-Pc\AppData\Roaming\Cancancore.exe
2016-05-05 14:00 - 2016-05-05 14:02 - 00000891 _____ C:\Windows\SysWOW64\${LOGFILE}
2016-05-05 14:00 - 2016-05-05 14:00 - 00848437 _____ C:\Users\Svc-Pc\AppData\Roaming\Domzap.bin
2016-05-05 14:00 - 2016-05-05 14:00 - 00127488 _____ C:\Users\Svc-Pc\AppData\Roaming\Installer.dat
2016-05-05 14:00 - 2016-05-05 14:00 - 00015408 _____ C:\Users\Svc-Pc\AppData\Roaming\InstallationConfiguration.xml
2016-05-05 14:00 - 2016-05-05 14:00 - 00008888 _____ C:\Windows\System32\Tasks\Thquse Controls
2016-05-05 13:59 - 2016-05-05 14:00 - 00000000 ____D C:\Program Files (x86)\Thquse
2016-05-05 13:57 - 2016-05-05 14:38 - 00000000 ____D C:\Users\Svc-Pc\AppData\Local\Tempfolder
2016-05-05 13:57 - 2016-05-05 13:57 - 00000000 ____D C:\Users\Svc-Pc\AppData\Roaming\Nithut
2016-05-05 13:57 - 2016-05-05 13:57 - 00000000 ____D C:\Users\Svc-Pc\AppData\Roaming\FufikeEopun
2016-05-05 13:57 - 2016-05-05 13:57 - 00000000 ____D C:\Users\Svc-Pc\AppData\LocalLow\Company
2016-05-05 13:57 - 2016-05-05 13:57 - 00000000 ____D C:\Users\Svc-Pc\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2016-05-05 13:57 - 2016-05-05 13:57 - 00000000 ____D C:\uninst
2016-05-05 13:53 - 2016-05-05 13:53 - 00003740 _____ C:\Windows\System32\Tasks\Selection Tools Update
2016-05-05 13:53 - 2016-05-05 13:53 - 00000000 ____D C:\Users\Svc-Pc\AppData\Roaming\WTools
2016-05-05 13:52 - 2016-05-05 15:00 - 00000000 ____D C:\Program Files (x86)\comoBoss
2016-05-05 13:52 - 2016-05-05 14:48 - 00000000 ____D C:\Users\Svc-Pc\AppData\Roaming\Store
2016-05-05 13:52 - 2016-05-05 13:52 - 00001188 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-05-05 13:52 - 2016-05-05 13:52 - 00000000 ____D C:\Users\Svc-Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage
2016-05-05 13:52 - 2016-05-05 13:52 - 00000000 ____D C:\Users\Svc-Pc\AppData\Local\csdi_monetize_220160505
2016-05-05 13:52 - 2016-05-05 13:52 - 00000000 ____D C:\Program Files (x86)\03AA02FC-1462467133-05F6-BA06-E10700080009
2016-05-05 13:51 - 2016-05-05 14:53 - 00413439 _____ C:\Users\Todos os Usuários\xdo.zip
2016-05-05 13:51 - 2016-05-05 14:53 - 00413439 _____ C:\ProgramData\xdo.zip
2016-05-05 13:51 - 2016-05-05 14:53 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-05-05 13:51 - 2016-05-05 14:53 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-05-05 13:51 - 2016-05-05 14:53 - 00000000 ____D C:\Program Files (x86)\osTip
2016-05-05 13:51 - 2016-05-05 14:45 - 00000000 ____D C:\Users\Svc-Pc\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-05-05 13:51 - 2016-05-05 14:02 - 00000000 ____D C:\Users\Svc-Pc\AppData\Roaming\Nosibay
2016-05-05 13:51 - 2016-05-05 14:01 - 00000000 ____D C:\extensions
2016-05-05 13:51 - 2016-05-05 13:51 - 00000000 ____D C:\Users\Todos os Usuários\Windows Update
2016-05-05 13:51 - 2016-05-05 13:51 - 00000000 ____D C:\Users\Public\Documents\Tools
2016-05-05 13:51 - 2016-05-05 13:51 - 00000000 ____D C:\Users\Public\Documents\Baidu
2016-05-05 13:51 - 2016-05-05 13:51 - 00000000 ____D C:\ProgramData\Windows Update
2016-05-05 13:51 - 2016-05-05 12:53 - 00073806 _____ C:\Users\Todos os Usuários\YSIns.exe
2016-05-05 13:51 - 2016-05-05 12:53 - 00073806 _____ C:\ProgramData\YSIns.exe
2016-05-05 13:51 - 2016-04-27 03:51 - 01755136 _____ C:\Users\Todos os Usuários\service.exe
2016-05-05 13:51 - 2016-04-27 03:51 - 01755136 _____ C:\Users\Svc-Pc\AppData\Roaming\service.exe
2016-05-05 13:51 - 2016-04-27 03:51 - 01755136 _____ C:\ProgramData\service.exe
2016-05-05 13:51 - 2016-04-26 12:07 - 01253376 _____ (eee) C:\Users\Todos os Usuários\apptj.exe
2016-05-05 13:51 - 2016-04-26 12:07 - 01253376 _____ (eee) C:\ProgramData\apptj.exe
2016-05-05 13:51 - 2016-04-26 06:27 - 01916928 _____ C:\Users\Todos os Usuários\msiql.exe
2016-05-05 13:51 - 2016-04-26 06:27 - 01916928 _____ C:\Users\Svc-Pc\AppData\Roaming\msiql.exe
2016-05-05 13:51 - 2016-04-26 06:27 - 01916928 _____ C:\ProgramData\msiql.exe
2016-05-05 13:51 - 2016-04-25 11:45 - 00600312 _____ C:\Users\Svc-Pc\AppData\Roaming\YeaPlayer_br_IBD_Bundle.exe
2016-05-05 13:51 - 2016-04-19 05:58 - 00600312 _____ C:\Users\Todos os Usuários\YeaPlayer_br_IBD_Bundle.exe
2016-05-05 13:51 - 2016-04-19 05:58 - 00600312 _____ C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
2016-05-05 13:50 - 2016-05-05 14:58 - 00000000 ____D C:\Program Files\Sound+
2016-05-05 13:50 - 2016-05-05 13:53 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-05-05 13:50 - 2016-05-05 13:51 - 00000000 ____D C:\Users\Svc-Pc\AppData\Roaming\CalendarTool
2016-05-05 13:50 - 2016-05-05 13:50 - 00002952 _____ C:\Windows\System32\Tasks\svchost
2016-05-05 13:50 - 2016-05-05 13:50 - 00000000 ____D C:\Users\Svc-Pc\AppData\Local\csdi_monetize_120160505
2016-05-05 13:50 - 2016-05-05 13:50 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-05-05 13:48 - 2016-05-05 13:48 - 00400896 _____ C:\Users\Svc-Pc\Downloads\flash_player_setup.exe
2016-05-05 13:48 - 2016-05-05 13:48 - 00129640 _____ C:\Users\Svc-Pc\AppData\Roaming\adobe_flash_setup-31962814.exe
2016-05-05 12:03 - 2016-05-05 12:03 - 59181646 _____ C:\Users\Svc-Pc\Downloads\geekEXPOfinal (2).cdr
2016-05-05 11:48 - 2016-05-05 11:48 - 23110246 _____ C:\Users\Svc-Pc\Desktop\pedidos maio.rar
2016-05-05 10:07 - 2016-05-05 14:38 - 00065344 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\cherimoya.sys
2016-05-05 09:42 - 2016-05-05 09:42 - 00290681 _____ C:\Users\Svc-Pc\Desktop\coleção_tarta_02_alfomada.pdf
2016-05-04 15:18 - 2016-05-04 15:19 - 200297393 _____ C:\Users\Svc-Pc\Downloads\wetransfer-6cf891 (1).zip
2016-05-04 15:00 - 2016-05-04 15:00 - 00896057 _____ C:\Users\Svc-Pc\Downloads\Modern-brochure-template (1).zip
2016-05-04 14:59 - 2016-05-04 14:59 - 04033445 _____ C:\Users\Svc-Pc\Downloads\Geometric-shapes-flyer.zip
2016-05-04 14:49 - 2016-05-04 14:49 - 00632078 _____ C:\Users\Svc-Pc\Downloads\doc (9).pdf
2016-05-04 14:25 - 2016-05-04 14:26 - 06460507 _____ C:\Users\Svc-Pc\Downloads\Paper-notes-with-children-drawings.zip
2016-05-04 14:10 - 2016-05-04 14:10 - 01261084 _____ C:\Users\Svc-Pc\Downloads\Business-brochure-in-elegant-style.zip
2016-05-04 10:19 - 2016-05-04 10:19 - 00632075 _____ C:\Users\Svc-Pc\Downloads\doc (8).pdf
2016-05-04 10:14 - 2016-05-04 10:14 - 00632075 _____ C:\Users\Svc-Pc\Downloads\doc (7).pdf
2016-05-04 10:10 - 2016-05-04 10:10 - 00632070 _____ C:\Users\Svc-Pc\Downloads\doc (6).pdf
2016-05-03 17:19 - 2016-05-03 17:20 - 49034908 _____ C:\Users\Svc-Pc\Downloads\Mothers-day-card-with-brush-strokes.zip
2016-05-03 13:51 - 2016-05-03 13:51 - 00000000 ____D C:\Users\Svc-Pc\AppData\Local\Adobe
2016-05-03 13:46 - 2016-05-03 13:46 - 00296422 _____ C:\Users\Svc-Pc\Downloads\CARTOES-DE-VISITA-VERNIZ-UV-TOTAL-F-COUCHE-BRILHANTE-250g-4x0-1000-143-91-51 (1).cdr
2016-05-03 11:11 - 2016-05-03 11:12 - 200297393 _____ C:\Users\Svc-Pc\Downloads\wetransfer-6cf891.zip
2016-05-03 09:39 - 2016-05-03 09:39 - 04649838 _____ C:\Users\Svc-Pc\Downloads\Penteadeira da Maricotinha_logo_final.pdf
2016-05-03 09:30 - 2016-05-03 13:51 - 00000000 ____D C:\Users\Svc-Pc\AppData\Roaming\Adobe
2016-05-02 16:24 - 2016-05-02 16:24 - 01116820 _____ C:\Users\Svc-Pc\Downloads\Attachment-1 (4).jpeg
2016-05-02 16:23 - 2016-05-02 16:23 - 00228882 _____ C:\Users\Svc-Pc\Downloads\Attachment-1 (3).jpeg
2016-05-02 16:23 - 2016-05-02 16:23 - 00063507 _____ C:\Users\Svc-Pc\Downloads\Attachment-1 (2).jpeg
2016-05-02 16:23 - 2016-05-02 16:23 - 00018003 _____ C:\Users\Svc-Pc\Downloads\Attachment-1.jpeg
2016-05-02 16:23 - 2016-05-02 16:23 - 00011991 _____ C:\Users\Svc-Pc\Downloads\Attachment-1 (1).jpeg
2016-05-02 13:02 - 2016-05-02 13:02 - 02079870 _____ C:\Users\Svc-Pc\Downloads\Hand-drawn-antique-crown.zip
2016-05-02 11:30 - 2016-05-02 11:30 - 59181646 _____ C:\Users\Svc-Pc\Downloads\geekEXPOfinal (1).cdr
2016-05-02 11:29 - 2016-05-02 11:30 - 59181646 _____ C:\Users\Svc-Pc\Downloads\geekEXPOfinal.cdr
2016-04-29 17:19 - 2016-05-04 13:32 - 00000000 ____D C:\Users\Svc-Pc\Desktop\Nova pasta
2016-04-29 09:09 - 2016-04-29 09:10 - 173470951 _____ C:\Users\Svc-Pc\Downloads\wetransfer-7aaafb (1).zip
2016-04-28 17:14 - 2016-04-28 17:14 - 01396795 _____ C:\Users\Svc-Pc\Downloads\Retro-bakery-poster (1).zip
2016-04-28 17:08 - 2016-04-28 17:08 - 01396795 _____ C:\Users\Svc-Pc\Downloads\Retro-bakery-poster.zip
2016-04-28 14:24 - 2016-04-28 14:24 - 01401534 _____ C:\Users\Svc-Pc\Downloads\Bruna Navarro - Cartão Bruna - Aberto okkkk.cdr
2016-04-28 13:54 - 2016-04-28 13:54 - 00426981 _____ C:\Users\Svc-Pc\Downloads\Logo Unigraph.cdr
2016-04-28 13:52 - 2016-04-28 13:52 - 03198613 _____ C:\Users\Svc-Pc\Downloads\Bagunça final fem.pdf
2016-04-28 13:08 - 2016-04-28 13:09 - 173470951 _____ C:\Users\Svc-Pc\Downloads\wetransfer-7aaafb.zip
2016-04-28 11:12 - 2016-04-28 11:12 - 00420148 _____ C:\Users\Svc-Pc\Documents\PEDIDO CORRETO.pdf
2016-04-28 10:54 - 2016-04-28 10:54 - 00733315 _____ C:\Users\Svc-Pc\Downloads\camisa parque dois irmãos (1).rar
2016-04-28 09:16 - 2016-04-28 09:17 - 10753162 _____ C:\Users\Svc-Pc\Downloads\OneDrive-2016-04-06.zip
2016-04-28 09:16 - 2016-04-28 09:16 - 00105725 _____ C:\Users\Svc-Pc\Downloads\3094
2016-04-27 09:55 - 2016-04-27 09:55 - 00208463 _____ C:\Users\Svc-Pc\Downloads\SPI16015_Camisa1_ArqFechado (1).zip
2016-04-27 09:53 - 2016-04-27 09:53 - 00208463 _____ C:\Users\Svc-Pc\Downloads\SPI16015_Camisa1_ArqFechado.zip
2016-04-27 09:00 - 2016-04-27 09:00 - 00733315 _____ C:\Users\Svc-Pc\Downloads\camisa parque dois irmãos.rar
2016-04-27 08:35 - 2016-04-27 08:35 - 06275867 _____ C:\Users\Svc-Pc\Downloads\tuf 25 salvo.cdr
2016-04-26 16:05 - 2016-04-26 16:05 - 01261054 _____ C:\Users\Svc-Pc\Downloads\Logo Diego Freitas Personal (3).eps
2016-04-26 14:02 - 2016-04-26 14:02 - 03310067 _____ C:\Users\Svc-Pc\Downloads\Classic-artistic-mosaic-background.zip
2016-04-26 13:38 - 2016-04-26 13:38 - 00024617 _____ C:\Users\Svc-Pc\Downloads\Aero.zip
2016-04-26 13:37 - 2016-04-26 13:37 - 00044520 _____ C:\Users\Svc-Pc\Downloads\911Fonts.com_AeroRegular__-_911fonts.com-fonts-5GC0.ttf
2016-04-26 13:34 - 2016-04-26 13:34 - 00020590 _____ C:\Users\Svc-Pc\Downloads\aero2.zip
2016-04-26 10:49 - 2016-04-26 10:49 - 00317843 _____ C:\Users\Svc-Pc\Downloads\Camisa Jogos Antares FIM_1.eps
2016-04-26 10:49 - 2016-04-26 10:49 - 00275127 _____ C:\Users\Svc-Pc\Downloads\Camisa Jogos Antares FIM_2.eps
2016-04-26 09:24 - 2016-04-26 09:24 - 00000009 ____N C:\Users\Todos os Usuários\a.bat
2016-04-26 09:24 - 2016-04-26 09:24 - 00000009 ____N C:\ProgramData\a.bat
2016-04-25 16:15 - 2016-04-25 16:15 - 02399837 _____ C:\Users\Svc-Pc\Downloads\2016.04.03.zip
2016-04-25 15:27 - 2016-04-25 15:27 - 140481593 _____ C:\Users\Svc-Pc\Downloads\Hanging-hearts-mothers-day-card (1).zip
2016-04-25 15:23 - 2016-04-25 15:23 - 01294107 _____ C:\Users\Svc-Pc\Downloads\Mothers-day-calligraphy-drawing-card.zip
2016-04-25 15:16 - 2016-04-25 15:16 - 42602350 _____ C:\Users\Svc-Pc\Downloads\Watercolor-family-with-pets-background.zip
2016-04-25 13:44 - 2016-04-25 13:44 - 00183733 _____ C:\Users\Svc-Pc\Downloads\Sports-Logo.zip
2016-04-25 11:44 - 2016-04-25 11:44 - 00632072 _____ C:\Users\Svc-Pc\Downloads\doc (5).pdf
2016-04-25 11:36 - 2016-04-25 11:36 - 00296422 _____ C:\Users\Svc-Pc\Downloads\CARTOES-DE-VISITA-VERNIZ-UV-TOTAL-F-COUCHE-BRILHANTE-250g-4x0-1000-143-91-51.cdr
2016-04-25 10:57 - 2016-04-25 10:57 - 00049902 _____ C:\Users\Svc-Pc\Downloads\Elegance.zip
2016-04-25 08:09 - 2016-04-25 08:09 - 00411954 _____ C:\Users\Svc-Pc\Downloads\oticas-diniz-vector-logo-243AE76DCB-seeklogo.com (1).zip
2016-04-25 08:08 - 2016-04-25 08:08 - 00411954 _____ C:\Users\Svc-Pc\Downloads\oticas-diniz-vector-logo-243AE76DCB-seeklogo.com.zip
2016-04-23 10:50 - 2016-05-05 15:09 - 00000000 ____D C:\Users\Todos os Usuários\Corel
2016-04-23 10:50 - 2016-05-05 15:09 - 00000000 ____D C:\ProgramData\Corel
2016-04-23 09:34 - 2016-04-23 09:34 - 01910780 _____ C:\Users\Svc-Pc\Downloads\jERUSALEM EM CURVAS.cdr
2016-04-22 17:18 - 2016-04-22 17:18 - 82531703 _____ C:\Users\Svc-Pc\Downloads\wetransfer-49286f.zip
2016-04-22 16:38 - 2016-04-22 16:38 - 00157867 _____ C:\Users\Svc-Pc\Downloads\adidas-vector-logo-8FD2C24FE5-seeklogo.com.zip
2016-04-22 16:34 - 2016-04-22 16:34 - 28699810 _____ C:\Users\Svc-Pc\Downloads\camisa CIPA.eps
2016-04-22 13:59 - 2016-04-22 13:59 - 28091655 _____ C:\Users\Svc-Pc\Downloads\Love-banners-happy-mothers-day.zip
2016-04-22 13:31 - 2016-04-22 13:31 - 01235609 _____ C:\Users\Svc-Pc\Downloads\Mothers-day-retro-cards-set.zip
2016-04-22 13:31 - 2016-04-22 13:31 - 01235609 _____ C:\Users\Svc-Pc\Downloads\Mothers-day-retro-cards-set (1).zip
2016-04-20 17:23 - 2016-04-20 17:23 - 01418829 _____ C:\Users\Svc-Pc\Downloads\Marine-icons-of-summer.zip
2016-04-20 17:21 - 2016-04-20 17:21 - 02528013 _____ C:\Users\Svc-Pc\Downloads\Retro-nautical-cruise-badges.zip
2016-04-20 17:17 - 2016-04-20 17:17 - 01614697 _____ C:\Users\Svc-Pc\Downloads\Sea-waves (3).zip
2016-04-20 17:17 - 2016-04-20 17:17 - 01614697 _____ C:\Users\Svc-Pc\Downloads\Sea-waves (2).zip
2016-04-20 14:54 - 2016-04-20 14:54 - 04578876 _____ C:\Users\Svc-Pc\Downloads\Vintage-car-symbols.zip
2016-04-20 14:54 - 2016-04-20 14:54 - 02711826 _____ C:\Users\Svc-Pc\Downloads\Vintage-car-service-badges.zip
2016-04-20 14:06 - 2016-04-20 14:06 - 07386481 _____ C:\Users\Svc-Pc\Downloads\Dark-pixels-background.zip
2016-04-20 14:06 - 2016-04-20 14:06 - 00867146 _____ C:\Users\Svc-Pc\Downloads\Modern-brochure-template.zip
2016-04-19 15:55 - 2016-04-19 15:55 - 01266209 _____ C:\Users\Svc-Pc\Downloads\Blue-squares-background-template.zip
2016-04-19 15:30 - 2016-04-19 15:30 - 05346791 _____ C:\Users\Svc-Pc\Downloads\Sketches-marine-nature-pattern.zip
2016-04-19 15:30 - 2016-04-19 15:30 - 01203447 _____ C:\Users\Svc-Pc\Downloads\Sea-waves-collection (1).zip
2016-04-19 15:27 - 2016-04-19 15:27 - 02224674 _____ C:\Users\Svc-Pc\Downloads\Marine-vector-elements.zip
2016-04-19 15:23 - 2016-04-19 15:23 - 01432799 _____ C:\Users\Svc-Pc\Downloads\Marine-symbols-vector-set.zip
2016-04-19 15:23 - 2016-04-19 15:23 - 01432799 _____ C:\Users\Svc-Pc\Downloads\Marine-symbols-vector-set (1).zip
2016-04-19 15:20 - 2016-04-19 15:20 - 01203447 _____ C:\Users\Svc-Pc\Downloads\Sea-waves-collection.zip
2016-04-19 15:19 - 2016-04-19 15:19 - 01851000 _____ C:\Users\Svc-Pc\Downloads\Summer-time-background-with-text.zip
2016-04-19 10:09 - 2016-04-27 14:30 - 00000000 ____D C:\Users\Svc-Pc\Documents\Corel
2016-04-19 09:55 - 2016-04-19 09:57 - 00000000 ____D C:\Users\Svc-Pc\Documents\COREL 7 - 2015
2016-04-18 17:40 - 2016-04-18 17:40 - 19459613 _____ C:\Users\Svc-Pc\Downloads\PM-1101-15N-CAMISA ANIV LJ ABRIL.zip
2016-04-18 15:17 - 2016-04-18 15:17 - 01064312 _____ C:\Users\Svc-Pc\Downloads\Camisa Tabapua Nova Leão X6.cdr
2016-04-18 14:45 - 2016-04-18 14:45 - 07726296 _____ C:\Users\Svc-Pc\Downloads\Camisa TUF Dias Macêdo (Oficial) - Novo Modelo (1).cdr
2016-04-18 14:21 - 2016-04-18 14:21 - 00452329 _____ C:\Users\Svc-Pc\Downloads\Arte Volei 13.cdr
2016-04-18 14:21 - 2016-04-18 14:21 - 00438684 _____ C:\Users\Svc-Pc\Downloads\Arte Volei 14.cdr
2016-04-18 14:20 - 2016-04-18 14:20 - 01188849 _____ C:\Users\Svc-Pc\Downloads\Arte Volei 12.cdr
2016-04-18 10:31 - 2016-04-18 10:31 - 00147718 _____ C:\Users\Svc-Pc\Downloads\carnevalee_freakshow.zip
2016-04-18 09:42 - 2016-04-18 09:43 - 00552814 _____ C:\Users\Svc-Pc\Documents\Resultado 1 Vida Nova.pdf
2016-04-18 08:09 - 2016-04-18 08:09 - 06717294 _____ C:\Users\Svc-Pc\Downloads\Camiseta_festa-das-torcidas.pdf
2016-04-15 07:57 - 2016-04-15 07:57 - 56989929 _____ C:\Users\Svc-Pc\Downloads\wetransfer-106dd3.zip
2016-04-14 14:00 - 2016-04-14 14:00 - 10143392 _____ C:\Users\Svc-Pc\Downloads\Background-for-summer-vacation (1).zip
2016-04-13 14:34 - 2016-04-13 14:34 - 21846657 _____ C:\Users\Svc-Pc\Downloads\Pdfs camisa.zip
2016-04-12 15:29 - 2016-04-12 15:29 - 06971909 _____ C:\Users\Svc-Pc\Downloads\TOUR DE LIDERES rj.rar
2016-04-12 14:15 - 2016-04-12 14:15 - 00022566 _____ C:\Users\Svc-Pc\Downloads\HondaITC.zip
2016-04-12 14:12 - 2016-04-12 14:12 - 00032652 _____ C:\Users\Svc-Pc\Downloads\hondafont.zip
2016-04-12 12:47 - 2016-04-12 12:47 - 19586233 _____ C:\Users\Svc-Pc\Downloads\Beach-background.zip
2016-04-12 12:47 - 2016-04-12 12:47 - 00782974 _____ C:\Users\Svc-Pc\Downloads\Polygonal-abstract-background-design.zip
2016-04-12 12:42 - 2016-04-12 12:42 - 01352133 _____ C:\Users\Svc-Pc\Downloads\World-Water-Day-blue-waves-background.zip
2016-04-12 11:28 - 2016-04-12 11:28 - 03092389 _____ C:\Users\Svc-Pc\Downloads\Palm-trees-black-silhouettes.zip
2016-04-12 11:21 - 2016-04-12 11:21 - 31722079 _____ C:\Users\Svc-Pc\Downloads\Realistic-palm-trees-background.zip
2016-04-12 10:34 - 2016-04-12 10:34 - 57169077 _____ C:\Users\Svc-Pc\Downloads\LOGOMARCA APROVADA.cdr
2016-04-12 09:22 - 2016-04-12 09:22 - 00860193 _____ C:\Users\Svc-Pc\Downloads\Cartoon-underwater-animals.zip
2016-04-12 09:11 - 2016-04-12 09:11 - 09365186 _____ C:\Users\Svc-Pc\Downloads\Summer-wooden-sign.zip
2016-04-12 08:20 - 2016-04-12 08:20 - 00232613 _____ C:\Users\Svc-Pc\Downloads\whiskas-vector-logo-E601E33211-seeklogo.com.zip
2016-04-12 08:20 - 2016-04-12 08:20 - 00232613 _____ C:\Users\Svc-Pc\Downloads\whiskas-vector-logo-E601E33211-seeklogo.com (1).zip
2016-04-11 17:05 - 2016-04-11 17:05 - 00012883 _____ C:\Users\Svc-Pc\Downloads\Toyota-vector-logo-E7A6CE33B8-seeklogo.com.zip
2016-04-11 17:05 - 2016-04-11 17:05 - 00012883 _____ C:\Users\Svc-Pc\Downloads\Toyota-vector-logo-E7A6CE33B8-seeklogo.com (1).zip
2016-04-11 09:30 - 2016-04-11 09:30 - 00082814 _____ C:\Users\Svc-Pc\Downloads\Jacob Sa_Camiseta Preta.ai
2016-04-11 09:04 - 2016-04-11 09:04 - 17207307 _____ C:\Users\Svc-Pc\Downloads\Semana da Saúde Camisa (2).cdr
2016-04-09 07:55 - 2016-04-09 07:55 - 17207307 _____ C:\Users\Svc-Pc\Downloads\Semana da Saúde Camisa (1).cdr
2016-04-08 14:31 - 2016-04-08 14:31 - 09031177 _____ C:\Users\Svc-Pc\Downloads\Watercolor-summer-party-poster.zip
2016-04-08 13:57 - 2016-04-08 13:57 - 02492768 _____ C:\Users\Svc-Pc\Downloads\Geometric-music-party-poster.zip
2016-04-08 13:56 - 2016-04-08 13:56 - 10143392 _____ C:\Users\Svc-Pc\Downloads\Background-for-summer-vacation.zip
2016-04-08 13:49 - 2016-04-08 13:49 - 40151182 _____ C:\Users\Svc-Pc\Downloads\Spring-party-poster.zip
2016-04-08 08:47 - 2016-04-08 08:48 - 06591505 _____ C:\Users\Svc-Pc\Downloads\encomendas_ABRIL.cdr
2016-04-07 11:27 - 2016-04-07 11:27 - 02837006 _____ C:\Users\Svc-Pc\Downloads\Family-day-background.zip
2016-04-06 16:16 - 2016-04-06 16:16 - 00550703 _____ C:\Users\Svc-Pc\Downloads\Camisas.zip
2016-04-06 15:56 - 2016-04-06 15:56 - 00065987 _____ C:\Users\Svc-Pc\Downloads\heineken-vector-logo-9D42F459CD-seeklogo.com (1).zip
2016-04-06 15:55 - 2016-04-06 15:55 - 00065987 _____ C:\Users\Svc-Pc\Downloads\heineken-vector-logo-9D42F459CD-seeklogo.com.zip
2016-04-06 11:09 - 2016-04-06 11:09 - 00397390 _____ C:\Users\Svc-Pc\Downloads\FABI MELO LOGO.pdf
2016-04-06 10:18 - 2016-04-06 10:18 - 02129681 _____ C:\Users\Svc-Pc\Downloads\CHEVROLET-vector-logo-C1D614CEA8-seeklogo.com (1).zip
2016-04-06 10:17 - 2016-04-06 10:17 - 02129681 _____ C:\Users\Svc-Pc\Downloads\CHEVROLET-vector-logo-C1D614CEA8-seeklogo.com.zip
2016-04-06 10:16 - 2016-04-06 10:16 - 00922290 _____ C:\Users\Svc-Pc\Downloads\Chevrolet_Brasil-vector-logo-AD5CF84BA7-seeklogo.com (1).zip
2016-04-06 08:50 - 2016-04-06 08:50 - 00619343 _____ C:\Users\Svc-Pc\Downloads\Forte Tech logo.cdr
2016-04-06 08:47 - 2016-04-06 08:47 - 00032225 _____ C:\Users\Svc-Pc\Downloads\Boston_Marathon-vector-logo-D179234F5C-seeklogo.com.zip
2016-04-05 16:37 - 2016-04-05 16:37 - 00054320 _____ C:\Users\Svc-Pc\Downloads\ADESIVO MULTI TIGELADA.cdr
2016-04-05 16:36 - 2016-04-05 16:36 - 00445697 _____ C:\Users\Svc-Pc\Downloads\lapidary curvas.cdr
2016-04-05 16:34 - 2016-04-05 16:34 - 00409856 _____ C:\Users\Svc-Pc\Downloads\logo adesivo.pdf
2016-04-05 16:33 - 2016-04-05 16:33 - 01273520 _____ C:\Users\Svc-Pc\Downloads\Espetim do Minino.cdr
2016-04-05 16:33 - 2016-04-05 16:33 - 00034507 _____ C:\Users\Svc-Pc\Downloads\LOGOMARCA TOP ARTE COLOR E PEB.cdr
2016-04-05 16:32 - 2016-04-05 16:32 - 01082645 _____ C:\Users\Svc-Pc\Downloads\Logo_Le_Gourmet.cdr
2016-04-05 16:30 - 2016-04-05 16:30 - 01650922 _____ C:\Users\Svc-Pc\Downloads\Logo buxexa personal .eps
2016-04-05 16:30 - 2016-04-05 16:30 - 00329661 _____ C:\Users\Svc-Pc\Downloads\Logo buxexa personal .ai
2016-04-05 15:52 - 2016-04-05 15:52 - 05103022 _____ C:\Users\Svc-Pc\Downloads\André Martins.pdf
2016-04-05 15:22 - 2016-04-05 15:22 - 00507135 _____ C:\Users\Svc-Pc\Documents\Camisa Beira Rio.pdf
2016-04-05 12:35 - 2016-04-05 12:35 - 00632074 _____ C:\Users\Svc-Pc\Downloads\doc (4).pdf
2016-04-05 12:25 - 2016-04-05 12:25 - 01156658 _____ C:\Users\Svc-Pc\Downloads\cartao_padrao (1).cdr

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-05-05 15:09 - 2015-11-18 11:33 - 00000000 ____D C:\Users\Svc-Pc\Documents\Arquivos do Outlook
2016-05-05 15:05 - 2015-11-05 09:24 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-742465555-2576082086-511315665-1001
2016-05-05 15:01 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\Inf
2016-05-05 14:58 - 2015-12-11 13:02 - 00002856 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Svc-Pc)
2016-05-05 14:56 - 2015-12-11 13:01 - 00000000 ____D C:\Program Files (x86)\IObit
2016-05-05 14:55 - 2015-11-18 08:38 - 00000000 ____D C:\Users\Svc-Pc\AppData\Roaming\Skype
2016-05-05 14:54 - 2015-11-18 08:47 - 22798848 ___SH C:\Users\Svc-Pc\Desktop\Thumbs.db
2016-05-05 14:53 - 2015-11-05 09:28 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-05 14:51 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-05 14:45 - 2015-11-05 09:28 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-05 14:40 - 2015-11-18 08:13 - 00000000 ____D C:\Users\Todos os Usuários\CorelDRAW Graphics Suite X7
2016-05-05 14:40 - 2015-11-18 08:13 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X7
2016-05-05 14:33 - 2015-11-05 09:27 - 00000000 ____D C:\Users\Svc-Pc\AppData\Local\Apps\2.0
2016-05-05 14:28 - 2015-11-05 09:28 - 00002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-05 14:27 - 2015-11-05 09:28 - 00002118 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-05 14:21 - 2015-11-27 08:44 - 00000000 ____D C:\Windows\system32\appmgmt
2016-05-05 14:14 - 2015-12-09 16:06 - 00000000 ____D C:\Program Files\KMSpico
2016-05-05 14:07 - 2015-11-05 09:18 - 00000000 ____D C:\Users\Svc-Pc
2016-05-05 14:02 - 2015-11-05 09:18 - 00001442 _____ C:\Users\Svc-Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-05-05 07:45 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\AppReadiness
2016-05-05 07:06 - 2015-12-11 13:01 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2016-05-05 07:06 - 2015-12-11 13:01 - 00000000 ____D C:\ProgramData\ProductData
2016-05-04 15:30 - 2015-11-05 09:18 - 00000000 ____D C:\Users\Svc-Pc\AppData\Local\Packages
2016-05-04 14:13 - 2016-04-04 08:08 - 00002403 _____ C:\Users\Svc-Pc\Desktop\PRODUÇÃO 2016 - Atalho.lnk
2016-05-04 14:13 - 2016-01-12 08:08 - 00002729 _____ C:\Users\Svc-Pc\Desktop\HORAS EXTRA CRIAÇÃO 2016 - Atalho.lnk
2016-05-04 14:13 - 2015-11-18 08:49 - 00001793 _____ C:\Users\Svc-Pc\Desktop\Criacao - Atalho.lnk
2016-05-04 14:13 - 2015-11-18 08:48 - 00002119 _____ C:\Users\Svc-Pc\Desktop\Ricardo - Atalho.lnk
2016-05-04 14:13 - 2015-11-18 08:48 - 00002103 _____ C:\Users\Svc-Pc\Desktop\LUCIA - Atalho.lnk
2016-05-04 14:13 - 2015-11-18 08:48 - 00002087 _____ C:\Users\Svc-Pc\Desktop\Val - Atalho.lnk
2016-05-04 14:13 - 2015-11-18 08:47 - 00002119 _____ C:\Users\Svc-Pc\Desktop\HELIANA - Atalho.lnk
2016-05-04 11:55 - 2014-05-15 18:13 - 00777606 _____ C:\Windows\system32\prfh0416.dat
2016-05-04 11:55 - 2014-05-15 18:13 - 00159140 _____ C:\Windows\system32\prfc0416.dat
2016-05-04 11:55 - 2014-03-18 07:02 - 01804994 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-04 08:39 - 2015-11-27 10:48 - 00000000 ____D C:\Users\Svc-Pc\Desktop\Photoshop CS6 Portable
2016-05-04 07:49 - 2015-12-11 13:01 - 00000000 ____D C:\Users\Todos os Usuários\IObit
2016-05-04 07:49 - 2015-12-11 13:01 - 00000000 ____D C:\ProgramData\IObit
2016-04-29 07:38 - 2013-08-22 12:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-28 13:14 - 2015-11-06 12:10 - 01928704 ___SH C:\Users\Svc-Pc\Downloads\Thumbs.db
2016-04-28 07:36 - 2013-08-22 11:44 - 10870808 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-26 14:54 - 2013-08-22 10:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-04-26 09:50 - 2015-11-05 09:27 - 00000000 ____D C:\Users\Svc-Pc\AppData\Local\Microsoft Help
2016-04-22 07:57 - 2016-01-04 15:52 - 00102912 ___SH C:\Users\Svc-Pc\Documents\Thumbs.db
2016-04-19 09:45 - 2015-11-18 08:21 - 00000000 ____D C:\Users\Todos os Usuários\Protexis
2016-04-19 09:45 - 2015-11-18 08:21 - 00000000 ____D C:\ProgramData\Protexis

==================== Arquivos na raiz de alguns diretórios =======

2016-05-05 13:48 - 2016-05-05 13:48 - 0129640 _____ () C:\Users\Svc-Pc\AppData\Roaming\adobe_flash_setup-31962814.exe
2016-05-05 14:01 - 2016-05-05 14:01 - 6494208 _____ () C:\Users\Svc-Pc\AppData\Roaming\agent.dat
2016-05-05 14:01 - 2016-05-05 14:01 - 0054272 _____ () C:\Users\Svc-Pc\AppData\Roaming\ApplicationHosting.dat
2016-05-05 13:50 - 2016-05-05 13:53 - 0001278 _____ () C:\Users\Svc-Pc\AppData\Roaming\Bubble Dock.boostrap.log
2016-05-05 13:51 - 2016-05-05 13:52 - 0005719 _____ () C:\Users\Svc-Pc\AppData\Roaming\Bubble Dock.installation.log
2016-05-05 14:01 - 2016-05-05 14:00 - 0949248 _____ () C:\Users\Svc-Pc\AppData\Roaming\Cancancore.exe
2016-05-05 14:01 - 2016-05-05 14:01 - 0072717 _____ () C:\Users\Svc-Pc\AppData\Roaming\Cancancore.tst
2016-05-05 14:01 - 2016-05-05 14:01 - 0065568 _____ () C:\Users\Svc-Pc\AppData\Roaming\Config.xml
2016-05-05 14:13 - 2016-04-25 12:06 - 1085440 _____ () C:\Users\Svc-Pc\AppData\Roaming\delCalendarReg.exe
2016-05-05 14:00 - 2016-05-05 14:00 - 0848437 _____ () C:\Users\Svc-Pc\AppData\Roaming\Domzap.bin
2016-05-05 14:00 - 2016-05-05 14:00 - 0015408 _____ () C:\Users\Svc-Pc\AppData\Roaming\InstallationConfiguration.xml
2016-05-05 14:00 - 2016-05-05 14:00 - 0127488 _____ () C:\Users\Svc-Pc\AppData\Roaming\Installer.dat
2016-05-05 14:01 - 2016-05-05 14:01 - 0126464 _____ () C:\Users\Svc-Pc\AppData\Roaming\lobby.dat
2016-05-05 14:01 - 2016-05-05 14:01 - 0018432 _____ () C:\Users\Svc-Pc\AppData\Roaming\Main.dat
2016-05-05 14:01 - 2016-05-05 14:01 - 0005568 _____ () C:\Users\Svc-Pc\AppData\Roaming\md.xml
2016-05-05 13:51 - 2016-04-26 06:27 - 1916928 _____ () C:\Users\Svc-Pc\AppData\Roaming\msiql.exe
2016-05-05 14:01 - 2016-05-05 14:00 - 0949248 _____ () C:\Users\Svc-Pc\AppData\Roaming\Nam-Touch.exe
2016-05-05 14:01 - 2016-05-05 14:01 - 1626777 _____ () C:\Users\Svc-Pc\AppData\Roaming\Nam-Touch.tst
2016-05-05 14:01 - 2016-05-05 14:01 - 0126464 _____ () C:\Users\Svc-Pc\AppData\Roaming\noah.dat
2015-12-04 15:43 - 2016-03-28 15:31 - 0000132 _____ () C:\Users\Svc-Pc\AppData\Roaming\Preferências do Formato PNG do Adobe CS6
2016-05-05 13:53 - 2016-05-05 13:53 - 0000078 _____ () C:\Users\Svc-Pc\AppData\Roaming\Selection Tools.installation.log
2016-05-05 13:51 - 2016-04-27 03:51 - 1755136 _____ () C:\Users\Svc-Pc\AppData\Roaming\service.exe
2016-05-05 14:55 - 2016-05-05 14:55 - 2783744 _____ (TODO:  ) C:\Users\Svc-Pc\AppData\Roaming\svrupg.exe
2016-05-05 14:01 - 2016-05-05 14:01 - 0001150 _____ () C:\Users\Svc-Pc\AppData\Roaming\uninstall_temp.ico
2016-05-05 14:55 - 2016-05-05 14:55 - 0002303 _____ () C:\Users\Svc-Pc\AppData\Roaming\webad.xml
2016-05-05 13:50 - 2016-05-05 13:50 - 0000097 _____ () C:\Users\Svc-Pc\AppData\Roaming\WindApp.boostrap.log
2016-05-05 13:52 - 2016-05-05 13:52 - 0000078 _____ () C:\Users\Svc-Pc\AppData\Roaming\WindApp.installation.log
2016-05-05 13:51 - 2016-04-25 11:45 - 0600312 _____ () C:\Users\Svc-Pc\AppData\Roaming\YeaPlayer_br_IBD_Bundle.exe
2016-05-05 14:02 - 2016-05-05 14:03 - 5817344 _____ (GPS Safety) C:\Users\Svc-Pc\AppData\Local\helpmng.exe
2016-04-26 09:24 - 2016-04-26 09:24 - 0000009 ____N () C:\ProgramData\a.bat
2010-08-28 17:43 - 2010-08-28 17:43 - 0577335 ____N () C:\ProgramData\adb.exe
2010-08-28 17:43 - 2010-08-28 17:43 - 0096256 ____N (Google, inc) C:\ProgramData\AdbWinApi.dll
2010-08-28 17:43 - 2010-08-28 17:43 - 0060928 ____N (Google, inc) C:\ProgramData\AdbWinUsbApi.dll
2016-05-05 13:51 - 2016-04-26 12:07 - 1253376 _____ (eee) C:\ProgramData\apptj.exe
2010-08-28 17:43 - 2010-08-28 17:43 - 0356009 ____N () C:\ProgramData\fastboot.exe
2016-05-05 13:51 - 2016-04-26 06:27 - 1916928 _____ () C:\ProgramData\msiql.exe
2016-05-05 13:51 - 2016-04-27 03:51 - 1755136 _____ () C:\ProgramData\service.exe
2016-05-05 14:52 - 2016-05-05 14:52 - 0002303 _____ () C:\ProgramData\webad.xml
2016-05-05 13:51 - 2016-05-05 14:53 - 0413439 _____ () C:\ProgramData\xdo.zip
2016-05-05 13:51 - 2016-04-19 05:58 - 0600312 _____ () C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
2016-05-05 13:51 - 2016-05-05 12:53 - 0073806 _____ () C:\ProgramData\YSIns.exe

Arquivos para serem movidos ou deletados:
====================
C:\Users\Svc-Pc\AppData\Local\Temp\MZMGK2CWA\MZMGK2CWA.exe
C:\ProgramData\a.bat
C:\ProgramData\adb.exe
C:\ProgramData\AdbWinApi.dll
C:\ProgramData\AdbWinUsbApi.dll
C:\ProgramData\apptj.exe
C:\ProgramData\fastboot.exe
C:\ProgramData\msiql.exe
C:\ProgramData\service.exe
C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
C:\ProgramData\YSIns.exe
C:\Users\Todos os Usuários\a.bat
C:\Users\Todos os Usuários\adb.exe
C:\Users\Todos os Usuários\AdbWinApi.dll
C:\Users\Todos os Usuários\AdbWinUsbApi.dll
C:\Users\Todos os Usuários\apptj.exe
C:\Users\Todos os Usuários\fastboot.exe
C:\Users\Todos os Usuários\msiql.exe
C:\Users\Todos os Usuários\service.exe
C:\Users\Todos os Usuários\YeaPlayer_br_IBD_Bundle.exe
C:\Users\Todos os Usuários\YSIns.exe


Alguns arquivos em TEMP:
====================
C:\Users\Svc-Pc\AppData\Local\Temp\2E61.tmp.exe
C:\Users\Svc-Pc\AppData\Local\Temp\6ED6.tmp.exe
C:\Users\Svc-Pc\AppData\Local\Temp\another.exe
C:\Users\Svc-Pc\AppData\Local\Temp\fsdEB7C.exe
C:\Users\Svc-Pc\AppData\Local\Temp\MZPZ1A8RAB.exe
C:\Users\Svc-Pc\AppData\Local\Temp\nsd2D09.tmp.exe
C:\Users\Svc-Pc\AppData\Local\Temp\Quarantine.exe
C:\Users\Svc-Pc\AppData\Local\Temp\R5MOLGEOHV.exe
C:\Users\Svc-Pc\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Svc-Pc\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-05-03 12:13

==================== Fim de FRST.txt ============================