Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 19-08-2016
Executado por Decin (administrador) em DECIN-PC (20-08-2016 00:44:41)
Executando a partir de C:\Users\Decin\Downloads
Perfis Carregados: Decin (Perfis Disponíveis: Decin)
Platform: Windows 7 Home Premium (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: "C:\Program Files (x86)\Goldlarry\Application\chrome.exe" -- "%1")
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Qksee Pvt Ltd.) C:\Program Files (x86)\qksee\qkseeSvc.exe
(ExWzp Pvt Ltd.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(BitTorrent Inc.) C:\Users\Decin\AppData\Roaming\uTorrent\uTorrent.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(BitTorrent Inc.) C:\Users\Decin\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe
(BitTorrent Inc.) C:\Users\Decin\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(BitTorrent Inc.) C:\Users\Decin\AppData\Roaming\uTorrent\updates\3.4.8_42449.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Trend Corp.) C:\Users\Decin\AppData\Roaming\setup1\TSvr.exe
() C:\Program Files (x86)\SFK\SSFK.exe
(WFini LIMITED) C:\ProgramData\IwinpI\WFini.exe
() C:\Program Files (x86)\WinSaber\WinSaber.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Goldlarry\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Goldlarry\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Goldlarry\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Goldlarry\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Goldlarry\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Google Inc.) C:\Program Files (x86)\Goldlarry\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Goldlarry\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Goldlarry\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Goldlarry\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6846096 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1253520 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2780400 2013-09-13] (Synaptics Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [290688 2012-10-24] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9071752 2016-08-03] (AVAST Software)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-07-20] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3134634478-2045211356-4131108583-1000\...\Run: [uTorrent] => C:\Users\Decin\AppData\Roaming\uTorrent\updates\3.4.8_42449.exe [1972224 2016-08-04] (BitTorrent Inc.)
HKU\S-1-5-21-3134634478-2045211356-4131108583-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2008-01-22] (Nero AG)
HKU\S-1-5-21-3134634478-2045211356-4131108583-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-3134634478-2045211356-4131108583-1000\...\MountPoints2: {c5b7fbc9-ede9-11e5-b60e-9cd21eeb35d0} - H:\AUTORUN.EXE
HKU\S-1-5-21-3134634478-2045211356-4131108583-1000\...\MountPoints2: {db2b58b8-71ad-11e5-890b-9cd21eeb35d0} - E:\LGAutoRun.exe
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Decin\AppData\Local\MEGAsync\ShellExtX64.dll Nenhum Arquivo
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Decin\AppData\Local\MEGAsync\ShellExtX64.dll Nenhum Arquivo
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Decin\AppData\Local\MEGAsync\ShellExtX64.dll Nenhum Arquivo
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-03] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Decin\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Decin\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Decin\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo
Startup: C:\Users\Decin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Moo0 Multi-Desktop 1.17.lnk [2015-12-19]
ShortcutTarget: Moo0 Multi-Desktop 1.17.lnk -> C:\Program Files (x86)\Moo0\MultiDesktop 1.17\MultiDesktop.exe (Moo0)
Startup: C:\Users\Decin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2016-03-28]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{574F5648-0873-4EC4-AFA5-214B9A97678E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{722CA78F-CB41-4B22-8A5D-0FC1ADE427B7}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656&q={searchTerms}
HKU\S-1-5-21-3134634478-2045211356-4131108583-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656
HKU\S-1-5-21-3134634478-2045211356-4131108583-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656&q={searchTerms}
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656&q={searchTerms}
SearchScopes: HKLM-x32 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3134634478-2045211356-4131108583-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3134634478-2045211356-4131108583-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-3134634478-2045211356-4131108583-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-07-11] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-11] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Decin\AppData\Roaming\Mozilla\Firefox\Profiles\8b5aoemt.default
FF NewTab: hxxp://www.nicesearches.com?type=hp&ts=1460465842&from=58740412&uid=st1000lm024xhn-m101mbb_s32sj5af303656303656&z=de68a15df0a3155554d42b5g9zfqee6z0q1wcbfz1c
FF DefaultSearchEngine: nice
FF SearchEngineOrder.1: nice
FF SelectedSearchEngine: nice
FF Homepage: hxxp://www.nicesearches.com?type=hp&ts=1460465842&from=58740412&uid=st1000lm024xhn-m101mbb_s32sj5af303656303656&z=de68a15df0a3155554d42b5g9zfqee6z0q1wcbfz1c
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3134634478-2045211356-4131108583-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Decin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-07-14] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Decin\AppData\Roaming\Mozilla\Firefox\Profiles\8b5aoemt.default\searchplugins\nice.xml [2016-06-29]
FF SearchPlugin: C:\Users\Decin\AppData\Roaming\Mozilla\Firefox\Profiles\8b5aoemt.default\searchplugins\nuesearch.xml [2016-07-07]
FF SearchPlugin: C:\Users\Decin\AppData\Roaming\Mozilla\Firefox\Profiles\8b5aoemt.default\searchplugins\so-v.xml [2016-04-25]
FF Extension: xRocket Toolbar - C:\Users\Decin\AppData\Roaming\Mozilla\Firefox\Profiles\8b5aoemt.default\Extensions\arthurj8283@gmail.com [2016-06-29] [não assinado]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-07]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-07]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\Decin\AppData\Roaming\Mozilla\Firefox\Profiles\8b5aoemt.default\extensions\arthurj8283@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
StartMenuInternet: FIREFOX.EXE - c:\program files (x86)\mozilla firefox\firefox.exe hxxp://www.nuesearch.com/?type=sc&ts=1471623337&z=ba0ca69d85d6dbfd359affbg3z4mbg6q2o4cacco1q&from=wpm0616&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656
Chrome:
=======
CHR HomePage: Default -> hxxp://www.nicesearches.com?type=hp&ts=1470709896&from=ff060805&uid=st1000lm024xhn-m101mbb_s32sj5af303656303656&z=4008e9e227da352f86ef58fgfzbmaeem9eat6b6teo
CHR StartupUrls: Default -> "hxxp://www.nicesearches.com?type=hp&ts=1470709896&from=ff060805&uid=st1000lm024xhn-m101mbb_s32sj5af303656303656&z=4008e9e227da352f86ef58fgfzbmaeem9eat6b6teo"
CHR DefaultSearchURL: Default -> hxxp://www.nicesearches.com/search.php?type=ds&ts=1470709896&from=ff060805&uid=st1000lm024xhn-m101mbb_s32sj5af303656303656&z=4008e9e227da352f86ef58fgfzbmaeem9eat6b6teo&q={searchTerms}
CHR DefaultSearchKeyword: Default -> nice
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\Decin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Decin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-19]
CHR Extension: (Google Docs) - C:\Users\Decin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-19]
CHR Extension: (Google Drive) - C:\Users\Decin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Decin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Decin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-30]
CHR Extension: (Google Search) - C:\Users\Decin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Planilhas do Google) - C:\Users\Decin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-19]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Decin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-25]
CHR Extension: (Gmail) - C:\Users\Decin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-19]
CHR HKLM\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3134634478-2045211356-4131108583-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
StartMenuInternet: Google Chrome - c:\program files (x86)\google\chrome\application\chrome.exe hxxp://www.nuesearch.com/?type=sc&ts=1471623337&z=ba0ca69d85d6dbfd359affbg3z4mbg6q2o4cacco1q&from=wpm0616&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197640 2016-08-03] (AVAST Software)
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-07-21] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-07-21] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [462360 2016-07-21] (BlueStack Systems, Inc.)
S2 DeskTop_F; C:\ProgramData\desktopfind\desktop254.exe [236728 2016-03-16] (DeskTopService)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
S2 ggbugreport; C:\Program Files (x86)\SearchesToYesbnd\bugreport.exe [1592888 2016-03-15] ()
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2554376 2016-07-20] (LogMeIn Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2464400 2012-09-07] (Realsil Microelectronics Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Arquivo não assinado]
R2 IhPul; C:\Users\Decin\AppData\Roaming\setup1\TSvr.exe [210128 2016-08-18] (Trend Corp.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [163608 2012-03-06] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-07-20] (LogMeIn, Inc.)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Arquivo não assinado]
R2 qkseeService; C:\Program Files (x86)\qksee\qkseeSvc.exe [767664 2016-05-31] (Qksee Pvt Ltd.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-11-20] (Realtek Semiconductor)
R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [118576 2014-11-26] ()
R2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [163552 2016-08-19] ()
S2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] () [Arquivo não assinado]
R2 WdMan; C:\ProgramData\IwinpI\WFini.exe [541416 2016-08-18] (WFini LIMITED)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
R2 winsaber; C:\Program Files (x86)\WinSaber\WinSaber.exe [429272 2016-08-19] ()
S2 Winsere; C:\Program Files (x86)\Winsere\Winsere\Winsere.exe [316984 2016-03-23] ()
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [1242264 2016-07-26] (ExWzp Pvt Ltd.) <==== ATENÇÃO
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2013-03-02] (Atheros) [Arquivo não assinado]
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-03] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-08-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-03] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [968536 2016-08-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-08-03] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-04] (AVAST Software)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-07-21] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-07-21] (Bluestack System Inc. )
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-03-19] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-03-19] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R0 rtcrfilt64; C:\Windows\System32\DRIVERS\rtcrfilt64.sys [19600 2012-09-04] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-13] (Synaptics Incorporated)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\System32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
S3 GENERICDRV; \??\E:\Drivers notebook\BIOS\amifldrv64.sys [X]
S3 X6va035; \??\C:\Windows\SysWOW64\Drivers\X6va035 [X]
S3 X6va037; \??\C:\Windows\SysWOW64\Drivers\X6va037 [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-08-20 00:44 - 2016-08-20 00:45 - 00028083 _____ C:\Users\Decin\Downloads\FRST.txt
2016-08-20 00:44 - 2016-08-20 00:44 - 02395648 _____ (Farbar) C:\Users\Decin\Downloads\FRST64.exe
2016-08-20 00:44 - 2016-08-20 00:44 - 00000000 ____D C:\FRST
2016-08-20 00:33 - 2016-08-20 00:33 - 50000622 _____ C:\Users\Decin\Downloads\PokeFarmer 1.0.103_henrique ch.zip
2016-08-19 15:11 - 2016-08-19 17:22 - 04483072 ____R C:\Users\Decin\Desktop\Windows_7_todas.as.versoes_x86_ou_x64_pt-BR.iso
2016-08-19 15:10 - 2016-08-19 15:10 - 00021094 _____ C:\Users\Decin\Downloads\Windows-7-todas-as-versões-PHDowns.torrent
2016-08-19 13:15 - 2016-08-19 13:15 - 00000000 ____D C:\Users\Todos os Usuários\IwinpI
2016-08-19 13:15 - 2016-08-19 13:15 - 00000000 ____D C:\ProgramData\IwinpI
2016-08-18 19:42 - 2016-08-18 19:42 - 00000000 _____ C:\Windows\SysWOW64\last.dump
2016-08-17 17:45 - 2016-08-19 13:13 - 00000000 ____D C:\Users\Decin\AppData\LocalLow\uTorrent
2016-08-16 10:36 - 2016-08-20 00:31 - 00000000 ____D C:\Program Files (x86)\SFK
2016-08-16 10:36 - 2016-08-19 13:15 - 00000000 ____D C:\Users\Decin\AppData\Roaming\setup1
2016-08-14 18:56 - 2016-08-20 00:34 - 00000000 ____D C:\Users\Decin\Desktop\PokeFarmer 1.0.103
2016-08-07 14:54 - 2016-08-11 13:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-07 13:29 - 2016-08-03 23:06 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-08-06 21:25 - 2016-08-06 21:25 - 00008145 _____ C:\Users\Decin\Downloads\download.htm
2016-08-06 19:51 - 2016-08-06 19:51 - 00000000 __SHD C:\found.000
2016-08-06 16:38 - 2016-08-06 16:44 - 47234371 _____ C:\Users\Decin\Downloads\Pokémon GO_v0.31.0_apkpure.com.apk.crdownload
2016-08-06 16:23 - 2016-08-16 21:30 - 00000000 ____D C:\Users\Decin\.android
2016-08-06 16:16 - 2016-08-06 16:16 - 00000000 ____D C:\Users\Decin\Nox_share
2016-08-06 16:14 - 2016-08-06 16:15 - 00000000 ____D C:\Users\Decin\AppData\Roaming\Microsoft\Windows\Start Menu\Nox
2016-08-06 16:14 - 2016-08-06 16:14 - 00000871 _____ C:\Users\Decin\Desktop\Nox.lnk
2016-08-06 16:13 - 2016-08-16 21:30 - 00000000 ____D C:\Users\Decin\vmlogs
2016-08-06 16:13 - 2016-08-16 21:30 - 00000000 ____D C:\Users\Decin\.BigNox
2016-08-06 16:11 - 2015-09-16 03:07 - 00127432 _____ (BigNox Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-08-06 16:08 - 2016-08-06 16:08 - 00000000 ____D C:\Program Files\DIFX
2016-08-06 16:08 - 2015-09-16 00:29 - 00253384 _____ (BigNox Corporation) C:\Windows\system32\Drivers\XQHDrv.sys
2016-08-06 16:07 - 2016-08-06 16:12 - 00000000 ____D C:\Program Files\Bignox
2016-08-06 16:05 - 2016-08-16 21:30 - 00000000 ____D C:\Users\Decin\AppData\Local\Nox
2016-08-06 16:05 - 2016-08-06 16:05 - 00000000 ____D C:\Users\Decin\AppData\Roaming\Nox
2016-08-06 15:49 - 2016-08-06 16:02 - 311563080 _____ (Duodian Technology Co. Ltd.) C:\Users\Decin\Downloads\nox_setup_v3.7.1.0_full_En.exe
2016-08-03 23:06 - 2016-08-03 23:06 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-07-27 04:02 - 2016-07-27 09:37 - 02988216 _____ (Update) C:\Program Files (x86)\SSFK.exe
2016-07-26 13:43 - 2016-07-26 13:43 - 00000007 _____ C:\Windows\SysWOW64\wsx9E56.tmp
2016-07-26 13:43 - 2016-07-26 13:43 - 00000000 ____D C:\Users\Decin\AppData\Local\Goldlarry
2016-07-26 13:42 - 2016-07-26 13:42 - 00000000 ____D C:\Program Files (x86)\Goldlarry
2016-07-26 08:00 - 2016-07-26 21:42 - 00000000 _____ C:\Users\Public\Documents\report1.dat
2016-07-26 07:30 - 2016-07-26 07:31 - 00000000 ____D C:\Users\Todos os Usuários\uckt
2016-07-26 07:30 - 2016-07-26 07:31 - 00000000 ____D C:\ProgramData\uckt
2016-07-26 07:30 - 2016-07-26 07:30 - 00003440 _____ C:\Windows\System32\Tasks\ChelfNotify Task
2016-07-26 07:30 - 2016-07-26 07:30 - 00000000 ____D C:\Users\Todos os Usuários\Uncheckit
2016-07-26 07:30 - 2016-07-26 07:30 - 00000000 ____D C:\Users\Todos os Usuários\LwinpL
2016-07-26 07:30 - 2016-07-26 07:30 - 00000000 ____D C:\Users\Todos os Usuários\ChelfNotify
2016-07-26 07:30 - 2016-07-26 07:30 - 00000000 ____D C:\Users\Decin\AppData\Roaming\Uncheckit
2016-07-26 07:30 - 2016-07-26 07:30 - 00000000 ____D C:\ProgramData\Uncheckit
2016-07-26 07:30 - 2016-07-26 07:30 - 00000000 ____D C:\ProgramData\LwinpL
2016-07-26 07:30 - 2016-07-26 07:30 - 00000000 ____D C:\ProgramData\ChelfNotify
2016-07-26 07:30 - 2016-07-26 07:30 - 00000000 ____D C:\Program Files (x86)\cr0f3anf
2016-07-25 20:00 - 2016-07-26 13:45 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Local\LogMeIn Hamachi
2016-07-25 20:00 - 2016-07-26 13:45 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2016-07-25 20:00 - 2016-07-26 13:45 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2016-07-25 19:59 - 2016-07-25 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-07-25 19:59 - 2016-07-25 19:59 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-07-25 18:35 - 2016-07-25 18:35 - 00000000 ____D C:\Users\Decin\AppData\Roaming\Macromedia
2016-07-25 18:35 - 2016-07-25 18:35 - 00000000 ____D C:\Users\Decin\AppData\Local\Macromedia
2016-07-25 18:32 - 2016-08-06 15:19 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacksSetup
2016-07-25 18:32 - 2016-08-06 15:19 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-07-25 18:32 - 2016-07-25 18:31 - 00001822 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
2016-07-25 18:31 - 2016-07-25 18:32 - 00000000 ____D C:\Program Files (x86)\Bluestacks
2016-07-25 18:31 - 2016-07-25 18:31 - 00001822 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2016-07-25 18:31 - 2016-07-25 18:31 - 00000000 ____D C:\Users\Todos os Usuários\Bluestacks
2016-07-25 18:31 - 2016-07-25 18:31 - 00000000 ____D C:\ProgramData\Bluestacks
2016-07-25 18:30 - 2016-07-25 18:30 - 00000000 ____D C:\Users\Decin\AppData\Local\Bluestacks
2016-07-25 18:03 - 2016-07-25 18:26 - 280942232 _____ (BlueStack Systems Inc.) C:\Users\Decin\Downloads\BlueStacks2_native.exe
2016-07-25 17:42 - 2016-07-25 17:42 - 00000000 ____D C:\Users\Decin\AppData\Roaming\Unity
2016-07-25 17:34 - 2016-07-25 17:34 - 00000000 ____D C:\Users\Decin\AppData\LocalLow\Unity
2016-07-25 17:34 - 2016-07-25 17:34 - 00000000 ____D C:\Users\Decin\AppData\Local\Unity
2016-07-25 17:33 - 2016-07-25 17:33 - 01091008 _____ (Unity Technologies ApS) C:\Users\Decin\Downloads\UnityWebPlayer.exe
2016-07-20 12:08 - 2016-07-20 12:08 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\Drivers\hamachi.sys
2016-07-19 14:46 - 2016-07-19 14:49 - 23281137 _____ C:\Users\Decin\Downloads\Dead_Trigger_2_v1.0.0_Mega_Mod_AndroidSlit.apk
2016-07-19 14:35 - 2016-07-19 14:44 - 22959107 _____ C:\Users\Decin\Downloads\Dead Trigger 2 v1.0.0 Mod [techgamesandroid.com].apk
2016-07-14 17:34 - 2016-07-14 17:34 - 00000003 _____ C:\Windows\SysWOW64\EN_274374.html
2016-07-14 17:34 - 2016-07-14 17:34 - 00000003 _____ C:\Windows\SysWOW64\EN_272752.html
2016-07-14 17:34 - 2016-07-14 17:34 - 00000003 _____ C:\Windows\SysWOW64\EN_272533.html
2016-07-14 17:34 - 2016-07-14 17:34 - 00000003 _____ C:\Windows\SysWOW64\EN_270614.html
2016-07-14 17:34 - 2016-07-14 17:34 - 00000003 _____ C:\Windows\SysWOW64\EN_270412.html
2016-07-14 17:34 - 2016-07-14 17:34 - 00000003 _____ C:\Windows\SysWOW64\EN_263610.html
2016-07-14 17:34 - 2016-07-14 17:34 - 00000003 _____ C:\Windows\SysWOW64\EN_263423.html
2016-07-14 17:34 - 2016-07-14 17:34 - 00000003 _____ C:\Windows\SysWOW64\EN_257947.html
2016-07-14 17:34 - 2016-07-14 17:34 - 00000003 _____ C:\Windows\SysWOW64\EN_257760.html
2016-07-14 17:33 - 2016-07-14 17:33 - 00000003 _____ C:\Windows\SysWOW64\EN_243080.html
2016-07-14 17:33 - 2016-07-14 17:33 - 00000003 _____ C:\Windows\SysWOW64\EN_242877.html
2016-07-14 17:33 - 2016-07-14 17:33 - 00000003 _____ C:\Windows\SysWOW64\EN_212582.html
2016-07-14 17:33 - 2016-07-14 17:33 - 00000003 _____ C:\Windows\SysWOW64\EN_211662.html
2016-07-14 17:33 - 2016-07-14 17:33 - 00000003 _____ C:\Windows\SysWOW64\EN_189354.html
2016-07-14 17:33 - 2016-07-14 17:33 - 00000003 _____ C:\Windows\SysWOW64\br_188652.html
2016-07-14 17:33 - 2016-07-14 17:33 - 00000000 ____D C:\Windows\SysWOW64\_SSpm
2016-07-13 19:22 - 2016-08-20 00:42 - 00002079 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-07-13 19:16 - 2016-08-07 13:30 - 00003896 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1468448161
2016-07-13 19:16 - 2016-07-14 17:33 - 00001441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-07-11 22:36 - 2016-07-11 22:37 - 37270939 _____ C:\Users\Decin\Downloads\Barbie e o Castelo de Diamante- barbie em português completo.3gp
2016-07-11 14:00 - 2016-08-03 23:06 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-07-11 14:00 - 2016-07-11 13:59 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-07-11 14:00 - 2016-07-11 13:59 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-07-10 22:32 - 2016-08-01 21:43 - 00473894 _____ C:\Users\Decin\Desktop\Cópia de EJA 4º Período – A Anos Finais.xlsx
2016-07-10 22:32 - 2016-08-01 16:38 - 00474957 _____ C:\Users\Decin\Desktop\Cópia de EJA 3º Período B Anos Finais (1).xlsx
2016-07-10 22:31 - 2016-08-01 16:22 - 00472122 _____ C:\Users\Decin\Desktop\Cópia de EJA 3º Período A Anos Finais.xlsx
2016-07-10 22:31 - 2016-08-01 16:03 - 00477165 _____ C:\Users\Decin\Desktop\Cópia de EJA 2º Período –A Anos Finais.xlsx
2016-07-10 22:31 - 2016-08-01 15:36 - 00471800 _____ C:\Users\Decin\Desktop\Cópia de EJA 1º Período – B Anos Finais.xlsx
2016-07-10 22:31 - 2016-08-01 15:22 - 00473694 _____ C:\Users\Decin\Desktop\Cópia de EJA 1º Período – A Anos Finais (1) (1).xlsx
2016-07-10 22:05 - 2016-07-10 22:05 - 00470517 _____ C:\Users\Decin\Downloads\Cópia de EJA 1º Período – B Anos Finais (1).xlsx
2016-07-07 17:38 - 2016-07-07 17:38 - 00000058 _____ C:\Windows\SysWOW64\EN_270536.html
2016-07-07 17:38 - 2016-07-07 17:38 - 00000058 _____ C:\Windows\SysWOW64\EN_268212.html
2016-07-07 17:38 - 2016-07-07 17:38 - 00000058 _____ C:\Windows\SysWOW64\EN_268040.html
2016-07-07 17:38 - 2016-07-07 17:38 - 00000058 _____ C:\Windows\SysWOW64\EN_265919.html
2016-07-07 17:38 - 2016-07-07 17:38 - 00000058 _____ C:\Windows\SysWOW64\EN_265732.html
2016-07-07 17:38 - 2016-07-07 17:38 - 00000058 _____ C:\Windows\SysWOW64\EN_262565.html
2016-07-07 17:38 - 2016-07-07 17:38 - 00000058 _____ C:\Windows\SysWOW64\EN_262097.html
2016-07-07 17:38 - 2016-07-07 17:38 - 00000058 _____ C:\Windows\SysWOW64\EN_249710.html
2016-07-07 17:38 - 2016-07-07 17:38 - 00000058 _____ C:\Windows\SysWOW64\EN_249367.html
2016-07-07 17:38 - 2016-07-07 17:38 - 00000000 ____D C:\Program Files (x86)\WinSaber
2016-07-07 17:37 - 2016-07-07 17:37 - 00000058 _____ C:\Windows\SysWOW64\EN_226326.html
2016-07-07 17:37 - 2016-07-07 17:37 - 00000058 _____ C:\Windows\SysWOW64\EN_225390.html
2016-07-07 17:37 - 2016-07-07 17:37 - 00000058 _____ C:\Windows\SysWOW64\EN_194782.html
2016-07-07 17:37 - 2016-07-07 17:37 - 00000058 _____ C:\Windows\SysWOW64\EN_194424.html
2016-07-07 17:36 - 2016-07-07 17:36 - 00000058 _____ C:\Windows\SysWOW64\EN_157607.html
2016-07-07 17:36 - 2016-07-07 17:36 - 00000058 _____ C:\Windows\SysWOW64\br_156952.html
2016-07-05 19:46 - 2016-07-05 19:48 - 1892820766 _____ C:\Users\Decin\Downloads\Datos Obb GTA San Andreas v1.08 [Mrpato Android].zip
2016-07-05 13:32 - 2016-07-05 13:32 - 17753094 _____ C:\Users\Decin\Downloads\Gta San Andreas 1.08 +Cleo No Root(bob) (1).apk
2016-07-02 22:03 - 2016-07-02 22:03 - 00000000 ____D C:\Users\Decin\AppData\Local\Lefttoe
2016-06-30 12:57 - 2016-06-30 12:57 - 00000000 ____D C:\Users\Public\Documents\chrome
2016-06-30 11:57 - 2016-07-10 14:12 - 00000000 ____D C:\Users\Todos os Usuários\Lefttoe
2016-06-30 11:57 - 2016-07-10 14:12 - 00000000 ____D C:\ProgramData\Lefttoe
2016-06-30 11:57 - 2016-06-30 11:57 - 00000000 ____D C:\Program Files (x86)\Lefttoe
2016-06-28 12:56 - 2016-07-07 17:36 - 00000000 ____D C:\Users\Todos os Usuários\zwinpz
2016-06-28 12:56 - 2016-07-07 17:36 - 00000000 ____D C:\ProgramData\zwinpz
2016-06-28 03:55 - 2016-06-28 12:56 - 00000000 ____D C:\Program Files (x86)\5ks9phwd
2016-06-27 16:20 - 2016-06-27 16:20 - 00468341 _____ C:\Users\Decin\Downloads\Cópia de EJA 3º Período B Anos Finais (1).xlsx
2016-06-27 16:19 - 2016-06-27 16:19 - 00000072 _____ C:\Windows\SysWOW64\EN_184487936.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\EN_184483911.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\EN_184483615.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\EN_184480230.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\EN_184479902.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\EN_184473834.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\EN_184473522.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\EN_184470511.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\EN_184470215.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\EN_184468514.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\EN_184468187.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\EN_184446955.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\EN_184446549.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\EN_184427595.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\br_184426363.html
2016-06-27 16:17 - 2016-06-27 16:17 - 04403499 _____ (Update) C:\Windows\SysWOW64\pt4.exe
2016-06-27 16:17 - 2016-06-27 16:17 - 00434045 _____ C:\Users\Decin\Downloads\Cópia de EJA 4º Período – A Anos Finais.xlsx
2016-06-27 16:16 - 2016-06-27 16:16 - 00468341 _____ C:\Users\Decin\Downloads\Cópia de EJA 3º Período B Anos Finais.xlsx
2016-06-27 16:15 - 2016-06-27 16:15 - 00470233 _____ C:\Users\Decin\Downloads\Cópia de EJA 2º Período –A Anos Finais.xlsx
2016-06-27 16:14 - 2016-06-27 16:15 - 00465956 _____ C:\Users\Decin\Downloads\Cópia de EJA 1º Período – B Anos Finais.xlsx
2016-06-27 16:09 - 2016-06-27 16:09 - 00465705 _____ C:\Users\Decin\Downloads\Cópia de EJA 3º Período A Anos Finais.xlsx
2016-06-27 16:09 - 2016-06-27 16:09 - 00465505 _____ C:\Users\Decin\Downloads\Cópia de EJA 1º Período – A Anos Finais (1).xlsx
2016-06-27 16:09 - 2016-06-27 16:09 - 00465505 _____ C:\Users\Decin\Downloads\Cópia de EJA 1º Período – A Anos Finais (1) (1).xlsx
2016-06-23 11:15 - 2016-06-23 11:15 - 00000072 _____ C:\Windows\SysWOW64\EN_1792389.html
2016-06-23 11:15 - 2016-06-23 11:15 - 00000072 _____ C:\Windows\SysWOW64\EN_1792014.html
2016-06-23 11:14 - 2016-07-07 17:37 - 00000000 ____D C:\Windows\SysWOW64\_TSpm
2016-06-23 11:14 - 2016-06-23 11:14 - 00000072 _____ C:\Windows\SysWOW64\EN_1760798.html
2016-06-23 11:14 - 2016-06-23 11:14 - 00000072 _____ C:\Windows\SysWOW64\br_1760034.html
2016-06-22 11:47 - 2016-06-22 11:47 - 06533209 _____ C:\Users\Decin\Downloads\moto-g4-2016-stock-wallpapers.zip
2016-06-21 14:08 - 2016-06-21 14:13 - 47041829 _____ C:\Users\Decin\Downloads\WWW.DOWNVIDS.NET-Civil War - Slash .mp4
2016-06-21 13:22 - 2016-06-21 13:22 - 17753094 _____ C:\Users\Decin\Downloads\Gta San Andreas 1.08 +Cleo No Root(bob).apk
2016-06-21 00:54 - 2016-07-14 17:31 - 00000000 ____D C:\Program Files (x86)\TData
2016-06-21 00:54 - 2016-06-21 00:54 - 00000000 ____D C:\Program Files (x86)\9swwsijb
2016-06-20 17:05 - 2016-06-20 17:07 - 13286023 _____ C:\Users\Decin\Downloads\Gallery.apk
2016-06-20 15:57 - 2016-06-20 15:58 - 21187583 _____ C:\Users\Decin\Downloads\WWW.DOWNVIDS.NET-The Original Video! Tommy Emmanuel - Guitar Boogie .mp4
2016-06-13 05:39 - 2016-06-23 11:14 - 00000000 ____D C:\Users\Todos os Usuários\gwinpg
2016-06-13 05:39 - 2016-06-23 11:14 - 00000000 ____D C:\ProgramData\gwinpg
2016-06-13 05:39 - 2016-06-13 05:39 - 00000072 _____ C:\Windows\SysWOW64\EN_254640.html
2016-06-13 05:39 - 2016-06-13 05:39 - 00000072 _____ C:\Windows\SysWOW64\EN_251910.html
2016-06-13 05:39 - 2016-06-13 05:39 - 00000072 _____ C:\Windows\SysWOW64\EN_251645.html
2016-06-13 05:39 - 2016-06-13 05:39 - 00000072 _____ C:\Windows\SysWOW64\EN_249476.html
2016-06-13 05:39 - 2016-06-13 05:39 - 00000072 _____ C:\Windows\SysWOW64\EN_249195.html
2016-06-13 05:39 - 2016-06-13 05:39 - 00000072 _____ C:\Windows\SysWOW64\EN_241848.html
2016-06-13 05:39 - 2016-06-13 05:39 - 00000072 _____ C:\Windows\SysWOW64\EN_241536.html
2016-06-13 05:39 - 2016-06-13 05:39 - 00000072 _____ C:\Windows\SysWOW64\EN_239367.html
2016-06-13 05:39 - 2016-06-13 05:39 - 00000072 _____ C:\Windows\SysWOW64\EN_238977.html
2016-06-13 05:38 - 2016-06-13 05:38 - 00000072 _____ C:\Windows\SysWOW64\EN_208542.html
2016-06-13 05:38 - 2016-06-13 05:38 - 00000072 _____ C:\Windows\SysWOW64\EN_206872.html
2016-06-13 05:37 - 2016-06-13 05:38 - 00000000 ____D C:\Windows\SysWOW64\_tWm
2016-06-13 05:37 - 2016-06-13 05:37 - 00000072 _____ C:\Windows\SysWOW64\EN_160337.html
2016-06-13 05:37 - 2016-06-13 05:37 - 00000072 _____ C:\Windows\SysWOW64\br_156515.html
2016-06-13 00:11 - 2016-06-13 00:12 - 03958738 _____ C:\Users\Decin\Downloads\Crime de Responsabilidade.pptx
2016-06-12 23:42 - 2016-06-12 23:42 - 03958744 _____ C:\Users\Decin\Downloads\Crime-de-Responsabilidade.pptx
2016-06-12 11:33 - 2016-07-26 08:00 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-06-11 01:48 - 2016-06-11 01:48 - 00106304 _____ () C:\Users\Decin\Downloads\FacebookGamesArcadeSetup.exe
2016-06-02 15:24 - 2016-06-02 15:24 - 00018077 _____ C:\Users\Decin\Downloads\Boneco.do.Mal.2016.1080p.BluRay.DUAL-LAPUMiA.torrent
2016-06-01 09:54 - 2016-08-19 13:16 - 00000000 ____D C:\Program Files (x86)\WinZipper
2016-06-01 09:54 - 2016-08-19 13:13 - 00000000 ____D C:\Program Files (x86)\qksee
2016-06-01 09:54 - 2016-06-23 11:15 - 00000000 ____D C:\Users\Todos os Usuários\AwinpA
2016-06-01 09:54 - 2016-06-23 11:15 - 00000000 ____D C:\ProgramData\AwinpA
2016-06-01 09:54 - 2016-06-01 09:54 - 00000000 ____D C:\Users\Decin\AppData\Roaming\qksee
2016-06-01 09:54 - 2016-06-01 09:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee
2016-06-01 09:53 - 2016-06-01 09:53 - 00000000 ____D C:\Program Files (x86)\TXQQBrowser
2016-05-28 17:58 - 2016-06-21 15:39 - 00000376 _____ C:\Users\Decin\Desktop\Global - decinhobau.txt
2016-05-28 17:58 - 2016-05-28 17:58 - 00000265 _____ C:\Users\Decin\Downloads\Global - decinhobau.txt
2016-05-27 01:53 - 2016-05-27 01:53 - 00001110 _____ C:\Users\Decin\Desktop\LineageII.lnk
2016-05-27 01:45 - 2016-05-27 01:45 - 00015657 _____ C:\Users\Decin\Downloads\l2e-global_patch_ILx7.rar.torrent
2016-05-27 01:42 - 2016-05-27 01:42 - 00000000 ____D C:\Users\Decin\AppData\Local\Valhalla-Age.ru
2016-05-27 01:41 - 2016-06-04 15:36 - 00000000 ____D C:\Users\Decin\Desktop\Line Age II
2016-05-26 16:28 - 2016-05-26 16:28 - 00015002 _____ C:\Users\Decin\Downloads\Lineage2_l2e_global_x7.rar.torrent
2016-05-26 16:27 - 2016-05-26 16:27 - 00000266 _____ C:\Users\Decin\Downloads\Global - decinhomg.txt
2016-05-26 16:27 - 2016-05-26 16:27 - 00000266 _____ C:\Users\Decin\Desktop\Global - decinhomg.txt
2016-05-24 02:38 - 2016-05-24 02:38 - 00000557 _____ C:\Users\Decin\Downloads\delete_chrome_policies.bat
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-08-20 00:42 - 2015-09-30 13:40 - 00000000 ____D C:\Users\Decin\AppData\Roaming\uTorrent
2016-08-20 00:35 - 2015-08-19 20:07 - 00000000 ____D C:\Users\Decin\Desktop\Nova pasta
2016-08-19 23:58 - 2015-08-19 20:08 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-19 22:37 - 2015-08-19 20:08 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-19 18:24 - 2009-07-14 14:55 - 00667746 _____ C:\Windows\system32\prfh0416.dat
2016-08-19 18:24 - 2009-07-14 14:55 - 00129474 _____ C:\Windows\system32\prfc0416.dat
2016-08-19 18:24 - 2009-07-14 02:13 - 01530008 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-19 18:24 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-08-19 13:22 - 2009-07-14 01:45 - 00019312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-19 13:22 - 2009-07-14 01:45 - 00019312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-19 13:15 - 2016-03-24 17:54 - 00000000 ____D C:\Users\Decin\AppData\Local\LogMeIn Hamachi
2016-08-19 13:15 - 2016-02-05 11:57 - 00000000 ___SD C:\Users\Decin\AppData\LocalLow\Temp
2016-08-19 13:15 - 2015-09-03 15:45 - 00002185 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-19 13:15 - 2015-09-03 15:45 - 00002173 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-08-19 13:15 - 2015-08-19 03:42 - 00001731 _____ C:\Users\Decin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-08-19 13:15 - 2015-08-19 03:42 - 00001697 _____ C:\Users\Decin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-08-19 13:13 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-16 21:07 - 2015-08-19 20:34 - 00000000 ____D C:\Users\Decin\Documents\Arquivos mãe
2016-08-16 17:15 - 2015-08-19 21:01 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-08-16 10:36 - 2015-08-19 20:11 - 00002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-16 10:36 - 2015-08-19 20:11 - 00002489 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-14 15:59 - 2015-08-19 03:41 - 00000000 ____D C:\Users\Decin
2016-08-13 16:56 - 2015-09-03 15:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-06 16:07 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\Registration
2016-08-04 23:35 - 2015-08-22 16:28 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-04 14:00 - 2015-08-19 21:00 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-08-03 23:06 - 2015-08-19 21:00 - 00968536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-08-03 23:06 - 2015-08-19 21:00 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-08-03 23:06 - 2015-08-19 21:00 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.147027646491404
2016-08-03 23:06 - 2015-08-19 21:00 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-08-03 23:06 - 2015-08-19 21:00 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-08-03 23:06 - 2015-08-19 21:00 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-08-03 23:06 - 2015-08-19 21:00 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-08-03 23:06 - 2015-08-19 21:00 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-07-30 13:08 - 2015-12-14 21:58 - 00000000 ____D C:\Users\Decin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OnGame
2016-07-29 17:38 - 2015-09-03 22:50 - 00000000 ____D C:\Users\Decin\AppData\Local\ElevatedDiagnostics
2016-07-28 19:53 - 2015-08-19 20:08 - 00004066 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-28 19:53 - 2015-08-19 20:08 - 00003814 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-26 13:47 - 2015-08-19 04:10 - 00109240 _____ C:\Users\Decin\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-26 13:46 - 2009-07-14 01:45 - 00416288 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-26 07:30 - 2016-03-19 19:40 - 00000000 ____D C:\Program Files (x86)\SearchesToYesbnd
2016-07-25 18:35 - 2015-08-22 16:35 - 00000000 ____D C:\Users\Decin\AppData\Roaming\Adobe
2016-07-25 18:32 - 2009-07-14 00:20 - 00000000 __RHD C:\Users\Public\Libraries
==================== Arquivos na raiz de alguns diretórios =======
2016-07-27 04:02 - 2016-07-27 09:37 - 2988216 _____ (Update) C:\Program Files (x86)\SSFK.exe
2016-04-07 09:20 - 2016-04-07 09:20 - 0000044 _____ () C:\Users\Decin\AppData\Roaming\WB.CFG
Alguns arquivos em TEMP:
====================
C:\Users\Decin\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\Decin\AppData\Local\Temp\FA35.exe
C:\Users\Decin\AppData\Local\Temp\gaz5kqew.dll
C:\Users\Decin\AppData\Local\Temp\vcredist_2013_x86.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-08-16 06:44
==================== Fim de FRST.txt ============================
Executado por Decin (administrador) em DECIN-PC (20-08-2016 00:44:41)
Executando a partir de C:\Users\Decin\Downloads
Perfis Carregados: Decin (Perfis Disponíveis: Decin)
Platform: Windows 7 Home Premium (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: "C:\Program Files (x86)\Goldlarry\Application\chrome.exe" -- "%1")
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Qksee Pvt Ltd.) C:\Program Files (x86)\qksee\qkseeSvc.exe
(ExWzp Pvt Ltd.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(BitTorrent Inc.) C:\Users\Decin\AppData\Roaming\uTorrent\uTorrent.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(BitTorrent Inc.) C:\Users\Decin\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe
(BitTorrent Inc.) C:\Users\Decin\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(BitTorrent Inc.) C:\Users\Decin\AppData\Roaming\uTorrent\updates\3.4.8_42449.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Trend Corp.) C:\Users\Decin\AppData\Roaming\setup1\TSvr.exe
() C:\Program Files (x86)\SFK\SSFK.exe
(WFini LIMITED) C:\ProgramData\IwinpI\WFini.exe
() C:\Program Files (x86)\WinSaber\WinSaber.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Goldlarry\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Goldlarry\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Goldlarry\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Goldlarry\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Goldlarry\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Google Inc.) C:\Program Files (x86)\Goldlarry\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Goldlarry\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Goldlarry\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Goldlarry\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6846096 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1253520 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2780400 2013-09-13] (Synaptics Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [290688 2012-10-24] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9071752 2016-08-03] (AVAST Software)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-07-20] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3134634478-2045211356-4131108583-1000\...\Run: [uTorrent] => C:\Users\Decin\AppData\Roaming\uTorrent\updates\3.4.8_42449.exe [1972224 2016-08-04] (BitTorrent Inc.)
HKU\S-1-5-21-3134634478-2045211356-4131108583-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2008-01-22] (Nero AG)
HKU\S-1-5-21-3134634478-2045211356-4131108583-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-3134634478-2045211356-4131108583-1000\...\MountPoints2: {c5b7fbc9-ede9-11e5-b60e-9cd21eeb35d0} - H:\AUTORUN.EXE
HKU\S-1-5-21-3134634478-2045211356-4131108583-1000\...\MountPoints2: {db2b58b8-71ad-11e5-890b-9cd21eeb35d0} - E:\LGAutoRun.exe
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Decin\AppData\Local\MEGAsync\ShellExtX64.dll Nenhum Arquivo
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Decin\AppData\Local\MEGAsync\ShellExtX64.dll Nenhum Arquivo
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Decin\AppData\Local\MEGAsync\ShellExtX64.dll Nenhum Arquivo
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-03] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Decin\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Decin\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Decin\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo
Startup: C:\Users\Decin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Moo0 Multi-Desktop 1.17.lnk [2015-12-19]
ShortcutTarget: Moo0 Multi-Desktop 1.17.lnk -> C:\Program Files (x86)\Moo0\MultiDesktop 1.17\MultiDesktop.exe (Moo0)
Startup: C:\Users\Decin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2016-03-28]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{574F5648-0873-4EC4-AFA5-214B9A97678E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{722CA78F-CB41-4B22-8A5D-0FC1ADE427B7}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656&q={searchTerms}
HKU\S-1-5-21-3134634478-2045211356-4131108583-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656
HKU\S-1-5-21-3134634478-2045211356-4131108583-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656&q={searchTerms}
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656&q={searchTerms}
SearchScopes: HKLM-x32 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3134634478-2045211356-4131108583-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3134634478-2045211356-4131108583-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-3134634478-2045211356-4131108583-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465807076&z=c5e27676962cdedd9292aa9g8z7q3wfb9e9m3e0mbw&from=wpm0613&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-07-11] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-11] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Decin\AppData\Roaming\Mozilla\Firefox\Profiles\8b5aoemt.default
FF NewTab: hxxp://www.nicesearches.com?type=hp&ts=1460465842&from=58740412&uid=st1000lm024xhn-m101mbb_s32sj5af303656303656&z=de68a15df0a3155554d42b5g9zfqee6z0q1wcbfz1c
FF DefaultSearchEngine: nice
FF SearchEngineOrder.1: nice
FF SelectedSearchEngine: nice
FF Homepage: hxxp://www.nicesearches.com?type=hp&ts=1460465842&from=58740412&uid=st1000lm024xhn-m101mbb_s32sj5af303656303656&z=de68a15df0a3155554d42b5g9zfqee6z0q1wcbfz1c
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3134634478-2045211356-4131108583-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Decin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-07-14] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Decin\AppData\Roaming\Mozilla\Firefox\Profiles\8b5aoemt.default\searchplugins\nice.xml [2016-06-29]
FF SearchPlugin: C:\Users\Decin\AppData\Roaming\Mozilla\Firefox\Profiles\8b5aoemt.default\searchplugins\nuesearch.xml [2016-07-07]
FF SearchPlugin: C:\Users\Decin\AppData\Roaming\Mozilla\Firefox\Profiles\8b5aoemt.default\searchplugins\so-v.xml [2016-04-25]
FF Extension: xRocket Toolbar - C:\Users\Decin\AppData\Roaming\Mozilla\Firefox\Profiles\8b5aoemt.default\Extensions\arthurj8283@gmail.com [2016-06-29] [não assinado]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-07]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-07]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\Decin\AppData\Roaming\Mozilla\Firefox\Profiles\8b5aoemt.default\extensions\arthurj8283@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
StartMenuInternet: FIREFOX.EXE - c:\program files (x86)\mozilla firefox\firefox.exe hxxp://www.nuesearch.com/?type=sc&ts=1471623337&z=ba0ca69d85d6dbfd359affbg3z4mbg6q2o4cacco1q&from=wpm0616&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656
Chrome:
=======
CHR HomePage: Default -> hxxp://www.nicesearches.com?type=hp&ts=1470709896&from=ff060805&uid=st1000lm024xhn-m101mbb_s32sj5af303656303656&z=4008e9e227da352f86ef58fgfzbmaeem9eat6b6teo
CHR StartupUrls: Default -> "hxxp://www.nicesearches.com?type=hp&ts=1470709896&from=ff060805&uid=st1000lm024xhn-m101mbb_s32sj5af303656303656&z=4008e9e227da352f86ef58fgfzbmaeem9eat6b6teo"
CHR DefaultSearchURL: Default -> hxxp://www.nicesearches.com/search.php?type=ds&ts=1470709896&from=ff060805&uid=st1000lm024xhn-m101mbb_s32sj5af303656303656&z=4008e9e227da352f86ef58fgfzbmaeem9eat6b6teo&q={searchTerms}
CHR DefaultSearchKeyword: Default -> nice
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\Decin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Decin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-19]
CHR Extension: (Google Docs) - C:\Users\Decin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-19]
CHR Extension: (Google Drive) - C:\Users\Decin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Decin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Decin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-30]
CHR Extension: (Google Search) - C:\Users\Decin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Planilhas do Google) - C:\Users\Decin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-19]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Decin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-25]
CHR Extension: (Gmail) - C:\Users\Decin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-19]
CHR HKLM\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3134634478-2045211356-4131108583-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
StartMenuInternet: Google Chrome - c:\program files (x86)\google\chrome\application\chrome.exe hxxp://www.nuesearch.com/?type=sc&ts=1471623337&z=ba0ca69d85d6dbfd359affbg3z4mbg6q2o4cacco1q&from=wpm0616&uid=ST1000LM024XHN-M101MBB_S32SJ5AF303656303656
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197640 2016-08-03] (AVAST Software)
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-07-21] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-07-21] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [462360 2016-07-21] (BlueStack Systems, Inc.)
S2 DeskTop_F; C:\ProgramData\desktopfind\desktop254.exe [236728 2016-03-16] (DeskTopService)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
S2 ggbugreport; C:\Program Files (x86)\SearchesToYesbnd\bugreport.exe [1592888 2016-03-15] ()
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2554376 2016-07-20] (LogMeIn Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2464400 2012-09-07] (Realsil Microelectronics Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Arquivo não assinado]
R2 IhPul; C:\Users\Decin\AppData\Roaming\setup1\TSvr.exe [210128 2016-08-18] (Trend Corp.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [163608 2012-03-06] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-07-20] (LogMeIn, Inc.)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Arquivo não assinado]
R2 qkseeService; C:\Program Files (x86)\qksee\qkseeSvc.exe [767664 2016-05-31] (Qksee Pvt Ltd.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-11-20] (Realtek Semiconductor)
R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [118576 2014-11-26] ()
R2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [163552 2016-08-19] ()
S2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] () [Arquivo não assinado]
R2 WdMan; C:\ProgramData\IwinpI\WFini.exe [541416 2016-08-18] (WFini LIMITED)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
R2 winsaber; C:\Program Files (x86)\WinSaber\WinSaber.exe [429272 2016-08-19] ()
S2 Winsere; C:\Program Files (x86)\Winsere\Winsere\Winsere.exe [316984 2016-03-23] ()
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [1242264 2016-07-26] (ExWzp Pvt Ltd.) <==== ATENÇÃO
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2013-03-02] (Atheros) [Arquivo não assinado]
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-03] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-08-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-03] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [968536 2016-08-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-08-03] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-04] (AVAST Software)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-07-21] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-07-21] (Bluestack System Inc. )
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-03-19] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-03-19] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R0 rtcrfilt64; C:\Windows\System32\DRIVERS\rtcrfilt64.sys [19600 2012-09-04] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-13] (Synaptics Incorporated)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\System32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
S3 GENERICDRV; \??\E:\Drivers notebook\BIOS\amifldrv64.sys [X]
S3 X6va035; \??\C:\Windows\SysWOW64\Drivers\X6va035 [X]
S3 X6va037; \??\C:\Windows\SysWOW64\Drivers\X6va037 [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-08-20 00:44 - 2016-08-20 00:45 - 00028083 _____ C:\Users\Decin\Downloads\FRST.txt
2016-08-20 00:44 - 2016-08-20 00:44 - 02395648 _____ (Farbar) C:\Users\Decin\Downloads\FRST64.exe
2016-08-20 00:44 - 2016-08-20 00:44 - 00000000 ____D C:\FRST
2016-08-20 00:33 - 2016-08-20 00:33 - 50000622 _____ C:\Users\Decin\Downloads\PokeFarmer 1.0.103_henrique ch.zip
2016-08-19 15:11 - 2016-08-19 17:22 - 04483072 ____R C:\Users\Decin\Desktop\Windows_7_todas.as.versoes_x86_ou_x64_pt-BR.iso
2016-08-19 15:10 - 2016-08-19 15:10 - 00021094 _____ C:\Users\Decin\Downloads\Windows-7-todas-as-versões-PHDowns.torrent
2016-08-19 13:15 - 2016-08-19 13:15 - 00000000 ____D C:\Users\Todos os Usuários\IwinpI
2016-08-19 13:15 - 2016-08-19 13:15 - 00000000 ____D C:\ProgramData\IwinpI
2016-08-18 19:42 - 2016-08-18 19:42 - 00000000 _____ C:\Windows\SysWOW64\last.dump
2016-08-17 17:45 - 2016-08-19 13:13 - 00000000 ____D C:\Users\Decin\AppData\LocalLow\uTorrent
2016-08-16 10:36 - 2016-08-20 00:31 - 00000000 ____D C:\Program Files (x86)\SFK
2016-08-16 10:36 - 2016-08-19 13:15 - 00000000 ____D C:\Users\Decin\AppData\Roaming\setup1
2016-08-14 18:56 - 2016-08-20 00:34 - 00000000 ____D C:\Users\Decin\Desktop\PokeFarmer 1.0.103
2016-08-07 14:54 - 2016-08-11 13:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-07 13:29 - 2016-08-03 23:06 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-08-06 21:25 - 2016-08-06 21:25 - 00008145 _____ C:\Users\Decin\Downloads\download.htm
2016-08-06 19:51 - 2016-08-06 19:51 - 00000000 __SHD C:\found.000
2016-08-06 16:38 - 2016-08-06 16:44 - 47234371 _____ C:\Users\Decin\Downloads\Pokémon GO_v0.31.0_apkpure.com.apk.crdownload
2016-08-06 16:23 - 2016-08-16 21:30 - 00000000 ____D C:\Users\Decin\.android
2016-08-06 16:16 - 2016-08-06 16:16 - 00000000 ____D C:\Users\Decin\Nox_share
2016-08-06 16:14 - 2016-08-06 16:15 - 00000000 ____D C:\Users\Decin\AppData\Roaming\Microsoft\Windows\Start Menu\Nox
2016-08-06 16:14 - 2016-08-06 16:14 - 00000871 _____ C:\Users\Decin\Desktop\Nox.lnk
2016-08-06 16:13 - 2016-08-16 21:30 - 00000000 ____D C:\Users\Decin\vmlogs
2016-08-06 16:13 - 2016-08-16 21:30 - 00000000 ____D C:\Users\Decin\.BigNox
2016-08-06 16:11 - 2015-09-16 03:07 - 00127432 _____ (BigNox Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-08-06 16:08 - 2016-08-06 16:08 - 00000000 ____D C:\Program Files\DIFX
2016-08-06 16:08 - 2015-09-16 00:29 - 00253384 _____ (BigNox Corporation) C:\Windows\system32\Drivers\XQHDrv.sys
2016-08-06 16:07 - 2016-08-06 16:12 - 00000000 ____D C:\Program Files\Bignox
2016-08-06 16:05 - 2016-08-16 21:30 - 00000000 ____D C:\Users\Decin\AppData\Local\Nox
2016-08-06 16:05 - 2016-08-06 16:05 - 00000000 ____D C:\Users\Decin\AppData\Roaming\Nox
2016-08-06 15:49 - 2016-08-06 16:02 - 311563080 _____ (Duodian Technology Co. Ltd.) C:\Users\Decin\Downloads\nox_setup_v3.7.1.0_full_En.exe
2016-08-03 23:06 - 2016-08-03 23:06 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-07-27 04:02 - 2016-07-27 09:37 - 02988216 _____ (Update) C:\Program Files (x86)\SSFK.exe
2016-07-26 13:43 - 2016-07-26 13:43 - 00000007 _____ C:\Windows\SysWOW64\wsx9E56.tmp
2016-07-26 13:43 - 2016-07-26 13:43 - 00000000 ____D C:\Users\Decin\AppData\Local\Goldlarry
2016-07-26 13:42 - 2016-07-26 13:42 - 00000000 ____D C:\Program Files (x86)\Goldlarry
2016-07-26 08:00 - 2016-07-26 21:42 - 00000000 _____ C:\Users\Public\Documents\report1.dat
2016-07-26 07:30 - 2016-07-26 07:31 - 00000000 ____D C:\Users\Todos os Usuários\uckt
2016-07-26 07:30 - 2016-07-26 07:31 - 00000000 ____D C:\ProgramData\uckt
2016-07-26 07:30 - 2016-07-26 07:30 - 00003440 _____ C:\Windows\System32\Tasks\ChelfNotify Task
2016-07-26 07:30 - 2016-07-26 07:30 - 00000000 ____D C:\Users\Todos os Usuários\Uncheckit
2016-07-26 07:30 - 2016-07-26 07:30 - 00000000 ____D C:\Users\Todos os Usuários\LwinpL
2016-07-26 07:30 - 2016-07-26 07:30 - 00000000 ____D C:\Users\Todos os Usuários\ChelfNotify
2016-07-26 07:30 - 2016-07-26 07:30 - 00000000 ____D C:\Users\Decin\AppData\Roaming\Uncheckit
2016-07-26 07:30 - 2016-07-26 07:30 - 00000000 ____D C:\ProgramData\Uncheckit
2016-07-26 07:30 - 2016-07-26 07:30 - 00000000 ____D C:\ProgramData\LwinpL
2016-07-26 07:30 - 2016-07-26 07:30 - 00000000 ____D C:\ProgramData\ChelfNotify
2016-07-26 07:30 - 2016-07-26 07:30 - 00000000 ____D C:\Program Files (x86)\cr0f3anf
2016-07-25 20:00 - 2016-07-26 13:45 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Local\LogMeIn Hamachi
2016-07-25 20:00 - 2016-07-26 13:45 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2016-07-25 20:00 - 2016-07-26 13:45 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2016-07-25 19:59 - 2016-07-25 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-07-25 19:59 - 2016-07-25 19:59 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-07-25 18:35 - 2016-07-25 18:35 - 00000000 ____D C:\Users\Decin\AppData\Roaming\Macromedia
2016-07-25 18:35 - 2016-07-25 18:35 - 00000000 ____D C:\Users\Decin\AppData\Local\Macromedia
2016-07-25 18:32 - 2016-08-06 15:19 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacksSetup
2016-07-25 18:32 - 2016-08-06 15:19 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-07-25 18:32 - 2016-07-25 18:31 - 00001822 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
2016-07-25 18:31 - 2016-07-25 18:32 - 00000000 ____D C:\Program Files (x86)\Bluestacks
2016-07-25 18:31 - 2016-07-25 18:31 - 00001822 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2016-07-25 18:31 - 2016-07-25 18:31 - 00000000 ____D C:\Users\Todos os Usuários\Bluestacks
2016-07-25 18:31 - 2016-07-25 18:31 - 00000000 ____D C:\ProgramData\Bluestacks
2016-07-25 18:30 - 2016-07-25 18:30 - 00000000 ____D C:\Users\Decin\AppData\Local\Bluestacks
2016-07-25 18:03 - 2016-07-25 18:26 - 280942232 _____ (BlueStack Systems Inc.) C:\Users\Decin\Downloads\BlueStacks2_native.exe
2016-07-25 17:42 - 2016-07-25 17:42 - 00000000 ____D C:\Users\Decin\AppData\Roaming\Unity
2016-07-25 17:34 - 2016-07-25 17:34 - 00000000 ____D C:\Users\Decin\AppData\LocalLow\Unity
2016-07-25 17:34 - 2016-07-25 17:34 - 00000000 ____D C:\Users\Decin\AppData\Local\Unity
2016-07-25 17:33 - 2016-07-25 17:33 - 01091008 _____ (Unity Technologies ApS) C:\Users\Decin\Downloads\UnityWebPlayer.exe
2016-07-20 12:08 - 2016-07-20 12:08 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\Drivers\hamachi.sys
2016-07-19 14:46 - 2016-07-19 14:49 - 23281137 _____ C:\Users\Decin\Downloads\Dead_Trigger_2_v1.0.0_Mega_Mod_AndroidSlit.apk
2016-07-19 14:35 - 2016-07-19 14:44 - 22959107 _____ C:\Users\Decin\Downloads\Dead Trigger 2 v1.0.0 Mod [techgamesandroid.com].apk
2016-07-14 17:34 - 2016-07-14 17:34 - 00000003 _____ C:\Windows\SysWOW64\EN_274374.html
2016-07-14 17:34 - 2016-07-14 17:34 - 00000003 _____ C:\Windows\SysWOW64\EN_272752.html
2016-07-14 17:34 - 2016-07-14 17:34 - 00000003 _____ C:\Windows\SysWOW64\EN_272533.html
2016-07-14 17:34 - 2016-07-14 17:34 - 00000003 _____ C:\Windows\SysWOW64\EN_270614.html
2016-07-14 17:34 - 2016-07-14 17:34 - 00000003 _____ C:\Windows\SysWOW64\EN_270412.html
2016-07-14 17:34 - 2016-07-14 17:34 - 00000003 _____ C:\Windows\SysWOW64\EN_263610.html
2016-07-14 17:34 - 2016-07-14 17:34 - 00000003 _____ C:\Windows\SysWOW64\EN_263423.html
2016-07-14 17:34 - 2016-07-14 17:34 - 00000003 _____ C:\Windows\SysWOW64\EN_257947.html
2016-07-14 17:34 - 2016-07-14 17:34 - 00000003 _____ C:\Windows\SysWOW64\EN_257760.html
2016-07-14 17:33 - 2016-07-14 17:33 - 00000003 _____ C:\Windows\SysWOW64\EN_243080.html
2016-07-14 17:33 - 2016-07-14 17:33 - 00000003 _____ C:\Windows\SysWOW64\EN_242877.html
2016-07-14 17:33 - 2016-07-14 17:33 - 00000003 _____ C:\Windows\SysWOW64\EN_212582.html
2016-07-14 17:33 - 2016-07-14 17:33 - 00000003 _____ C:\Windows\SysWOW64\EN_211662.html
2016-07-14 17:33 - 2016-07-14 17:33 - 00000003 _____ C:\Windows\SysWOW64\EN_189354.html
2016-07-14 17:33 - 2016-07-14 17:33 - 00000003 _____ C:\Windows\SysWOW64\br_188652.html
2016-07-14 17:33 - 2016-07-14 17:33 - 00000000 ____D C:\Windows\SysWOW64\_SSpm
2016-07-13 19:22 - 2016-08-20 00:42 - 00002079 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-07-13 19:16 - 2016-08-07 13:30 - 00003896 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1468448161
2016-07-13 19:16 - 2016-07-14 17:33 - 00001441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-07-11 22:36 - 2016-07-11 22:37 - 37270939 _____ C:\Users\Decin\Downloads\Barbie e o Castelo de Diamante- barbie em português completo.3gp
2016-07-11 14:00 - 2016-08-03 23:06 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-07-11 14:00 - 2016-07-11 13:59 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-07-11 14:00 - 2016-07-11 13:59 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-07-10 22:32 - 2016-08-01 21:43 - 00473894 _____ C:\Users\Decin\Desktop\Cópia de EJA 4º Período – A Anos Finais.xlsx
2016-07-10 22:32 - 2016-08-01 16:38 - 00474957 _____ C:\Users\Decin\Desktop\Cópia de EJA 3º Período B Anos Finais (1).xlsx
2016-07-10 22:31 - 2016-08-01 16:22 - 00472122 _____ C:\Users\Decin\Desktop\Cópia de EJA 3º Período A Anos Finais.xlsx
2016-07-10 22:31 - 2016-08-01 16:03 - 00477165 _____ C:\Users\Decin\Desktop\Cópia de EJA 2º Período –A Anos Finais.xlsx
2016-07-10 22:31 - 2016-08-01 15:36 - 00471800 _____ C:\Users\Decin\Desktop\Cópia de EJA 1º Período – B Anos Finais.xlsx
2016-07-10 22:31 - 2016-08-01 15:22 - 00473694 _____ C:\Users\Decin\Desktop\Cópia de EJA 1º Período – A Anos Finais (1) (1).xlsx
2016-07-10 22:05 - 2016-07-10 22:05 - 00470517 _____ C:\Users\Decin\Downloads\Cópia de EJA 1º Período – B Anos Finais (1).xlsx
2016-07-07 17:38 - 2016-07-07 17:38 - 00000058 _____ C:\Windows\SysWOW64\EN_270536.html
2016-07-07 17:38 - 2016-07-07 17:38 - 00000058 _____ C:\Windows\SysWOW64\EN_268212.html
2016-07-07 17:38 - 2016-07-07 17:38 - 00000058 _____ C:\Windows\SysWOW64\EN_268040.html
2016-07-07 17:38 - 2016-07-07 17:38 - 00000058 _____ C:\Windows\SysWOW64\EN_265919.html
2016-07-07 17:38 - 2016-07-07 17:38 - 00000058 _____ C:\Windows\SysWOW64\EN_265732.html
2016-07-07 17:38 - 2016-07-07 17:38 - 00000058 _____ C:\Windows\SysWOW64\EN_262565.html
2016-07-07 17:38 - 2016-07-07 17:38 - 00000058 _____ C:\Windows\SysWOW64\EN_262097.html
2016-07-07 17:38 - 2016-07-07 17:38 - 00000058 _____ C:\Windows\SysWOW64\EN_249710.html
2016-07-07 17:38 - 2016-07-07 17:38 - 00000058 _____ C:\Windows\SysWOW64\EN_249367.html
2016-07-07 17:38 - 2016-07-07 17:38 - 00000000 ____D C:\Program Files (x86)\WinSaber
2016-07-07 17:37 - 2016-07-07 17:37 - 00000058 _____ C:\Windows\SysWOW64\EN_226326.html
2016-07-07 17:37 - 2016-07-07 17:37 - 00000058 _____ C:\Windows\SysWOW64\EN_225390.html
2016-07-07 17:37 - 2016-07-07 17:37 - 00000058 _____ C:\Windows\SysWOW64\EN_194782.html
2016-07-07 17:37 - 2016-07-07 17:37 - 00000058 _____ C:\Windows\SysWOW64\EN_194424.html
2016-07-07 17:36 - 2016-07-07 17:36 - 00000058 _____ C:\Windows\SysWOW64\EN_157607.html
2016-07-07 17:36 - 2016-07-07 17:36 - 00000058 _____ C:\Windows\SysWOW64\br_156952.html
2016-07-05 19:46 - 2016-07-05 19:48 - 1892820766 _____ C:\Users\Decin\Downloads\Datos Obb GTA San Andreas v1.08 [Mrpato Android].zip
2016-07-05 13:32 - 2016-07-05 13:32 - 17753094 _____ C:\Users\Decin\Downloads\Gta San Andreas 1.08 +Cleo No Root(bob) (1).apk
2016-07-02 22:03 - 2016-07-02 22:03 - 00000000 ____D C:\Users\Decin\AppData\Local\Lefttoe
2016-06-30 12:57 - 2016-06-30 12:57 - 00000000 ____D C:\Users\Public\Documents\chrome
2016-06-30 11:57 - 2016-07-10 14:12 - 00000000 ____D C:\Users\Todos os Usuários\Lefttoe
2016-06-30 11:57 - 2016-07-10 14:12 - 00000000 ____D C:\ProgramData\Lefttoe
2016-06-30 11:57 - 2016-06-30 11:57 - 00000000 ____D C:\Program Files (x86)\Lefttoe
2016-06-28 12:56 - 2016-07-07 17:36 - 00000000 ____D C:\Users\Todos os Usuários\zwinpz
2016-06-28 12:56 - 2016-07-07 17:36 - 00000000 ____D C:\ProgramData\zwinpz
2016-06-28 03:55 - 2016-06-28 12:56 - 00000000 ____D C:\Program Files (x86)\5ks9phwd
2016-06-27 16:20 - 2016-06-27 16:20 - 00468341 _____ C:\Users\Decin\Downloads\Cópia de EJA 3º Período B Anos Finais (1).xlsx
2016-06-27 16:19 - 2016-06-27 16:19 - 00000072 _____ C:\Windows\SysWOW64\EN_184487936.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\EN_184483911.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\EN_184483615.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\EN_184480230.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\EN_184479902.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\EN_184473834.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\EN_184473522.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\EN_184470511.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\EN_184470215.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\EN_184468514.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\EN_184468187.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\EN_184446955.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\EN_184446549.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\EN_184427595.html
2016-06-27 16:18 - 2016-06-27 16:18 - 00000072 _____ C:\Windows\SysWOW64\br_184426363.html
2016-06-27 16:17 - 2016-06-27 16:17 - 04403499 _____ (Update) C:\Windows\SysWOW64\pt4.exe
2016-06-27 16:17 - 2016-06-27 16:17 - 00434045 _____ C:\Users\Decin\Downloads\Cópia de EJA 4º Período – A Anos Finais.xlsx
2016-06-27 16:16 - 2016-06-27 16:16 - 00468341 _____ C:\Users\Decin\Downloads\Cópia de EJA 3º Período B Anos Finais.xlsx
2016-06-27 16:15 - 2016-06-27 16:15 - 00470233 _____ C:\Users\Decin\Downloads\Cópia de EJA 2º Período –A Anos Finais.xlsx
2016-06-27 16:14 - 2016-06-27 16:15 - 00465956 _____ C:\Users\Decin\Downloads\Cópia de EJA 1º Período – B Anos Finais.xlsx
2016-06-27 16:09 - 2016-06-27 16:09 - 00465705 _____ C:\Users\Decin\Downloads\Cópia de EJA 3º Período A Anos Finais.xlsx
2016-06-27 16:09 - 2016-06-27 16:09 - 00465505 _____ C:\Users\Decin\Downloads\Cópia de EJA 1º Período – A Anos Finais (1).xlsx
2016-06-27 16:09 - 2016-06-27 16:09 - 00465505 _____ C:\Users\Decin\Downloads\Cópia de EJA 1º Período – A Anos Finais (1) (1).xlsx
2016-06-23 11:15 - 2016-06-23 11:15 - 00000072 _____ C:\Windows\SysWOW64\EN_1792389.html
2016-06-23 11:15 - 2016-06-23 11:15 - 00000072 _____ C:\Windows\SysWOW64\EN_1792014.html
2016-06-23 11:14 - 2016-07-07 17:37 - 00000000 ____D C:\Windows\SysWOW64\_TSpm
2016-06-23 11:14 - 2016-06-23 11:14 - 00000072 _____ C:\Windows\SysWOW64\EN_1760798.html
2016-06-23 11:14 - 2016-06-23 11:14 - 00000072 _____ C:\Windows\SysWOW64\br_1760034.html
2016-06-22 11:47 - 2016-06-22 11:47 - 06533209 _____ C:\Users\Decin\Downloads\moto-g4-2016-stock-wallpapers.zip
2016-06-21 14:08 - 2016-06-21 14:13 - 47041829 _____ C:\Users\Decin\Downloads\WWW.DOWNVIDS.NET-Civil War - Slash .mp4
2016-06-21 13:22 - 2016-06-21 13:22 - 17753094 _____ C:\Users\Decin\Downloads\Gta San Andreas 1.08 +Cleo No Root(bob).apk
2016-06-21 00:54 - 2016-07-14 17:31 - 00000000 ____D C:\Program Files (x86)\TData
2016-06-21 00:54 - 2016-06-21 00:54 - 00000000 ____D C:\Program Files (x86)\9swwsijb
2016-06-20 17:05 - 2016-06-20 17:07 - 13286023 _____ C:\Users\Decin\Downloads\Gallery.apk
2016-06-20 15:57 - 2016-06-20 15:58 - 21187583 _____ C:\Users\Decin\Downloads\WWW.DOWNVIDS.NET-The Original Video! Tommy Emmanuel - Guitar Boogie .mp4
2016-06-13 05:39 - 2016-06-23 11:14 - 00000000 ____D C:\Users\Todos os Usuários\gwinpg
2016-06-13 05:39 - 2016-06-23 11:14 - 00000000 ____D C:\ProgramData\gwinpg
2016-06-13 05:39 - 2016-06-13 05:39 - 00000072 _____ C:\Windows\SysWOW64\EN_254640.html
2016-06-13 05:39 - 2016-06-13 05:39 - 00000072 _____ C:\Windows\SysWOW64\EN_251910.html
2016-06-13 05:39 - 2016-06-13 05:39 - 00000072 _____ C:\Windows\SysWOW64\EN_251645.html
2016-06-13 05:39 - 2016-06-13 05:39 - 00000072 _____ C:\Windows\SysWOW64\EN_249476.html
2016-06-13 05:39 - 2016-06-13 05:39 - 00000072 _____ C:\Windows\SysWOW64\EN_249195.html
2016-06-13 05:39 - 2016-06-13 05:39 - 00000072 _____ C:\Windows\SysWOW64\EN_241848.html
2016-06-13 05:39 - 2016-06-13 05:39 - 00000072 _____ C:\Windows\SysWOW64\EN_241536.html
2016-06-13 05:39 - 2016-06-13 05:39 - 00000072 _____ C:\Windows\SysWOW64\EN_239367.html
2016-06-13 05:39 - 2016-06-13 05:39 - 00000072 _____ C:\Windows\SysWOW64\EN_238977.html
2016-06-13 05:38 - 2016-06-13 05:38 - 00000072 _____ C:\Windows\SysWOW64\EN_208542.html
2016-06-13 05:38 - 2016-06-13 05:38 - 00000072 _____ C:\Windows\SysWOW64\EN_206872.html
2016-06-13 05:37 - 2016-06-13 05:38 - 00000000 ____D C:\Windows\SysWOW64\_tWm
2016-06-13 05:37 - 2016-06-13 05:37 - 00000072 _____ C:\Windows\SysWOW64\EN_160337.html
2016-06-13 05:37 - 2016-06-13 05:37 - 00000072 _____ C:\Windows\SysWOW64\br_156515.html
2016-06-13 00:11 - 2016-06-13 00:12 - 03958738 _____ C:\Users\Decin\Downloads\Crime de Responsabilidade.pptx
2016-06-12 23:42 - 2016-06-12 23:42 - 03958744 _____ C:\Users\Decin\Downloads\Crime-de-Responsabilidade.pptx
2016-06-12 11:33 - 2016-07-26 08:00 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-06-11 01:48 - 2016-06-11 01:48 - 00106304 _____ () C:\Users\Decin\Downloads\FacebookGamesArcadeSetup.exe
2016-06-02 15:24 - 2016-06-02 15:24 - 00018077 _____ C:\Users\Decin\Downloads\Boneco.do.Mal.2016.1080p.BluRay.DUAL-LAPUMiA.torrent
2016-06-01 09:54 - 2016-08-19 13:16 - 00000000 ____D C:\Program Files (x86)\WinZipper
2016-06-01 09:54 - 2016-08-19 13:13 - 00000000 ____D C:\Program Files (x86)\qksee
2016-06-01 09:54 - 2016-06-23 11:15 - 00000000 ____D C:\Users\Todos os Usuários\AwinpA
2016-06-01 09:54 - 2016-06-23 11:15 - 00000000 ____D C:\ProgramData\AwinpA
2016-06-01 09:54 - 2016-06-01 09:54 - 00000000 ____D C:\Users\Decin\AppData\Roaming\qksee
2016-06-01 09:54 - 2016-06-01 09:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee
2016-06-01 09:53 - 2016-06-01 09:53 - 00000000 ____D C:\Program Files (x86)\TXQQBrowser
2016-05-28 17:58 - 2016-06-21 15:39 - 00000376 _____ C:\Users\Decin\Desktop\Global - decinhobau.txt
2016-05-28 17:58 - 2016-05-28 17:58 - 00000265 _____ C:\Users\Decin\Downloads\Global - decinhobau.txt
2016-05-27 01:53 - 2016-05-27 01:53 - 00001110 _____ C:\Users\Decin\Desktop\LineageII.lnk
2016-05-27 01:45 - 2016-05-27 01:45 - 00015657 _____ C:\Users\Decin\Downloads\l2e-global_patch_ILx7.rar.torrent
2016-05-27 01:42 - 2016-05-27 01:42 - 00000000 ____D C:\Users\Decin\AppData\Local\Valhalla-Age.ru
2016-05-27 01:41 - 2016-06-04 15:36 - 00000000 ____D C:\Users\Decin\Desktop\Line Age II
2016-05-26 16:28 - 2016-05-26 16:28 - 00015002 _____ C:\Users\Decin\Downloads\Lineage2_l2e_global_x7.rar.torrent
2016-05-26 16:27 - 2016-05-26 16:27 - 00000266 _____ C:\Users\Decin\Downloads\Global - decinhomg.txt
2016-05-26 16:27 - 2016-05-26 16:27 - 00000266 _____ C:\Users\Decin\Desktop\Global - decinhomg.txt
2016-05-24 02:38 - 2016-05-24 02:38 - 00000557 _____ C:\Users\Decin\Downloads\delete_chrome_policies.bat
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-08-20 00:42 - 2015-09-30 13:40 - 00000000 ____D C:\Users\Decin\AppData\Roaming\uTorrent
2016-08-20 00:35 - 2015-08-19 20:07 - 00000000 ____D C:\Users\Decin\Desktop\Nova pasta
2016-08-19 23:58 - 2015-08-19 20:08 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-19 22:37 - 2015-08-19 20:08 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-19 18:24 - 2009-07-14 14:55 - 00667746 _____ C:\Windows\system32\prfh0416.dat
2016-08-19 18:24 - 2009-07-14 14:55 - 00129474 _____ C:\Windows\system32\prfc0416.dat
2016-08-19 18:24 - 2009-07-14 02:13 - 01530008 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-19 18:24 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-08-19 13:22 - 2009-07-14 01:45 - 00019312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-19 13:22 - 2009-07-14 01:45 - 00019312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-19 13:15 - 2016-03-24 17:54 - 00000000 ____D C:\Users\Decin\AppData\Local\LogMeIn Hamachi
2016-08-19 13:15 - 2016-02-05 11:57 - 00000000 ___SD C:\Users\Decin\AppData\LocalLow\Temp
2016-08-19 13:15 - 2015-09-03 15:45 - 00002185 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-19 13:15 - 2015-09-03 15:45 - 00002173 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-08-19 13:15 - 2015-08-19 03:42 - 00001731 _____ C:\Users\Decin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-08-19 13:15 - 2015-08-19 03:42 - 00001697 _____ C:\Users\Decin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-08-19 13:13 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-16 21:07 - 2015-08-19 20:34 - 00000000 ____D C:\Users\Decin\Documents\Arquivos mãe
2016-08-16 17:15 - 2015-08-19 21:01 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-08-16 10:36 - 2015-08-19 20:11 - 00002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-16 10:36 - 2015-08-19 20:11 - 00002489 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-14 15:59 - 2015-08-19 03:41 - 00000000 ____D C:\Users\Decin
2016-08-13 16:56 - 2015-09-03 15:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-06 16:07 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\Registration
2016-08-04 23:35 - 2015-08-22 16:28 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-04 14:00 - 2015-08-19 21:00 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-08-03 23:06 - 2015-08-19 21:00 - 00968536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-08-03 23:06 - 2015-08-19 21:00 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-08-03 23:06 - 2015-08-19 21:00 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.147027646491404
2016-08-03 23:06 - 2015-08-19 21:00 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-08-03 23:06 - 2015-08-19 21:00 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-08-03 23:06 - 2015-08-19 21:00 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-08-03 23:06 - 2015-08-19 21:00 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-08-03 23:06 - 2015-08-19 21:00 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-07-30 13:08 - 2015-12-14 21:58 - 00000000 ____D C:\Users\Decin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OnGame
2016-07-29 17:38 - 2015-09-03 22:50 - 00000000 ____D C:\Users\Decin\AppData\Local\ElevatedDiagnostics
2016-07-28 19:53 - 2015-08-19 20:08 - 00004066 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-28 19:53 - 2015-08-19 20:08 - 00003814 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-26 13:47 - 2015-08-19 04:10 - 00109240 _____ C:\Users\Decin\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-26 13:46 - 2009-07-14 01:45 - 00416288 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-26 07:30 - 2016-03-19 19:40 - 00000000 ____D C:\Program Files (x86)\SearchesToYesbnd
2016-07-25 18:35 - 2015-08-22 16:35 - 00000000 ____D C:\Users\Decin\AppData\Roaming\Adobe
2016-07-25 18:32 - 2009-07-14 00:20 - 00000000 __RHD C:\Users\Public\Libraries
==================== Arquivos na raiz de alguns diretórios =======
2016-07-27 04:02 - 2016-07-27 09:37 - 2988216 _____ (Update) C:\Program Files (x86)\SSFK.exe
2016-04-07 09:20 - 2016-04-07 09:20 - 0000044 _____ () C:\Users\Decin\AppData\Roaming\WB.CFG
Alguns arquivos em TEMP:
====================
C:\Users\Decin\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\Decin\AppData\Local\Temp\FA35.exe
C:\Users\Decin\AppData\Local\Temp\gaz5kqew.dll
C:\Users\Decin\AppData\Local\Temp\vcredist_2013_x86.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-08-16 06:44
==================== Fim de FRST.txt ============================