Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 30-10-2016
Executado por VAN (administrador) em VAN-PC (01-11-2016 01:16:01)
Executando a partir de C:\Users\VAN\Desktop
Perfis Carregados: VAN (Perfis Disponíveis: VAN)
Platform: Windows 7 Home Premium (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Beijing Fantasy Game Network Technology Co., Ltd.) C:\Program Files (x86)\Simcake\2.8.35.1800\SimcakeSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(simplitec GmbH) C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
(Megaify Software Co., Ltd.) C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
(Somoto) C:\Users\VAN\AppData\Local\FilesFrog Update Checker\update_checker.exe
() C:\Program Files (x86)\WeatherTool\2.0.1.5000028\WeatherService.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(ShenZhen Enode Techology co,.Ltd) C:\Program Files (x86)\WeatherTool\2.0.1.5000028\weather_free.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro3\JSDriver\1.42.1.10657\jsdrv.exe [2562048 2016-04-05] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9099440 2016-10-27] (AVAST Software)
HKLM-x32\...\RunOnce: [Tokasakahoh] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\VAN\AppData\Roaming\Faneb"
HKU\S-1-5-21-3685981435-3410721990-2421854054-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro3\JSDriver\1.42.1.10657\jsdrv.exe [2562048 2016-04-05] ()
HKU\S-1-5-21-3685981435-3410721990-2421854054-1000\...\Run: [Chromium] => c:\users\van\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-3685981435-3410721990-2421854054-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2226120 2016-09-14] (GOOBZO)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-14] (AVAST Software)
GroupPolicy: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 170.84.159.212 208.67.222.222
Tcpip\..\Interfaces\{05ED152E-44D3-432D-877F-E28F80C9065D}: [DhcpNameServer] 170.84.159.212 208.67.222.222
Tcpip\..\Interfaces\{6257924F-8852-4AAA-A8C9-316C54931A7A}: [DhcpNameServer] 192.168.250.236 172.16.136.40 8.8.8.8
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_44¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0EyC0EtB0DyD0ByB0AtBtAyEyDzztN0D0Tzu0StCyByCyDtN1L2XzutAtFtByEtFtByBtFyDtCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StC0E0E0E0EyE0EtCtGtC0EyB0AtGyE0AtDtBtGyD0FzzyBtGzyyCtDyEtBtAtB0C0CyEtC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DzzyBtDtCyC0A0BtGyEyEyC0CtGyEyDtDtAtG0BtCyDtAtGyE0Azy0AtAzztC0B0AyB0BtC2QtN0A0LzuyE%26cr%3D1223931876%26a%3Dwbf_bxinw_16_44%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_44¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0EyC0EtB0DyD0ByB0AtBtAyEyDzztN0D0Tzu0StCyByCyDtN1L2XzutAtFtByEtFtByBtFyDtCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StC0E0E0E0EyE0EtCtGtC0EyB0AtGyE0AtDtBtGyD0FzzyBtGzyyCtDyEtBtAtB0C0CyEtC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DzzyBtDtCyC0A0BtGyEyEyC0CtGyEyDtDtAtG0BtCyDtAtGyE0Azy0AtAzztC0B0AyB0BtC2QtN0A0LzuyE%26cr%3D1223931876%26a%3Dwbf_bxinw_16_44%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
HKU\S-1-5-21-3685981435-3410721990-2421854054-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_44¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0EyC0EtB0DyD0ByB0AtBtAyEyDzztN0D0Tzu0StCyByCyDtN1L2XzutAtFtByEtFtByBtFyDtCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StC0E0E0E0EyE0EtCtGtC0EyB0AtGyE0AtDtBtGyD0FzzyBtGzyyCtDyEtBtAtB0C0CyEtC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DzzyBtDtCyC0A0BtGyEyEyC0CtGyEyDtDtAtG0BtCyDtAtGyE0Azy0AtAzztC0B0AyB0BtC2QtN0A0LzuyE%26cr%3D1223931876%26a%3Dwbf_bxinw_16_44%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_44¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0EyC0EtB0DyD0ByB0AtBtAyEyDzztN0D0Tzu0StCyByCyDtN1L2XzutAtFtByEtFtByBtFyDtCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StC0E0E0E0EyE0EtCtGtC0EyB0AtGyE0AtDtBtGyD0FzzyBtGzyyCtDyEtBtAtB0C0CyEtC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DzzyBtDtCyC0A0BtGyEyEyC0CtGyEyDtDtAtG0BtCyDtAtGyE0Azy0AtAzztC0B0AyB0BtC2QtN0A0LzuyE%26cr%3D1223931876%26a%3Dwbf_bxinw_16_44%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_44¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0EyC0EtB0DyD0ByB0AtBtAyEyDzztN0D0Tzu0StCyByCyDtN1L2XzutAtFtByEtFtByBtFyDtCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StC0E0E0E0EyE0EtCtGtC0EyB0AtGyE0AtDtBtGyD0FzzyBtGzyyCtDyEtBtAtB0C0CyEtC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DzzyBtDtCyC0A0BtGyEyEyC0CtGyEyDtDtAtG0BtCyDtAtGyE0Azy0AtAzztC0B0AyB0BtC2QtN0A0LzuyE%26cr%3D1223931876%26a%3Dwbf_bxinw_16_44%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_44¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0EyC0EtB0DyD0ByB0AtBtAyEyDzztN0D0Tzu0StCyByCyDtN1L2XzutAtFtByEtFtByBtFyDtCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StC0E0E0E0EyE0EtCtGtC0EyB0AtGyE0AtDtBtGyD0FzzyBtGzyyCtDyEtBtAtB0C0CyEtC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DzzyBtDtCyC0A0BtGyEyEyC0CtGyEyDtDtAtG0BtCyDtAtGyE0Azy0AtAzztC0B0AyB0BtC2QtN0A0LzuyE%26cr%3D1223931876%26a%3Dwbf_bxinw_16_44%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_44¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0EyC0EtB0DyD0ByB0AtBtAyEyDzztN0D0Tzu0StCyByCyDtN1L2XzutAtFtByEtFtByBtFyDtCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StC0E0E0E0EyE0EtCtGtC0EyB0AtGyE0AtDtBtGyD0FzzyBtGzyyCtDyEtBtAtB0C0CyEtC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DzzyBtDtCyC0A0BtGyEyEyC0CtGyEyDtDtAtG0BtCyDtAtGyE0Azy0AtAzztC0B0AyB0BtC2QtN0A0LzuyE%26cr%3D1223931876%26a%3Dwbf_bxinw_16_44%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3685981435-3410721990-2421854054-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_44¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0EyC0EtB0DyD0ByB0AtBtAyEyDzztN0D0Tzu0StCyByCyDtN1L2XzutAtFtByEtFtByBtFyDtCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StC0E0E0E0EyE0EtCtGtC0EyB0AtGyE0AtDtBtGyD0FzzyBtGzyyCtDyEtBtAtB0C0CyEtC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DzzyBtDtCyC0A0BtGyEyEyC0CtGyEyDtDtAtG0BtCyDtAtGyE0Azy0AtAzztC0B0AyB0BtC2QtN0A0LzuyE%26cr%3D1223931876%26a%3Dwbf_bxinw_16_44%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3685981435-3410721990-2421854054-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_44¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0EyC0EtB0DyD0ByB0AtBtAyEyDzztN0D0Tzu0StCyByCyDtN1L2XzutAtFtByEtFtByBtFyDtCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StC0E0E0E0EyE0EtCtGtC0EyB0AtGyE0AtDtBtGyD0FzzyBtGzyyCtDyEtBtAtB0C0CyEtC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DzzyBtDtCyC0A0BtGyEyEyC0CtGyEyDtDtAtG0BtCyDtAtGyE0Azy0AtAzztC0B0AyB0BtC2QtN0A0LzuyE%26cr%3D1223931876%26a%3Dwbf_bxinw_16_44%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro3\ShopperPro364.dll [2016-04-05] ()
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-11-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2016-09-14] (Oracle Corporation)
BHO-x32: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro3\ShopperPro3.dll [2016-04-05] ()
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2016-09-14] (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-01] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-01] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-01] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-01] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-01] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-01] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-01] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-01] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-11-01] (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2016-09-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2016-09-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-11-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\50bed4b356c1485d14\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\50bed4b356c1485d14\VLC\npvlc.dll [2016-06-01] (VideoLAN)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR DefaultSearchURL: Profile 1 -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Profile 1 -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\VAN\AppData\Local\Google\Chrome\User Data\Default [2016-09-14]
CHR Profile: C:\Users\VAN\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-11-01]
CHR Extension: (Google Drive) - C:\Users\VAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-27]
CHR Extension: (YouTube) - C:\Users\VAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-27]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\VAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-27]
CHR Extension: (Gmail) - C:\Users\VAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-27]
CHR Extension: (Chrome Media Router) - C:\Users\VAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-21]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3685981435-3410721990-2421854054-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-14] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3064520 2016-10-08] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319096 2016-07-27] (Intel Corporation)
S2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [18432 2016-06-25] () [Arquivo não assinado]
R2 SimcakeSVC; C:\Program Files (x86)\Simcake\2.8.35.1800\SimcakeSvc.exe [121632 1703-07-31] (Beijing Fantasy Game Network Technology Co., Ltd.)
S2 SPBIUpd; C:\Program Files\Common Files\ShopperPro3\spbiu.exe [1224704 2016-04-05] () [Arquivo não assinado] <==== ATENÇÃO
R2 TheFreeWeatherService; C:\Program Files (x86)\WeatherTool\2.0.1.5000028\WeatherService.exe [156784 2016-08-11] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1509320 2016-09-14] (GOOBZO)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-14] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-07-27] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31712 2016-07-27] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-07-27] (Intel Corporation)
R2 memudrv; C:\Program Files (x86)\Simcake\Microvirt\MEmuHyperv\MEmuDrv.sys [260328 2016-01-16] (Microvirt Corporation)
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [413912 2016-07-27] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33960 2016-07-27] (Synaptics Incorporated)
S3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro3\spbiw.sys [43832 2016-04-05] ()
S2 SPDRIVER_1.42.1.10657; C:\Program Files (x86)\ShopperPro3\JSDriver\1.42.1.10657\jsdrv.sys [53040 2016-04-05] ()
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-11-01 01:16 - 2016-11-01 01:16 - 00020934 _____ C:\Users\VAN\Desktop\FRST.txt
2016-11-01 01:15 - 2016-11-01 01:16 - 00000000 ____D C:\FRST
2016-11-01 01:15 - 2016-11-01 01:15 - 02408960 _____ (Farbar) C:\Users\VAN\Downloads\FRST64.exe
2016-11-01 01:15 - 2016-11-01 01:15 - 02408960 _____ (Farbar) C:\Users\VAN\Desktop\FRST64.exe
2016-11-01 01:11 - 2016-11-01 01:11 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-11-01 00:19 - 2016-11-01 00:19 - 00002406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-11-01 00:19 - 2016-11-01 00:19 - 00002371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-11-01 00:19 - 2016-11-01 00:19 - 00002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-11-01 00:19 - 2016-11-01 00:19 - 00002352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-11-01 00:19 - 2016-11-01 00:19 - 00002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-11-01 00:19 - 2016-11-01 00:19 - 00002338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-11-01 00:19 - 2016-11-01 00:19 - 00002322 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-11-01 00:19 - 2016-11-01 00:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016
2016-11-01 00:14 - 2016-11-01 01:11 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2016-11-01 00:14 - 2016-11-01 01:11 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-31 23:52 - 2016-10-31 23:52 - 14381616 _____ C:\Windows\MSYHBD.tt2
2016-10-31 23:52 - 2016-10-31 23:51 - 21543568 _____ C:\Windows\MSYH.tt2
2016-10-31 23:52 - 2016-10-31 23:50 - 21302624 _____ C:\Windows\MSJH.tt2
2016-10-31 23:52 - 2016-10-31 23:50 - 14343024 _____ C:\Windows\MSJHBD.tt2
2016-10-31 23:48 - 2016-10-31 23:48 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-10-31 23:37 - 2016-10-31 23:46 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2016-10-31 23:37 - 2016-10-31 23:45 - 00000000 ____D C:\Windows\AutoKMS
2016-10-31 23:36 - 2016-10-31 23:36 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Toolkit
2016-10-31 23:36 - 2016-10-31 23:36 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2016-10-31 23:20 - 2016-10-31 23:22 - 01595668 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-10-31 23:15 - 2009-11-25 17:47 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2016-10-31 23:15 - 2009-11-25 17:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2016-10-31 23:15 - 2009-11-25 17:47 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2016-10-31 23:15 - 2009-11-25 17:47 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2016-10-31 23:15 - 2009-11-25 17:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2016-10-31 23:15 - 2009-11-25 17:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2016-10-31 23:15 - 2009-11-25 17:47 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2016-10-31 23:15 - 2009-11-25 17:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2016-10-31 23:15 - 2009-11-25 17:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2016-10-31 23:15 - 2009-11-25 17:47 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2016-10-31 23:05 - 2016-10-31 23:05 - 00001225 _____ C:\Users\VAN\Desktop\League client alpha.lnk
2016-10-31 22:56 - 2016-10-31 21:54 - 01889856 _____ ( ) C:\Users\VAN\Desktop\Baixaki_microsoft-net-framework-4-0-30319-1.exe
2016-10-31 22:00 - 2016-10-31 22:31 - 43000506 _____ C:\Users\VAN\Downloads\Net framework 4.... POR MARCOS CH.rar
2016-10-31 21:58 - 2016-11-01 00:58 - 00000974 _____ C:\Windows\Tasks\Yahoo! Powered momoc.job
2016-10-31 21:57 - 2016-10-31 21:58 - 00017342 _____ C:\Users\VAN\AppData\Roaming\Faneb
2016-10-31 21:55 - 2016-10-31 23:13 - 00889416 _____ (Microsoft Corporation) C:\Users\VAN\Downloads\Baixaki_microsoft-net-framework-4-0-30319-1 [1].exe
2016-10-31 21:54 - 2016-10-31 21:54 - 01889856 _____ ( ) C:\Users\VAN\Downloads\Baixaki_microsoft-net-framework-4-0-30319-1.exe
2016-10-31 21:22 - 2016-10-31 21:44 - 50449456 _____ (Microsoft Corporation) C:\Users\VAN\Downloads\dotNetFx40_Full_x86_x64.exe
2016-10-31 16:07 - 2016-11-01 01:12 - 00002122 _____ C:\Users\VAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-10-31 16:07 - 2016-11-01 01:12 - 00000000 ___RD C:\Users\VAN\OneDrive
2016-10-31 16:07 - 2016-10-31 16:07 - 00002110 _____ C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-10-31 16:07 - 2016-10-31 16:07 - 00002110 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-10-31 16:07 - 2016-10-31 16:07 - 00002110 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-10-31 16:07 - 2016-10-31 16:07 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2016-10-31 16:07 - 2016-10-31 16:07 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-10-31 16:07 - 2016-10-31 16:07 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2016-10-31 15:16 - 2016-10-31 23:48 - 01804512 _____ C:\Windows\GABRIOLA.tt2
2016-10-31 15:14 - 2016-11-01 00:13 - 00000000 ____D C:\Program Files\Microsoft Office
2016-10-31 15:03 - 2016-10-31 21:49 - 00000000 ____D C:\Users\VAN\Desktop\Office 2016 Online
2016-10-31 15:02 - 2016-10-31 15:01 - 62024136 _____ C:\Users\VAN\Desktop\Office 2016 Online.rar
2016-10-31 15:01 - 2016-10-31 15:01 - 62024136 _____ C:\Users\VAN\Downloads\Office 2016 Online.rar
2016-10-31 14:32 - 2016-10-31 14:33 - 00000000 ____D C:\Users\VAN\Downloads\The Vampire Diaries - 7ª Temporada (2016) Dual Áudio 720p (By-LuanHarper)
2016-10-31 14:21 - 2016-10-31 15:06 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-10-31 14:21 - 2016-10-31 14:21 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-10-31 14:21 - 2016-10-31 14:21 - 00000000 ____D C:\Users\VAN\AppData\Local\Microsoft Help
2016-10-31 14:20 - 2016-10-31 15:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-10-30 17:33 - 2016-10-30 17:33 - 00281216 _____ C:\Windows\Minidump\103016-13306-01.dmp
2016-10-30 01:30 - 2016-10-30 01:31 - 25505304 _____ ( ) C:\Users\VAN\Downloads\AdbeRdr930_pt_BR.exe
2016-10-28 19:59 - 2016-10-28 19:59 - 03365678 _____ C:\Users\VAN\Downloads\qvt1
2016-10-28 19:59 - 2016-10-28 19:59 - 01993295 _____ C:\Users\VAN\Downloads\PDFdu_Rotate_PDF_setup.zip
2016-10-28 19:58 - 2016-10-28 19:58 - 00988529 _____ C:\Users\VAN\Downloads\dp1
2016-10-28 19:58 - 2016-10-28 19:58 - 00649051 _____ C:\Users\VAN\Downloads\recrutamento1
2016-10-21 18:48 - 2016-10-21 18:48 - 01894760 _____ ( ) C:\Users\VAN\Downloads\Baixaki_daemon-tools-lite.exe
2016-10-21 18:45 - 2016-10-21 18:45 - 00013839 _____ C:\Users\VAN\Downloads\asdfasdgas
2016-10-21 18:43 - 2016-10-21 18:43 - 00013839 _____ C:\Users\VAN\Downloads\crucios
2016-10-21 18:43 - 2016-10-21 18:43 - 00013839 _____ C:\Users\VAN\Downloads\b71a871e-68cb-4f23-994a-2eefb894f29f
2016-10-21 12:30 - 2016-10-21 14:03 - 00000000 ____D C:\Users\VAN\Desktop\Vionna
2016-10-21 12:25 - 2016-10-21 12:25 - 00281216 _____ C:\Windows\Minidump\102116-16723-01.dmp
2016-10-19 09:44 - 2016-10-19 09:45 - 02179850 _____ C:\Users\VAN\Downloads\Traketeo-Zumba---Nene-Malo-ZIN-56.3gp
2016-10-18 21:22 - 2016-10-18 21:22 - 00011989 _____ C:\Users\VAN\Downloads\dcat
2016-10-18 20:48 - 2016-10-18 20:48 - 00281272 _____ C:\Windows\Minidump\101816-19297-01.dmp
2016-10-16 14:54 - 2016-10-16 14:54 - 00434744 _____ C:\Users\VAN\Downloads\EDITAL VESTIBULAR UNCISAL 2017 - 10.10.2016.pdf
2016-10-14 22:54 - 2016-10-31 14:23 - 00000000 ____D C:\Users\VAN\Downloads\Piratas do Caribe 2 O Baú Da Morte
2016-10-14 20:53 - 2016-10-31 14:23 - 00000000 ____D C:\Users\VAN\Downloads\Piratas do Caribe 1 A Maldição Do Pérola Negra
2016-10-10 15:31 - 2016-08-15 18:27 - 00000000 ____D C:\Users\VAN\Downloads\CD PROMOCIONAL PEDRINHO PEGAÇÃO - AO VIVO EM ACARI-RN
2016-10-10 13:44 - 2016-09-29 01:11 - 00000000 ____D C:\Users\VAN\Downloads\__MACOSX
2016-10-09 19:07 - 2016-10-09 19:07 - 00000000 ____D C:\Users\VAN\Desktop\van
2016-10-08 01:10 - 2016-10-08 01:10 - 00334616 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2016-10-08 01:10 - 2016-10-08 01:10 - 00085744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140.dll
2016-10-08 01:09 - 2016-10-08 01:09 - 00639728 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140.dll
2016-10-08 01:09 - 2016-10-08 01:09 - 00443632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140.dll
2016-10-08 01:09 - 2016-10-08 01:09 - 00244496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\concrt140.dll
2016-10-08 01:08 - 2016-10-08 01:08 - 00394496 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2016-10-08 01:08 - 2016-10-08 01:08 - 00271104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib140.dll
2016-10-08 01:08 - 2016-10-08 01:08 - 00089328 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2016-10-03 22:22 - 2016-10-03 22:22 - 00000000 ____D C:\Users\VAN\AppData\Roaming\Nitro
2016-10-03 22:21 - 2016-10-03 22:24 - 00000000 ____D C:\Program Files\Nitro
2016-10-03 22:21 - 2016-10-03 22:21 - 00000000 ____D C:\Users\Todos os Usuários\Nitro
2016-10-03 22:21 - 2016-10-03 22:21 - 00000000 ____D C:\ProgramData\Nitro
2016-10-03 22:19 - 2016-10-03 22:19 - 00000000 ____D C:\Users\VAN\AppData\Roaming\Downloaded Installations
2016-10-03 22:12 - 2016-10-03 22:19 - 116558728 _____ (Nitro PDF Software) C:\Users\VAN\Downloads\nitro_pro10_x64.exe
2016-09-30 01:22 - 2016-10-22 01:04 - 00000000 ____D C:\Users\VAN\AppData\Roaming\Skype
2016-09-30 01:22 - 2016-10-21 16:32 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-09-30 01:22 - 2016-10-21 16:32 - 00000000 ____D C:\ProgramData\Skype
2016-09-30 01:22 - 2016-10-18 19:20 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-09-30 01:22 - 2016-09-30 01:22 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2016-09-30 01:22 - 2016-09-30 01:22 - 00000000 ____D C:\Users\VAN\Tracing
2016-09-30 01:22 - 2016-09-30 01:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-09-30 01:12 - 2016-09-30 01:15 - 41743488 _____ (Skype Technologies S.A.) C:\Users\VAN\Downloads\SkypeSetupFull.exe
2016-09-28 15:18 - 2016-09-28 15:18 - 02286133 _____ C:\Users\VAN\Documents\livroLdP.pdf
2016-09-27 20:36 - 2016-09-27 20:36 - 00003158 _____ C:\Windows\System32\Tasks\UNELEVATE_15944
2016-09-21 23:24 - 2016-09-21 23:26 - 00000000 ____D C:\Users\VAN\Downloads\Classic Rock Pack 2015 - www.musicasparabaixar.org
2016-09-20 20:13 - 2016-09-20 20:13 - 00021920 _____ C:\Users\VAN\Documents\aula2009.odt
2016-09-16 15:58 - 2016-09-16 15:58 - 00000735 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-09-16 01:16 - 2016-09-16 01:16 - 00000000 ____D C:\Users\VAN\AppData\Roaming\LibreOffice
2016-09-16 01:13 - 2016-09-16 01:13 - 00001554 _____ C:\Users\Public\Desktop\LibreOffice 5.2.lnk
2016-09-16 01:12 - 2016-09-16 01:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.2
2016-09-16 01:11 - 2016-09-16 01:12 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2016-09-16 01:00 - 2016-09-16 01:09 - 221716480 _____ C:\Users\VAN\Downloads\LibreOffice_5.2.1_Win_x86.msi
2016-09-15 20:51 - 2016-09-15 20:51 - 00000000 ____D C:\Users\VAN\AppData\LocalLow\Oracle
2016-09-15 20:49 - 2016-09-15 20:49 - 00000000 ____D C:\Users\VAN\Documents\Picosmos
2016-09-15 20:38 - 2016-09-15 20:38 - 02539067 _____ C:\Users\VAN\Downloads\AtvdR W7 By PH Downs.rar
2016-09-14 12:07 - 2016-09-14 12:13 - 111040690 _____ C:\Users\VAN\Downloads\Aula de Ginástica - Derreta Gorduras com 20 min de AeroHiiT #7.avi
2016-09-14 11:32 - 2016-09-14 11:32 - 00000000 ____D C:\Users\VAN\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
2016-09-14 11:27 - 2016-09-14 11:27 - 00000000 ____D C:\Users\VAN\AppData\Roaming\Picosmos
2016-09-14 11:27 - 2016-09-14 11:27 - 00000000 ____D C:\Users\VAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PicosmosTools
2016-09-14 11:27 - 2016-09-14 11:27 - 00000000 ____D C:\Program Files (x86)\PicosmosTools
2016-09-14 11:26 - 2016-09-14 11:26 - 00000000 ____D C:\Users\VAN\AppData\Local\fontconfig
2016-09-14 11:24 - 2016-09-14 11:35 - 00000000 ____D C:\Users\VAN\Documents\ConvertXtoVideo Ultimate
2016-09-14 11:20 - 2016-10-31 23:45 - 00000430 _____ C:\Windows\Tasks\simplitec Power Suite (Tray).job
2016-09-14 11:20 - 2016-09-15 20:30 - 00000374 _____ C:\Windows\Tasks\simplitec Power Suite.job
2016-09-14 11:20 - 2016-09-14 11:20 - 00002806 _____ C:\Windows\System32\Tasks\simplitec Power Suite (Tray)
2016-09-14 11:20 - 2016-09-14 11:20 - 00002746 _____ C:\Windows\System32\Tasks\simplitec Power Suite
2016-09-14 11:20 - 2016-09-14 11:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
2016-09-14 11:19 - 2016-09-14 11:19 - 00000000 ____D C:\Users\Todos os Usuários\simplitec
2016-09-14 11:19 - 2016-09-14 11:19 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-09-14 11:19 - 2016-09-14 11:19 - 00000000 ____D C:\ProgramData\simplitec
2016-09-14 11:19 - 2016-09-14 11:19 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-14 11:19 - 2016-09-14 11:19 - 00000000 ____D C:\Program Files (x86)\simplitec
2016-09-14 11:19 - 2016-06-03 18:16 - 00120200 _____ () C:\Windows\SysWOW64\DLLDEV32i.dll
2016-09-14 11:18 - 2016-09-14 11:25 - 00000000 ____D C:\FFOutput
2016-09-14 11:18 - 2016-09-14 11:21 - 00000000 ____D C:\Users\Todos os Usuários\VSO
2016-09-14 11:18 - 2016-09-14 11:21 - 00000000 ____D C:\ProgramData\VSO
2016-09-14 11:18 - 2016-09-14 11:18 - 00099384 _____ C:\Users\VAN\AppData\Roaming\inst.exe
2016-09-14 11:18 - 2016-09-14 11:18 - 00082816 _____ (VSO Software) C:\Users\VAN\AppData\Roaming\pcouffin.sys
2016-09-14 11:18 - 2016-09-14 11:18 - 00021212 _____ C:\Users\VAN\AppData\Roaming\ICSW_0F1F1C1H1T2Z0F1T1R2Z1F1C2U1V0F0StJ1V0C1F1G2X1P1C2Z0X2Z1F0V1L1Q1P1F.txt
2016-09-14 11:18 - 2016-09-14 11:18 - 00007859 _____ C:\Users\VAN\AppData\Roaming\pcouffin.cat
2016-09-14 11:18 - 2016-09-14 11:18 - 00000000 ____D C:\Users\VAN\Documents\PcSetup
2016-09-14 11:18 - 2016-09-14 11:18 - 00000000 ____D C:\Users\VAN\Documents\ConvertXtoVideo
2016-09-14 11:18 - 2016-09-14 11:18 - 00000000 ____D C:\Users\VAN\AppData\Roaming\Vso
2016-09-14 11:18 - 2016-09-14 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
2016-09-14 11:18 - 2016-09-14 11:18 - 00000000 ____D C:\Program Files (x86)\VSO
2016-09-14 11:16 - 2016-09-14 11:16 - 47396880 _____ (Free Time Co., Ltd) C:\Users\VAN\Downloads\Baixaki_formatfactory [1].exe
2016-09-14 11:12 - 2016-10-30 03:03 - 00000000 ____D C:\Program Files (x86)\Corner Sunshine
2016-09-14 11:12 - 2016-09-14 12:12 - 00000000 ____D C:\Users\VAN\AppData\Roaming\Corner Sunshine
2016-09-14 11:12 - 2016-09-14 11:12 - 00000000 ____D C:\Users\Todos os Usuários\cosun
2016-09-14 11:12 - 2016-09-14 11:12 - 00000000 ____D C:\ProgramData\cosun
2016-09-14 11:11 - 2016-09-14 11:11 - 01611000 _____ (File Software ) C:\Users\VAN\Downloads\Baixaki_formatfactory.exe
2016-09-14 10:42 - 2016-09-14 10:49 - 58960493 _____ C:\Users\VAN\Downloads\Perder_Medidas_e_Afinar_a_Cintura_Aula_de_AeroHiit_3.mp4
2016-09-14 10:40 - 2016-10-25 01:09 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-09-14 10:40 - 2016-10-13 22:49 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-09-14 10:40 - 2016-09-22 17:36 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-09-14 10:40 - 2016-09-14 10:40 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-09-14 10:40 - 2016-09-14 10:40 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2016-09-14 10:40 - 2016-09-14 10:40 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2016-09-14 10:40 - 2016-09-14 10:40 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2016-09-14 10:40 - 2016-09-14 10:40 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2016-09-14 10:40 - 2016-09-14 10:40 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2016-09-14 10:40 - 2016-09-14 10:40 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-09-14 10:40 - 2016-09-14 10:40 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-09-14 10:40 - 2016-09-14 10:40 - 00000000 ____D C:\Users\VAN\AppData\Roaming\AVAST Software
2016-09-14 10:40 - 2016-09-14 10:40 - 00000000 ____D C:\Users\Todos os Usuários\Sun
2016-09-14 10:40 - 2016-09-14 10:40 - 00000000 ____D C:\ProgramData\Sun
2016-09-14 10:40 - 2016-09-14 10:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-09-14 10:40 - 2016-09-14 10:40 - 00000000 ____D C:\Program Files\Common Files\AV
2016-09-14 10:40 - 2016-09-14 10:40 - 00000000 ____D C:\Program Files (x86)\Java
2016-09-14 10:40 - 2016-09-14 10:39 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-09-14 10:40 - 2016-09-14 10:39 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-09-14 10:40 - 2016-09-14 10:39 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-09-14 10:40 - 2016-09-14 10:39 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-09-14 10:40 - 2016-09-14 10:39 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-09-14 10:39 - 2016-09-14 10:39 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-09-14 10:39 - 2016-09-14 10:39 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-09-14 10:39 - 2016-09-14 10:39 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-09-14 10:39 - 2016-09-14 10:39 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-09-14 10:36 - 2016-09-14 10:36 - 00000000 ____D C:\Users\VAN\AppData\LocalLow\Sun
2016-09-14 10:35 - 2016-10-31 23:46 - 00000000 ____D C:\Users\Todos os Usuários\TEMP
2016-09-14 10:35 - 2016-10-31 23:46 - 00000000 ____D C:\ProgramData\TEMP
2016-09-14 10:35 - 2016-09-15 20:32 - 00000000 ____D C:\Program Files (x86)\YouTube Accelerator
2016-09-14 10:35 - 2016-09-14 10:35 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2016-09-14 10:35 - 2016-09-14 10:35 - 00003434 _____ C:\Windows\System32\Tasks\YTAUpdate
2016-09-14 10:35 - 2016-09-14 10:35 - 00003248 _____ C:\Windows\System32\Tasks\YTAUpdate_logon
2016-09-14 10:35 - 2016-09-14 10:35 - 00003236 _____ C:\Windows\System32\Tasks\SomotoUpdateCheckerAutoStart
2016-09-14 10:35 - 2016-09-14 10:35 - 00000000 ____D C:\Users\VAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
2016-09-14 10:35 - 2016-09-14 10:35 - 00000000 ____D C:\Users\VAN\AppData\Roaming\Genieo
2016-09-14 10:35 - 2016-09-14 10:35 - 00000000 ____D C:\Users\VAN\AppData\LocalLow\Goobzo
2016-09-14 10:35 - 2016-09-14 10:35 - 00000000 ____D C:\Users\VAN\AppData\Local\FilesFrog Update Checker
2016-09-14 10:35 - 2016-09-14 10:35 - 00000000 ____D C:\Users\Public\Documents\GOOBZO
2016-09-14 10:35 - 2016-09-14 10:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2016-09-14 10:34 - 2016-09-14 10:34 - 00002213 _____ C:\Users\VAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2016-09-14 10:34 - 2016-09-14 10:34 - 00000000 ____D C:\Users\VAN\AppData\Local\chromium
2016-09-14 10:33 - 2016-09-14 10:33 - 00004346 _____ C:\Windows\System32\Tasks\ShopperPro3
2016-09-14 10:33 - 2016-09-14 10:33 - 00004226 _____ C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_313431383234343731362d3737555a416c503257344a41
2016-09-14 10:33 - 2016-09-14 10:33 - 00003562 _____ C:\Windows\System32\Tasks\ShopperProJSUpd
2016-09-14 10:33 - 2016-09-14 10:33 - 00003490 _____ C:\Windows\System32\Tasks\SPDriver
2016-09-14 10:33 - 2016-09-14 10:33 - 00000000 ____D C:\Users\Todos os Usuários\ShopperPro3
2016-09-14 10:33 - 2016-09-14 10:33 - 00000000 ____D C:\Users\Public\Documents\ShopperPro3
2016-09-14 10:33 - 2016-09-14 10:33 - 00000000 ____D C:\ProgramData\ShopperPro3
2016-09-14 10:33 - 2016-09-14 10:33 - 00000000 ____D C:\Program Files\Common Files\ShopperPro3
2016-09-14 10:33 - 2016-09-14 10:33 - 00000000 ____D C:\Program Files (x86)\ShopperPro3
2016-09-14 10:32 - 2016-09-14 10:32 - 00003452 _____ C:\Windows\System32\Tasks\Inst_Rep
2016-09-14 10:30 - 2016-10-31 23:49 - 00000000 ____D C:\Users\VAN\AppData\Roaming\WeatherTool
2016-09-14 10:30 - 2016-10-31 21:58 - 00004000 _____ C:\Windows\System32\Tasks\Yahoo! Powered momoc
2016-09-14 10:30 - 2016-10-31 21:58 - 00001440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2016-09-14 10:30 - 2016-10-31 21:58 - 00000000 ____D C:\Users\VAN\AppData\Local\{6AF25CAE-4E5A-3016-23C2-15FE07AAE966}
2016-09-14 10:30 - 2016-10-31 21:57 - 00000286 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-09-14 10:30 - 2016-10-31 21:57 - 00000286 __RSH C:\ProgramData\ntuser.pol
2016-09-14 10:30 - 2016-10-31 01:30 - 00000000 ____D C:\Users\Todos os Usuários\{03B0C6D3-89F2-4C15-0F34-D25795765999}
2016-09-14 10:30 - 2016-10-31 01:30 - 00000000 ____D C:\ProgramData\{03B0C6D3-89F2-4C15-0F34-D25795765999}
2016-09-14 10:30 - 2016-09-18 05:57 - 00000000 ____D C:\Program Files\ByteFence
2016-09-14 10:30 - 2016-09-14 11:30 - 00000000 ____D C:\Users\VAN\AppData\Local\{6AAF5C14-4FFD-3162-24CB-16B0F819EB8E}
2016-09-14 10:30 - 2016-09-14 10:30 - 00000000 ____D C:\Users\Public\Documents\Tools
2016-09-14 10:30 - 2016-09-14 10:30 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-09-14 10:30 - 2016-09-14 10:30 - 00000000 ____D C:\Users\Public\Documents\Baidu
2016-09-14 10:30 - 2016-09-14 10:30 - 00000000 ____D C:\Program Files\AVAST Software
2016-09-14 10:30 - 2016-09-14 10:30 - 00000000 ____D C:\Program Files (x86)\WeatherTool
2016-09-14 10:29 - 2016-09-14 10:29 - 00769743 _____ ((c) Vitzo Limited ) C:\Users\VAN\Downloads\Baixaki_vdownloader [1].exe
2016-09-14 10:29 - 2016-09-14 10:29 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2016-09-14 10:29 - 2016-09-14 10:29 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-14 10:28 - 2016-09-14 10:28 - 01611000 _____ (File Software ) C:\Users\VAN\Downloads\Baixaki_vdownloader.exe
2016-09-09 22:44 - 2016-09-09 22:44 - 00281216 _____ C:\Windows\Minidump\090916-13182-01.dmp
2016-09-03 23:37 - 2016-09-03 23:37 - 00281216 _____ C:\Windows\Minidump\090316-11559-01.dmp
2016-09-03 12:10 - 2016-09-03 12:10 - 00053520 _____ C:\Users\VAN\Downloads\Res No 33-2008 Autoriza a oferta e o func. do Curso de Graduacao 2013 Licenciatura em Biologia- EAD..pdf
2016-08-30 13:33 - 2016-08-30 13:33 - 00081356 _____ C:\Users\VAN\Documents\vcnet1.pdf
2016-08-30 13:33 - 2016-08-30 13:33 - 00081115 _____ C:\Users\VAN\Documents\vcnet2.pdf
2016-08-29 18:01 - 2016-10-19 10:41 - 00000000 ____D C:\Users\VAN\AppData\Roaming\vlc
2016-08-29 18:01 - 2016-08-29 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-08-27 13:55 - 2016-08-27 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Simcake
2016-08-27 13:53 - 2016-08-27 13:54 - 12903336 _____ (MEGA Limited) C:\Users\VAN\Downloads\MEGAsyncSetup.exe
2016-08-26 18:26 - 2016-08-26 18:26 - 00734815 _____ (Remote Mouse ) C:\Users\VAN\Downloads\RemoteMouse.exe
2016-08-26 18:26 - 2016-08-26 18:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Mouse
2016-08-26 18:26 - 2016-08-26 18:26 - 00000000 ____D C:\Program Files (x86)\Remote Mouse
2016-08-26 17:38 - 2016-10-31 23:45 - 00000354 _____ C:\Windows\Tasks\DriverToolkit Autorun.job
2016-08-26 17:38 - 2016-10-31 23:44 - 00002702 _____ C:\Windows\System32\Tasks\DriverToolkit Autorun
2016-08-26 17:24 - 2016-08-26 17:24 - 01077248 _____ C:\Windows\system32\AmRdrIco.icl
2016-08-26 17:24 - 2016-08-26 17:24 - 00090264 _____ (Alcor Micro, Corp.) C:\Windows\system32\Drivers\AmUStor.sys
2016-08-26 17:24 - 2016-08-26 17:24 - 00041841 _____ C:\Windows\system32\AmUStor.ini
2016-08-26 17:24 - 2016-08-26 17:24 - 00020632 _____ (Alcor Micro, Corp.) C:\Windows\system32\AmUStor2.dll
2016-08-26 17:24 - 2016-08-26 17:24 - 00000640 _____ C:\Windows\system32\VendorCmd6435.bin
2016-08-26 17:24 - 2016-08-26 17:24 - 00000032 _____ C:\Windows\system32\VendorCommand_MS1bit.bin
2016-08-26 17:24 - 2016-08-26 17:24 - 00000032 _____ C:\Windows\system32\VendorCmd6485.bin
2016-08-26 17:24 - 2016-08-26 17:24 - 00000032 _____ C:\Windows\system32\VendorCmd6465.bin
2016-08-26 17:24 - 2016-08-26 17:24 - 00000008 _____ C:\Windows\system32\CardDetect6485.bin
2016-08-26 17:24 - 2016-08-26 17:24 - 00000008 _____ C:\Windows\system32\CardDetect6420.bin
2016-08-26 17:24 - 2016-08-26 17:24 - 00000008 _____ C:\Windows\system32\CardDetect6366.bin
2016-08-26 17:24 - 2016-08-26 17:24 - 00000008 _____ C:\Windows\system32\CardDetect6362.bin
2016-08-26 17:24 - 2016-08-26 17:24 - 00000008 _____ C:\Windows\system32\CardDetect6361.bin
2016-08-26 17:24 - 2016-08-26 17:24 - 00000008 _____ C:\Windows\system32\CardDetect6339.bin
2016-08-26 17:20 - 2016-08-26 17:20 - 00000000 ____D C:\Users\VAN\AppData\Local\DriverToolkit
2016-08-26 17:20 - 2016-08-26 17:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
2016-08-26 17:20 - 2016-08-26 17:20 - 00000000 ____D C:\Program Files (x86)\DriverToolkit
2016-08-26 17:19 - 2016-08-26 17:19 - 02449376 _____ (Megaify Software ) C:\Users\VAN\Downloads\DriverToolkitInstaller.exe
2016-08-26 01:58 - 2016-08-26 04:26 - 455790942 _____ C:\Users\VAN\Downloads\Classic Rock Pack 2015 - www.musicasparabaixar.org.rar
2016-08-25 19:59 - 2016-08-25 19:59 - 00000000 ____D C:\Users\VAN\psoul
2016-08-25 19:59 - 2016-08-25 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PSoul
2016-08-25 19:58 - 2016-08-25 19:58 - 00000000 ____D C:\Program Files (x86)\PSoul
2016-08-25 19:46 - 2016-08-25 19:57 - 140234605 _____ (PSoul ) C:\Users\VAN\Downloads\setup-psoul.exe
2016-08-25 19:44 - 2016-08-25 19:44 - 01005568 _____ (Microsoft Corporation) C:\Users\VAN\Downloads\dotNetFx45_Full_setup.exe
2016-08-25 19:41 - 2016-08-25 19:41 - 00967168 _____ C:\Users\VAN\Downloads\PSoulLauncherSetup.msi
2016-08-25 16:41 - 2016-08-29 18:00 - 00000000 ____D C:\50bed4b356c1485d14
2016-08-25 16:35 - 2016-08-25 16:35 - 00000000 ____D C:\Users\VAN\Downloads\MEmu Download
2016-08-25 16:35 - 2016-08-25 16:35 - 00000000 ____D C:\Users\VAN\.MemuHyperv
2016-08-25 16:34 - 2016-08-27 13:55 - 00000000 ____D C:\Program Files (x86)\Simcake
2016-08-25 16:34 - 2016-08-25 16:35 - 00000000 ____D C:\Users\VAN\.android
2016-08-25 16:22 - 2016-08-25 16:22 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2016-08-25 16:22 - 2016-08-25 16:22 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-25 16:22 - 2016-08-25 16:22 - 00000000 ____D C:\Program Files\MSBuild
2016-08-25 16:22 - 2016-08-25 16:22 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-25 16:22 - 2016-08-25 16:22 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-25 16:21 - 2016-08-25 16:23 - 00196608 _____ C:\Windows\ocsetup_install_NetFx3.etl
2016-08-25 16:21 - 2016-08-25 16:23 - 00028463 _____ C:\Windows\ocsetup_cbs_install_NetFx3.txt
2016-08-25 16:19 - 2016-08-25 16:20 - 02300400 _____ (Beijing Fantasy Game Network Technology Co., Ltd.) C:\Users\VAN\Downloads\MEmuSetup.868347.exe
2016-08-25 16:15 - 2016-08-25 16:15 - 00003134 _____ C:\Windows\System32\Tasks\{55E44644-8FDB-4E85-9BB9-27D28C9FE7B6}
2016-08-25 16:09 - 2016-08-25 16:09 - 02959376 _____ (Microsoft Corporation) C:\Users\VAN\Downloads\dotnetfx35setup (1).exe
2016-08-25 16:04 - 2016-08-25 16:04 - 02869264 _____ (Microsoft Corporation) C:\Users\VAN\Downloads\dotNetFx35setup.exe
2016-08-25 15:51 - 2016-08-25 15:51 - 00000000 ____D C:\Users\VAN\AppData\Local\BlueStacksSetup
2016-08-25 15:51 - 2016-08-25 15:51 - 00000000 ____D C:\Users\VAN\AppData\Local\BlueStacks
2016-08-25 15:50 - 2016-08-25 15:51 - 03785056 _____ (BlueStack Systems, Inc.) C:\Users\VAN\Downloads\BlueStacks-ThinInstaller_0.6.3.0686.exe
2016-08-25 15:13 - 2016-08-25 15:28 - 319685088 _____ (BlueStack Systems Inc.) C:\Users\VAN\Downloads\BlueStacks2_native_6b1a6dc7b211e36d475fea991ca99253.exe
2016-08-23 13:26 - 2016-08-23 14:08 - 00000000 ____D C:\Users\VAN\Downloads\Minions (2015) BRrip Blu-Ray 1080p 5.1 Ch Dublado - AndreTPF
2016-08-23 13:25 - 2016-10-31 14:22 - 00000000 ____D C:\Users\VAN\AppData\LocalLow\uTorrent
2016-08-23 13:25 - 2016-08-23 13:25 - 00002591 _____ C:\Users\VAN\Desktop\µTorrent.lnk
2016-08-23 13:25 - 2016-08-23 13:25 - 00002591 _____ C:\Users\VAN\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-08-23 13:25 - 2016-08-23 13:25 - 00000000 ___SD C:\Users\VAN\AppData\LocalLow\Temp
2016-08-23 13:24 - 2016-10-31 22:56 - 00000000 ____D C:\Users\VAN\AppData\Roaming\uTorrent
2016-08-23 13:23 - 2016-08-23 13:23 - 02369536 _____ (BitTorrent Inc.) C:\Users\VAN\Downloads\uTorrent.exe
2016-08-05 22:19 - 2016-08-05 22:19 - 01903866 _____ C:\Users\VAN\Downloads\Microsoft.VCLibs.ARM.Debug.14.00.appx
2016-08-05 22:18 - 2016-08-05 22:20 - 26651473 _____ C:\Users\VAN\Downloads\PokemonGo-UWP_1.0.3.0_ARM_Debug.appx
2016-08-05 22:18 - 2016-08-05 22:19 - 07821489 _____ C:\Users\VAN\Downloads\Microsoft.NET.CoreRuntime.1.0.appx
2016-08-05 22:17 - 2016-08-05 22:20 - 31957524 _____ C:\Users\VAN\Downloads\PokemonGo-UWP_1.0.12.0_ARM_Debug.appx
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-11-01 01:11 - 2009-07-14 01:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-11-01 00:18 - 2016-07-27 23:00 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-31 23:51 - 2009-07-29 13:49 - 00703080 _____ C:\Windows\system32\prfh0416.dat
2016-10-31 23:51 - 2009-07-29 13:49 - 00145866 _____ C:\Windows\system32\prfc0416.dat
2016-10-31 23:51 - 2009-07-14 03:13 - 01626900 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-31 23:51 - 2009-07-14 02:45 - 00014208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-31 23:51 - 2009-07-14 02:45 - 00014208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-31 23:51 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\inf
2016-10-31 23:48 - 2016-07-27 22:22 - 00002866 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (VAN)
2016-10-31 23:46 - 2016-07-27 22:47 - 00000000 __SHD C:\Users\VAN\IntelGraphicsProfiles
2016-10-31 23:45 - 2016-07-27 23:00 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-31 23:45 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-31 22:58 - 2016-07-27 22:22 - 00128072 _____ C:\Users\VAN\AppData\Local\GDIPFONTCACHEV1.DAT
2016-10-31 22:58 - 2009-07-14 02:45 - 00503712 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-31 16:07 - 2016-07-27 21:51 - 00000000 ____D C:\Users\VAN
2016-10-31 15:05 - 2009-07-14 05:45 - 00000000 ____D C:\Windows\ShellNew
2016-10-31 15:04 - 2009-07-14 00:34 - 00000387 _____ C:\Windows\win.ini
2016-10-30 17:33 - 2016-07-28 08:54 - 00000000 ____D C:\Windows\Minidump
2016-10-30 17:33 - 2016-07-28 08:53 - 435634273 _____ C:\Windows\MEMORY.DMP
2016-10-28 21:29 - 2016-07-27 23:00 - 00000000 ____D C:\Users\VAN\AppData\Local\Google
2016-10-21 19:21 - 2016-07-27 23:05 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-09 19:04 - 2016-07-27 23:29 - 00000000 ____D C:\Users\VAN\Desktop\jaca
==================== Arquivos na raiz de alguns diretórios =======
2016-10-31 21:57 - 2016-10-31 21:58 - 0017342 _____ () C:\Users\VAN\AppData\Roaming\Faneb
2016-09-14 11:18 - 2016-09-14 11:18 - 0021212 _____ () C:\Users\VAN\AppData\Roaming\ICSW_0F1F1C1H1T2Z0F1T1R2Z1F1C2U1V0F0StJ1V0C1F1G2X1P1C2Z0X2Z1F0V1L1Q1P1F.txt
2016-09-14 11:18 - 2016-09-14 11:18 - 0099384 _____ () C:\Users\VAN\AppData\Roaming\inst.exe
2016-09-14 11:18 - 2016-09-14 11:18 - 0007859 _____ () C:\Users\VAN\AppData\Roaming\pcouffin.cat
2016-09-14 11:18 - 2016-09-14 11:18 - 0001167 _____ () C:\Users\VAN\AppData\Roaming\pcouffin.inf
2016-09-14 11:18 - 2016-09-14 11:18 - 0000055 _____ () C:\Users\VAN\AppData\Roaming\pcouffin.log
2016-09-14 11:18 - 2016-09-14 11:18 - 0082816 _____ (VSO Software) C:\Users\VAN\AppData\Roaming\pcouffin.sys
Alguns arquivos em TEMP:
====================
C:\Users\VAN\AppData\Local\Temp\34509620.exe
C:\Users\VAN\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\VAN\AppData\Local\Temp\cabex.dll
C:\Users\VAN\AppData\Local\Temp\ClientToMobilePlatform.exe
C:\Users\VAN\AppData\Local\Temp\Dotnet4.exe
C:\Users\VAN\AppData\Local\Temp\ICReinstall_Jonas Esticado - Promocional - Ao Vivo no VillaMix - 2016.exe
C:\Users\VAN\AppData\Local\Temp\InstallGenieo.exe
C:\Users\VAN\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\VAN\AppData\Local\Temp\jreInstall.exe
C:\Users\VAN\AppData\Local\Temp\s3.exe
C:\Users\VAN\AppData\Local\Temp\simpliclean_2.4.6.195.exe
C:\Users\VAN\AppData\Local\Temp\unelevate.exe
C:\Users\VAN\AppData\Local\Temp\UpdateCheckerSetup.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-10-25 01:09
==================== Fim de FRST.txt ============================
Executado por VAN (administrador) em VAN-PC (01-11-2016 01:16:01)
Executando a partir de C:\Users\VAN\Desktop
Perfis Carregados: VAN (Perfis Disponíveis: VAN)
Platform: Windows 7 Home Premium (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Beijing Fantasy Game Network Technology Co., Ltd.) C:\Program Files (x86)\Simcake\2.8.35.1800\SimcakeSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(simplitec GmbH) C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
(Megaify Software Co., Ltd.) C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
(Somoto) C:\Users\VAN\AppData\Local\FilesFrog Update Checker\update_checker.exe
() C:\Program Files (x86)\WeatherTool\2.0.1.5000028\WeatherService.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(ShenZhen Enode Techology co,.Ltd) C:\Program Files (x86)\WeatherTool\2.0.1.5000028\weather_free.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro3\JSDriver\1.42.1.10657\jsdrv.exe [2562048 2016-04-05] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9099440 2016-10-27] (AVAST Software)
HKLM-x32\...\RunOnce: [Tokasakahoh] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\VAN\AppData\Roaming\Faneb"
HKU\S-1-5-21-3685981435-3410721990-2421854054-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro3\JSDriver\1.42.1.10657\jsdrv.exe [2562048 2016-04-05] ()
HKU\S-1-5-21-3685981435-3410721990-2421854054-1000\...\Run: [Chromium] => c:\users\van\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-3685981435-3410721990-2421854054-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2226120 2016-09-14] (GOOBZO)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-14] (AVAST Software)
GroupPolicy: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 170.84.159.212 208.67.222.222
Tcpip\..\Interfaces\{05ED152E-44D3-432D-877F-E28F80C9065D}: [DhcpNameServer] 170.84.159.212 208.67.222.222
Tcpip\..\Interfaces\{6257924F-8852-4AAA-A8C9-316C54931A7A}: [DhcpNameServer] 192.168.250.236 172.16.136.40 8.8.8.8
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_44¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0EyC0EtB0DyD0ByB0AtBtAyEyDzztN0D0Tzu0StCyByCyDtN1L2XzutAtFtByEtFtByBtFyDtCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StC0E0E0E0EyE0EtCtGtC0EyB0AtGyE0AtDtBtGyD0FzzyBtGzyyCtDyEtBtAtB0C0CyEtC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DzzyBtDtCyC0A0BtGyEyEyC0CtGyEyDtDtAtG0BtCyDtAtGyE0Azy0AtAzztC0B0AyB0BtC2QtN0A0LzuyE%26cr%3D1223931876%26a%3Dwbf_bxinw_16_44%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_44¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0EyC0EtB0DyD0ByB0AtBtAyEyDzztN0D0Tzu0StCyByCyDtN1L2XzutAtFtByEtFtByBtFyDtCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StC0E0E0E0EyE0EtCtGtC0EyB0AtGyE0AtDtBtGyD0FzzyBtGzyyCtDyEtBtAtB0C0CyEtC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DzzyBtDtCyC0A0BtGyEyEyC0CtGyEyDtDtAtG0BtCyDtAtGyE0Azy0AtAzztC0B0AyB0BtC2QtN0A0LzuyE%26cr%3D1223931876%26a%3Dwbf_bxinw_16_44%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
HKU\S-1-5-21-3685981435-3410721990-2421854054-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_44¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0EyC0EtB0DyD0ByB0AtBtAyEyDzztN0D0Tzu0StCyByCyDtN1L2XzutAtFtByEtFtByBtFyDtCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StC0E0E0E0EyE0EtCtGtC0EyB0AtGyE0AtDtBtGyD0FzzyBtGzyyCtDyEtBtAtB0C0CyEtC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DzzyBtDtCyC0A0BtGyEyEyC0CtGyEyDtDtAtG0BtCyDtAtGyE0Azy0AtAzztC0B0AyB0BtC2QtN0A0LzuyE%26cr%3D1223931876%26a%3Dwbf_bxinw_16_44%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_44¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0EyC0EtB0DyD0ByB0AtBtAyEyDzztN0D0Tzu0StCyByCyDtN1L2XzutAtFtByEtFtByBtFyDtCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StC0E0E0E0EyE0EtCtGtC0EyB0AtGyE0AtDtBtGyD0FzzyBtGzyyCtDyEtBtAtB0C0CyEtC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DzzyBtDtCyC0A0BtGyEyEyC0CtGyEyDtDtAtG0BtCyDtAtGyE0Azy0AtAzztC0B0AyB0BtC2QtN0A0LzuyE%26cr%3D1223931876%26a%3Dwbf_bxinw_16_44%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_44¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0EyC0EtB0DyD0ByB0AtBtAyEyDzztN0D0Tzu0StCyByCyDtN1L2XzutAtFtByEtFtByBtFyDtCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StC0E0E0E0EyE0EtCtGtC0EyB0AtGyE0AtDtBtGyD0FzzyBtGzyyCtDyEtBtAtB0C0CyEtC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DzzyBtDtCyC0A0BtGyEyEyC0CtGyEyDtDtAtG0BtCyDtAtGyE0Azy0AtAzztC0B0AyB0BtC2QtN0A0LzuyE%26cr%3D1223931876%26a%3Dwbf_bxinw_16_44%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_44¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0EyC0EtB0DyD0ByB0AtBtAyEyDzztN0D0Tzu0StCyByCyDtN1L2XzutAtFtByEtFtByBtFyDtCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StC0E0E0E0EyE0EtCtGtC0EyB0AtGyE0AtDtBtGyD0FzzyBtGzyyCtDyEtBtAtB0C0CyEtC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DzzyBtDtCyC0A0BtGyEyEyC0CtGyEyDtDtAtG0BtCyDtAtGyE0Azy0AtAzztC0B0AyB0BtC2QtN0A0LzuyE%26cr%3D1223931876%26a%3Dwbf_bxinw_16_44%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_44¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0EyC0EtB0DyD0ByB0AtBtAyEyDzztN0D0Tzu0StCyByCyDtN1L2XzutAtFtByEtFtByBtFyDtCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StC0E0E0E0EyE0EtCtGtC0EyB0AtGyE0AtDtBtGyD0FzzyBtGzyyCtDyEtBtAtB0C0CyEtC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DzzyBtDtCyC0A0BtGyEyEyC0CtGyEyDtDtAtG0BtCyDtAtGyE0Azy0AtAzztC0B0AyB0BtC2QtN0A0LzuyE%26cr%3D1223931876%26a%3Dwbf_bxinw_16_44%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3685981435-3410721990-2421854054-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_44¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0EyC0EtB0DyD0ByB0AtBtAyEyDzztN0D0Tzu0StCyByCyDtN1L2XzutAtFtByEtFtByBtFyDtCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StC0E0E0E0EyE0EtCtGtC0EyB0AtGyE0AtDtBtGyD0FzzyBtGzyyCtDyEtBtAtB0C0CyEtC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DzzyBtDtCyC0A0BtGyEyEyC0CtGyEyDtDtAtG0BtCyDtAtGyE0Azy0AtAzztC0B0AyB0BtC2QtN0A0LzuyE%26cr%3D1223931876%26a%3Dwbf_bxinw_16_44%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3685981435-3410721990-2421854054-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_44¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0EyC0EtB0DyD0ByB0AtBtAyEyDzztN0D0Tzu0StCyByCyDtN1L2XzutAtFtByEtFtByBtFyDtCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StC0E0E0E0EyE0EtCtGtC0EyB0AtGyE0AtDtBtGyD0FzzyBtGzyyCtDyEtBtAtB0C0CyEtC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DzzyBtDtCyC0A0BtGyEyEyC0CtGyEyDtDtAtG0BtCyDtAtGyE0Azy0AtAzztC0B0AyB0BtC2QtN0A0LzuyE%26cr%3D1223931876%26a%3Dwbf_bxinw_16_44%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro3\ShopperPro364.dll [2016-04-05] ()
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-11-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2016-09-14] (Oracle Corporation)
BHO-x32: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro3\ShopperPro3.dll [2016-04-05] ()
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2016-09-14] (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-01] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-01] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-01] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-01] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-01] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-01] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-01] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-01] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-11-01] (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2016-09-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2016-09-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-11-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\50bed4b356c1485d14\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\50bed4b356c1485d14\VLC\npvlc.dll [2016-06-01] (VideoLAN)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR DefaultSearchURL: Profile 1 -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Profile 1 -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\VAN\AppData\Local\Google\Chrome\User Data\Default [2016-09-14]
CHR Profile: C:\Users\VAN\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-11-01]
CHR Extension: (Google Drive) - C:\Users\VAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-27]
CHR Extension: (YouTube) - C:\Users\VAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-27]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\VAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-27]
CHR Extension: (Gmail) - C:\Users\VAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-27]
CHR Extension: (Chrome Media Router) - C:\Users\VAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-21]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3685981435-3410721990-2421854054-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-14] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3064520 2016-10-08] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319096 2016-07-27] (Intel Corporation)
S2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [18432 2016-06-25] () [Arquivo não assinado]
R2 SimcakeSVC; C:\Program Files (x86)\Simcake\2.8.35.1800\SimcakeSvc.exe [121632 1703-07-31] (Beijing Fantasy Game Network Technology Co., Ltd.)
S2 SPBIUpd; C:\Program Files\Common Files\ShopperPro3\spbiu.exe [1224704 2016-04-05] () [Arquivo não assinado] <==== ATENÇÃO
R2 TheFreeWeatherService; C:\Program Files (x86)\WeatherTool\2.0.1.5000028\WeatherService.exe [156784 2016-08-11] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1509320 2016-09-14] (GOOBZO)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-14] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-07-27] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31712 2016-07-27] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-07-27] (Intel Corporation)
R2 memudrv; C:\Program Files (x86)\Simcake\Microvirt\MEmuHyperv\MEmuDrv.sys [260328 2016-01-16] (Microvirt Corporation)
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [413912 2016-07-27] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33960 2016-07-27] (Synaptics Incorporated)
S3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro3\spbiw.sys [43832 2016-04-05] ()
S2 SPDRIVER_1.42.1.10657; C:\Program Files (x86)\ShopperPro3\JSDriver\1.42.1.10657\jsdrv.sys [53040 2016-04-05] ()
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-11-01 01:16 - 2016-11-01 01:16 - 00020934 _____ C:\Users\VAN\Desktop\FRST.txt
2016-11-01 01:15 - 2016-11-01 01:16 - 00000000 ____D C:\FRST
2016-11-01 01:15 - 2016-11-01 01:15 - 02408960 _____ (Farbar) C:\Users\VAN\Downloads\FRST64.exe
2016-11-01 01:15 - 2016-11-01 01:15 - 02408960 _____ (Farbar) C:\Users\VAN\Desktop\FRST64.exe
2016-11-01 01:11 - 2016-11-01 01:11 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-11-01 00:19 - 2016-11-01 00:19 - 00002406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-11-01 00:19 - 2016-11-01 00:19 - 00002371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-11-01 00:19 - 2016-11-01 00:19 - 00002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-11-01 00:19 - 2016-11-01 00:19 - 00002352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-11-01 00:19 - 2016-11-01 00:19 - 00002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-11-01 00:19 - 2016-11-01 00:19 - 00002338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-11-01 00:19 - 2016-11-01 00:19 - 00002322 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-11-01 00:19 - 2016-11-01 00:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016
2016-11-01 00:14 - 2016-11-01 01:11 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2016-11-01 00:14 - 2016-11-01 01:11 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-31 23:52 - 2016-10-31 23:52 - 14381616 _____ C:\Windows\MSYHBD.tt2
2016-10-31 23:52 - 2016-10-31 23:51 - 21543568 _____ C:\Windows\MSYH.tt2
2016-10-31 23:52 - 2016-10-31 23:50 - 21302624 _____ C:\Windows\MSJH.tt2
2016-10-31 23:52 - 2016-10-31 23:50 - 14343024 _____ C:\Windows\MSJHBD.tt2
2016-10-31 23:48 - 2016-10-31 23:48 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-10-31 23:37 - 2016-10-31 23:46 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2016-10-31 23:37 - 2016-10-31 23:45 - 00000000 ____D C:\Windows\AutoKMS
2016-10-31 23:36 - 2016-10-31 23:36 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Toolkit
2016-10-31 23:36 - 2016-10-31 23:36 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2016-10-31 23:20 - 2016-10-31 23:22 - 01595668 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-10-31 23:15 - 2009-11-25 17:47 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2016-10-31 23:15 - 2009-11-25 17:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2016-10-31 23:15 - 2009-11-25 17:47 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2016-10-31 23:15 - 2009-11-25 17:47 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2016-10-31 23:15 - 2009-11-25 17:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2016-10-31 23:15 - 2009-11-25 17:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2016-10-31 23:15 - 2009-11-25 17:47 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2016-10-31 23:15 - 2009-11-25 17:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2016-10-31 23:15 - 2009-11-25 17:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2016-10-31 23:15 - 2009-11-25 17:47 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2016-10-31 23:05 - 2016-10-31 23:05 - 00001225 _____ C:\Users\VAN\Desktop\League client alpha.lnk
2016-10-31 22:56 - 2016-10-31 21:54 - 01889856 _____ ( ) C:\Users\VAN\Desktop\Baixaki_microsoft-net-framework-4-0-30319-1.exe
2016-10-31 22:00 - 2016-10-31 22:31 - 43000506 _____ C:\Users\VAN\Downloads\Net framework 4.... POR MARCOS CH.rar
2016-10-31 21:58 - 2016-11-01 00:58 - 00000974 _____ C:\Windows\Tasks\Yahoo! Powered momoc.job
2016-10-31 21:57 - 2016-10-31 21:58 - 00017342 _____ C:\Users\VAN\AppData\Roaming\Faneb
2016-10-31 21:55 - 2016-10-31 23:13 - 00889416 _____ (Microsoft Corporation) C:\Users\VAN\Downloads\Baixaki_microsoft-net-framework-4-0-30319-1 [1].exe
2016-10-31 21:54 - 2016-10-31 21:54 - 01889856 _____ ( ) C:\Users\VAN\Downloads\Baixaki_microsoft-net-framework-4-0-30319-1.exe
2016-10-31 21:22 - 2016-10-31 21:44 - 50449456 _____ (Microsoft Corporation) C:\Users\VAN\Downloads\dotNetFx40_Full_x86_x64.exe
2016-10-31 16:07 - 2016-11-01 01:12 - 00002122 _____ C:\Users\VAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-10-31 16:07 - 2016-11-01 01:12 - 00000000 ___RD C:\Users\VAN\OneDrive
2016-10-31 16:07 - 2016-10-31 16:07 - 00002110 _____ C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-10-31 16:07 - 2016-10-31 16:07 - 00002110 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-10-31 16:07 - 2016-10-31 16:07 - 00002110 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-10-31 16:07 - 2016-10-31 16:07 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2016-10-31 16:07 - 2016-10-31 16:07 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-10-31 16:07 - 2016-10-31 16:07 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2016-10-31 15:16 - 2016-10-31 23:48 - 01804512 _____ C:\Windows\GABRIOLA.tt2
2016-10-31 15:14 - 2016-11-01 00:13 - 00000000 ____D C:\Program Files\Microsoft Office
2016-10-31 15:03 - 2016-10-31 21:49 - 00000000 ____D C:\Users\VAN\Desktop\Office 2016 Online
2016-10-31 15:02 - 2016-10-31 15:01 - 62024136 _____ C:\Users\VAN\Desktop\Office 2016 Online.rar
2016-10-31 15:01 - 2016-10-31 15:01 - 62024136 _____ C:\Users\VAN\Downloads\Office 2016 Online.rar
2016-10-31 14:32 - 2016-10-31 14:33 - 00000000 ____D C:\Users\VAN\Downloads\The Vampire Diaries - 7ª Temporada (2016) Dual Áudio 720p (By-LuanHarper)
2016-10-31 14:21 - 2016-10-31 15:06 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-10-31 14:21 - 2016-10-31 14:21 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-10-31 14:21 - 2016-10-31 14:21 - 00000000 ____D C:\Users\VAN\AppData\Local\Microsoft Help
2016-10-31 14:20 - 2016-10-31 15:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-10-30 17:33 - 2016-10-30 17:33 - 00281216 _____ C:\Windows\Minidump\103016-13306-01.dmp
2016-10-30 01:30 - 2016-10-30 01:31 - 25505304 _____ ( ) C:\Users\VAN\Downloads\AdbeRdr930_pt_BR.exe
2016-10-28 19:59 - 2016-10-28 19:59 - 03365678 _____ C:\Users\VAN\Downloads\qvt1
2016-10-28 19:59 - 2016-10-28 19:59 - 01993295 _____ C:\Users\VAN\Downloads\PDFdu_Rotate_PDF_setup.zip
2016-10-28 19:58 - 2016-10-28 19:58 - 00988529 _____ C:\Users\VAN\Downloads\dp1
2016-10-28 19:58 - 2016-10-28 19:58 - 00649051 _____ C:\Users\VAN\Downloads\recrutamento1
2016-10-21 18:48 - 2016-10-21 18:48 - 01894760 _____ ( ) C:\Users\VAN\Downloads\Baixaki_daemon-tools-lite.exe
2016-10-21 18:45 - 2016-10-21 18:45 - 00013839 _____ C:\Users\VAN\Downloads\asdfasdgas
2016-10-21 18:43 - 2016-10-21 18:43 - 00013839 _____ C:\Users\VAN\Downloads\crucios
2016-10-21 18:43 - 2016-10-21 18:43 - 00013839 _____ C:\Users\VAN\Downloads\b71a871e-68cb-4f23-994a-2eefb894f29f
2016-10-21 12:30 - 2016-10-21 14:03 - 00000000 ____D C:\Users\VAN\Desktop\Vionna
2016-10-21 12:25 - 2016-10-21 12:25 - 00281216 _____ C:\Windows\Minidump\102116-16723-01.dmp
2016-10-19 09:44 - 2016-10-19 09:45 - 02179850 _____ C:\Users\VAN\Downloads\Traketeo-Zumba---Nene-Malo-ZIN-56.3gp
2016-10-18 21:22 - 2016-10-18 21:22 - 00011989 _____ C:\Users\VAN\Downloads\dcat
2016-10-18 20:48 - 2016-10-18 20:48 - 00281272 _____ C:\Windows\Minidump\101816-19297-01.dmp
2016-10-16 14:54 - 2016-10-16 14:54 - 00434744 _____ C:\Users\VAN\Downloads\EDITAL VESTIBULAR UNCISAL 2017 - 10.10.2016.pdf
2016-10-14 22:54 - 2016-10-31 14:23 - 00000000 ____D C:\Users\VAN\Downloads\Piratas do Caribe 2 O Baú Da Morte
2016-10-14 20:53 - 2016-10-31 14:23 - 00000000 ____D C:\Users\VAN\Downloads\Piratas do Caribe 1 A Maldição Do Pérola Negra
2016-10-10 15:31 - 2016-08-15 18:27 - 00000000 ____D C:\Users\VAN\Downloads\CD PROMOCIONAL PEDRINHO PEGAÇÃO - AO VIVO EM ACARI-RN
2016-10-10 13:44 - 2016-09-29 01:11 - 00000000 ____D C:\Users\VAN\Downloads\__MACOSX
2016-10-09 19:07 - 2016-10-09 19:07 - 00000000 ____D C:\Users\VAN\Desktop\van
2016-10-08 01:10 - 2016-10-08 01:10 - 00334616 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2016-10-08 01:10 - 2016-10-08 01:10 - 00085744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140.dll
2016-10-08 01:09 - 2016-10-08 01:09 - 00639728 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140.dll
2016-10-08 01:09 - 2016-10-08 01:09 - 00443632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140.dll
2016-10-08 01:09 - 2016-10-08 01:09 - 00244496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\concrt140.dll
2016-10-08 01:08 - 2016-10-08 01:08 - 00394496 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2016-10-08 01:08 - 2016-10-08 01:08 - 00271104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib140.dll
2016-10-08 01:08 - 2016-10-08 01:08 - 00089328 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2016-10-03 22:22 - 2016-10-03 22:22 - 00000000 ____D C:\Users\VAN\AppData\Roaming\Nitro
2016-10-03 22:21 - 2016-10-03 22:24 - 00000000 ____D C:\Program Files\Nitro
2016-10-03 22:21 - 2016-10-03 22:21 - 00000000 ____D C:\Users\Todos os Usuários\Nitro
2016-10-03 22:21 - 2016-10-03 22:21 - 00000000 ____D C:\ProgramData\Nitro
2016-10-03 22:19 - 2016-10-03 22:19 - 00000000 ____D C:\Users\VAN\AppData\Roaming\Downloaded Installations
2016-10-03 22:12 - 2016-10-03 22:19 - 116558728 _____ (Nitro PDF Software) C:\Users\VAN\Downloads\nitro_pro10_x64.exe
2016-09-30 01:22 - 2016-10-22 01:04 - 00000000 ____D C:\Users\VAN\AppData\Roaming\Skype
2016-09-30 01:22 - 2016-10-21 16:32 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-09-30 01:22 - 2016-10-21 16:32 - 00000000 ____D C:\ProgramData\Skype
2016-09-30 01:22 - 2016-10-18 19:20 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-09-30 01:22 - 2016-09-30 01:22 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2016-09-30 01:22 - 2016-09-30 01:22 - 00000000 ____D C:\Users\VAN\Tracing
2016-09-30 01:22 - 2016-09-30 01:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-09-30 01:12 - 2016-09-30 01:15 - 41743488 _____ (Skype Technologies S.A.) C:\Users\VAN\Downloads\SkypeSetupFull.exe
2016-09-28 15:18 - 2016-09-28 15:18 - 02286133 _____ C:\Users\VAN\Documents\livroLdP.pdf
2016-09-27 20:36 - 2016-09-27 20:36 - 00003158 _____ C:\Windows\System32\Tasks\UNELEVATE_15944
2016-09-21 23:24 - 2016-09-21 23:26 - 00000000 ____D C:\Users\VAN\Downloads\Classic Rock Pack 2015 - www.musicasparabaixar.org
2016-09-20 20:13 - 2016-09-20 20:13 - 00021920 _____ C:\Users\VAN\Documents\aula2009.odt
2016-09-16 15:58 - 2016-09-16 15:58 - 00000735 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-09-16 01:16 - 2016-09-16 01:16 - 00000000 ____D C:\Users\VAN\AppData\Roaming\LibreOffice
2016-09-16 01:13 - 2016-09-16 01:13 - 00001554 _____ C:\Users\Public\Desktop\LibreOffice 5.2.lnk
2016-09-16 01:12 - 2016-09-16 01:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.2
2016-09-16 01:11 - 2016-09-16 01:12 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2016-09-16 01:00 - 2016-09-16 01:09 - 221716480 _____ C:\Users\VAN\Downloads\LibreOffice_5.2.1_Win_x86.msi
2016-09-15 20:51 - 2016-09-15 20:51 - 00000000 ____D C:\Users\VAN\AppData\LocalLow\Oracle
2016-09-15 20:49 - 2016-09-15 20:49 - 00000000 ____D C:\Users\VAN\Documents\Picosmos
2016-09-15 20:38 - 2016-09-15 20:38 - 02539067 _____ C:\Users\VAN\Downloads\AtvdR W7 By PH Downs.rar
2016-09-14 12:07 - 2016-09-14 12:13 - 111040690 _____ C:\Users\VAN\Downloads\Aula de Ginástica - Derreta Gorduras com 20 min de AeroHiiT #7.avi
2016-09-14 11:32 - 2016-09-14 11:32 - 00000000 ____D C:\Users\VAN\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
2016-09-14 11:27 - 2016-09-14 11:27 - 00000000 ____D C:\Users\VAN\AppData\Roaming\Picosmos
2016-09-14 11:27 - 2016-09-14 11:27 - 00000000 ____D C:\Users\VAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PicosmosTools
2016-09-14 11:27 - 2016-09-14 11:27 - 00000000 ____D C:\Program Files (x86)\PicosmosTools
2016-09-14 11:26 - 2016-09-14 11:26 - 00000000 ____D C:\Users\VAN\AppData\Local\fontconfig
2016-09-14 11:24 - 2016-09-14 11:35 - 00000000 ____D C:\Users\VAN\Documents\ConvertXtoVideo Ultimate
2016-09-14 11:20 - 2016-10-31 23:45 - 00000430 _____ C:\Windows\Tasks\simplitec Power Suite (Tray).job
2016-09-14 11:20 - 2016-09-15 20:30 - 00000374 _____ C:\Windows\Tasks\simplitec Power Suite.job
2016-09-14 11:20 - 2016-09-14 11:20 - 00002806 _____ C:\Windows\System32\Tasks\simplitec Power Suite (Tray)
2016-09-14 11:20 - 2016-09-14 11:20 - 00002746 _____ C:\Windows\System32\Tasks\simplitec Power Suite
2016-09-14 11:20 - 2016-09-14 11:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
2016-09-14 11:19 - 2016-09-14 11:19 - 00000000 ____D C:\Users\Todos os Usuários\simplitec
2016-09-14 11:19 - 2016-09-14 11:19 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-09-14 11:19 - 2016-09-14 11:19 - 00000000 ____D C:\ProgramData\simplitec
2016-09-14 11:19 - 2016-09-14 11:19 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-14 11:19 - 2016-09-14 11:19 - 00000000 ____D C:\Program Files (x86)\simplitec
2016-09-14 11:19 - 2016-06-03 18:16 - 00120200 _____ () C:\Windows\SysWOW64\DLLDEV32i.dll
2016-09-14 11:18 - 2016-09-14 11:25 - 00000000 ____D C:\FFOutput
2016-09-14 11:18 - 2016-09-14 11:21 - 00000000 ____D C:\Users\Todos os Usuários\VSO
2016-09-14 11:18 - 2016-09-14 11:21 - 00000000 ____D C:\ProgramData\VSO
2016-09-14 11:18 - 2016-09-14 11:18 - 00099384 _____ C:\Users\VAN\AppData\Roaming\inst.exe
2016-09-14 11:18 - 2016-09-14 11:18 - 00082816 _____ (VSO Software) C:\Users\VAN\AppData\Roaming\pcouffin.sys
2016-09-14 11:18 - 2016-09-14 11:18 - 00021212 _____ C:\Users\VAN\AppData\Roaming\ICSW_0F1F1C1H1T2Z0F1T1R2Z1F1C2U1V0F0StJ1V0C1F1G2X1P1C2Z0X2Z1F0V1L1Q1P1F.txt
2016-09-14 11:18 - 2016-09-14 11:18 - 00007859 _____ C:\Users\VAN\AppData\Roaming\pcouffin.cat
2016-09-14 11:18 - 2016-09-14 11:18 - 00000000 ____D C:\Users\VAN\Documents\PcSetup
2016-09-14 11:18 - 2016-09-14 11:18 - 00000000 ____D C:\Users\VAN\Documents\ConvertXtoVideo
2016-09-14 11:18 - 2016-09-14 11:18 - 00000000 ____D C:\Users\VAN\AppData\Roaming\Vso
2016-09-14 11:18 - 2016-09-14 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
2016-09-14 11:18 - 2016-09-14 11:18 - 00000000 ____D C:\Program Files (x86)\VSO
2016-09-14 11:16 - 2016-09-14 11:16 - 47396880 _____ (Free Time Co., Ltd) C:\Users\VAN\Downloads\Baixaki_formatfactory [1].exe
2016-09-14 11:12 - 2016-10-30 03:03 - 00000000 ____D C:\Program Files (x86)\Corner Sunshine
2016-09-14 11:12 - 2016-09-14 12:12 - 00000000 ____D C:\Users\VAN\AppData\Roaming\Corner Sunshine
2016-09-14 11:12 - 2016-09-14 11:12 - 00000000 ____D C:\Users\Todos os Usuários\cosun
2016-09-14 11:12 - 2016-09-14 11:12 - 00000000 ____D C:\ProgramData\cosun
2016-09-14 11:11 - 2016-09-14 11:11 - 01611000 _____ (File Software ) C:\Users\VAN\Downloads\Baixaki_formatfactory.exe
2016-09-14 10:42 - 2016-09-14 10:49 - 58960493 _____ C:\Users\VAN\Downloads\Perder_Medidas_e_Afinar_a_Cintura_Aula_de_AeroHiit_3.mp4
2016-09-14 10:40 - 2016-10-25 01:09 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-09-14 10:40 - 2016-10-13 22:49 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-09-14 10:40 - 2016-09-22 17:36 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-09-14 10:40 - 2016-09-14 10:40 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-09-14 10:40 - 2016-09-14 10:40 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2016-09-14 10:40 - 2016-09-14 10:40 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2016-09-14 10:40 - 2016-09-14 10:40 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2016-09-14 10:40 - 2016-09-14 10:40 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2016-09-14 10:40 - 2016-09-14 10:40 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2016-09-14 10:40 - 2016-09-14 10:40 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-09-14 10:40 - 2016-09-14 10:40 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-09-14 10:40 - 2016-09-14 10:40 - 00000000 ____D C:\Users\VAN\AppData\Roaming\AVAST Software
2016-09-14 10:40 - 2016-09-14 10:40 - 00000000 ____D C:\Users\Todos os Usuários\Sun
2016-09-14 10:40 - 2016-09-14 10:40 - 00000000 ____D C:\ProgramData\Sun
2016-09-14 10:40 - 2016-09-14 10:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-09-14 10:40 - 2016-09-14 10:40 - 00000000 ____D C:\Program Files\Common Files\AV
2016-09-14 10:40 - 2016-09-14 10:40 - 00000000 ____D C:\Program Files (x86)\Java
2016-09-14 10:40 - 2016-09-14 10:39 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-09-14 10:40 - 2016-09-14 10:39 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-09-14 10:40 - 2016-09-14 10:39 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-09-14 10:40 - 2016-09-14 10:39 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-09-14 10:40 - 2016-09-14 10:39 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-09-14 10:39 - 2016-09-14 10:39 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-09-14 10:39 - 2016-09-14 10:39 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-09-14 10:39 - 2016-09-14 10:39 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-09-14 10:39 - 2016-09-14 10:39 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-09-14 10:36 - 2016-09-14 10:36 - 00000000 ____D C:\Users\VAN\AppData\LocalLow\Sun
2016-09-14 10:35 - 2016-10-31 23:46 - 00000000 ____D C:\Users\Todos os Usuários\TEMP
2016-09-14 10:35 - 2016-10-31 23:46 - 00000000 ____D C:\ProgramData\TEMP
2016-09-14 10:35 - 2016-09-15 20:32 - 00000000 ____D C:\Program Files (x86)\YouTube Accelerator
2016-09-14 10:35 - 2016-09-14 10:35 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2016-09-14 10:35 - 2016-09-14 10:35 - 00003434 _____ C:\Windows\System32\Tasks\YTAUpdate
2016-09-14 10:35 - 2016-09-14 10:35 - 00003248 _____ C:\Windows\System32\Tasks\YTAUpdate_logon
2016-09-14 10:35 - 2016-09-14 10:35 - 00003236 _____ C:\Windows\System32\Tasks\SomotoUpdateCheckerAutoStart
2016-09-14 10:35 - 2016-09-14 10:35 - 00000000 ____D C:\Users\VAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
2016-09-14 10:35 - 2016-09-14 10:35 - 00000000 ____D C:\Users\VAN\AppData\Roaming\Genieo
2016-09-14 10:35 - 2016-09-14 10:35 - 00000000 ____D C:\Users\VAN\AppData\LocalLow\Goobzo
2016-09-14 10:35 - 2016-09-14 10:35 - 00000000 ____D C:\Users\VAN\AppData\Local\FilesFrog Update Checker
2016-09-14 10:35 - 2016-09-14 10:35 - 00000000 ____D C:\Users\Public\Documents\GOOBZO
2016-09-14 10:35 - 2016-09-14 10:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2016-09-14 10:34 - 2016-09-14 10:34 - 00002213 _____ C:\Users\VAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2016-09-14 10:34 - 2016-09-14 10:34 - 00000000 ____D C:\Users\VAN\AppData\Local\chromium
2016-09-14 10:33 - 2016-09-14 10:33 - 00004346 _____ C:\Windows\System32\Tasks\ShopperPro3
2016-09-14 10:33 - 2016-09-14 10:33 - 00004226 _____ C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_313431383234343731362d3737555a416c503257344a41
2016-09-14 10:33 - 2016-09-14 10:33 - 00003562 _____ C:\Windows\System32\Tasks\ShopperProJSUpd
2016-09-14 10:33 - 2016-09-14 10:33 - 00003490 _____ C:\Windows\System32\Tasks\SPDriver
2016-09-14 10:33 - 2016-09-14 10:33 - 00000000 ____D C:\Users\Todos os Usuários\ShopperPro3
2016-09-14 10:33 - 2016-09-14 10:33 - 00000000 ____D C:\Users\Public\Documents\ShopperPro3
2016-09-14 10:33 - 2016-09-14 10:33 - 00000000 ____D C:\ProgramData\ShopperPro3
2016-09-14 10:33 - 2016-09-14 10:33 - 00000000 ____D C:\Program Files\Common Files\ShopperPro3
2016-09-14 10:33 - 2016-09-14 10:33 - 00000000 ____D C:\Program Files (x86)\ShopperPro3
2016-09-14 10:32 - 2016-09-14 10:32 - 00003452 _____ C:\Windows\System32\Tasks\Inst_Rep
2016-09-14 10:30 - 2016-10-31 23:49 - 00000000 ____D C:\Users\VAN\AppData\Roaming\WeatherTool
2016-09-14 10:30 - 2016-10-31 21:58 - 00004000 _____ C:\Windows\System32\Tasks\Yahoo! Powered momoc
2016-09-14 10:30 - 2016-10-31 21:58 - 00001440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2016-09-14 10:30 - 2016-10-31 21:58 - 00000000 ____D C:\Users\VAN\AppData\Local\{6AF25CAE-4E5A-3016-23C2-15FE07AAE966}
2016-09-14 10:30 - 2016-10-31 21:57 - 00000286 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-09-14 10:30 - 2016-10-31 21:57 - 00000286 __RSH C:\ProgramData\ntuser.pol
2016-09-14 10:30 - 2016-10-31 01:30 - 00000000 ____D C:\Users\Todos os Usuários\{03B0C6D3-89F2-4C15-0F34-D25795765999}
2016-09-14 10:30 - 2016-10-31 01:30 - 00000000 ____D C:\ProgramData\{03B0C6D3-89F2-4C15-0F34-D25795765999}
2016-09-14 10:30 - 2016-09-18 05:57 - 00000000 ____D C:\Program Files\ByteFence
2016-09-14 10:30 - 2016-09-14 11:30 - 00000000 ____D C:\Users\VAN\AppData\Local\{6AAF5C14-4FFD-3162-24CB-16B0F819EB8E}
2016-09-14 10:30 - 2016-09-14 10:30 - 00000000 ____D C:\Users\Public\Documents\Tools
2016-09-14 10:30 - 2016-09-14 10:30 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-09-14 10:30 - 2016-09-14 10:30 - 00000000 ____D C:\Users\Public\Documents\Baidu
2016-09-14 10:30 - 2016-09-14 10:30 - 00000000 ____D C:\Program Files\AVAST Software
2016-09-14 10:30 - 2016-09-14 10:30 - 00000000 ____D C:\Program Files (x86)\WeatherTool
2016-09-14 10:29 - 2016-09-14 10:29 - 00769743 _____ ((c) Vitzo Limited ) C:\Users\VAN\Downloads\Baixaki_vdownloader [1].exe
2016-09-14 10:29 - 2016-09-14 10:29 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2016-09-14 10:29 - 2016-09-14 10:29 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-14 10:28 - 2016-09-14 10:28 - 01611000 _____ (File Software ) C:\Users\VAN\Downloads\Baixaki_vdownloader.exe
2016-09-09 22:44 - 2016-09-09 22:44 - 00281216 _____ C:\Windows\Minidump\090916-13182-01.dmp
2016-09-03 23:37 - 2016-09-03 23:37 - 00281216 _____ C:\Windows\Minidump\090316-11559-01.dmp
2016-09-03 12:10 - 2016-09-03 12:10 - 00053520 _____ C:\Users\VAN\Downloads\Res No 33-2008 Autoriza a oferta e o func. do Curso de Graduacao 2013 Licenciatura em Biologia- EAD..pdf
2016-08-30 13:33 - 2016-08-30 13:33 - 00081356 _____ C:\Users\VAN\Documents\vcnet1.pdf
2016-08-30 13:33 - 2016-08-30 13:33 - 00081115 _____ C:\Users\VAN\Documents\vcnet2.pdf
2016-08-29 18:01 - 2016-10-19 10:41 - 00000000 ____D C:\Users\VAN\AppData\Roaming\vlc
2016-08-29 18:01 - 2016-08-29 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-08-27 13:55 - 2016-08-27 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Simcake
2016-08-27 13:53 - 2016-08-27 13:54 - 12903336 _____ (MEGA Limited) C:\Users\VAN\Downloads\MEGAsyncSetup.exe
2016-08-26 18:26 - 2016-08-26 18:26 - 00734815 _____ (Remote Mouse ) C:\Users\VAN\Downloads\RemoteMouse.exe
2016-08-26 18:26 - 2016-08-26 18:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Mouse
2016-08-26 18:26 - 2016-08-26 18:26 - 00000000 ____D C:\Program Files (x86)\Remote Mouse
2016-08-26 17:38 - 2016-10-31 23:45 - 00000354 _____ C:\Windows\Tasks\DriverToolkit Autorun.job
2016-08-26 17:38 - 2016-10-31 23:44 - 00002702 _____ C:\Windows\System32\Tasks\DriverToolkit Autorun
2016-08-26 17:24 - 2016-08-26 17:24 - 01077248 _____ C:\Windows\system32\AmRdrIco.icl
2016-08-26 17:24 - 2016-08-26 17:24 - 00090264 _____ (Alcor Micro, Corp.) C:\Windows\system32\Drivers\AmUStor.sys
2016-08-26 17:24 - 2016-08-26 17:24 - 00041841 _____ C:\Windows\system32\AmUStor.ini
2016-08-26 17:24 - 2016-08-26 17:24 - 00020632 _____ (Alcor Micro, Corp.) C:\Windows\system32\AmUStor2.dll
2016-08-26 17:24 - 2016-08-26 17:24 - 00000640 _____ C:\Windows\system32\VendorCmd6435.bin
2016-08-26 17:24 - 2016-08-26 17:24 - 00000032 _____ C:\Windows\system32\VendorCommand_MS1bit.bin
2016-08-26 17:24 - 2016-08-26 17:24 - 00000032 _____ C:\Windows\system32\VendorCmd6485.bin
2016-08-26 17:24 - 2016-08-26 17:24 - 00000032 _____ C:\Windows\system32\VendorCmd6465.bin
2016-08-26 17:24 - 2016-08-26 17:24 - 00000008 _____ C:\Windows\system32\CardDetect6485.bin
2016-08-26 17:24 - 2016-08-26 17:24 - 00000008 _____ C:\Windows\system32\CardDetect6420.bin
2016-08-26 17:24 - 2016-08-26 17:24 - 00000008 _____ C:\Windows\system32\CardDetect6366.bin
2016-08-26 17:24 - 2016-08-26 17:24 - 00000008 _____ C:\Windows\system32\CardDetect6362.bin
2016-08-26 17:24 - 2016-08-26 17:24 - 00000008 _____ C:\Windows\system32\CardDetect6361.bin
2016-08-26 17:24 - 2016-08-26 17:24 - 00000008 _____ C:\Windows\system32\CardDetect6339.bin
2016-08-26 17:20 - 2016-08-26 17:20 - 00000000 ____D C:\Users\VAN\AppData\Local\DriverToolkit
2016-08-26 17:20 - 2016-08-26 17:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
2016-08-26 17:20 - 2016-08-26 17:20 - 00000000 ____D C:\Program Files (x86)\DriverToolkit
2016-08-26 17:19 - 2016-08-26 17:19 - 02449376 _____ (Megaify Software ) C:\Users\VAN\Downloads\DriverToolkitInstaller.exe
2016-08-26 01:58 - 2016-08-26 04:26 - 455790942 _____ C:\Users\VAN\Downloads\Classic Rock Pack 2015 - www.musicasparabaixar.org.rar
2016-08-25 19:59 - 2016-08-25 19:59 - 00000000 ____D C:\Users\VAN\psoul
2016-08-25 19:59 - 2016-08-25 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PSoul
2016-08-25 19:58 - 2016-08-25 19:58 - 00000000 ____D C:\Program Files (x86)\PSoul
2016-08-25 19:46 - 2016-08-25 19:57 - 140234605 _____ (PSoul ) C:\Users\VAN\Downloads\setup-psoul.exe
2016-08-25 19:44 - 2016-08-25 19:44 - 01005568 _____ (Microsoft Corporation) C:\Users\VAN\Downloads\dotNetFx45_Full_setup.exe
2016-08-25 19:41 - 2016-08-25 19:41 - 00967168 _____ C:\Users\VAN\Downloads\PSoulLauncherSetup.msi
2016-08-25 16:41 - 2016-08-29 18:00 - 00000000 ____D C:\50bed4b356c1485d14
2016-08-25 16:35 - 2016-08-25 16:35 - 00000000 ____D C:\Users\VAN\Downloads\MEmu Download
2016-08-25 16:35 - 2016-08-25 16:35 - 00000000 ____D C:\Users\VAN\.MemuHyperv
2016-08-25 16:34 - 2016-08-27 13:55 - 00000000 ____D C:\Program Files (x86)\Simcake
2016-08-25 16:34 - 2016-08-25 16:35 - 00000000 ____D C:\Users\VAN\.android
2016-08-25 16:22 - 2016-08-25 16:22 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2016-08-25 16:22 - 2016-08-25 16:22 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-25 16:22 - 2016-08-25 16:22 - 00000000 ____D C:\Program Files\MSBuild
2016-08-25 16:22 - 2016-08-25 16:22 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-25 16:22 - 2016-08-25 16:22 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-25 16:21 - 2016-08-25 16:23 - 00196608 _____ C:\Windows\ocsetup_install_NetFx3.etl
2016-08-25 16:21 - 2016-08-25 16:23 - 00028463 _____ C:\Windows\ocsetup_cbs_install_NetFx3.txt
2016-08-25 16:19 - 2016-08-25 16:20 - 02300400 _____ (Beijing Fantasy Game Network Technology Co., Ltd.) C:\Users\VAN\Downloads\MEmuSetup.868347.exe
2016-08-25 16:15 - 2016-08-25 16:15 - 00003134 _____ C:\Windows\System32\Tasks\{55E44644-8FDB-4E85-9BB9-27D28C9FE7B6}
2016-08-25 16:09 - 2016-08-25 16:09 - 02959376 _____ (Microsoft Corporation) C:\Users\VAN\Downloads\dotnetfx35setup (1).exe
2016-08-25 16:04 - 2016-08-25 16:04 - 02869264 _____ (Microsoft Corporation) C:\Users\VAN\Downloads\dotNetFx35setup.exe
2016-08-25 15:51 - 2016-08-25 15:51 - 00000000 ____D C:\Users\VAN\AppData\Local\BlueStacksSetup
2016-08-25 15:51 - 2016-08-25 15:51 - 00000000 ____D C:\Users\VAN\AppData\Local\BlueStacks
2016-08-25 15:50 - 2016-08-25 15:51 - 03785056 _____ (BlueStack Systems, Inc.) C:\Users\VAN\Downloads\BlueStacks-ThinInstaller_0.6.3.0686.exe
2016-08-25 15:13 - 2016-08-25 15:28 - 319685088 _____ (BlueStack Systems Inc.) C:\Users\VAN\Downloads\BlueStacks2_native_6b1a6dc7b211e36d475fea991ca99253.exe
2016-08-23 13:26 - 2016-08-23 14:08 - 00000000 ____D C:\Users\VAN\Downloads\Minions (2015) BRrip Blu-Ray 1080p 5.1 Ch Dublado - AndreTPF
2016-08-23 13:25 - 2016-10-31 14:22 - 00000000 ____D C:\Users\VAN\AppData\LocalLow\uTorrent
2016-08-23 13:25 - 2016-08-23 13:25 - 00002591 _____ C:\Users\VAN\Desktop\µTorrent.lnk
2016-08-23 13:25 - 2016-08-23 13:25 - 00002591 _____ C:\Users\VAN\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-08-23 13:25 - 2016-08-23 13:25 - 00000000 ___SD C:\Users\VAN\AppData\LocalLow\Temp
2016-08-23 13:24 - 2016-10-31 22:56 - 00000000 ____D C:\Users\VAN\AppData\Roaming\uTorrent
2016-08-23 13:23 - 2016-08-23 13:23 - 02369536 _____ (BitTorrent Inc.) C:\Users\VAN\Downloads\uTorrent.exe
2016-08-05 22:19 - 2016-08-05 22:19 - 01903866 _____ C:\Users\VAN\Downloads\Microsoft.VCLibs.ARM.Debug.14.00.appx
2016-08-05 22:18 - 2016-08-05 22:20 - 26651473 _____ C:\Users\VAN\Downloads\PokemonGo-UWP_1.0.3.0_ARM_Debug.appx
2016-08-05 22:18 - 2016-08-05 22:19 - 07821489 _____ C:\Users\VAN\Downloads\Microsoft.NET.CoreRuntime.1.0.appx
2016-08-05 22:17 - 2016-08-05 22:20 - 31957524 _____ C:\Users\VAN\Downloads\PokemonGo-UWP_1.0.12.0_ARM_Debug.appx
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-11-01 01:11 - 2009-07-14 01:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-11-01 00:18 - 2016-07-27 23:00 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-31 23:51 - 2009-07-29 13:49 - 00703080 _____ C:\Windows\system32\prfh0416.dat
2016-10-31 23:51 - 2009-07-29 13:49 - 00145866 _____ C:\Windows\system32\prfc0416.dat
2016-10-31 23:51 - 2009-07-14 03:13 - 01626900 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-31 23:51 - 2009-07-14 02:45 - 00014208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-31 23:51 - 2009-07-14 02:45 - 00014208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-31 23:51 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\inf
2016-10-31 23:48 - 2016-07-27 22:22 - 00002866 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (VAN)
2016-10-31 23:46 - 2016-07-27 22:47 - 00000000 __SHD C:\Users\VAN\IntelGraphicsProfiles
2016-10-31 23:45 - 2016-07-27 23:00 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-31 23:45 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-31 22:58 - 2016-07-27 22:22 - 00128072 _____ C:\Users\VAN\AppData\Local\GDIPFONTCACHEV1.DAT
2016-10-31 22:58 - 2009-07-14 02:45 - 00503712 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-31 16:07 - 2016-07-27 21:51 - 00000000 ____D C:\Users\VAN
2016-10-31 15:05 - 2009-07-14 05:45 - 00000000 ____D C:\Windows\ShellNew
2016-10-31 15:04 - 2009-07-14 00:34 - 00000387 _____ C:\Windows\win.ini
2016-10-30 17:33 - 2016-07-28 08:54 - 00000000 ____D C:\Windows\Minidump
2016-10-30 17:33 - 2016-07-28 08:53 - 435634273 _____ C:\Windows\MEMORY.DMP
2016-10-28 21:29 - 2016-07-27 23:00 - 00000000 ____D C:\Users\VAN\AppData\Local\Google
2016-10-21 19:21 - 2016-07-27 23:05 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-09 19:04 - 2016-07-27 23:29 - 00000000 ____D C:\Users\VAN\Desktop\jaca
==================== Arquivos na raiz de alguns diretórios =======
2016-10-31 21:57 - 2016-10-31 21:58 - 0017342 _____ () C:\Users\VAN\AppData\Roaming\Faneb
2016-09-14 11:18 - 2016-09-14 11:18 - 0021212 _____ () C:\Users\VAN\AppData\Roaming\ICSW_0F1F1C1H1T2Z0F1T1R2Z1F1C2U1V0F0StJ1V0C1F1G2X1P1C2Z0X2Z1F0V1L1Q1P1F.txt
2016-09-14 11:18 - 2016-09-14 11:18 - 0099384 _____ () C:\Users\VAN\AppData\Roaming\inst.exe
2016-09-14 11:18 - 2016-09-14 11:18 - 0007859 _____ () C:\Users\VAN\AppData\Roaming\pcouffin.cat
2016-09-14 11:18 - 2016-09-14 11:18 - 0001167 _____ () C:\Users\VAN\AppData\Roaming\pcouffin.inf
2016-09-14 11:18 - 2016-09-14 11:18 - 0000055 _____ () C:\Users\VAN\AppData\Roaming\pcouffin.log
2016-09-14 11:18 - 2016-09-14 11:18 - 0082816 _____ (VSO Software) C:\Users\VAN\AppData\Roaming\pcouffin.sys
Alguns arquivos em TEMP:
====================
C:\Users\VAN\AppData\Local\Temp\34509620.exe
C:\Users\VAN\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\VAN\AppData\Local\Temp\cabex.dll
C:\Users\VAN\AppData\Local\Temp\ClientToMobilePlatform.exe
C:\Users\VAN\AppData\Local\Temp\Dotnet4.exe
C:\Users\VAN\AppData\Local\Temp\ICReinstall_Jonas Esticado - Promocional - Ao Vivo no VillaMix - 2016.exe
C:\Users\VAN\AppData\Local\Temp\InstallGenieo.exe
C:\Users\VAN\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\VAN\AppData\Local\Temp\jreInstall.exe
C:\Users\VAN\AppData\Local\Temp\s3.exe
C:\Users\VAN\AppData\Local\Temp\simpliclean_2.4.6.195.exe
C:\Users\VAN\AppData\Local\Temp\unelevate.exe
C:\Users\VAN\AppData\Local\Temp\UpdateCheckerSetup.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-10-25 01:09
==================== Fim de FRST.txt ============================