Publicité
Publicité
Commentaire : http://www.cjoint.com/c/GAnarExXQxS
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 12-01-2017
Executado por Eliane (administrador) em ELIANE-PC (12-01-2017 22:11:45)
Executando a partir de C:\Users\Eliane\Desktop
Perfis Carregados: Eliane (Perfis Disponíveis: Eliane)
Platform: Windows 7 Home Premium (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: IE)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavSvc.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BHipsSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\FreePhotoViewer\1.0.0.7000079\FreePhotoViewerServ.exe
() C:\Program Files (x86)\LitePDFReader\1.0.0.8000113\LitePDFReaderServ.exe
() C:\Program Files (x86)\FreePhotoViewer\1.0.0.7000079\FreePhotoViewer.exe
(Malwarebytes) C:\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\LitePDFReader\1.0.0.8000113\LitePDFReader.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\bavhm.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(BitTorrent Inc.) C:\Users\Eliane\AppData\Roaming\BitTorrent\BitTorrent.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavTray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(BitTorrent Inc.) C:\Users\Eliane\AppData\Roaming\BitTorrent\updates\7.9.9_43086\bittorrentie.exe
(BitTorrent Inc.) C:\Users\Eliane\AppData\Roaming\BitTorrent\updates\7.9.9_43086\bittorrentie.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [6962720 2009-01-06] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-01-06] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [Baidu Antivirus] => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavTray.exe [1997296 2016-01-25] (Baidu, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3389947125-4130275162-318697642-1000\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-3389947125-4130275162-318697642-1000\...\Run: [BitTorrent] => C:\Users\Eliane\AppData\Roaming\BitTorrent\BitTorrent.exe [2400456 2017-01-06] (BitTorrent Inc.)
HKU\S-1-5-21-3389947125-4130275162-318697642-1000\...\MountPoints2: G - G:\LGAutoRun.exe
HKU\S-1-5-21-3389947125-4130275162-318697642-1000\...\MountPoints2: {bfa28204-327a-11e6-b325-001fc69d798d} - I:\LGAutoRun.exe
HKU\S-1-5-21-3389947125-4130275162-318697642-1000\...\MountPoints2: {f3480818-da49-11e5-b9ca-001fc69d798d} - F:\LGAutoRun.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavShx64.dll [2016-01-25] (Baidu, Inc.)
Startup: C:\Users\Eliane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar para o OneNote.lnk [2016-10-31]
ShortcutTarget: Enviar para o OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Eliane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Deskjet 2540 series.lnk [2016-06-05]
ShortcutTarget: Monitorar alertas de tinta - HP Deskjet 2540 series.lnk -> (Nenhum Arquivo)
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{19EFC78C-5407-4F58-AF97-323EDB17614C}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=bav_pro_hp_01_hao123_br
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=bav_pro_hp_01_hao123_br
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKU\S-1-5-21-3389947125-4130275162-318697642-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/?type=502468&fr=spigot-yhp-ie
HKU\S-1-5-21-3389947125-4130275162-318697642-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3389947125-4130275162-318697642-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=BSR
SearchScopes: HKU\S-1-5-21-3389947125-4130275162-318697642-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=BSR
SearchScopes: HKU\S-1-5-21-3389947125-4130275162-318697642-1000 -> {C359C507-7C23-41B0-9FFB-BA6F6EBA152B} URL = hxxps://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=502468&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-12-28] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-12-28] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF DefaultProfile: pvrozu2n.default
FF ProfilePath: C:\Users\Eliane\AppData\Roaming\Mozilla\Firefox\Profiles\pvrozu2n.default [2017-01-12]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\pvrozu2n.default -> Yahoo!
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\pvrozu2n.default -> Yahoo!
FF Keyword.URL: Mozilla\Firefox\Profiles\pvrozu2n.default -> hxxps://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=502468&p=
FF Homepage: Mozilla\Firefox\Profiles\pvrozu2n.default -> hxxps://br.search.yahoo.com/?type=502468&fr=spigot-yhp-ff
FF Homepage: Mozilla\Firefox\Profiles\pvrozu2n.default -> hxxp://br.hao123.com/?tn=sdkr_inner_hp_09_hao123_br&guid=7d275323b725e56890d71819973ba157
FF Homepage: Mozilla\Firefox\Profiles\pvrozu2n.default -> hxxp://br.hao123.com/?tn=sdkv_inner_hp_09_hao123_br&guid=7d275323b725e56890d71819973ba157
FF Extension: (Firefox Hotfix) - C:\Users\Eliane\AppData\Roaming\Mozilla\Firefox\Profiles\pvrozu2n.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-22]
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3389947125-4130275162-318697642-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Eliane\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS)
Chrome:
=======
CHR HomePage: Default -> hxxps://br.search.yahoo.com/?type=502468&fr=yo-yhp-ch
CHR StartupUrls: Default -> "hxxps://www.google.com.br/"
CHR Profile: C:\Users\Eliane\AppData\Local\Google\Chrome\User Data\Default [2017-01-12]
CHR Extension: (Google Drive) - C:\Users\Eliane\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-25]
CHR Extension: (YouTube) - C:\Users\Eliane\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-25]
CHR Extension: (Adblock Plus) - C:\Users\Eliane\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-26]
CHR Extension: (Google Search) - C:\Users\Eliane\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-25]
CHR Extension: (AdBlock) - C:\Users\Eliane\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-12-30]
CHR Extension: (NTabs) - C:\Users\Eliane\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhinokolmgnfenkflfinnjkgjgpdamao [2017-01-10]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Eliane\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Eliane\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-25]
CHR Extension: (Chrome Media Router) - C:\Users\Eliane\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 BavSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavSvc.exe [2572928 2016-01-25] (Baidu, Inc.)
S3 BdSandboxSrv; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BdSandboxSrv64.exe [490528 2015-03-05] (Baidu, Inc.)
R2 BHipsSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BHipsSvc.exe [531232 2016-01-25] (Baidu, Inc.)
S3 BsrSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavAdvTools\128B4BEC-5D89-43AD-BAA8-207084AA0E4F\tool\BsrSvc.exe [3464504 2015-05-22] (Baidu, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
R2 FreePhotoViewerService; C:\Program Files (x86)\FreePhotoViewer\1.0.0.7000079\FreePhotoViewerServ.exe [149608 2016-12-02] ()
R2 LitePDFReaderService; C:\Program Files (x86)\LitePDFReader\1.0.0.8000113\LitePDFReaderServ.exe [154216 2016-12-29] ()
U2 MBAMService; C:\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
U3 BdApiUtil; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BdApiUtil64.sys [116936 2016-01-25] (Baidu, Inc.)
R3 bdark64; C:\Windows\system32\drivers\bdark64.sys [78792 2015-05-27] ()
U3 BdCameraProtect; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BdCameraProtect64.sys [25032 2016-01-25] (Baidu, Inc.)
S3 BdSandbox; C:\Windows\System32\drivers\BdSandbox.sys [236920 2015-03-05] (Baidu, Inc.)
R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [62920 2016-01-25] (Baidu, Inc.)
R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [38344 2016-01-25] (Baidu, Inc.)
R1 Bnbase; C:\Windows\System32\drivers\bnbasex64.sys [62792 2016-01-25] (Baidu, Inc.)
R1 Bndef; C:\Windows\System32\drivers\bndef64.sys [485672 2016-01-25] (Baidu, Inc.)
R3 Bnmon; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\Bnmon64.sys [82376 2016-01-25] (Baidu, Inc.)
R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [169416 2016-01-25] (Baidu, Inc.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-03-06] ()
R3 int0800; C:\Windows\System32\DRIVERS\flashud.sys [51712 2009-09-09] (Intel Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-13] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Nuvoton Technology Corp.)
U0 aswVmm; não ImagePath
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-01-12 22:11 - 2017-01-12 22:12 - 00017866 _____ C:\Users\Eliane\Desktop\FRST.txt
2017-01-12 22:11 - 2017-01-12 22:11 - 00000000 ____D C:\FRST
2017-01-12 22:08 - 2017-01-12 22:10 - 08932000 _____ (Solvusoft Corporation ) C:\Users\Eliane\Downloads\Setup_WinThruster_2016.exe
2017-01-12 22:07 - 2017-01-12 22:08 - 02419200 _____ (Farbar) C:\Users\Eliane\Desktop\FRST64.exe
2017-01-12 21:30 - 2017-01-12 21:47 - 00000000 ____D C:\Users\Eliane\Downloads\Virei um Gato 2016 WWW.BLUDV.COM
2017-01-12 21:21 - 2017-01-12 21:21 - 00000000 ____D C:\Users\Eliane\Downloads\Vizinhos.Nada.Secretos.2016.1080p.BluRay.ULTRAx264.DUAL-WWW.TORRENTDOSFILMES.COM
2017-01-12 21:20 - 2017-01-12 22:01 - 00000000 ____D C:\Users\Eliane\AppData\LocalLow\BitTorrent
2017-01-11 12:20 - 2017-01-11 12:20 - 02516452 _____ C:\Users\Eliane\Downloads\Facebook.html
2017-01-11 12:20 - 2017-01-11 12:20 - 00000000 ____D C:\Users\Eliane\Downloads\Facebook_files
2017-01-10 22:32 - 2017-01-12 21:21 - 00000000 ____D C:\Users\Eliane\Downloads\Tini - Depois de Violetta 720p (2016) Dual Áudio BluRay 5.1 -- By - Lucas Firmo
2017-01-10 22:32 - 2017-01-12 21:21 - 00000000 ____D C:\Users\Eliane\Downloads\Mark e Russell - Viajantes Inabilitados 720p (2017) Dual Áudio BluRay -- By - Lucas Firmo
2017-01-10 20:47 - 2017-01-12 21:21 - 00000000 ____D C:\Users\Eliane\Downloads\Teen Wolf 3ª Temporada - Parte I [2013 DUAL AUDIO] 720p
2017-01-10 14:09 - 2017-01-10 14:09 - 00000286 __RSH C:\Users\Todos os Usuários\ntuser.pol
2017-01-10 14:09 - 2017-01-10 14:09 - 00000286 __RSH C:\ProgramData\ntuser.pol
2017-01-09 22:00 - 2017-01-09 22:00 - 00772096 _____ C:\Users\Eliane\Downloads\pw clean - 1.0.6 - [atalhos].exe
2017-01-09 21:58 - 2017-01-09 21:58 - 00000000 ____D C:\Users\Eliane\AppData\Roaming\pwclean
2017-01-09 09:50 - 2017-01-09 09:50 - 00412747 _____ C:\Users\Eliane\Downloads\Fatura (3).pdf
2017-01-09 09:49 - 2017-01-09 09:49 - 00412745 _____ C:\Users\Eliane\Downloads\Fatura (2).pdf
2017-01-08 20:06 - 2017-01-08 22:15 - 00000000 ____D C:\Users\Eliane\Downloads\A Entrevista (2015) - 5.1 CH Dublado 1080p (By-LuanHarper)
2017-01-07 14:03 - 2017-01-07 14:17 - 00000000 ____D C:\Users\Eliane\Downloads\A Saga Crepusculo Amanhecer Parte 1 (2011) BDrip 1080p Dublado - FSTPF
2017-01-07 14:01 - 2017-01-07 14:01 - 00000000 ____D C:\Users\Eliane\Downloads\Kite - Anjo da Vingança 2016 Bluray 1080p Dublado - TPF
2017-01-07 00:19 - 2017-01-07 00:19 - 00000000 ____D C:\Users\Eliane\Downloads\Sequestro na Ilha 2017 Bluray 1080p Dublado - TPF
2017-01-07 00:06 - 2017-01-06 23:52 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7C5B.tmp
2017-01-07 00:06 - 2017-01-06 23:51 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\asw76E8.tmp
2017-01-07 00:06 - 2017-01-06 23:51 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7BEC.tmp
2017-01-07 00:06 - 2017-01-06 23:50 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7EAC.tmp
2017-01-07 00:06 - 2017-01-06 23:50 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7B20.tmp
2017-01-07 00:06 - 2017-01-06 23:50 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7812.tmp
2017-01-07 00:06 - 2017-01-06 23:50 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7B8E.tmp
2017-01-07 00:06 - 2017-01-06 23:50 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7AC1.tmp
2017-01-07 00:02 - 2017-01-07 00:02 - 00000000 ____D C:\Users\Eliane\AppData\Local\CEF
2017-01-06 23:52 - 2017-01-06 23:52 - 00000000 ____D C:\Users\Eliane\AppData\Roaming\AVAST Software
2017-01-06 23:51 - 2017-01-06 23:51 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-01-06 23:51 - 2017-01-06 23:51 - 00000000 ____D C:\Program Files\Common Files\AV
2017-01-06 23:51 - 2017-01-06 23:50 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.148375391824910
2017-01-06 23:51 - 2017-01-06 23:50 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148375392018412
2017-01-06 23:50 - 2017-01-06 23:50 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-01-06 23:50 - 2017-01-06 23:50 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.148375391012207
2017-01-06 23:50 - 2017-01-06 23:50 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-01-06 23:50 - 2017-01-06 23:50 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2017-01-06 23:48 - 2017-01-06 23:48 - 00002685 _____ C:\Users\Eliane\Desktop\BitTorrent.lnk
2017-01-06 23:48 - 2017-01-06 23:48 - 00002685 _____ C:\Users\Eliane\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2017-01-06 23:48 - 2017-01-06 23:48 - 00000000 ____D C:\Program Files\AVAST Software
2017-01-06 23:47 - 2017-01-06 23:47 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2017-01-06 23:47 - 2017-01-06 23:47 - 00000000 ____D C:\ProgramData\AVAST Software
2017-01-06 15:46 - 2017-01-06 15:46 - 00412745 _____ C:\Users\Eliane\Downloads\Fatura.pdf
2017-01-05 23:10 - 2017-01-11 14:07 - 00000000 ____D C:\Users\Eliane\Downloads\Originals
2017-01-05 12:50 - 2017-01-05 12:50 - 00412745 _____ C:\Users\Eliane\Downloads\Fatura (1).pdf
2017-01-04 18:11 - 2017-01-04 18:11 - 00000000 ____D C:\Users\Eliane\Downloads\O Contador 1080p Dublado WWW.TORRENTDOSFILMES.COM
2017-01-04 16:16 - 2017-01-04 16:17 - 00000000 ____D C:\Users\Eliane\Downloads\Mais Forte Que o Mundo a Historia de José Aldo 2016 WEBRip 720p Nacional - WWW.THEPIRATEFILMES.COM
2017-01-04 16:02 - 2017-01-04 16:02 - 00000000 ____D C:\Users\Eliane\Downloads\Velhos Tempos 2016 Bluray 720p Dublado - TPF
2017-01-04 15:18 - 2017-01-04 15:18 - 00000000 ____D C:\Program Files (x86)\LitePDFReader
2017-01-04 00:07 - 2017-01-12 12:46 - 00000000 ____D C:\Users\Eliane\AppData\Roaming\FreePhotoViewer
2017-01-04 00:07 - 2017-01-04 15:19 - 00000000 ____D C:\Users\Todos os Usuários\tools
2017-01-04 00:07 - 2017-01-04 15:19 - 00000000 ____D C:\ProgramData\tools
2017-01-04 00:07 - 2017-01-04 00:07 - 00000000 ____D C:\Users\Public\Documents\Tools
2017-01-04 00:07 - 2017-01-04 00:07 - 00000000 ____D C:\Program Files (x86)\Tools
2017-01-04 00:07 - 2017-01-04 00:07 - 00000000 ____D C:\Program Files (x86)\FreePhotoViewer
2017-01-04 00:06 - 2017-01-04 00:06 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-12-24 22:09 - 2016-12-24 22:09 - 00000000 ____D C:\Users\Eliane\Downloads\Cantando de Galo 720p TORRENTDOSFILMES
2016-12-23 08:58 - 2016-12-23 08:58 - 00012715 _____ C:\Users\Eliane\Documents\Ingredientes bolo de coco gelado.docx
2016-12-21 23:35 - 2016-12-23 00:06 - 00000000 ____D C:\Users\Eliane\Downloads\Para Sempre Alice (2015) 5.1 CH Dublado 720p (By-LuanHarper)
2016-12-21 23:25 - 2016-12-21 23:25 - 00000000 ____D C:\Users\Eliane\Downloads\Perfeita é a Mãe 2016 Bluray 720p Dublado - TPF
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-01-12 22:12 - 2016-12-02 16:48 - 00000000 ____D C:\Users\Eliane\AppData\Roaming\BitTorrent
2017-01-12 21:59 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-12 21:59 - 2009-07-14 02:45 - 00009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-12 21:59 - 2009-07-14 02:45 - 00009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-12 16:35 - 2009-07-29 13:49 - 00705070 _____ C:\Windows\system32\prfh0416.dat
2017-01-12 16:35 - 2009-07-29 13:49 - 00146910 _____ C:\Windows\system32\prfc0416.dat
2017-01-12 16:35 - 2009-07-14 03:13 - 01633534 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-12 16:35 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\inf
2017-01-12 13:42 - 2016-01-25 15:43 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2017-01-12 13:42 - 2016-01-25 15:43 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-12 13:38 - 2016-01-25 15:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-01-12 13:08 - 2016-03-25 14:18 - 00000000 ____D C:\Users\Eliane\AppData\Roaming\LitePDFReader
2017-01-11 15:04 - 2016-02-15 22:12 - 00000000 ____D C:\Users\Eliane\AppData\Roaming\PhotoScape
2017-01-11 14:01 - 2016-02-15 22:13 - 00039936 ____H C:\Users\Eliane\Downloads\photothumb.db
2017-01-10 23:30 - 2016-01-25 15:41 - 00000000 ____D C:\Users\Eliane\AppData\Roaming\vlc
2017-01-10 14:09 - 2009-07-14 01:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-01-08 18:45 - 2016-01-25 17:50 - 00000000 ____D C:\Users\Todos os Usuários\BavSvc_exe
2017-01-08 18:45 - 2016-01-25 17:50 - 00000000 ____D C:\ProgramData\BavSvc_exe
2017-01-07 19:14 - 2009-07-14 03:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-01-06 23:43 - 2016-02-10 22:48 - 00000000 ___SD C:\Users\Eliane\AppData\LocalLow\Temp
2017-01-05 22:55 - 2016-01-28 23:59 - 00000000 ____D C:\Users\Eliane\AppData\Roaming\Baidu
2017-01-05 22:55 - 2016-01-25 23:28 - 00005952 _____ C:\Windows\wininit.ini
2017-01-05 22:54 - 2016-01-28 23:59 - 00000000 ____D C:\Program Files (x86)\baidu
2017-01-05 22:51 - 2016-07-20 14:54 - 00000000 ____D C:\Users\Eliane\Downloads\imagens
2017-01-05 21:45 - 2016-01-28 23:55 - 00000000 ____D C:\Users\Eliane\AppData\Local\MiniService
2017-01-05 13:21 - 2015-01-21 14:14 - 00000000 ____D C:\Users\Eliane\Documents\Eliane
2016-12-30 14:50 - 2016-01-25 00:21 - 00000000 ___RD C:\Users\Eliane\Music
2016-12-26 00:13 - 2016-02-01 09:31 - 00000000 ____D C:\Users\Eliane\AppData\Local\Diagnostics
2016-12-26 00:12 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system32\NDF
2016-12-23 08:58 - 2016-01-25 00:21 - 00000000 ___RD C:\Users\Eliane\Documents
2016-12-18 00:38 - 2016-08-21 11:33 - 00524288 ___SH C:\Windows\system32\config\components{85d287e4-67a3-11e6-b40b-001fc69d798d}.TMContainer00000000000000000001.regtrans-ms
2016-12-16 22:19 - 2016-01-25 16:13 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-16 22:19 - 2016-01-25 16:13 - 00003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-14 21:26 - 2016-01-25 16:14 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-14 21:26 - 2016-01-25 16:14 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
==================== Arquivos na raiz de alguns diretórios =======
2016-02-08 10:52 - 2016-02-08 10:52 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-02-01 20:32 - 2016-02-01 20:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll
[2009-07-13 21:38] - [2016-01-25 00:25] - 1008640 ____A (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79
C:\Windows\SysWOW64\User32.dll
[2009-07-13 21:24] - [2016-01-25 00:25] - 0833024 ____A (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-01-03 00:12
==================== Fim de FRST.txt ============================
Executado por Eliane (administrador) em ELIANE-PC (12-01-2017 22:11:45)
Executando a partir de C:\Users\Eliane\Desktop
Perfis Carregados: Eliane (Perfis Disponíveis: Eliane)
Platform: Windows 7 Home Premium (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: IE)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavSvc.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BHipsSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\FreePhotoViewer\1.0.0.7000079\FreePhotoViewerServ.exe
() C:\Program Files (x86)\LitePDFReader\1.0.0.8000113\LitePDFReaderServ.exe
() C:\Program Files (x86)\FreePhotoViewer\1.0.0.7000079\FreePhotoViewer.exe
(Malwarebytes) C:\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\LitePDFReader\1.0.0.8000113\LitePDFReader.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\bavhm.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(BitTorrent Inc.) C:\Users\Eliane\AppData\Roaming\BitTorrent\BitTorrent.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavTray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(BitTorrent Inc.) C:\Users\Eliane\AppData\Roaming\BitTorrent\updates\7.9.9_43086\bittorrentie.exe
(BitTorrent Inc.) C:\Users\Eliane\AppData\Roaming\BitTorrent\updates\7.9.9_43086\bittorrentie.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [6962720 2009-01-06] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-01-06] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [Baidu Antivirus] => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavTray.exe [1997296 2016-01-25] (Baidu, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3389947125-4130275162-318697642-1000\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-3389947125-4130275162-318697642-1000\...\Run: [BitTorrent] => C:\Users\Eliane\AppData\Roaming\BitTorrent\BitTorrent.exe [2400456 2017-01-06] (BitTorrent Inc.)
HKU\S-1-5-21-3389947125-4130275162-318697642-1000\...\MountPoints2: G - G:\LGAutoRun.exe
HKU\S-1-5-21-3389947125-4130275162-318697642-1000\...\MountPoints2: {bfa28204-327a-11e6-b325-001fc69d798d} - I:\LGAutoRun.exe
HKU\S-1-5-21-3389947125-4130275162-318697642-1000\...\MountPoints2: {f3480818-da49-11e5-b9ca-001fc69d798d} - F:\LGAutoRun.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavShx64.dll [2016-01-25] (Baidu, Inc.)
Startup: C:\Users\Eliane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar para o OneNote.lnk [2016-10-31]
ShortcutTarget: Enviar para o OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Eliane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Deskjet 2540 series.lnk [2016-06-05]
ShortcutTarget: Monitorar alertas de tinta - HP Deskjet 2540 series.lnk -> (Nenhum Arquivo)
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{19EFC78C-5407-4F58-AF97-323EDB17614C}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=bav_pro_hp_01_hao123_br
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=bav_pro_hp_01_hao123_br
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKU\S-1-5-21-3389947125-4130275162-318697642-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/?type=502468&fr=spigot-yhp-ie
HKU\S-1-5-21-3389947125-4130275162-318697642-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3389947125-4130275162-318697642-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=BSR
SearchScopes: HKU\S-1-5-21-3389947125-4130275162-318697642-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=BSR
SearchScopes: HKU\S-1-5-21-3389947125-4130275162-318697642-1000 -> {C359C507-7C23-41B0-9FFB-BA6F6EBA152B} URL = hxxps://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=502468&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-12-28] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-12-28] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF DefaultProfile: pvrozu2n.default
FF ProfilePath: C:\Users\Eliane\AppData\Roaming\Mozilla\Firefox\Profiles\pvrozu2n.default [2017-01-12]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\pvrozu2n.default -> Yahoo!
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\pvrozu2n.default -> Yahoo!
FF Keyword.URL: Mozilla\Firefox\Profiles\pvrozu2n.default -> hxxps://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=502468&p=
FF Homepage: Mozilla\Firefox\Profiles\pvrozu2n.default -> hxxps://br.search.yahoo.com/?type=502468&fr=spigot-yhp-ff
FF Homepage: Mozilla\Firefox\Profiles\pvrozu2n.default -> hxxp://br.hao123.com/?tn=sdkr_inner_hp_09_hao123_br&guid=7d275323b725e56890d71819973ba157
FF Homepage: Mozilla\Firefox\Profiles\pvrozu2n.default -> hxxp://br.hao123.com/?tn=sdkv_inner_hp_09_hao123_br&guid=7d275323b725e56890d71819973ba157
FF Extension: (Firefox Hotfix) - C:\Users\Eliane\AppData\Roaming\Mozilla\Firefox\Profiles\pvrozu2n.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-22]
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3389947125-4130275162-318697642-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Eliane\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS)
Chrome:
=======
CHR HomePage: Default -> hxxps://br.search.yahoo.com/?type=502468&fr=yo-yhp-ch
CHR StartupUrls: Default -> "hxxps://www.google.com.br/"
CHR Profile: C:\Users\Eliane\AppData\Local\Google\Chrome\User Data\Default [2017-01-12]
CHR Extension: (Google Drive) - C:\Users\Eliane\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-25]
CHR Extension: (YouTube) - C:\Users\Eliane\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-25]
CHR Extension: (Adblock Plus) - C:\Users\Eliane\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-26]
CHR Extension: (Google Search) - C:\Users\Eliane\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-25]
CHR Extension: (AdBlock) - C:\Users\Eliane\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-12-30]
CHR Extension: (NTabs) - C:\Users\Eliane\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhinokolmgnfenkflfinnjkgjgpdamao [2017-01-10]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Eliane\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Eliane\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-25]
CHR Extension: (Chrome Media Router) - C:\Users\Eliane\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 BavSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavSvc.exe [2572928 2016-01-25] (Baidu, Inc.)
S3 BdSandboxSrv; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BdSandboxSrv64.exe [490528 2015-03-05] (Baidu, Inc.)
R2 BHipsSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BHipsSvc.exe [531232 2016-01-25] (Baidu, Inc.)
S3 BsrSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavAdvTools\128B4BEC-5D89-43AD-BAA8-207084AA0E4F\tool\BsrSvc.exe [3464504 2015-05-22] (Baidu, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
R2 FreePhotoViewerService; C:\Program Files (x86)\FreePhotoViewer\1.0.0.7000079\FreePhotoViewerServ.exe [149608 2016-12-02] ()
R2 LitePDFReaderService; C:\Program Files (x86)\LitePDFReader\1.0.0.8000113\LitePDFReaderServ.exe [154216 2016-12-29] ()
U2 MBAMService; C:\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
U3 BdApiUtil; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BdApiUtil64.sys [116936 2016-01-25] (Baidu, Inc.)
R3 bdark64; C:\Windows\system32\drivers\bdark64.sys [78792 2015-05-27] ()
U3 BdCameraProtect; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BdCameraProtect64.sys [25032 2016-01-25] (Baidu, Inc.)
S3 BdSandbox; C:\Windows\System32\drivers\BdSandbox.sys [236920 2015-03-05] (Baidu, Inc.)
R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [62920 2016-01-25] (Baidu, Inc.)
R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [38344 2016-01-25] (Baidu, Inc.)
R1 Bnbase; C:\Windows\System32\drivers\bnbasex64.sys [62792 2016-01-25] (Baidu, Inc.)
R1 Bndef; C:\Windows\System32\drivers\bndef64.sys [485672 2016-01-25] (Baidu, Inc.)
R3 Bnmon; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\Bnmon64.sys [82376 2016-01-25] (Baidu, Inc.)
R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [169416 2016-01-25] (Baidu, Inc.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-03-06] ()
R3 int0800; C:\Windows\System32\DRIVERS\flashud.sys [51712 2009-09-09] (Intel Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-13] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Nuvoton Technology Corp.)
U0 aswVmm; não ImagePath
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-01-12 22:11 - 2017-01-12 22:12 - 00017866 _____ C:\Users\Eliane\Desktop\FRST.txt
2017-01-12 22:11 - 2017-01-12 22:11 - 00000000 ____D C:\FRST
2017-01-12 22:08 - 2017-01-12 22:10 - 08932000 _____ (Solvusoft Corporation ) C:\Users\Eliane\Downloads\Setup_WinThruster_2016.exe
2017-01-12 22:07 - 2017-01-12 22:08 - 02419200 _____ (Farbar) C:\Users\Eliane\Desktop\FRST64.exe
2017-01-12 21:30 - 2017-01-12 21:47 - 00000000 ____D C:\Users\Eliane\Downloads\Virei um Gato 2016 WWW.BLUDV.COM
2017-01-12 21:21 - 2017-01-12 21:21 - 00000000 ____D C:\Users\Eliane\Downloads\Vizinhos.Nada.Secretos.2016.1080p.BluRay.ULTRAx264.DUAL-WWW.TORRENTDOSFILMES.COM
2017-01-12 21:20 - 2017-01-12 22:01 - 00000000 ____D C:\Users\Eliane\AppData\LocalLow\BitTorrent
2017-01-11 12:20 - 2017-01-11 12:20 - 02516452 _____ C:\Users\Eliane\Downloads\Facebook.html
2017-01-11 12:20 - 2017-01-11 12:20 - 00000000 ____D C:\Users\Eliane\Downloads\Facebook_files
2017-01-10 22:32 - 2017-01-12 21:21 - 00000000 ____D C:\Users\Eliane\Downloads\Tini - Depois de Violetta 720p (2016) Dual Áudio BluRay 5.1 -- By - Lucas Firmo
2017-01-10 22:32 - 2017-01-12 21:21 - 00000000 ____D C:\Users\Eliane\Downloads\Mark e Russell - Viajantes Inabilitados 720p (2017) Dual Áudio BluRay -- By - Lucas Firmo
2017-01-10 20:47 - 2017-01-12 21:21 - 00000000 ____D C:\Users\Eliane\Downloads\Teen Wolf 3ª Temporada - Parte I [2013 DUAL AUDIO] 720p
2017-01-10 14:09 - 2017-01-10 14:09 - 00000286 __RSH C:\Users\Todos os Usuários\ntuser.pol
2017-01-10 14:09 - 2017-01-10 14:09 - 00000286 __RSH C:\ProgramData\ntuser.pol
2017-01-09 22:00 - 2017-01-09 22:00 - 00772096 _____ C:\Users\Eliane\Downloads\pw clean - 1.0.6 - [atalhos].exe
2017-01-09 21:58 - 2017-01-09 21:58 - 00000000 ____D C:\Users\Eliane\AppData\Roaming\pwclean
2017-01-09 09:50 - 2017-01-09 09:50 - 00412747 _____ C:\Users\Eliane\Downloads\Fatura (3).pdf
2017-01-09 09:49 - 2017-01-09 09:49 - 00412745 _____ C:\Users\Eliane\Downloads\Fatura (2).pdf
2017-01-08 20:06 - 2017-01-08 22:15 - 00000000 ____D C:\Users\Eliane\Downloads\A Entrevista (2015) - 5.1 CH Dublado 1080p (By-LuanHarper)
2017-01-07 14:03 - 2017-01-07 14:17 - 00000000 ____D C:\Users\Eliane\Downloads\A Saga Crepusculo Amanhecer Parte 1 (2011) BDrip 1080p Dublado - FSTPF
2017-01-07 14:01 - 2017-01-07 14:01 - 00000000 ____D C:\Users\Eliane\Downloads\Kite - Anjo da Vingança 2016 Bluray 1080p Dublado - TPF
2017-01-07 00:19 - 2017-01-07 00:19 - 00000000 ____D C:\Users\Eliane\Downloads\Sequestro na Ilha 2017 Bluray 1080p Dublado - TPF
2017-01-07 00:06 - 2017-01-06 23:52 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7C5B.tmp
2017-01-07 00:06 - 2017-01-06 23:51 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\asw76E8.tmp
2017-01-07 00:06 - 2017-01-06 23:51 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7BEC.tmp
2017-01-07 00:06 - 2017-01-06 23:50 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7EAC.tmp
2017-01-07 00:06 - 2017-01-06 23:50 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7B20.tmp
2017-01-07 00:06 - 2017-01-06 23:50 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7812.tmp
2017-01-07 00:06 - 2017-01-06 23:50 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7B8E.tmp
2017-01-07 00:06 - 2017-01-06 23:50 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7AC1.tmp
2017-01-07 00:02 - 2017-01-07 00:02 - 00000000 ____D C:\Users\Eliane\AppData\Local\CEF
2017-01-06 23:52 - 2017-01-06 23:52 - 00000000 ____D C:\Users\Eliane\AppData\Roaming\AVAST Software
2017-01-06 23:51 - 2017-01-06 23:51 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-01-06 23:51 - 2017-01-06 23:51 - 00000000 ____D C:\Program Files\Common Files\AV
2017-01-06 23:51 - 2017-01-06 23:50 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.148375391824910
2017-01-06 23:51 - 2017-01-06 23:50 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148375392018412
2017-01-06 23:50 - 2017-01-06 23:50 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-01-06 23:50 - 2017-01-06 23:50 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.148375391012207
2017-01-06 23:50 - 2017-01-06 23:50 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-01-06 23:50 - 2017-01-06 23:50 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2017-01-06 23:48 - 2017-01-06 23:48 - 00002685 _____ C:\Users\Eliane\Desktop\BitTorrent.lnk
2017-01-06 23:48 - 2017-01-06 23:48 - 00002685 _____ C:\Users\Eliane\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2017-01-06 23:48 - 2017-01-06 23:48 - 00000000 ____D C:\Program Files\AVAST Software
2017-01-06 23:47 - 2017-01-06 23:47 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2017-01-06 23:47 - 2017-01-06 23:47 - 00000000 ____D C:\ProgramData\AVAST Software
2017-01-06 15:46 - 2017-01-06 15:46 - 00412745 _____ C:\Users\Eliane\Downloads\Fatura.pdf
2017-01-05 23:10 - 2017-01-11 14:07 - 00000000 ____D C:\Users\Eliane\Downloads\Originals
2017-01-05 12:50 - 2017-01-05 12:50 - 00412745 _____ C:\Users\Eliane\Downloads\Fatura (1).pdf
2017-01-04 18:11 - 2017-01-04 18:11 - 00000000 ____D C:\Users\Eliane\Downloads\O Contador 1080p Dublado WWW.TORRENTDOSFILMES.COM
2017-01-04 16:16 - 2017-01-04 16:17 - 00000000 ____D C:\Users\Eliane\Downloads\Mais Forte Que o Mundo a Historia de José Aldo 2016 WEBRip 720p Nacional - WWW.THEPIRATEFILMES.COM
2017-01-04 16:02 - 2017-01-04 16:02 - 00000000 ____D C:\Users\Eliane\Downloads\Velhos Tempos 2016 Bluray 720p Dublado - TPF
2017-01-04 15:18 - 2017-01-04 15:18 - 00000000 ____D C:\Program Files (x86)\LitePDFReader
2017-01-04 00:07 - 2017-01-12 12:46 - 00000000 ____D C:\Users\Eliane\AppData\Roaming\FreePhotoViewer
2017-01-04 00:07 - 2017-01-04 15:19 - 00000000 ____D C:\Users\Todos os Usuários\tools
2017-01-04 00:07 - 2017-01-04 15:19 - 00000000 ____D C:\ProgramData\tools
2017-01-04 00:07 - 2017-01-04 00:07 - 00000000 ____D C:\Users\Public\Documents\Tools
2017-01-04 00:07 - 2017-01-04 00:07 - 00000000 ____D C:\Program Files (x86)\Tools
2017-01-04 00:07 - 2017-01-04 00:07 - 00000000 ____D C:\Program Files (x86)\FreePhotoViewer
2017-01-04 00:06 - 2017-01-04 00:06 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-12-24 22:09 - 2016-12-24 22:09 - 00000000 ____D C:\Users\Eliane\Downloads\Cantando de Galo 720p TORRENTDOSFILMES
2016-12-23 08:58 - 2016-12-23 08:58 - 00012715 _____ C:\Users\Eliane\Documents\Ingredientes bolo de coco gelado.docx
2016-12-21 23:35 - 2016-12-23 00:06 - 00000000 ____D C:\Users\Eliane\Downloads\Para Sempre Alice (2015) 5.1 CH Dublado 720p (By-LuanHarper)
2016-12-21 23:25 - 2016-12-21 23:25 - 00000000 ____D C:\Users\Eliane\Downloads\Perfeita é a Mãe 2016 Bluray 720p Dublado - TPF
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-01-12 22:12 - 2016-12-02 16:48 - 00000000 ____D C:\Users\Eliane\AppData\Roaming\BitTorrent
2017-01-12 21:59 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-12 21:59 - 2009-07-14 02:45 - 00009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-12 21:59 - 2009-07-14 02:45 - 00009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-12 16:35 - 2009-07-29 13:49 - 00705070 _____ C:\Windows\system32\prfh0416.dat
2017-01-12 16:35 - 2009-07-29 13:49 - 00146910 _____ C:\Windows\system32\prfc0416.dat
2017-01-12 16:35 - 2009-07-14 03:13 - 01633534 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-12 16:35 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\inf
2017-01-12 13:42 - 2016-01-25 15:43 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2017-01-12 13:42 - 2016-01-25 15:43 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-12 13:38 - 2016-01-25 15:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-01-12 13:08 - 2016-03-25 14:18 - 00000000 ____D C:\Users\Eliane\AppData\Roaming\LitePDFReader
2017-01-11 15:04 - 2016-02-15 22:12 - 00000000 ____D C:\Users\Eliane\AppData\Roaming\PhotoScape
2017-01-11 14:01 - 2016-02-15 22:13 - 00039936 ____H C:\Users\Eliane\Downloads\photothumb.db
2017-01-10 23:30 - 2016-01-25 15:41 - 00000000 ____D C:\Users\Eliane\AppData\Roaming\vlc
2017-01-10 14:09 - 2009-07-14 01:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-01-08 18:45 - 2016-01-25 17:50 - 00000000 ____D C:\Users\Todos os Usuários\BavSvc_exe
2017-01-08 18:45 - 2016-01-25 17:50 - 00000000 ____D C:\ProgramData\BavSvc_exe
2017-01-07 19:14 - 2009-07-14 03:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-01-06 23:43 - 2016-02-10 22:48 - 00000000 ___SD C:\Users\Eliane\AppData\LocalLow\Temp
2017-01-05 22:55 - 2016-01-28 23:59 - 00000000 ____D C:\Users\Eliane\AppData\Roaming\Baidu
2017-01-05 22:55 - 2016-01-25 23:28 - 00005952 _____ C:\Windows\wininit.ini
2017-01-05 22:54 - 2016-01-28 23:59 - 00000000 ____D C:\Program Files (x86)\baidu
2017-01-05 22:51 - 2016-07-20 14:54 - 00000000 ____D C:\Users\Eliane\Downloads\imagens
2017-01-05 21:45 - 2016-01-28 23:55 - 00000000 ____D C:\Users\Eliane\AppData\Local\MiniService
2017-01-05 13:21 - 2015-01-21 14:14 - 00000000 ____D C:\Users\Eliane\Documents\Eliane
2016-12-30 14:50 - 2016-01-25 00:21 - 00000000 ___RD C:\Users\Eliane\Music
2016-12-26 00:13 - 2016-02-01 09:31 - 00000000 ____D C:\Users\Eliane\AppData\Local\Diagnostics
2016-12-26 00:12 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system32\NDF
2016-12-23 08:58 - 2016-01-25 00:21 - 00000000 ___RD C:\Users\Eliane\Documents
2016-12-18 00:38 - 2016-08-21 11:33 - 00524288 ___SH C:\Windows\system32\config\components{85d287e4-67a3-11e6-b40b-001fc69d798d}.TMContainer00000000000000000001.regtrans-ms
2016-12-16 22:19 - 2016-01-25 16:13 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-16 22:19 - 2016-01-25 16:13 - 00003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-14 21:26 - 2016-01-25 16:14 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-14 21:26 - 2016-01-25 16:14 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
==================== Arquivos na raiz de alguns diretórios =======
2016-02-08 10:52 - 2016-02-08 10:52 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-02-01 20:32 - 2016-02-01 20:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll
[2009-07-13 21:38] - [2016-01-25 00:25] - 1008640 ____A (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79
C:\Windows\SysWOW64\User32.dll
[2009-07-13 21:24] - [2016-01-25 00:25] - 0833024 ____A (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-01-03 00:12
==================== Fim de FRST.txt ============================