Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 02-07-2016 Executado por HP (administrador) em HP-PC (07-07-2016 17:55:20) Executando a partir de C:\Users\HP\Downloads Perfis Carregados: HP (Perfis Disponíveis: HP) Platform: Windows 7 Home Premium (X64) Idioma: Português (Brasil) Internet Explorer Versão 8 (Navegador padrão: FF) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe () C:\Windows\SysWOW64\srvany.exe () C:\Windows\KMService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (BitTorrent Inc.) C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (BitTorrent Inc.) C:\Users\HP\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (BitTorrent Inc.) C:\Users\HP\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe () C:\Program Files (x86)\Legendas-3.5\srvlegendas.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files (x86)\WinRAR\WinRAR.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8897712 2016-06-24] (AVAST Software) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24105936 2016-06-13] (Dropbox, Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3073278809-2204000618-828442408-1000\...\Run: [uTorrent] => C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe [2133504 2016-05-19] (BitTorrent Inc.) HKU\S-1-5-21-3073278809-2204000618-828442408-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-3073278809-2204000618-828442408-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-24] (AVAST Software) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{6BDA64FC-7E51-44B8-9EFE-395BB41F49E6}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{89EFBE09-E975-4778-9127-F4FA79310F61}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{B457027F-5C94-46B1-B74C-5483B166ABC3}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_20¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBzz0EtA0ByDyEtA0CzztDyDtAyEtD0FtN0D0Tzu0StCyDzyyBtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0DzyyCyBtAyEyDtGtD0EyCyBtGtCtCtDzytGtAtBtAyCtG0BtAtBtDyE0CyBtByEtC0AtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0EyCtA0CzyyBtDtGtA0DtB0EtGyEyDzztBtG0ByEyE0BtG0B0AtB0DyBzzzytCtBzyzy0E2QtN0A0LzuyE%26cr%3D1857150034%26a%3Dwncy_ir_16_20%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_20¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBzz0EtA0ByDyEtA0CzztDyDtAyEtD0FtN0D0Tzu0StCyDzyyBtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0DzyyCyBtAyEyDtGtD0EyCyBtGtCtCtDzytGtAtBtAyCtG0BtAtBtDyE0CyBtByEtC0AtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0EyCtA0CzyyBtDtGtA0DtB0EtGyEyDzztBtG0ByEyE0BtG0B0AtB0DyBzzzytCtBzyzy0E2QtN0A0LzuyE%26cr%3D1857150034%26a%3Dwncy_ir_16_20%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium HKU\S-1-5-21-3073278809-2204000618-828442408-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_20¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBzz0EtA0ByDyEtA0CzztDyDtAyEtD0FtN0D0Tzu0StCyDzyyBtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0DzyyCyBtAyEyDtGtD0EyCyBtGtCtCtDzytGtAtBtAyCtG0BtAtBtDyE0CyBtByEtC0AtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0EyCtA0CzyyBtDtGtA0DtB0EtGyEyDzztBtG0ByEyE0BtG0B0AtB0DyBzzzytCtBzyzy0E2QtN0A0LzuyE%26cr%3D1857150034%26a%3Dwncy_ir_16_20%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_19¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBzz0EtA0ByDyEtA0CzztDyDtAyEtD0FtN0D0Tzu0StCyDzyyCtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyDyCyE0E0AyB0F0CtGtC0ByEtBtGyD0EtBtDtGyDtCzytAtGzzyEtDzztCyEyEtByB0AtB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0EyCtA0CzyyBtDtGtA0DtB0EtGyEyDzztBtG0ByEyE0BtG0B0AtB0DyBzzzytCtBzyzy0E2QtN0A0LzuyE%26cr%3D1695171568%26a%3Dwncy_ir_16_19%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_19¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBzz0EtA0ByDyEtA0CzztDyDtAyEtD0FtN0D0Tzu0StCyDzyyCtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyDyCyE0E0AyB0F0CtGtC0ByEtBtGyD0EtBtDtGyDtCzytAtGzzyEtDzztCyEyEtByB0AtB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0EyCtA0CzyyBtDtGtA0DtB0EtGyEyDzztBtG0ByEyE0BtG0B0AtB0DyBzzzytCtBzyzy0E2QtN0A0LzuyE%26cr%3D1695171568%26a%3Dwncy_ir_16_19%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_20¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBzz0EtA0ByDyEtA0CzztDyDtAyEtD0FtN0D0Tzu0StCyDzyyBtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0DzyyCyBtAyEyDtGtD0EyCyBtGtCtCtDzytGtAtBtAyCtG0BtAtBtDyE0CyBtByEtC0AtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0EyCtA0CzyyBtDtGtA0DtB0EtGyEyDzztBtG0ByEyE0BtG0B0AtB0DyBzzzytCtBzyzy0E2QtN0A0LzuyE%26cr%3D1857150034%26a%3Dwncy_ir_16_20%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_19¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBzz0EtA0ByDyEtA0CzztDyDtAyEtD0FtN0D0Tzu0StCyDzyyCtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyDyCyE0E0AyB0F0CtGtC0ByEtBtGyD0EtBtDtGyDtCzytAtGzzyEtDzztCyEyEtByB0AtB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0EyCtA0CzyyBtDtGtA0DtB0EtGyEyDzztBtG0ByEyE0BtG0B0AtB0DyBzzzytCtBzyzy0E2QtN0A0LzuyE%26cr%3D1695171568%26a%3Dwncy_ir_16_19%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_19¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBzz0EtA0ByDyEtA0CzztDyDtAyEtD0FtN0D0Tzu0StCyDzyyCtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyDyCyE0E0AyB0F0CtGtC0ByEtBtGyD0EtBtDtGyDtCzytAtGzzyEtDzztCyEyEtByB0AtB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0EyCtA0CzyyBtDtGtA0DtB0EtGyEyDzztBtG0ByEyE0BtG0B0AtB0DyBzzzytCtBzyzy0E2QtN0A0LzuyE%26cr%3D1695171568%26a%3Dwncy_ir_16_19%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} SearchScopes: HKLM-x32 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_20¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBzz0EtA0ByDyEtA0CzztDyDtAyEtD0FtN0D0Tzu0StCyDzyyBtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0DzyyCyBtAyEyDtGtD0EyCyBtGtCtCtDzytGtAtBtAyCtG0BtAtBtDyE0CyBtByEtC0AtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0EyCtA0CzyyBtDtGtA0DtB0EtGyEyDzztBtG0ByEyE0BtG0B0AtB0DyBzzzytCtBzyzy0E2QtN0A0LzuyE%26cr%3D1857150034%26a%3Dwncy_ir_16_20%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} SearchScopes: HKU\S-1-5-21-3073278809-2204000618-828442408-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_19¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBzz0EtA0ByDyEtA0CzztDyDtAyEtD0FtN0D0Tzu0StCyDzyyCtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyDyCyE0E0AyB0F0CtGtC0ByEtBtGyD0EtBtDtGyDtCzytAtGzzyEtDzztCyEyEtByB0AtB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0EyCtA0CzyyBtDtGtA0DtB0EtGyEyDzztBtG0ByEyE0BtG0B0AtB0DyBzzzytCtBzyzy0E2QtN0A0LzuyE%26cr%3D1695171568%26a%3Dwncy_ir_16_19%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} SearchScopes: HKU\S-1-5-21-3073278809-2204000618-828442408-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_19¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBzz0EtA0ByDyEtA0CzztDyDtAyEtD0FtN0D0Tzu0StCyDzyyCtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyDyCyE0E0AyB0F0CtGtC0ByEtBtGyD0EtBtDtGyDtCzytAtGzzyEtDzztCyEyEtByB0AtB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0EyCtA0CzyyBtDtGtA0DtB0EtGyEyDzztBtG0ByEyE0BtG0B0AtB0DyBzzzytCtBzyzy0E2QtN0A0LzuyE%26cr%3D1695171568%26a%3Dwncy_ir_16_19%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} SearchScopes: HKU\S-1-5-21-3073278809-2204000618-828442408-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_20¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBzz0EtA0ByDyEtA0CzztDyDtAyEtD0FtN0D0Tzu0StCyDzyyBtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0DzyyCyBtAyEyDtGtD0EyCyBtGtCtCtDzytGtAtBtAyCtG0BtAtBtDyE0CyBtByEtC0AtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0EyCtA0CzyyBtDtGtA0DtB0EtGyEyDzztBtG0ByEyE0BtG0B0AtB0DyBzzzytCtBzyzy0E2QtN0A0LzuyE%26cr%3D1857150034%26a%3Dwncy_ir_16_20%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} SearchScopes: HKU\S-1-5-21-3073278809-2204000618-828442408-1000 -> {5C60E3C6-8BAA-438B-A8DB-0AF1D5837F97} URL = hxxps://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=599486&p={searchTerms} BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-06-24] (AVAST Software) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-06-24] (AVAST Software) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\tgoqrbuu.default FF NewTab: about:newtab FF DefaultSearchEngine: Search Provided by Yahoo FF DefaultSearchUrl: hxxps://www.google.com/search FF SearchEngineOrder.1: Google FF SelectedSearchEngine: Search Provided by Yahoo FF Homepage: about:home FF Keyword.URL: hxxps://www.google.com/search FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-16] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-16] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.) FF SearchPlugin: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\tgoqrbuu.default\searchplugins\Search Provided by Yahoo.xml [2016-05-16] FF Extension: Ant Video Downloader - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\tgoqrbuu.default\extensions\anttoolbar@ant.com [2016-06-28] FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-25] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-06-25] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF Chrome: ======= CHR HomePage: Default -> hxxps://www.google.com.br/ CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Bejeweled) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm [2016-04-07] CHR Extension: (Google Drive) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-07] CHR Extension: (IM+) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfdplllgoohfmnpnbplklnkegbffnheo [2016-04-07] CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-07] CHR Extension: (Adblock Plus) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-07-04] CHR Extension: (Manga e HQs in brazilian) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmidfbpiiicmkfimcbcoagpmchgmkpl [2016-04-07] CHR Extension: (Adblock para o Youtube™) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2016-04-03] CHR Extension: (Free Shonen Manga) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpjccdgegdlbcdhliofbnjepoklmpdje [2016-04-07] CHR Extension: (Box) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2016-04-07] CHR Extension: (O QR Code Generator) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcmhlmapohffdglflokbgknlknnmogbb [2016-04-07] CHR Extension: (Documentos Google off-line) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-07] CHR Extension: (AdBlock) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-06] CHR Extension: (Avast Online Security) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-07-04] CHR Extension: (Video Ad Blocker Plus) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\hegneaniplmfjcmohoclabblbahcbjoe [2016-04-27] CHR Extension: (Marvel Comics) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjhfaknohpjconjoefidanhihokmkice [2016-04-07] CHR Extension: (Google Keep - notas e listas) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2016-07-07] CHR Extension: (GBBD Banco Santander (Brasil) S.A.) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\idnljhnpjegfbcohjhdnhjlnfnffmbnf [2016-04-07] CHR Extension: (Vagalume) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipgcdnbeeiajinajlafjcdfhckglcopd [2016-04-27] CHR Extension: (OR Comics) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\kelmicojbfpofgiiibfkdoigljaiimbb [2016-04-07] CHR Extension: (SparkChess 9) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\khgabmflimjjbclkmljlpmgaleanedem [2016-04-27] CHR Extension: (Personal Trainer) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmgohkgndpahjklgpdihieeedjeneoke [2016-04-07] CHR Extension: (Reddit this!) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpiglpdbbmcnncekagalndhicllimchm [2016-04-07] CHR Extension: (Removedor de propaganda) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lehbpmlpnlinkknoildiidloiodchgld [2016-03-29] CHR Extension: (Skype) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-25] CHR Extension: (Google Maps) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-04-07] CHR Extension: (Planeador de ambientes) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcafejemebbngbglfoinpoaannbihjna [2016-04-07] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR Extension: (Mega Filmes HD) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifcmccnokkgidlneoajgkpjigklffia [2016-03-28] CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi [2016-04-07] CHR Extension: (Bubble Shooter Exclusivo) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfaogkfljpdfmodbmbogiiblppijleen [2016-04-07] CHR Extension: (Search Manager) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej [2016-06-16] CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-07] CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-3073278809-2204000618-828442408-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-3073278809-2204000618-828442408-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-05-19] CHR HKLM-x32\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25] CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx ==================== Serviços (Whitelisted) ======================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-06-24] (AVAST Software) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation) R2 COMLegService; C:\Program Files (x86)\Legendas-3.5\srvlegendas.exe [1855488 2016-01-23] () [Arquivo não assinado] S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-25] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-25] (Dropbox, Inc.) S3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [1439424 2016-02-02] (Disc Soft Ltd) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Arquivo não assinado] R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2016-03-24] () [Arquivo não assinado] R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [Arquivo não assinado] R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2016-01-29] (NVIDIA Corporation) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 AR9271; C:\Windows\System32\DRIVERS\athuwx.sys [2224160 2011-07-29] (Atheros Communications, Inc.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-24] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-06-24] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-06-24] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-24] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-24] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-24] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-06-27] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-06-24] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [290088 2016-06-24] (AVAST Software) R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2016-05-15] (Disc Soft Ltd) R3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [30264 2016-03-17] (Disc Soft Ltd) R3 dtultrausbbus; C:\Windows\System32\DRIVERS\dtultrausbbus.sys [47672 2016-03-17] (Disc Soft Ltd) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R1 legendasdrv; C:\Windows\System32\drivers\legendasdrv.sys [57584 2015-12-04] (GT) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2016-01-29] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2016-01-29] (NVIDIA Corporation) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-07-07 17:55 - 2016-07-07 17:55 - 00031781 _____ C:\Users\HP\Downloads\FRST.txt 2016-07-07 17:54 - 2016-07-07 17:55 - 00000000 ____D C:\FRST 2016-07-07 17:54 - 2016-07-07 17:54 - 02390016 _____ (Farbar) C:\Users\HP\Downloads\FRST64.exe 2016-07-07 17:05 - 2016-07-07 17:05 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache 2016-07-07 17:05 - 2016-07-07 17:05 - 00000000 ____D C:\ProgramData\Package Cache 2016-07-07 17:04 - 2016-07-07 17:05 - 14572000 _____ (Microsoft Corporation) C:\Users\HP\Downloads\vc_redist.x64.exe 2016-07-07 17:00 - 2016-07-07 17:00 - 00047223 _____ C:\Users\HP\Downloads\vcruntime140.zip 2016-07-07 16:57 - 2016-07-07 16:57 - 00000000 ____D C:\Users\HP\AppData\Roaming\VSeeInstall 2016-07-07 16:55 - 2016-07-07 16:56 - 13620792 _____ (VSee Lab, Inc.) C:\Users\HP\Downloads\vsee24323_1247-r36.4_ga.exe 2016-07-05 21:01 - 2016-07-06 15:34 - 674479850 _____ C:\Users\HP\Downloads\The.Last.Kingdom(Reino.Unido)S01E09.20p.Dub.WWW.AZTORRENTS.ORG.mkv 2016-07-05 20:58 - 2016-07-05 21:53 - 462331788 _____ C:\Users\HP\Quebrando Regras 3 Não Se Rendam 1080p (2016) Dual Áudio BluRay By Lucas Firmo.avi 2016-07-04 14:44 - 2016-07-05 15:39 - 00000000 ____D C:\Users\HP\Downloads\Quebrando Regras 3 - Não Se Rendam 1080p (2016) Dual Áudio BluRay -- By - Lucas Firmo 2016-07-03 09:52 - 2016-07-03 09:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-07-03 09:52 - 2016-07-03 09:52 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-07-03 09:52 - 2016-07-03 09:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-07-03 09:49 - 2016-07-03 09:50 - 13166304 _____ (Microsoft Corporation) C:\Users\HP\Downloads\Silverlight_x64.exe 2016-07-01 17:03 - 2016-07-01 20:33 - 00000000 ____D C:\Users\HP\Downloads\Triplo 9 - Polícia em Poder da Máfia 1080p (2016) Dual Áudio BluRay 5.1 -- By - Lucas Firmo 2016-07-01 14:27 - 2016-07-01 14:27 - 00593722 _____ C:\Users\HP\Downloads\document.pdf 2016-06-30 20:20 - 2016-06-30 20:43 - 00000000 ____D C:\Users\HP\Desktop\RPG 2016-06-30 20:19 - 2016-06-30 21:08 - 00000000 ____D C:\Users\HP\Downloads\Dragons.S03.720p.Dual.WWW.AZTORRENTS.ORG 2016-06-30 19:51 - 2016-06-30 19:51 - 00410479 _____ C:\Users\HP\Downloads\Matrix D20.rar 2016-06-25 09:49 - 2016-06-24 13:12 - 00390984 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2016-06-24 16:26 - 2016-06-24 16:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-06-24 14:14 - 2016-06-24 14:14 - 00003100 _____ C:\Windows\System32\Tasks\{26CEA0D9-2B0C-4D43-9074-D49375214A6C} 2016-06-24 14:13 - 2016-06-24 14:13 - 00000000 ___HD C:\Program Files (x86)\Temp 2016-06-24 13:12 - 2016-06-24 13:12 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2016-06-24 13:12 - 2016-06-24 13:12 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2016-06-24 13:12 - 2016-06-24 13:12 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr 2016-06-15 20:08 - 2016-06-23 19:51 - 00047354 _____ C:\Users\HP\Desktop\Cópia de CADASTRO%20FREE%20LUNAZ%20-%20ALEXANDRE.xlsx 2016-06-13 05:56 - 2016-06-14 14:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-06-09 18:47 - 2016-07-07 15:38 - 00000000 ____D C:\Users\HP\AppData\LocalLow\uTorrent 2016-06-08 17:16 - 2016-06-08 18:03 - 00000032 _____ C:\Users\Todos os Usuários\droidcam-settings 2016-06-08 17:16 - 2016-06-08 18:03 - 00000032 _____ C:\ProgramData\droidcam-settings 2016-06-08 17:14 - 2016-06-08 17:14 - 00001052 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam.lnk 2016-06-08 17:14 - 2016-06-08 17:14 - 00000000 ____D C:\Program Files (x86)\DroidCam ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-07-07 17:51 - 2016-04-03 11:18 - 00000000 ____D C:\Users\HP\AppData\Roaming\uTorrent 2016-07-07 17:37 - 2016-04-25 22:32 - 00001012 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2016-07-07 17:10 - 2016-04-27 19:05 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-07-07 17:09 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-07-07 17:09 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-07-07 15:43 - 2009-07-29 12:49 - 01807830 _____ C:\Windows\system32\prfh0416.dat 2016-07-07 15:43 - 2009-07-29 12:49 - 01133294 _____ C:\Windows\system32\prfc0416.dat 2016-07-07 15:43 - 2009-07-14 02:13 - 00006254 _____ C:\Windows\system32\PerfStringBackup.INI 2016-07-07 15:39 - 2016-04-25 22:43 - 00000000 ___RD C:\Users\HP\Dropbox 2016-07-07 15:38 - 2016-04-25 22:32 - 00001008 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2016-07-07 15:38 - 2016-03-17 15:54 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-07-07 15:38 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-07-07 14:46 - 2016-03-23 06:51 - 00000000 ____D C:\Users\HP\AppData\LocalLow\Temp 2016-07-06 17:32 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\rescache 2016-07-05 22:18 - 2016-05-25 15:56 - 00000000 ____D C:\Users\HP\Desktop\YuYu 2016-07-05 22:09 - 2016-03-17 15:07 - 00000000 ____D C:\Users\HP 2016-07-05 20:55 - 2016-03-23 06:43 - 00000000 ____D C:\Users\HP\AppData\Roaming\Media Player Classic 2016-07-05 06:55 - 2016-05-24 21:30 - 00000000 ____D C:\Users\HP\AppData\Roaming\Skype 2016-07-05 06:45 - 2016-05-24 21:30 - 00000000 ____D C:\Users\Todos os Usuários\Skype 2016-07-05 06:45 - 2016-05-24 21:30 - 00000000 ____D C:\ProgramData\Skype 2016-07-04 15:12 - 2016-05-22 19:10 - 00000000 ____D C:\Users\Todos os Usuários\Legendas 2016-07-04 15:12 - 2016-05-22 19:10 - 00000000 ____D C:\ProgramData\Legendas 2016-06-27 15:52 - 2016-03-24 17:09 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2016-06-25 09:50 - 2016-05-19 22:41 - 00003890 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1463708474 2016-06-25 09:49 - 2016-03-24 17:09 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2016-06-24 16:26 - 2016-04-25 22:32 - 00000000 ____D C:\Program Files (x86)\Dropbox 2016-06-24 14:15 - 2016-03-17 15:15 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-06-24 14:02 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf 2016-06-24 13:12 - 2016-03-24 17:09 - 00290088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2016-06-24 13:12 - 2016-03-24 17:09 - 00162904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2016-06-24 13:12 - 2016-03-24 17:09 - 00108304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2016-06-24 13:12 - 2016-03-24 17:09 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2016-06-24 13:12 - 2016-03-24 17:09 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2016-06-24 13:12 - 2016-03-24 17:09 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2016-06-24 13:11 - 2016-05-19 22:36 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2016-06-24 13:11 - 2016-03-24 17:09 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2016-06-18 15:31 - 2016-03-18 15:31 - 00000400 _____ C:\Windows\Tasks\DriverEasy Scheduled Scan.job 2016-06-18 00:21 - 2016-03-17 15:54 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-06-17 22:48 - 2016-05-24 21:30 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-06-16 19:48 - 2016-04-07 17:57 - 00000000 ____D C:\Users\HP\AppData\Roaming\XBMC 2016-06-16 17:10 - 2016-04-27 19:05 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-06-16 17:10 - 2016-04-27 19:05 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-06-16 17:10 - 2016-04-27 19:05 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-06-15 15:21 - 2016-04-08 09:25 - 00000000 ____D C:\Users\HP\Downloads\Ant Videos 2016-06-14 14:46 - 2016-04-08 08:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-06-13 19:54 - 2016-04-25 14:30 - 1683259392 _____ C:\Users\HP\Desktop\PSP-1224 - Spider-Man 3 (U).iso 2016-06-13 19:31 - 2016-03-17 15:51 - 00484008 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe ==================== Arquivos na raiz de alguns diretórios ======= 2016-04-03 13:13 - 2016-05-30 15:24 - 0000121 _____ () C:\Users\HP\AppData\Roaming\default.rss 2008-02-05 14:28 - 2008-02-05 14:28 - 0000051 _____ () C:\Users\HP\AppData\Local\setup.txt 2016-06-08 17:16 - 2016-06-08 18:03 - 0000032 _____ () C:\ProgramData\droidcam-settings ==================== Bamital & volsnap ================= (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2016-06-27 05:57 ==================== Fim de FRST.txt ============================