Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:18-04-2016 Executado por Durval (administrador) em DURVAL (23-04-2016 12:01:20) Executando a partir de D:\Arquivos Baixados Perfis Carregados: Durval (Perfis Disponíveis: Durval & Levi Neto) Platform: Windows 8.1 Pro (X64) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe () C:\Program Files (x86)\EagleGet\EGMonitor.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe () C:\Program Files (x86)\EagleGet\EGMonitor.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (EagleGet.com) C:\Program Files (x86)\EagleGet\EagleGet.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (BitTorrent Inc.) C:\Users\Levi\AppData\Roaming\uTorrent\uTorrent.exe (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Valve Corporation) D:\Jogos Instalados\Steam\Steam.exe (BitTorrent Inc.) C:\Users\Levi\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (BitTorrent Inc.) C:\Users\Levi\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Valve Corporation) D:\Jogos Instalados\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Microsoft Corporation) C:\Windows\FileManager\PhotosApp.exe (Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-29] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2016-01-30] (AVAST Software) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310128 2013-02-13] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation) HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd) HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\Run: [EagleGet] => C:\Program Files (x86)\EagleGet\EagleGet.exe [1908224 2016-03-12] (EagleGet.com) HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\Run: [uTorrent] => C:\Users\Levi\AppData\Roaming\uTorrent\uTorrent.exe [1959424 2016-04-08] (BitTorrent Inc.) HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3903056 2015-05-22] (Tonec Inc.) HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\Run: [Steam] => D:\Jogos Instalados\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation) HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1509232 2013-02-13] (Samsung) HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-02-13] (Samsung) HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\MountPoints2: {d7820f91-d7bb-11e5-82a5-002522ea3219} - "H:\LG_PC_Programs.exe" ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-01-30] (AVAST Software) ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2014-04-21] (Tonec Inc.) CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 192.168.102.2 Tcpip\..\Interfaces\{3BFB7E9C-7BB7-4265-8286-E4B01F3F55A5}: [DhcpNameServer] 8.8.8.8 192.168.102.2 Tcpip\..\Interfaces\{5607E26E-A962-459C-B90D-9FD818924D8C}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{E2EB3AE6-AEA4-4950-AD29-D5D3395865EB}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_13¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDtBtB0E0AtAtBtCzytAyEyB0CtN0D0Tzu0StCyDyEzztN1L2XzutAtFtCzytFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StByDzy0DtBzytCyCtGyC0A0F0FtGyDtAyB0FtGtD0FtByCtGtBtDtByEtC0DyBzy0ByE0Bzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EyEtDyCtD0B0FtGzztAtCyBtGyEtCtCyBtGzztCtBtDtGzy0C0EyCzz0Ezz0CtAyCyEyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByDyB%26cr%3D475531686%26a%3Dwncy_ir_16_13%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_13¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDtBtB0E0AtAtBtCzytAyEyB0CtN0D0Tzu0StCyDyEzztN1L2XzutAtFtCzytFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StByDzy0DtBzytCyCtGyC0A0F0FtGyDtAyB0FtGtD0FtByCtGtBtDtByEtC0DyBzy0ByE0Bzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EyEtDyCtD0B0FtGzztAtCyBtGyEtCtCyBtGzztCtBtDtGzy0C0EyCzz0Ezz0CtAyCyEyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByDyB%26cr%3D475531686%26a%3Dwncy_ir_16_13%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_13¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDtBtB0E0AtAtBtCzytAyEyB0CtN0D0Tzu0StCyDyEzztN1L2XzutAtFtCzytFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StByDzy0DtBzytCyCtGyC0A0F0FtGyDtAyB0FtGtD0FtByCtGtBtDtByEtC0DyBzy0ByE0Bzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EyEtDyCtD0B0FtGzztAtCyBtGyEtCtCyBtGzztCtBtDtGzy0C0EyCzz0Ezz0CtAyCyEyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByDyB%26cr%3D475531686%26a%3Dwncy_ir_16_13%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_03¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutByEtDyDtD0FyE0DyBzz0AtAtAyEyB0CtN0D0Tzu0StCyEzztCtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEzz0CtAtDzy0CzytGtAyE0E0EtGyBtDtAyBtGyDtCyCyEtGyCtD0E0ByEyEyDtA0DyCzy0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0Czz0AyB0EzztG0FzytCtAtGyEtDtDtCtGzytCyC0EtGtCyE0C0CtC0CtAtB0DyE0AyD2QtN0A0LzuyE%26cr%3D1518034983%26a%3Dwncy_ir_16_03%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_03¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutByEtDyDtD0FyE0DyBzz0AtAtAyEyB0CtN0D0Tzu0StCyEzztCtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEzz0CtAtDzy0CzytGtAyE0E0EtGyBtDtAyBtGyDtCyCyEtGyCtD0E0ByEyEyDtA0DyCzy0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0Czz0AyB0EzztG0FzytCtAtGyEtDtDtCtGzytCyC0EtGtCyE0C0CtC0CtAtB0DyE0AyD2QtN0A0LzuyE%26cr%3D1518034983%26a%3Dwncy_ir_16_03%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms} SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_13¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDtBtB0E0AtAtBtCzytAyEyB0CtN0D0Tzu0StCyDyEzztN1L2XzutAtFtCzytFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StByDzy0DtBzytCyCtGyC0A0F0FtGyDtAyB0FtGtD0FtByCtGtBtDtByEtC0DyBzy0ByE0Bzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EyEtDyCtD0B0FtGzztAtCyBtGyEtCtCyBtGzztCtBtDtGzy0C0EyCzz0Ezz0CtAyCyEyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByDyB%26cr%3D475531686%26a%3Dwncy_ir_16_13%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms} SearchScopes: HKLM -> {6586d803-df30-46d3-a89a-4136c8571d45} URL = hxxp://www.palikan.com/results.php?f=4&a=plk_ir_16_03&cd=2XzuyEtN2Y1L1QzutByEtDyDtD0FyE0DyBzz0AtAtAyEyB0CtN0D0Tzu0StCyEzzyEtN1L2XzutAtFtCyBtFyEtFtDtN1L1Czu1RtN1L1G1B1V1N2Y1L1Qzu2StC0B0D0FtC0E0FtCtGtCtB0EtBtGzztByDyEtGtB0B0AzytGyByE0DtAtDtCtB0CzyzztByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0Czz0AyB0EzztG0FzytCtAtGyEtDtDtCtGzytCyC0EtGtCyE0C0CtC0CtAtB0DyE0AyD2QtN0A0LzuyE&cr=309377472&ir=&q={searchTerms} SearchScopes: HKU\S-1-5-21-1159380290-3088336871-3338150919-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_03¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutByEtDyDtD0FyE0DyBzz0AtAtAyEyB0CtN0D0Tzu0StCyEzztCtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEzz0CtAtDzy0CzytGtAyE0E0EtGyBtDtAyBtGyDtCyCyEtGyCtD0E0ByEyEyDtA0DyCzy0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0Czz0AyB0EzztG0FzytCtAtGyEtDtDtCtGzytCyC0EtGtCyE0C0CtC0CtAtB0DyE0AyD2QtN0A0LzuyE%26cr%3D1518034983%26a%3Dwncy_ir_16_03%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms} SearchScopes: HKU\S-1-5-21-1159380290-3088336871-3338150919-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_03¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutByEtDyDtD0FyE0DyBzz0AtAtAyEyB0CtN0D0Tzu0StCyEzztCtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEzz0CtAtDzy0CzytGtAyE0E0EtGyBtDtAyBtGyDtCyCyEtGyCtD0E0ByEyEyDtA0DyCzy0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0Czz0AyB0EzztG0FzytCtAtGyEtDtDtCtGzytCyC0EtGtCyE0C0CtC0CtAtB0DyE0AyD2QtN0A0LzuyE%26cr%3D1518034983%26a%3Dwncy_ir_16_03%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms} SearchScopes: HKU\S-1-5-21-1159380290-3088336871-3338150919-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_13¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDtBtB0E0AtAtBtCzytAyEyB0CtN0D0Tzu0StCyDyEzztN1L2XzutAtFtCzytFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StByDzy0DtBzytCyCtGyC0A0F0FtGyDtAyB0FtGtD0FtByCtGtBtDtByEtC0DyBzy0ByE0Bzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EyEtDyCtD0B0FtGzztAtCyBtGyEtCtCyBtGzztCtBtDtGzy0C0EyCzz0Ezz0CtAyCyEyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByDyB%26cr%3D475531686%26a%3Dwncy_ir_16_13%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms} SearchScopes: HKU\S-1-5-21-1159380290-3088336871-3338150919-1001 -> {6586d803-df30-46d3-a89a-4136c8571d45} URL = hxxp://www.palikan.com/results.php?f=4&a=plk_ir_16_03&cd=2XzuyEtN2Y1L1QzutByEtDyDtD0FyE0DyBzz0AtAtAyEyB0CtN0D0Tzu0StCyEzzyEtN1L2XzutAtFtCyBtFyEtFtDtN1L1Czu1RtN1L1G1B1V1N2Y1L1Qzu2StC0B0D0FtC0E0FtCtGtCtB0EtBtGzztByDyEtGtB0B0AzytGyByE0DtAtDtCtB0CzyzztByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0Czz0AyB0EzztG0FzytCtAtGyEtDtDtCtGzytCyC0EtGtCyE0C0CtC0CtAtB0DyE0AyD2QtN0A0LzuyE&cr=309377472&ir=&q={searchTerms} BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-02-21] (Internet Download Manager, Tonec Inc.) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-01-30] (AVAST Software) BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-02-21] (Internet Download Manager, Tonec Inc.) BHO-x32: EGet Class -> {1E871FF8-029C-4732-8AA7-39E3D3872057} -> C:\Program Files (x86)\EagleGet\eagleSniffer.dll [2016-03-12] (EagleGet.com) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-21] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-01-30] (AVAST Software) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-21] (Oracle Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Levi\AppData\Roaming\Mozilla\Firefox\Profiles\fmxzcx1u.default FF NewTab: about:newtab FF DefaultSearchEngine: Search Provided by Yahoo FF Homepage: hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_13¶m1=1¶m2=f%3D1%26b%3DFirefox%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDtBtB0E0AtAtBtCzytAyEyB0CtN0D0Tzu0StCyDyEzztN1L2XzutAtFtCzytFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StByDzy0DtBzytCyCtGyC0A0F0FtGyDtAyB0FtGtD0FtByCtGtBtDtByEtC0DyBzy0ByE0Bzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EyEtDyCtD0B0FtGzztAtCyBtGyEtCtCyBtGzztCtBtDtGzy0C0EyCzz0Ezz0CtAyCyEyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByDyB%26cr%3D475531686%26a%3Dwncy_ir_16_13%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2013-12-05] (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-21] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-21] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-21] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-21] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.) FF Plugin HKU\S-1-5-21-1159380290-3088336871-3338150919-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Levi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-02-19] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-1159380290-3088336871-3338150919-1001: eagleget.com/EagleGet32 -> C:\Program Files (x86)\EagleGet\npEagleget.dll [2016-03-12] (EagleGet) FF Plugin HKU\S-1-5-21-1159380290-3088336871-3338150919-1001: eagleget.com/EagleGet64 -> C:\Program Files (x86)\EagleGet\npEagleget64.dll [2016-03-12] (EagleGet) FF Plugin HKU\S-1-5-21-1159380290-3088336871-3338150919-1001: eagleget.com/EagleGet64_x86_64 -> C:\Program Files (x86)\EagleGet\npEagleget64.dll [2016-03-12] (EagleGet) FF user.js: detected! => C:\Users\Levi\AppData\Roaming\Mozilla\Firefox\Profiles\fmxzcx1u.default\user.js [2016-04-01] FF SearchPlugin: C:\Users\Levi\AppData\Roaming\Mozilla\Firefox\Profiles\fmxzcx1u.default\searchplugins\Search Provided by Yahoo.xml [2016-03-28] FF Extension: EagleGet Free Downloader - C:\Users\Levi\AppData\Roaming\Mozilla\Firefox\Profiles\fmxzcx1u.default\Extensions\eagleget_ffext@eagleget.com.xpi [2016-03-17] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-30] FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-01-30] FF HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Levi\AppData\Roaming\IDM\idmmzcc5 FF Extension: IDM CC - C:\Users\Levi\AppData\Roaming\IDM\idmmzcc5 [2016-04-23] [não assinado] FF HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Levi\AppData\Roaming\IDM\idmmzcc5 Chrome: ======= CHR HomePage: Default -> hxxps://www.google.com/ CHR StartupUrls: Default -> "hxxps://www.google.com/" CHR DefaultSearchKeyword: Default -> google.com.br_ CHR Profile: C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Conexão Mega) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpnbbiimmmmibiefgnhmekkgpnflghn [2016-02-09] CHR Extension: (Google Docs) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-15] CHR Extension: (Google Drive) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-15] CHR Extension: (YouTube) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-15] CHR Extension: (Google Search) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-15] CHR Extension: (Deadpool) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejbckhndboacingnelomimpdiohijmm [2016-01-15] CHR Extension: (Documentos Google off-line) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (Super Animes) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\glokngbimckbfigmglafekkfcaflbaef [2016-01-15] CHR Extension: (Avast Online Security) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-04-06] CHR Extension: (Desprotetor de Links) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\imcbnnnoghiihopefblgehihofbfbmei [2016-04-22] CHR Extension: (EagleGet Free Downloader) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaebhgioafceeldhgjmendlfhbfjefmo [2016-04-20] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01] CHR Extension: (Gmail) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-15] CHR HKLM\...\Chrome\Extension: [ljibkigjccbegnbeojkoafejpoiachej] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-02] CHR HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2016-01-14] CHR HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ljibkigjccbegnbeojkoafejpoiachej] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-01-30] CHR HKLM-x32\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2016-01-14] CHR HKLM-x32\...\Chrome\Extension: [ljibkigjccbegnbeojkoafejpoiachej] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-02] ==================== Serviços (Whitelisted) ======================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2016-01-30] (AVAST Software) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [243984 2016-02-19] (EasyAntiCheat Ltd) R2 egGetSvc; C:\Program Files (x86)\EagleGet\EGMonitor.exe [238592 2016-03-12] () [Arquivo não assinado] R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-29] (NVIDIA Corporation) R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-29] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-29] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-29] (NVIDIA Corporation) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.) R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2016-01-14] (VIA Technologies, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [20992 2015-01-21] (LG Electronics Inc.) S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-01-26] (LG Electronics Inc.) S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-01-26] (LG Electronics Inc.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2016-01-30] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2016-01-30] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2016-01-30] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2016-01-30] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065720 2016-03-02] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [464256 2016-01-30] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2016-01-30] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2016-01-30] (AVAST Software) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2016-01-14] (DT Soft Ltd) R3 eagleGet; C:\Windows\System32\Drivers\eagleGet.sys [77624 2016-01-06] (eagleGet) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2016-01-14] (REALiX(tm)) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-29] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-04-23 12:01 - 2016-04-23 12:01 - 00000000 ____D C:\FRST 2016-04-23 11:57 - 2016-04-23 11:57 - 00023232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2016-04-23 07:44 - 2016-04-23 07:44 - 00000000 ____D C:\Users\Levi\AppData\LocalLow\uTorrent 2016-04-21 12:14 - 2016-04-21 12:14 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2016-04-19 19:03 - 2016-04-21 20:08 - 00000000 ____D C:\Users\Levi\AppData\Local\GeometryDash 2016-04-19 19:03 - 2016-04-19 19:03 - 00000780 _____ C:\Users\Levi\Desktop\GeometryDash - Atalho.lnk 2016-04-17 14:14 - 2016-04-17 14:14 - 00000000 ____D C:\Users\Levi\Documents\League of Legends 2016-04-17 13:57 - 2016-04-17 13:57 - 00000000 ____D C:\Users\Levi\AppData\Roaming\LolClient 2016-04-13 16:49 - 2016-04-13 16:49 - 00000000 ____D C:\Users\Levi\Downloads\[SceneLovers]-Resident.Evil.Condenacao.BDRip.XviD.Dual.Audio-3LT0N 2016-04-13 14:37 - 2016-04-13 14:37 - 00000000 ____D C:\Users\Levi\AppData\Roaming\Ashampoo 2016-04-13 14:30 - 2016-04-13 14:37 - 00000000 ____D C:\Users\Levi\AppData\Local\ashampoo 2016-04-13 14:30 - 2016-04-13 14:30 - 00002299 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 11 Compact Mode.lnk 2016-04-13 14:30 - 2016-04-13 14:30 - 00001343 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 11.lnk 2016-04-13 14:30 - 2016-04-13 14:30 - 00000000 ____D C:\Users\Todos os Usuários\ashampoo 2016-04-13 14:30 - 2016-04-13 14:30 - 00000000 ____D C:\Users\Levi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ashampoo 2016-04-13 14:30 - 2016-04-13 14:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo 2016-04-13 14:30 - 2016-04-13 14:30 - 00000000 ____D C:\ProgramData\ashampoo 2016-04-13 14:30 - 2016-04-13 14:30 - 00000000 ____D C:\Program Files (x86)\Ashampoo 2016-04-12 16:46 - 2016-04-12 16:46 - 00000756 _____ C:\Users\Public\Desktop\Line Of Sight.lnk 2016-04-12 16:46 - 2016-04-12 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Line Of Sight 2016-04-10 14:37 - 2016-04-10 14:37 - 00001290 _____ C:\Users\Levi\Desktop\The Sims 4 - Atalho.lnk 2016-04-10 14:35 - 2016-04-10 14:35 - 00000000 ____D C:\Users\Public\Documents\DAEMON Tools Images 2016-04-10 11:45 - 2016-04-10 11:45 - 00000000 ____D C:\Users\Levi\AppData\Local\Macromedia 2016-04-10 09:09 - 2016-04-10 09:09 - 00000000 ____D C:\Users\Levi\AppData\Local\mslug3 2016-04-09 12:29 - 2016-04-09 12:29 - 00001586 _____ C:\Users\Levi\Desktop\NewDayOnTheZombiesWorld - Atalho.lnk 2016-04-08 13:43 - 2016-04-08 13:43 - 05934784 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2016-04-07 20:30 - 2016-04-07 20:30 - 00000000 ____D C:\Users\Levi\AppData\LocalLow\Temp 2016-04-06 18:38 - 2016-04-06 18:38 - 00000000 ____D C:\Users\Levi\AppData\Roaming\fltk.org 2016-04-06 11:47 - 2016-04-06 11:47 - 00000219 _____ C:\Users\Levi\Desktop\Dungeon Defenders II.url 2016-04-05 18:36 - 2015-08-06 10:36 - 00608448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COMCTL32.OCX 2016-04-05 18:36 - 2015-08-06 10:36 - 00212240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RICHTX32.OCX 2016-04-05 18:36 - 2015-08-06 10:36 - 00164144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comct232.ocx 2016-04-05 18:36 - 2015-08-06 10:36 - 00152848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx 2016-04-05 18:36 - 2015-08-06 10:36 - 00109248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswinsck.ocx 2016-04-05 18:36 - 2015-08-06 10:36 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll 2016-04-05 18:36 - 2001-04-05 05:43 - 00094208 ___RS (Microsoft Corporation) C:\Windows\SysWOW64\msstkprp.dll 2016-04-04 22:03 - 2016-04-04 22:03 - 00001390 _____ C:\Users\Levi\Desktop\MercenaryKings - Atalho.lnk 2016-04-04 21:59 - 2016-04-04 21:59 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll 2016-04-04 21:59 - 2016-04-04 21:59 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll 2016-04-04 21:59 - 2016-04-04 21:59 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll 2016-04-04 21:59 - 2016-04-04 21:59 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll 2016-04-04 21:59 - 2016-04-04 21:59 - 00000000 ____D C:\Program Files (x86)\OpenAL 2016-04-04 21:57 - 2016-04-04 21:57 - 00000000 ____D C:\Users\Levi\Documents\Tribute Games 2016-04-04 20:54 - 2016-04-04 20:54 - 00000323 _____ C:\Users\Levi\Downloads\Mercenary Kings Downloadlink.txt 2016-04-04 20:00 - 2016-04-04 20:00 - 00000000 ____D C:\Users\Levi\Documents\AKIBA'S TRIP 2016-04-03 17:49 - 2016-04-03 17:49 - 00000835 _____ C:\Users\Public\Desktop\The Witcher 2 Assassins of Kings.lnk 2016-04-03 17:49 - 2016-04-03 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 2 Assassins of Kings 2016-04-03 16:25 - 2016-04-03 16:25 - 00001463 _____ C:\Users\Levi\Desktop\SlimeRancher - Atalho.lnk 2016-04-03 11:51 - 2015-04-13 12:19 - 00000000 ____D C:\Users\Levi\Downloads\Mighty Number 9 2016-04-01 21:03 - 2016-04-01 21:03 - 00001177 _____ C:\Users\Levi\Desktop\Shank2 - Atalho.lnk 2016-04-01 18:10 - 2016-03-21 23:10 - 00112184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2016-04-01 18:05 - 2016-03-22 01:12 - 42923576 _____ C:\Windows\system32\nvcompiler.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 37567424 _____ C:\Windows\SysWOW64\nvcompiler.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 31555008 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 25321408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 21355248 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 20897416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 19004040 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 17748712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 17342392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 17248408 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 16446032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 14128840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 12567608 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2016-04-01 18:05 - 2016-03-22 01:12 - 10550736 _____ C:\Windows\system32\nvptxJitCompiler.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 08659472 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 03714472 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 03286992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 03235896 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 02809280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436472.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436472.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 00959544 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 00889400 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 00879000 _____ C:\Windows\system32\nvmcumd.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 00753208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 00695864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 00678520 _____ C:\Windows\system32\nvfatbinaryLoader.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 00571912 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 00473592 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 00391632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 00129208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2016-04-01 18:05 - 2016-03-22 01:12 - 00037091 _____ C:\Windows\system32\nvinfo.pb 2016-04-01 18:05 - 2016-03-22 01:12 - 00000139 _____ C:\Windows\SysWOW64\nv-vk32.json 2016-04-01 18:05 - 2016-03-22 01:12 - 00000139 _____ C:\Windows\system32\nv-vk64.json 2016-04-01 16:48 - 2016-03-29 22:06 - 01373680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2016-04-01 16:48 - 2016-03-29 22:05 - 01767248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2016-04-01 16:47 - 2016-04-01 18:08 - 00000000 ____D C:\Windows\LastGood 2016-04-01 16:47 - 2016-03-21 17:01 - 00109632 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2016-04-01 16:47 - 2016-03-21 17:01 - 00100416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2016-04-01 16:47 - 2016-03-21 17:01 - 00056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2016-04-01 13:59 - 2016-04-01 13:59 - 00003360 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Durval 2016-04-01 13:46 - 2016-04-01 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-03-31 21:02 - 2016-03-31 21:02 - 00000000 ____D C:\GOG Games 2016-03-31 18:06 - 2016-03-31 18:06 - 00000000 ____D C:\Users\Levi\AppData\Roaming\SmartSteamEmu 2016-03-30 21:49 - 2014-10-20 14:12 - 00099432 _____ (hxxp://x360ce.googlecode.com) C:\Windows\system32\xinput1_3.dll 2016-03-30 21:43 - 2012-08-30 13:15 - 00421200 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll 2016-03-30 21:43 - 2012-08-17 10:38 - 00773968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll 2016-03-30 21:39 - 2016-04-02 21:39 - 00000308 _____ C:\Windows\Tasks\DLL-files.com Fixer_UPDATES.job 2016-03-30 21:39 - 2016-03-31 13:36 - 00000292 _____ C:\Windows\Tasks\DLL-files.com Fixer_MONTHLY.job 2016-03-30 21:39 - 2016-03-30 21:39 - 00003026 _____ C:\Windows\System32\Tasks\DLL-files.com Fixer_UPDATES 2016-03-30 21:39 - 2016-03-30 21:39 - 00003012 _____ C:\Windows\System32\Tasks\DLL-files.com Fixer_MONTHLY 2016-03-30 21:39 - 2016-03-30 21:39 - 00002044 _____ C:\Users\Levi\Desktop\DLL-Files.com FIXER.lnk 2016-03-30 21:39 - 2016-03-30 21:39 - 00000000 ____D C:\Users\Levi\AppData\Roaming\dll-files.com 2016-03-30 21:39 - 2016-03-30 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files.com Fixer 2016-03-30 21:39 - 2016-03-30 21:39 - 00000000 ____D C:\Program Files (x86)\Dll-Files.com Fixer 2016-03-30 21:36 - 2016-03-30 21:36 - 00000000 ____D C:\Users\Levi\Downloads\Dll-files + Crack 2016-03-30 21:35 - 2016-03-30 21:35 - 03543466 _____ C:\Users\Levi\Downloads\Dll-files + Crack.zip 2016-03-30 20:14 - 2016-03-30 20:14 - 00000000 ____D C:\Users\Levi\AppData\Local\Deployment 2016-03-30 20:14 - 2016-03-30 20:14 - 00000000 ____D C:\Users\Levi\AppData\Local\Apps\2.0 2016-03-30 19:25 - 2016-03-30 19:25 - 00000759 _____ C:\Users\Levi\Desktop\Dragonball Xenoverse.lnk 2016-03-30 19:25 - 2016-03-30 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragonball Xenoverse 2016-03-30 18:54 - 2016-03-30 18:54 - 00000000 ___HD C:\Users\Levi\Documents\HU10KKRRSHS0397E0A 2016-03-30 18:47 - 2016-04-23 07:46 - 00002872 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Durval) 2016-03-30 18:44 - 2016-03-30 18:44 - 00000000 ____D C:\Users\Levi Neto\AppData\Local\NVIDIA Corporation 2016-03-30 18:42 - 2016-03-30 18:42 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-03-30 18:42 - 2016-03-30 18:42 - 00000000 ___RD C:\Users\Levi\SkyDrive 2016-03-29 18:33 - 2016-04-05 19:35 - 00000000 ____D C:\Users\Levi\AppData\Local\ApplicationHistory 2016-03-29 18:33 - 2016-03-29 18:33 - 00000092 _____ C:\Users\Levi\AppData\Local\fusioncache.dat 2016-03-29 18:31 - 2016-03-29 18:31 - 00000000 ____D C:\Users\Todos os Usuários\X360CE 2016-03-29 18:31 - 2016-03-29 18:31 - 00000000 ____D C:\ProgramData\X360CE 2016-03-29 17:48 - 2016-04-14 16:06 - 00000000 ____D C:\Users\Levi\Desktop\Minhas Musicas 2016-03-28 22:52 - 2016-03-28 22:52 - 00000000 ____D C:\Users\Todos os Usuários\McAfee 2016-03-28 22:52 - 2016-03-28 22:52 - 00000000 ____D C:\ProgramData\McAfee 2016-03-28 19:05 - 2016-03-28 19:05 - 00000000 ____D C:\Users\Levi\AppData\Roaming\MK10 ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-04-23 12:00 - 2016-01-16 12:18 - 00000000 ____D C:\Users\Levi\AppData\Roaming\uTorrent 2016-04-23 11:55 - 2016-01-24 22:16 - 00000000 ____D C:\Users\Levi\AppData\Local\CrashDumps 2016-04-23 11:42 - 2016-03-23 11:40 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-04-23 11:15 - 2016-01-14 10:58 - 00001090 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-04-23 08:16 - 2016-01-14 11:16 - 00000000 ____D C:\Users\Levi\AppData\Roaming\DMCache 2016-04-23 07:44 - 2016-01-30 15:35 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2016-04-23 07:44 - 2016-01-14 10:58 - 00001086 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-04-23 07:44 - 2016-01-14 10:43 - 00000000 ____D C:\Users\Todos os Usuários\ProductData 2016-04-23 07:44 - 2016-01-14 10:43 - 00000000 ____D C:\ProgramData\ProductData 2016-04-23 07:43 - 2016-01-14 10:25 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA 2016-04-23 07:43 - 2016-01-14 10:25 - 00000000 ____D C:\ProgramData\NVIDIA 2016-04-23 07:43 - 2016-01-14 10:05 - 00000000 ____D C:\Users\Levi 2016-04-23 07:43 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-04-21 20:37 - 2016-01-14 10:10 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1159380290-3088336871-3338150919-1001 2016-04-21 12:15 - 2016-01-15 13:42 - 00000000 ____D C:\Users\Todos os Usuários\Oracle 2016-04-21 12:15 - 2016-01-15 13:42 - 00000000 ____D C:\ProgramData\Oracle 2016-04-21 12:14 - 2016-03-06 15:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-04-21 12:14 - 2016-03-06 15:49 - 00000000 ____D C:\Program Files (x86)\Java 2016-04-21 12:14 - 2016-01-15 13:42 - 00000000 ____D C:\Users\Levi\.oracle_jre_usage 2016-04-21 08:54 - 2016-03-15 14:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-04-21 08:54 - 2016-03-15 14:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-04-18 17:40 - 2016-03-23 08:12 - 00000000 ____D C:\Users\Public\Documents\WinDS PRO 2016-04-13 15:59 - 2016-01-14 10:09 - 00005686 _____ C:\Windows\system32\PerfStringBackup.INI 2016-04-13 15:59 - 2013-08-31 13:31 - 01177026 _____ C:\Windows\system32\prfh0416.dat 2016-04-13 15:59 - 2013-08-31 13:31 - 00538414 _____ C:\Windows\system32\prfc0416.dat 2016-04-12 16:48 - 2016-01-16 12:30 - 00000000 ____D C:\Users\Levi\AppData\Roaming\NVIDIA 2016-04-12 14:19 - 2016-03-23 11:36 - 00268352 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2016-04-12 10:05 - 2016-01-14 11:00 - 00002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-04-12 10:05 - 2016-01-14 11:00 - 00002201 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-04-10 14:30 - 2016-01-15 21:45 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2016-04-10 14:30 - 2016-01-15 21:44 - 00000000 ____D C:\Program Files\Rockstar Games 2016-04-10 11:09 - 2016-01-14 10:59 - 00000000 ____D C:\Users\Todos os Usuários\KMSAutoS 2016-04-10 11:09 - 2016-01-14 10:59 - 00000000 ____D C:\ProgramData\KMSAutoS 2016-04-08 13:43 - 2016-03-23 11:40 - 00003790 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-04-07 18:09 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\Inf 2016-04-06 11:47 - 2016-01-30 14:57 - 00000000 ____D C:\Users\Levi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2016-04-05 18:39 - 2016-02-19 14:54 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-04-05 18:36 - 2016-03-22 16:40 - 00119296 _____ C:\Windows\SysWOW64\zlib.dll 2016-04-05 18:36 - 2016-02-17 18:14 - 00000000 ____D C:\Users\Levi Neto 2016-04-05 08:11 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\AppReadiness 2016-04-04 22:22 - 2013-08-22 10:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2016-04-03 18:09 - 2016-01-21 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tribo Gamer 2016-04-03 18:06 - 2016-01-14 11:16 - 00000000 ____D C:\Users\Levi\AppData\Roaming\IDM 2016-04-03 17:27 - 2016-01-21 15:15 - 00000000 ____D C:\Windows\SysWOW64\directx 2016-04-03 15:35 - 2016-02-19 18:10 - 00000000 ____D C:\Users\Levi\AppData\Roaming\Media Player Classic 2016-04-03 11:53 - 2016-01-15 21:48 - 00000000 ____D C:\Users\Levi\Documents\My Games 2016-04-01 20:24 - 2016-01-14 11:00 - 00000000 ____D C:\Users\Levi\AppData\Roaming\DAEMON Tools Pro 2016-04-01 18:11 - 2016-01-14 10:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-04-01 18:11 - 2016-01-14 10:25 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA Corporation 2016-04-01 18:11 - 2016-01-14 10:25 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-04-01 18:07 - 2016-01-14 10:24 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-04-01 16:48 - 2016-01-14 10:28 - 00001397 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2016-04-01 14:17 - 2016-01-14 10:43 - 00000000 ____D C:\Users\Todos os Usuários\IObit 2016-04-01 14:17 - 2016-01-14 10:43 - 00000000 ____D C:\Users\Levi\AppData\Roaming\IObit 2016-04-01 14:17 - 2016-01-14 10:43 - 00000000 ____D C:\ProgramData\IObit 2016-04-01 14:17 - 2016-01-14 10:43 - 00000000 ____D C:\Program Files (x86)\IObit 2016-04-01 14:04 - 2016-01-30 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2016-04-01 14:04 - 2016-01-14 15:57 - 00000000 ____D C:\Windows\Panther 2016-03-31 21:39 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\System 2016-03-31 21:31 - 2016-02-17 18:21 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1159380290-3088336871-3338150919-1002 2016-03-31 20:16 - 2013-08-22 12:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-03-31 20:13 - 2016-02-17 18:14 - 00000000 ____D C:\Users\Levi Neto\AppData\Local\Packages 2016-03-30 21:59 - 2016-01-14 11:28 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2016-03-30 18:48 - 2016-02-17 18:22 - 00000000 ____D C:\Users\Levi Neto\.oracle_jre_usage 2016-03-30 18:16 - 2016-01-14 10:43 - 00003236 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler 2016-03-30 18:16 - 2016-01-14 10:43 - 00002868 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Levi) 2016-03-29 22:06 - 2016-01-14 10:26 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2016-03-29 22:05 - 2016-01-16 13:55 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll 2016-03-29 22:05 - 2016-01-14 10:26 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2016-03-28 19:15 - 2016-01-21 13:55 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol 2016-03-28 19:15 - 2016-01-21 13:55 - 00000372 __RSH C:\ProgramData\ntuser.pol ==================== Arquivos na raiz de alguns diretórios ======= 2016-01-21 14:55 - 2016-01-31 15:25 - 0000093 _____ () C:\Users\Levi\AppData\Roaming\WB.CFG 2016-03-29 18:33 - 2016-03-29 18:33 - 0000092 _____ () C:\Users\Levi\AppData\Local\fusioncache.dat Alguns arquivos em TEMP: ==================== C:\Users\Levi\AppData\Local\Temp\ICReinstall_Office_2013_Completo_em_Portugues_PT_BR.exe C:\Users\Levi\AppData\Local\Temp\ICReinstall_setup.exe C:\Users\Levi\AppData\Local\Temp\jre-8u91-windows-au.exe ==================== Bamital & volsnap ================= (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2016-04-18 18:37 ==================== Fim de FRST.txt ============================