Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:18-04-2016
Executado por Durval (administrador) em DURVAL (23-04-2016 12:01:20)
Executando a partir de D:\Arquivos Baixados
Perfis Carregados: Durval (Perfis Disponíveis: Durval & Levi Neto)
Platform: Windows 8.1 Pro (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\EagleGet\EGMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
() C:\Program Files (x86)\EagleGet\EGMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(EagleGet.com) C:\Program Files (x86)\EagleGet\EagleGet.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(BitTorrent Inc.) C:\Users\Levi\AppData\Roaming\uTorrent\uTorrent.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Valve Corporation) D:\Jogos Instalados\Steam\Steam.exe
(BitTorrent Inc.) C:\Users\Levi\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(BitTorrent Inc.) C:\Users\Levi\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) D:\Jogos Instalados\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\FileManager\PhotosApp.exe
(Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-29] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2016-01-30] (AVAST Software)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310128 2013-02-13] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\Run: [EagleGet] => C:\Program Files (x86)\EagleGet\EagleGet.exe [1908224 2016-03-12] (EagleGet.com)
HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\Run: [uTorrent] => C:\Users\Levi\AppData\Roaming\uTorrent\uTorrent.exe [1959424 2016-04-08] (BitTorrent Inc.)
HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3903056 2015-05-22] (Tonec Inc.)
HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\Run: [Steam] => D:\Jogos Instalados\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1509232 2013-02-13] (Samsung)
HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-02-13] (Samsung)
HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\MountPoints2: {d7820f91-d7bb-11e5-82a5-002522ea3219} - "H:\LG_PC_Programs.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-01-30] (AVAST Software)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2014-04-21] (Tonec Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 192.168.102.2
Tcpip\..\Interfaces\{3BFB7E9C-7BB7-4265-8286-E4B01F3F55A5}: [DhcpNameServer] 8.8.8.8 192.168.102.2
Tcpip\..\Interfaces\{5607E26E-A962-459C-B90D-9FD818924D8C}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{E2EB3AE6-AEA4-4950-AD29-D5D3395865EB}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_13¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDtBtB0E0AtAtBtCzytAyEyB0CtN0D0Tzu0StCyDyEzztN1L2XzutAtFtCzytFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StByDzy0DtBzytCyCtGyC0A0F0FtGyDtAyB0FtGtD0FtByCtGtBtDtByEtC0DyBzy0ByE0Bzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EyEtDyCtD0B0FtGzztAtCyBtGyEtCtCyBtGzztCtBtDtGzy0C0EyCzz0Ezz0CtAyCyEyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByDyB%26cr%3D475531686%26a%3Dwncy_ir_16_13%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_13¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDtBtB0E0AtAtBtCzytAyEyB0CtN0D0Tzu0StCyDyEzztN1L2XzutAtFtCzytFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StByDzy0DtBzytCyCtGyC0A0F0FtGyDtAyB0FtGtD0FtByCtGtBtDtByEtC0DyBzy0ByE0Bzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EyEtDyCtD0B0FtGzztAtCyBtGyEtCtCyBtGzztCtBtDtGzy0C0EyCzz0Ezz0CtAyCyEyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByDyB%26cr%3D475531686%26a%3Dwncy_ir_16_13%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro
HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_13¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDtBtB0E0AtAtBtCzytAyEyB0CtN0D0Tzu0StCyDyEzztN1L2XzutAtFtCzytFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StByDzy0DtBzytCyCtGyC0A0F0FtGyDtAyB0FtGtD0FtByCtGtBtDtByEtC0DyBzy0ByE0Bzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EyEtDyCtD0B0FtGzztAtCyBtGyEtCtCyBtGzztCtBtDtGzy0C0EyCzz0Ezz0CtAyCyEyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByDyB%26cr%3D475531686%26a%3Dwncy_ir_16_13%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_03¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutByEtDyDtD0FyE0DyBzz0AtAtAyEyB0CtN0D0Tzu0StCyEzztCtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEzz0CtAtDzy0CzytGtAyE0E0EtGyBtDtAyBtGyDtCyCyEtGyCtD0E0ByEyEyDtA0DyCzy0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0Czz0AyB0EzztG0FzytCtAtGyEtDtDtCtGzytCyC0EtGtCyE0C0CtC0CtAtB0DyE0AyD2QtN0A0LzuyE%26cr%3D1518034983%26a%3Dwncy_ir_16_03%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_03¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutByEtDyDtD0FyE0DyBzz0AtAtAyEyB0CtN0D0Tzu0StCyEzztCtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEzz0CtAtDzy0CzytGtAyE0E0EtGyBtDtAyBtGyDtCyCyEtGyCtD0E0ByEyEyDtA0DyCzy0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0Czz0AyB0EzztG0FzytCtAtGyEtDtDtCtGzytCyC0EtGtCyE0C0CtC0CtAtB0DyE0AyD2QtN0A0LzuyE%26cr%3D1518034983%26a%3Dwncy_ir_16_03%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms}
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_13¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDtBtB0E0AtAtBtCzytAyEyB0CtN0D0Tzu0StCyDyEzztN1L2XzutAtFtCzytFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StByDzy0DtBzytCyCtGyC0A0F0FtGyDtAyB0FtGtD0FtByCtGtBtDtByEtC0DyBzy0ByE0Bzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EyEtDyCtD0B0FtGzztAtCyBtGyEtCtCyBtGzztCtBtDtGzy0C0EyCzz0Ezz0CtAyCyEyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByDyB%26cr%3D475531686%26a%3Dwncy_ir_16_13%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms}
SearchScopes: HKLM -> {6586d803-df30-46d3-a89a-4136c8571d45} URL = hxxp://www.palikan.com/results.php?f=4&a=plk_ir_16_03&cd=2XzuyEtN2Y1L1QzutByEtDyDtD0FyE0DyBzz0AtAtAyEyB0CtN0D0Tzu0StCyEzzyEtN1L2XzutAtFtCyBtFyEtFtDtN1L1Czu1RtN1L1G1B1V1N2Y1L1Qzu2StC0B0D0FtC0E0FtCtGtCtB0EtBtGzztByDyEtGtB0B0AzytGyByE0DtAtDtCtB0CzyzztByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0Czz0AyB0EzztG0FzytCtAtGyEtDtDtCtGzytCyC0EtGtCyE0C0CtC0CtAtB0DyE0AyD2QtN0A0LzuyE&cr=309377472&ir=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1159380290-3088336871-3338150919-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_03¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutByEtDyDtD0FyE0DyBzz0AtAtAyEyB0CtN0D0Tzu0StCyEzztCtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEzz0CtAtDzy0CzytGtAyE0E0EtGyBtDtAyBtGyDtCyCyEtGyCtD0E0ByEyEyDtA0DyCzy0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0Czz0AyB0EzztG0FzytCtAtGyEtDtDtCtGzytCyC0EtGtCyE0C0CtC0CtAtB0DyE0AyD2QtN0A0LzuyE%26cr%3D1518034983%26a%3Dwncy_ir_16_03%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1159380290-3088336871-3338150919-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_03¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutByEtDyDtD0FyE0DyBzz0AtAtAyEyB0CtN0D0Tzu0StCyEzztCtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEzz0CtAtDzy0CzytGtAyE0E0EtGyBtDtAyBtGyDtCyCyEtGyCtD0E0ByEyEyDtA0DyCzy0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0Czz0AyB0EzztG0FzytCtAtGyEtDtDtCtGzytCyC0EtGtCyE0C0CtC0CtAtB0DyE0AyD2QtN0A0LzuyE%26cr%3D1518034983%26a%3Dwncy_ir_16_03%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1159380290-3088336871-3338150919-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_13¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDtBtB0E0AtAtBtCzytAyEyB0CtN0D0Tzu0StCyDyEzztN1L2XzutAtFtCzytFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StByDzy0DtBzytCyCtGyC0A0F0FtGyDtAyB0FtGtD0FtByCtGtBtDtByEtC0DyBzy0ByE0Bzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EyEtDyCtD0B0FtGzztAtCyBtGyEtCtCyBtGzztCtBtDtGzy0C0EyCzz0Ezz0CtAyCyEyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByDyB%26cr%3D475531686%26a%3Dwncy_ir_16_13%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1159380290-3088336871-3338150919-1001 -> {6586d803-df30-46d3-a89a-4136c8571d45} URL = hxxp://www.palikan.com/results.php?f=4&a=plk_ir_16_03&cd=2XzuyEtN2Y1L1QzutByEtDyDtD0FyE0DyBzz0AtAtAyEyB0CtN0D0Tzu0StCyEzzyEtN1L2XzutAtFtCyBtFyEtFtDtN1L1Czu1RtN1L1G1B1V1N2Y1L1Qzu2StC0B0D0FtC0E0FtCtGtCtB0EtBtGzztByDyEtGtB0B0AzytGyByE0DtAtDtCtB0CzyzztByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0Czz0AyB0EzztG0FzytCtAtGyEtDtDtCtGzytCyC0EtGtCyE0C0CtC0CtAtB0DyE0AyD2QtN0A0LzuyE&cr=309377472&ir=&q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-02-21] (Internet Download Manager, Tonec Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-01-30] (AVAST Software)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-02-21] (Internet Download Manager, Tonec Inc.)
BHO-x32: EGet Class -> {1E871FF8-029C-4732-8AA7-39E3D3872057} -> C:\Program Files (x86)\EagleGet\eagleSniffer.dll [2016-03-12] (EagleGet.com)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-21] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-01-30] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-21] (Oracle Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Levi\AppData\Roaming\Mozilla\Firefox\Profiles\fmxzcx1u.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Search Provided by Yahoo
FF Homepage: hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_13¶m1=1¶m2=f%3D1%26b%3DFirefox%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDtBtB0E0AtAtBtCzytAyEyB0CtN0D0Tzu0StCyDyEzztN1L2XzutAtFtCzytFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StByDzy0DtBzytCyCtGyC0A0F0FtGyDtAyB0FtGtD0FtByCtGtBtDtByEtC0DyBzy0ByE0Bzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EyEtDyCtD0B0FtGzztAtCyBtGyEtCtCyBtGzztCtBtDtGzy0C0EyCzz0Ezz0CtAyCyEyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByDyB%26cr%3D475531686%26a%3Dwncy_ir_16_13%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-21] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-21] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-1159380290-3088336871-3338150919-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Levi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-02-19] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1159380290-3088336871-3338150919-1001: eagleget.com/EagleGet32 -> C:\Program Files (x86)\EagleGet\npEagleget.dll [2016-03-12] (EagleGet)
FF Plugin HKU\S-1-5-21-1159380290-3088336871-3338150919-1001: eagleget.com/EagleGet64 -> C:\Program Files (x86)\EagleGet\npEagleget64.dll [2016-03-12] (EagleGet)
FF Plugin HKU\S-1-5-21-1159380290-3088336871-3338150919-1001: eagleget.com/EagleGet64_x86_64 -> C:\Program Files (x86)\EagleGet\npEagleget64.dll [2016-03-12] (EagleGet)
FF user.js: detected! => C:\Users\Levi\AppData\Roaming\Mozilla\Firefox\Profiles\fmxzcx1u.default\user.js [2016-04-01]
FF SearchPlugin: C:\Users\Levi\AppData\Roaming\Mozilla\Firefox\Profiles\fmxzcx1u.default\searchplugins\Search Provided by Yahoo.xml [2016-03-28]
FF Extension: EagleGet Free Downloader - C:\Users\Levi\AppData\Roaming\Mozilla\Firefox\Profiles\fmxzcx1u.default\Extensions\eagleget_ffext@eagleget.com.xpi [2016-03-17]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-30]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-01-30]
FF HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Levi\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Levi\AppData\Roaming\IDM\idmmzcc5 [2016-04-23] [não assinado]
FF HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Levi\AppData\Roaming\IDM\idmmzcc5
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchKeyword: Default -> google.com.br_
CHR Profile: C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Conexão Mega) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpnbbiimmmmibiefgnhmekkgpnflghn [2016-02-09]
CHR Extension: (Google Docs) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-15]
CHR Extension: (Google Drive) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-15]
CHR Extension: (YouTube) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-15]
CHR Extension: (Google Search) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-15]
CHR Extension: (Deadpool) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejbckhndboacingnelomimpdiohijmm [2016-01-15]
CHR Extension: (Documentos Google off-line) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Super Animes) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\glokngbimckbfigmglafekkfcaflbaef [2016-01-15]
CHR Extension: (Avast Online Security) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-04-06]
CHR Extension: (Desprotetor de Links) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\imcbnnnoghiihopefblgehihofbfbmei [2016-04-22]
CHR Extension: (EagleGet Free Downloader) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaebhgioafceeldhgjmendlfhbfjefmo [2016-04-20]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Gmail) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-15]
CHR HKLM\...\Chrome\Extension: [ljibkigjccbegnbeojkoafejpoiachej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-02]
CHR HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2016-01-14]
CHR HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ljibkigjccbegnbeojkoafejpoiachej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-01-30]
CHR HKLM-x32\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2016-01-14]
CHR HKLM-x32\...\Chrome\Extension: [ljibkigjccbegnbeojkoafejpoiachej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-02]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2016-01-30] (AVAST Software)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [243984 2016-02-19] (EasyAntiCheat Ltd)
R2 egGetSvc; C:\Program Files (x86)\EagleGet\EGMonitor.exe [238592 2016-03-12] () [Arquivo não assinado]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-29] (NVIDIA Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-29] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-29] (NVIDIA Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2016-01-14] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [20992 2015-01-21] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-01-26] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-01-26] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2016-01-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2016-01-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2016-01-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2016-01-30] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065720 2016-03-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [464256 2016-01-30] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2016-01-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2016-01-30] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2016-01-14] (DT Soft Ltd)
R3 eagleGet; C:\Windows\System32\Drivers\eagleGet.sys [77624 2016-01-06] (eagleGet)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2016-01-14] (REALiX(tm))
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-04-23 12:01 - 2016-04-23 12:01 - 00000000 ____D C:\FRST
2016-04-23 11:57 - 2016-04-23 11:57 - 00023232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-04-23 07:44 - 2016-04-23 07:44 - 00000000 ____D C:\Users\Levi\AppData\LocalLow\uTorrent
2016-04-21 12:14 - 2016-04-21 12:14 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-04-19 19:03 - 2016-04-21 20:08 - 00000000 ____D C:\Users\Levi\AppData\Local\GeometryDash
2016-04-19 19:03 - 2016-04-19 19:03 - 00000780 _____ C:\Users\Levi\Desktop\GeometryDash - Atalho.lnk
2016-04-17 14:14 - 2016-04-17 14:14 - 00000000 ____D C:\Users\Levi\Documents\League of Legends
2016-04-17 13:57 - 2016-04-17 13:57 - 00000000 ____D C:\Users\Levi\AppData\Roaming\LolClient
2016-04-13 16:49 - 2016-04-13 16:49 - 00000000 ____D C:\Users\Levi\Downloads\[SceneLovers]-Resident.Evil.Condenacao.BDRip.XviD.Dual.Audio-3LT0N
2016-04-13 14:37 - 2016-04-13 14:37 - 00000000 ____D C:\Users\Levi\AppData\Roaming\Ashampoo
2016-04-13 14:30 - 2016-04-13 14:37 - 00000000 ____D C:\Users\Levi\AppData\Local\ashampoo
2016-04-13 14:30 - 2016-04-13 14:30 - 00002299 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 11 Compact Mode.lnk
2016-04-13 14:30 - 2016-04-13 14:30 - 00001343 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 11.lnk
2016-04-13 14:30 - 2016-04-13 14:30 - 00000000 ____D C:\Users\Todos os Usuários\ashampoo
2016-04-13 14:30 - 2016-04-13 14:30 - 00000000 ____D C:\Users\Levi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ashampoo
2016-04-13 14:30 - 2016-04-13 14:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2016-04-13 14:30 - 2016-04-13 14:30 - 00000000 ____D C:\ProgramData\ashampoo
2016-04-13 14:30 - 2016-04-13 14:30 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2016-04-12 16:46 - 2016-04-12 16:46 - 00000756 _____ C:\Users\Public\Desktop\Line Of Sight.lnk
2016-04-12 16:46 - 2016-04-12 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Line Of Sight
2016-04-10 14:37 - 2016-04-10 14:37 - 00001290 _____ C:\Users\Levi\Desktop\The Sims 4 - Atalho.lnk
2016-04-10 14:35 - 2016-04-10 14:35 - 00000000 ____D C:\Users\Public\Documents\DAEMON Tools Images
2016-04-10 11:45 - 2016-04-10 11:45 - 00000000 ____D C:\Users\Levi\AppData\Local\Macromedia
2016-04-10 09:09 - 2016-04-10 09:09 - 00000000 ____D C:\Users\Levi\AppData\Local\mslug3
2016-04-09 12:29 - 2016-04-09 12:29 - 00001586 _____ C:\Users\Levi\Desktop\NewDayOnTheZombiesWorld - Atalho.lnk
2016-04-08 13:43 - 2016-04-08 13:43 - 05934784 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-04-07 20:30 - 2016-04-07 20:30 - 00000000 ____D C:\Users\Levi\AppData\LocalLow\Temp
2016-04-06 18:38 - 2016-04-06 18:38 - 00000000 ____D C:\Users\Levi\AppData\Roaming\fltk.org
2016-04-06 11:47 - 2016-04-06 11:47 - 00000219 _____ C:\Users\Levi\Desktop\Dungeon Defenders II.url
2016-04-05 18:36 - 2015-08-06 10:36 - 00608448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COMCTL32.OCX
2016-04-05 18:36 - 2015-08-06 10:36 - 00212240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RICHTX32.OCX
2016-04-05 18:36 - 2015-08-06 10:36 - 00164144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comct232.ocx
2016-04-05 18:36 - 2015-08-06 10:36 - 00152848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
2016-04-05 18:36 - 2015-08-06 10:36 - 00109248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswinsck.ocx
2016-04-05 18:36 - 2015-08-06 10:36 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2016-04-05 18:36 - 2001-04-05 05:43 - 00094208 ___RS (Microsoft Corporation) C:\Windows\SysWOW64\msstkprp.dll
2016-04-04 22:03 - 2016-04-04 22:03 - 00001390 _____ C:\Users\Levi\Desktop\MercenaryKings - Atalho.lnk
2016-04-04 21:59 - 2016-04-04 21:59 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2016-04-04 21:59 - 2016-04-04 21:59 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2016-04-04 21:59 - 2016-04-04 21:59 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2016-04-04 21:59 - 2016-04-04 21:59 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2016-04-04 21:59 - 2016-04-04 21:59 - 00000000 ____D C:\Program Files (x86)\OpenAL
2016-04-04 21:57 - 2016-04-04 21:57 - 00000000 ____D C:\Users\Levi\Documents\Tribute Games
2016-04-04 20:54 - 2016-04-04 20:54 - 00000323 _____ C:\Users\Levi\Downloads\Mercenary Kings Downloadlink.txt
2016-04-04 20:00 - 2016-04-04 20:00 - 00000000 ____D C:\Users\Levi\Documents\AKIBA'S TRIP
2016-04-03 17:49 - 2016-04-03 17:49 - 00000835 _____ C:\Users\Public\Desktop\The Witcher 2 Assassins of Kings.lnk
2016-04-03 17:49 - 2016-04-03 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 2 Assassins of Kings
2016-04-03 16:25 - 2016-04-03 16:25 - 00001463 _____ C:\Users\Levi\Desktop\SlimeRancher - Atalho.lnk
2016-04-03 11:51 - 2015-04-13 12:19 - 00000000 ____D C:\Users\Levi\Downloads\Mighty Number 9
2016-04-01 21:03 - 2016-04-01 21:03 - 00001177 _____ C:\Users\Levi\Desktop\Shank2 - Atalho.lnk
2016-04-01 18:10 - 2016-03-21 23:10 - 00112184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-04-01 18:05 - 2016-03-22 01:12 - 42923576 _____ C:\Windows\system32\nvcompiler.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 37567424 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 31555008 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 25321408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 21355248 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 20897416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 19004040 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 17748712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 17342392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 17248408 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 16446032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 14128840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 12567608 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-04-01 18:05 - 2016-03-22 01:12 - 10550736 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 08659472 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 03714472 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 03286992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 03235896 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 02809280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436472.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436472.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00959544 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00889400 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00879000 _____ C:\Windows\system32\nvmcumd.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00753208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00695864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00678520 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00571912 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00473592 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00391632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00129208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00037091 _____ C:\Windows\system32\nvinfo.pb
2016-04-01 18:05 - 2016-03-22 01:12 - 00000139 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-04-01 18:05 - 2016-03-22 01:12 - 00000139 _____ C:\Windows\system32\nv-vk64.json
2016-04-01 16:48 - 2016-03-29 22:06 - 01373680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-04-01 16:48 - 2016-03-29 22:05 - 01767248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-04-01 16:47 - 2016-04-01 18:08 - 00000000 ____D C:\Windows\LastGood
2016-04-01 16:47 - 2016-03-21 17:01 - 00109632 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-04-01 16:47 - 2016-03-21 17:01 - 00100416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-04-01 16:47 - 2016-03-21 17:01 - 00056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-04-01 13:59 - 2016-04-01 13:59 - 00003360 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Durval
2016-04-01 13:46 - 2016-04-01 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-03-31 21:02 - 2016-03-31 21:02 - 00000000 ____D C:\GOG Games
2016-03-31 18:06 - 2016-03-31 18:06 - 00000000 ____D C:\Users\Levi\AppData\Roaming\SmartSteamEmu
2016-03-30 21:49 - 2014-10-20 14:12 - 00099432 _____ (hxxp://x360ce.googlecode.com) C:\Windows\system32\xinput1_3.dll
2016-03-30 21:43 - 2012-08-30 13:15 - 00421200 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll
2016-03-30 21:43 - 2012-08-17 10:38 - 00773968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2016-03-30 21:39 - 2016-04-02 21:39 - 00000308 _____ C:\Windows\Tasks\DLL-files.com Fixer_UPDATES.job
2016-03-30 21:39 - 2016-03-31 13:36 - 00000292 _____ C:\Windows\Tasks\DLL-files.com Fixer_MONTHLY.job
2016-03-30 21:39 - 2016-03-30 21:39 - 00003026 _____ C:\Windows\System32\Tasks\DLL-files.com Fixer_UPDATES
2016-03-30 21:39 - 2016-03-30 21:39 - 00003012 _____ C:\Windows\System32\Tasks\DLL-files.com Fixer_MONTHLY
2016-03-30 21:39 - 2016-03-30 21:39 - 00002044 _____ C:\Users\Levi\Desktop\DLL-Files.com FIXER.lnk
2016-03-30 21:39 - 2016-03-30 21:39 - 00000000 ____D C:\Users\Levi\AppData\Roaming\dll-files.com
2016-03-30 21:39 - 2016-03-30 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files.com Fixer
2016-03-30 21:39 - 2016-03-30 21:39 - 00000000 ____D C:\Program Files (x86)\Dll-Files.com Fixer
2016-03-30 21:36 - 2016-03-30 21:36 - 00000000 ____D C:\Users\Levi\Downloads\Dll-files + Crack
2016-03-30 21:35 - 2016-03-30 21:35 - 03543466 _____ C:\Users\Levi\Downloads\Dll-files + Crack.zip
2016-03-30 20:14 - 2016-03-30 20:14 - 00000000 ____D C:\Users\Levi\AppData\Local\Deployment
2016-03-30 20:14 - 2016-03-30 20:14 - 00000000 ____D C:\Users\Levi\AppData\Local\Apps\2.0
2016-03-30 19:25 - 2016-03-30 19:25 - 00000759 _____ C:\Users\Levi\Desktop\Dragonball Xenoverse.lnk
2016-03-30 19:25 - 2016-03-30 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragonball Xenoverse
2016-03-30 18:54 - 2016-03-30 18:54 - 00000000 ___HD C:\Users\Levi\Documents\HU10KKRRSHS0397E0A
2016-03-30 18:47 - 2016-04-23 07:46 - 00002872 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Durval)
2016-03-30 18:44 - 2016-03-30 18:44 - 00000000 ____D C:\Users\Levi Neto\AppData\Local\NVIDIA Corporation
2016-03-30 18:42 - 2016-03-30 18:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-30 18:42 - 2016-03-30 18:42 - 00000000 ___RD C:\Users\Levi\SkyDrive
2016-03-29 18:33 - 2016-04-05 19:35 - 00000000 ____D C:\Users\Levi\AppData\Local\ApplicationHistory
2016-03-29 18:33 - 2016-03-29 18:33 - 00000092 _____ C:\Users\Levi\AppData\Local\fusioncache.dat
2016-03-29 18:31 - 2016-03-29 18:31 - 00000000 ____D C:\Users\Todos os Usuários\X360CE
2016-03-29 18:31 - 2016-03-29 18:31 - 00000000 ____D C:\ProgramData\X360CE
2016-03-29 17:48 - 2016-04-14 16:06 - 00000000 ____D C:\Users\Levi\Desktop\Minhas Musicas
2016-03-28 22:52 - 2016-03-28 22:52 - 00000000 ____D C:\Users\Todos os Usuários\McAfee
2016-03-28 22:52 - 2016-03-28 22:52 - 00000000 ____D C:\ProgramData\McAfee
2016-03-28 19:05 - 2016-03-28 19:05 - 00000000 ____D C:\Users\Levi\AppData\Roaming\MK10
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-04-23 12:00 - 2016-01-16 12:18 - 00000000 ____D C:\Users\Levi\AppData\Roaming\uTorrent
2016-04-23 11:55 - 2016-01-24 22:16 - 00000000 ____D C:\Users\Levi\AppData\Local\CrashDumps
2016-04-23 11:42 - 2016-03-23 11:40 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-23 11:15 - 2016-01-14 10:58 - 00001090 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-23 08:16 - 2016-01-14 11:16 - 00000000 ____D C:\Users\Levi\AppData\Roaming\DMCache
2016-04-23 07:44 - 2016-01-30 15:35 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-04-23 07:44 - 2016-01-14 10:58 - 00001086 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-23 07:44 - 2016-01-14 10:43 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2016-04-23 07:44 - 2016-01-14 10:43 - 00000000 ____D C:\ProgramData\ProductData
2016-04-23 07:43 - 2016-01-14 10:25 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2016-04-23 07:43 - 2016-01-14 10:25 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-23 07:43 - 2016-01-14 10:05 - 00000000 ____D C:\Users\Levi
2016-04-23 07:43 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-21 20:37 - 2016-01-14 10:10 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1159380290-3088336871-3338150919-1001
2016-04-21 12:15 - 2016-01-15 13:42 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2016-04-21 12:15 - 2016-01-15 13:42 - 00000000 ____D C:\ProgramData\Oracle
2016-04-21 12:14 - 2016-03-06 15:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-21 12:14 - 2016-03-06 15:49 - 00000000 ____D C:\Program Files (x86)\Java
2016-04-21 12:14 - 2016-01-15 13:42 - 00000000 ____D C:\Users\Levi\.oracle_jre_usage
2016-04-21 08:54 - 2016-03-15 14:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-21 08:54 - 2016-03-15 14:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-18 17:40 - 2016-03-23 08:12 - 00000000 ____D C:\Users\Public\Documents\WinDS PRO
2016-04-13 15:59 - 2016-01-14 10:09 - 00005686 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-13 15:59 - 2013-08-31 13:31 - 01177026 _____ C:\Windows\system32\prfh0416.dat
2016-04-13 15:59 - 2013-08-31 13:31 - 00538414 _____ C:\Windows\system32\prfc0416.dat
2016-04-12 16:48 - 2016-01-16 12:30 - 00000000 ____D C:\Users\Levi\AppData\Roaming\NVIDIA
2016-04-12 14:19 - 2016-03-23 11:36 - 00268352 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2016-04-12 10:05 - 2016-01-14 11:00 - 00002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-12 10:05 - 2016-01-14 11:00 - 00002201 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-10 14:30 - 2016-01-15 21:45 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-04-10 14:30 - 2016-01-15 21:44 - 00000000 ____D C:\Program Files\Rockstar Games
2016-04-10 11:09 - 2016-01-14 10:59 - 00000000 ____D C:\Users\Todos os Usuários\KMSAutoS
2016-04-10 11:09 - 2016-01-14 10:59 - 00000000 ____D C:\ProgramData\KMSAutoS
2016-04-08 13:43 - 2016-03-23 11:40 - 00003790 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-07 18:09 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\Inf
2016-04-06 11:47 - 2016-01-30 14:57 - 00000000 ____D C:\Users\Levi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-04-05 18:39 - 2016-02-19 14:54 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-05 18:36 - 2016-03-22 16:40 - 00119296 _____ C:\Windows\SysWOW64\zlib.dll
2016-04-05 18:36 - 2016-02-17 18:14 - 00000000 ____D C:\Users\Levi Neto
2016-04-05 08:11 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\AppReadiness
2016-04-04 22:22 - 2013-08-22 10:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-04-03 18:09 - 2016-01-21 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tribo Gamer
2016-04-03 18:06 - 2016-01-14 11:16 - 00000000 ____D C:\Users\Levi\AppData\Roaming\IDM
2016-04-03 17:27 - 2016-01-21 15:15 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-04-03 15:35 - 2016-02-19 18:10 - 00000000 ____D C:\Users\Levi\AppData\Roaming\Media Player Classic
2016-04-03 11:53 - 2016-01-15 21:48 - 00000000 ____D C:\Users\Levi\Documents\My Games
2016-04-01 20:24 - 2016-01-14 11:00 - 00000000 ____D C:\Users\Levi\AppData\Roaming\DAEMON Tools Pro
2016-04-01 18:11 - 2016-01-14 10:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-04-01 18:11 - 2016-01-14 10:25 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA Corporation
2016-04-01 18:11 - 2016-01-14 10:25 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-04-01 18:07 - 2016-01-14 10:24 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-04-01 16:48 - 2016-01-14 10:28 - 00001397 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-04-01 14:17 - 2016-01-14 10:43 - 00000000 ____D C:\Users\Todos os Usuários\IObit
2016-04-01 14:17 - 2016-01-14 10:43 - 00000000 ____D C:\Users\Levi\AppData\Roaming\IObit
2016-04-01 14:17 - 2016-01-14 10:43 - 00000000 ____D C:\ProgramData\IObit
2016-04-01 14:17 - 2016-01-14 10:43 - 00000000 ____D C:\Program Files (x86)\IObit
2016-04-01 14:04 - 2016-01-30 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-04-01 14:04 - 2016-01-14 15:57 - 00000000 ____D C:\Windows\Panther
2016-03-31 21:39 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\System
2016-03-31 21:31 - 2016-02-17 18:21 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1159380290-3088336871-3338150919-1002
2016-03-31 20:16 - 2013-08-22 12:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-31 20:13 - 2016-02-17 18:14 - 00000000 ____D C:\Users\Levi Neto\AppData\Local\Packages
2016-03-30 21:59 - 2016-01-14 11:28 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-30 18:48 - 2016-02-17 18:22 - 00000000 ____D C:\Users\Levi Neto\.oracle_jre_usage
2016-03-30 18:16 - 2016-01-14 10:43 - 00003236 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2016-03-30 18:16 - 2016-01-14 10:43 - 00002868 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Levi)
2016-03-29 22:06 - 2016-01-14 10:26 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-03-29 22:05 - 2016-01-16 13:55 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-03-29 22:05 - 2016-01-14 10:26 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-03-28 19:15 - 2016-01-21 13:55 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-03-28 19:15 - 2016-01-21 13:55 - 00000372 __RSH C:\ProgramData\ntuser.pol
==================== Arquivos na raiz de alguns diretórios =======
2016-01-21 14:55 - 2016-01-31 15:25 - 0000093 _____ () C:\Users\Levi\AppData\Roaming\WB.CFG
2016-03-29 18:33 - 2016-03-29 18:33 - 0000092 _____ () C:\Users\Levi\AppData\Local\fusioncache.dat
Alguns arquivos em TEMP:
====================
C:\Users\Levi\AppData\Local\Temp\ICReinstall_Office_2013_Completo_em_Portugues_PT_BR.exe
C:\Users\Levi\AppData\Local\Temp\ICReinstall_setup.exe
C:\Users\Levi\AppData\Local\Temp\jre-8u91-windows-au.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-04-18 18:37
==================== Fim de FRST.txt ============================
Executado por Durval (administrador) em DURVAL (23-04-2016 12:01:20)
Executando a partir de D:\Arquivos Baixados
Perfis Carregados: Durval (Perfis Disponíveis: Durval & Levi Neto)
Platform: Windows 8.1 Pro (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\EagleGet\EGMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
() C:\Program Files (x86)\EagleGet\EGMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(EagleGet.com) C:\Program Files (x86)\EagleGet\EagleGet.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(BitTorrent Inc.) C:\Users\Levi\AppData\Roaming\uTorrent\uTorrent.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Valve Corporation) D:\Jogos Instalados\Steam\Steam.exe
(BitTorrent Inc.) C:\Users\Levi\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(BitTorrent Inc.) C:\Users\Levi\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) D:\Jogos Instalados\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\FileManager\PhotosApp.exe
(Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-29] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2016-01-30] (AVAST Software)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310128 2013-02-13] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\Run: [EagleGet] => C:\Program Files (x86)\EagleGet\EagleGet.exe [1908224 2016-03-12] (EagleGet.com)
HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\Run: [uTorrent] => C:\Users\Levi\AppData\Roaming\uTorrent\uTorrent.exe [1959424 2016-04-08] (BitTorrent Inc.)
HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3903056 2015-05-22] (Tonec Inc.)
HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\Run: [Steam] => D:\Jogos Instalados\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1509232 2013-02-13] (Samsung)
HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-02-13] (Samsung)
HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\MountPoints2: {d7820f91-d7bb-11e5-82a5-002522ea3219} - "H:\LG_PC_Programs.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-01-30] (AVAST Software)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2014-04-21] (Tonec Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 192.168.102.2
Tcpip\..\Interfaces\{3BFB7E9C-7BB7-4265-8286-E4B01F3F55A5}: [DhcpNameServer] 8.8.8.8 192.168.102.2
Tcpip\..\Interfaces\{5607E26E-A962-459C-B90D-9FD818924D8C}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{E2EB3AE6-AEA4-4950-AD29-D5D3395865EB}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_13¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDtBtB0E0AtAtBtCzytAyEyB0CtN0D0Tzu0StCyDyEzztN1L2XzutAtFtCzytFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StByDzy0DtBzytCyCtGyC0A0F0FtGyDtAyB0FtGtD0FtByCtGtBtDtByEtC0DyBzy0ByE0Bzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EyEtDyCtD0B0FtGzztAtCyBtGyEtCtCyBtGzztCtBtDtGzy0C0EyCzz0Ezz0CtAyCyEyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByDyB%26cr%3D475531686%26a%3Dwncy_ir_16_13%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_13¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDtBtB0E0AtAtBtCzytAyEyB0CtN0D0Tzu0StCyDyEzztN1L2XzutAtFtCzytFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StByDzy0DtBzytCyCtGyC0A0F0FtGyDtAyB0FtGtD0FtByCtGtBtDtByEtC0DyBzy0ByE0Bzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EyEtDyCtD0B0FtGzztAtCyBtGyEtCtCyBtGzztCtBtDtGzy0C0EyCzz0Ezz0CtAyCyEyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByDyB%26cr%3D475531686%26a%3Dwncy_ir_16_13%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro
HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_13¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDtBtB0E0AtAtBtCzytAyEyB0CtN0D0Tzu0StCyDyEzztN1L2XzutAtFtCzytFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StByDzy0DtBzytCyCtGyC0A0F0FtGyDtAyB0FtGtD0FtByCtGtBtDtByEtC0DyBzy0ByE0Bzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EyEtDyCtD0B0FtGzztAtCyBtGyEtCtCyBtGzztCtBtDtGzy0C0EyCzz0Ezz0CtAyCyEyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByDyB%26cr%3D475531686%26a%3Dwncy_ir_16_13%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_03¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutByEtDyDtD0FyE0DyBzz0AtAtAyEyB0CtN0D0Tzu0StCyEzztCtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEzz0CtAtDzy0CzytGtAyE0E0EtGyBtDtAyBtGyDtCyCyEtGyCtD0E0ByEyEyDtA0DyCzy0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0Czz0AyB0EzztG0FzytCtAtGyEtDtDtCtGzytCyC0EtGtCyE0C0CtC0CtAtB0DyE0AyD2QtN0A0LzuyE%26cr%3D1518034983%26a%3Dwncy_ir_16_03%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_03¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutByEtDyDtD0FyE0DyBzz0AtAtAyEyB0CtN0D0Tzu0StCyEzztCtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEzz0CtAtDzy0CzytGtAyE0E0EtGyBtDtAyBtGyDtCyCyEtGyCtD0E0ByEyEyDtA0DyCzy0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0Czz0AyB0EzztG0FzytCtAtGyEtDtDtCtGzytCyC0EtGtCyE0C0CtC0CtAtB0DyE0AyD2QtN0A0LzuyE%26cr%3D1518034983%26a%3Dwncy_ir_16_03%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms}
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_13¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDtBtB0E0AtAtBtCzytAyEyB0CtN0D0Tzu0StCyDyEzztN1L2XzutAtFtCzytFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StByDzy0DtBzytCyCtGyC0A0F0FtGyDtAyB0FtGtD0FtByCtGtBtDtByEtC0DyBzy0ByE0Bzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EyEtDyCtD0B0FtGzztAtCyBtGyEtCtCyBtGzztCtBtDtGzy0C0EyCzz0Ezz0CtAyCyEyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByDyB%26cr%3D475531686%26a%3Dwncy_ir_16_13%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms}
SearchScopes: HKLM -> {6586d803-df30-46d3-a89a-4136c8571d45} URL = hxxp://www.palikan.com/results.php?f=4&a=plk_ir_16_03&cd=2XzuyEtN2Y1L1QzutByEtDyDtD0FyE0DyBzz0AtAtAyEyB0CtN0D0Tzu0StCyEzzyEtN1L2XzutAtFtCyBtFyEtFtDtN1L1Czu1RtN1L1G1B1V1N2Y1L1Qzu2StC0B0D0FtC0E0FtCtGtCtB0EtBtGzztByDyEtGtB0B0AzytGyByE0DtAtDtCtB0CzyzztByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0Czz0AyB0EzztG0FzytCtAtGyEtDtDtCtGzytCyC0EtGtCyE0C0CtC0CtAtB0DyE0AyD2QtN0A0LzuyE&cr=309377472&ir=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1159380290-3088336871-3338150919-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_03¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutByEtDyDtD0FyE0DyBzz0AtAtAyEyB0CtN0D0Tzu0StCyEzztCtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEzz0CtAtDzy0CzytGtAyE0E0EtGyBtDtAyBtGyDtCyCyEtGyCtD0E0ByEyEyDtA0DyCzy0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0Czz0AyB0EzztG0FzytCtAtGyEtDtDtCtGzytCyC0EtGtCyE0C0CtC0CtAtB0DyE0AyD2QtN0A0LzuyE%26cr%3D1518034983%26a%3Dwncy_ir_16_03%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1159380290-3088336871-3338150919-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_03¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutByEtDyDtD0FyE0DyBzz0AtAtAyEyB0CtN0D0Tzu0StCyEzztCtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEzz0CtAtDzy0CzytGtAyE0E0EtGyBtDtAyBtGyDtCyCyEtGyCtD0E0ByEyEyDtA0DyCzy0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0Czz0AyB0EzztG0FzytCtAtGyEtDtDtCtGzytCyC0EtGtCyE0C0CtC0CtAtB0DyE0AyD2QtN0A0LzuyE%26cr%3D1518034983%26a%3Dwncy_ir_16_03%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1159380290-3088336871-3338150919-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_13¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDtBtB0E0AtAtBtCzytAyEyB0CtN0D0Tzu0StCyDyEzztN1L2XzutAtFtCzytFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StByDzy0DtBzytCyCtGyC0A0F0FtGyDtAyB0FtGtD0FtByCtGtBtDtByEtC0DyBzy0ByE0Bzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EyEtDyCtD0B0FtGzztAtCyBtGyEtCtCyBtGzztCtBtDtGzy0C0EyCzz0Ezz0CtAyCyEyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByDyB%26cr%3D475531686%26a%3Dwncy_ir_16_13%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1159380290-3088336871-3338150919-1001 -> {6586d803-df30-46d3-a89a-4136c8571d45} URL = hxxp://www.palikan.com/results.php?f=4&a=plk_ir_16_03&cd=2XzuyEtN2Y1L1QzutByEtDyDtD0FyE0DyBzz0AtAtAyEyB0CtN0D0Tzu0StCyEzzyEtN1L2XzutAtFtCyBtFyEtFtDtN1L1Czu1RtN1L1G1B1V1N2Y1L1Qzu2StC0B0D0FtC0E0FtCtGtCtB0EtBtGzztByDyEtGtB0B0AzytGyByE0DtAtDtCtB0CzyzztByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0Czz0AyB0EzztG0FzytCtAtGyEtDtDtCtGzytCyC0EtGtCyE0C0CtC0CtAtB0DyE0AyD2QtN0A0LzuyE&cr=309377472&ir=&q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-02-21] (Internet Download Manager, Tonec Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-01-30] (AVAST Software)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-02-21] (Internet Download Manager, Tonec Inc.)
BHO-x32: EGet Class -> {1E871FF8-029C-4732-8AA7-39E3D3872057} -> C:\Program Files (x86)\EagleGet\eagleSniffer.dll [2016-03-12] (EagleGet.com)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-21] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-01-30] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-21] (Oracle Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Levi\AppData\Roaming\Mozilla\Firefox\Profiles\fmxzcx1u.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Search Provided by Yahoo
FF Homepage: hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_13¶m1=1¶m2=f%3D1%26b%3DFirefox%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDtBtB0E0AtAtBtCzytAyEyB0CtN0D0Tzu0StCyDyEzztN1L2XzutAtFtCzytFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StByDzy0DtBzytCyCtGyC0A0F0FtGyDtAyB0FtGtD0FtByCtGtBtDtByEtC0DyBzy0ByE0Bzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EyEtDyCtD0B0FtGzztAtCyBtGyEtCtCyBtGzztCtBtDtGzy0C0EyCzz0Ezz0CtAyCyEyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByDyB%26cr%3D475531686%26a%3Dwncy_ir_16_13%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-21] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-21] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-1159380290-3088336871-3338150919-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Levi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-02-19] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1159380290-3088336871-3338150919-1001: eagleget.com/EagleGet32 -> C:\Program Files (x86)\EagleGet\npEagleget.dll [2016-03-12] (EagleGet)
FF Plugin HKU\S-1-5-21-1159380290-3088336871-3338150919-1001: eagleget.com/EagleGet64 -> C:\Program Files (x86)\EagleGet\npEagleget64.dll [2016-03-12] (EagleGet)
FF Plugin HKU\S-1-5-21-1159380290-3088336871-3338150919-1001: eagleget.com/EagleGet64_x86_64 -> C:\Program Files (x86)\EagleGet\npEagleget64.dll [2016-03-12] (EagleGet)
FF user.js: detected! => C:\Users\Levi\AppData\Roaming\Mozilla\Firefox\Profiles\fmxzcx1u.default\user.js [2016-04-01]
FF SearchPlugin: C:\Users\Levi\AppData\Roaming\Mozilla\Firefox\Profiles\fmxzcx1u.default\searchplugins\Search Provided by Yahoo.xml [2016-03-28]
FF Extension: EagleGet Free Downloader - C:\Users\Levi\AppData\Roaming\Mozilla\Firefox\Profiles\fmxzcx1u.default\Extensions\eagleget_ffext@eagleget.com.xpi [2016-03-17]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-30]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-01-30]
FF HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Levi\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Levi\AppData\Roaming\IDM\idmmzcc5 [2016-04-23] [não assinado]
FF HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Levi\AppData\Roaming\IDM\idmmzcc5
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchKeyword: Default -> google.com.br_
CHR Profile: C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Conexão Mega) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpnbbiimmmmibiefgnhmekkgpnflghn [2016-02-09]
CHR Extension: (Google Docs) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-15]
CHR Extension: (Google Drive) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-15]
CHR Extension: (YouTube) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-15]
CHR Extension: (Google Search) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-15]
CHR Extension: (Deadpool) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejbckhndboacingnelomimpdiohijmm [2016-01-15]
CHR Extension: (Documentos Google off-line) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Super Animes) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\glokngbimckbfigmglafekkfcaflbaef [2016-01-15]
CHR Extension: (Avast Online Security) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-04-06]
CHR Extension: (Desprotetor de Links) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\imcbnnnoghiihopefblgehihofbfbmei [2016-04-22]
CHR Extension: (EagleGet Free Downloader) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaebhgioafceeldhgjmendlfhbfjefmo [2016-04-20]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Gmail) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-15]
CHR HKLM\...\Chrome\Extension: [ljibkigjccbegnbeojkoafejpoiachej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-02]
CHR HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2016-01-14]
CHR HKU\S-1-5-21-1159380290-3088336871-3338150919-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ljibkigjccbegnbeojkoafejpoiachej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-01-30]
CHR HKLM-x32\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2016-01-14]
CHR HKLM-x32\...\Chrome\Extension: [ljibkigjccbegnbeojkoafejpoiachej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-02]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2016-01-30] (AVAST Software)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [243984 2016-02-19] (EasyAntiCheat Ltd)
R2 egGetSvc; C:\Program Files (x86)\EagleGet\EGMonitor.exe [238592 2016-03-12] () [Arquivo não assinado]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-29] (NVIDIA Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-29] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-29] (NVIDIA Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2016-01-14] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [20992 2015-01-21] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-01-26] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-01-26] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2016-01-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2016-01-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2016-01-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2016-01-30] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065720 2016-03-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [464256 2016-01-30] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2016-01-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2016-01-30] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2016-01-14] (DT Soft Ltd)
R3 eagleGet; C:\Windows\System32\Drivers\eagleGet.sys [77624 2016-01-06] (eagleGet)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2016-01-14] (REALiX(tm))
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-04-23 12:01 - 2016-04-23 12:01 - 00000000 ____D C:\FRST
2016-04-23 11:57 - 2016-04-23 11:57 - 00023232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-04-23 07:44 - 2016-04-23 07:44 - 00000000 ____D C:\Users\Levi\AppData\LocalLow\uTorrent
2016-04-21 12:14 - 2016-04-21 12:14 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-04-19 19:03 - 2016-04-21 20:08 - 00000000 ____D C:\Users\Levi\AppData\Local\GeometryDash
2016-04-19 19:03 - 2016-04-19 19:03 - 00000780 _____ C:\Users\Levi\Desktop\GeometryDash - Atalho.lnk
2016-04-17 14:14 - 2016-04-17 14:14 - 00000000 ____D C:\Users\Levi\Documents\League of Legends
2016-04-17 13:57 - 2016-04-17 13:57 - 00000000 ____D C:\Users\Levi\AppData\Roaming\LolClient
2016-04-13 16:49 - 2016-04-13 16:49 - 00000000 ____D C:\Users\Levi\Downloads\[SceneLovers]-Resident.Evil.Condenacao.BDRip.XviD.Dual.Audio-3LT0N
2016-04-13 14:37 - 2016-04-13 14:37 - 00000000 ____D C:\Users\Levi\AppData\Roaming\Ashampoo
2016-04-13 14:30 - 2016-04-13 14:37 - 00000000 ____D C:\Users\Levi\AppData\Local\ashampoo
2016-04-13 14:30 - 2016-04-13 14:30 - 00002299 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 11 Compact Mode.lnk
2016-04-13 14:30 - 2016-04-13 14:30 - 00001343 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 11.lnk
2016-04-13 14:30 - 2016-04-13 14:30 - 00000000 ____D C:\Users\Todos os Usuários\ashampoo
2016-04-13 14:30 - 2016-04-13 14:30 - 00000000 ____D C:\Users\Levi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ashampoo
2016-04-13 14:30 - 2016-04-13 14:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2016-04-13 14:30 - 2016-04-13 14:30 - 00000000 ____D C:\ProgramData\ashampoo
2016-04-13 14:30 - 2016-04-13 14:30 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2016-04-12 16:46 - 2016-04-12 16:46 - 00000756 _____ C:\Users\Public\Desktop\Line Of Sight.lnk
2016-04-12 16:46 - 2016-04-12 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Line Of Sight
2016-04-10 14:37 - 2016-04-10 14:37 - 00001290 _____ C:\Users\Levi\Desktop\The Sims 4 - Atalho.lnk
2016-04-10 14:35 - 2016-04-10 14:35 - 00000000 ____D C:\Users\Public\Documents\DAEMON Tools Images
2016-04-10 11:45 - 2016-04-10 11:45 - 00000000 ____D C:\Users\Levi\AppData\Local\Macromedia
2016-04-10 09:09 - 2016-04-10 09:09 - 00000000 ____D C:\Users\Levi\AppData\Local\mslug3
2016-04-09 12:29 - 2016-04-09 12:29 - 00001586 _____ C:\Users\Levi\Desktop\NewDayOnTheZombiesWorld - Atalho.lnk
2016-04-08 13:43 - 2016-04-08 13:43 - 05934784 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-04-07 20:30 - 2016-04-07 20:30 - 00000000 ____D C:\Users\Levi\AppData\LocalLow\Temp
2016-04-06 18:38 - 2016-04-06 18:38 - 00000000 ____D C:\Users\Levi\AppData\Roaming\fltk.org
2016-04-06 11:47 - 2016-04-06 11:47 - 00000219 _____ C:\Users\Levi\Desktop\Dungeon Defenders II.url
2016-04-05 18:36 - 2015-08-06 10:36 - 00608448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COMCTL32.OCX
2016-04-05 18:36 - 2015-08-06 10:36 - 00212240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RICHTX32.OCX
2016-04-05 18:36 - 2015-08-06 10:36 - 00164144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comct232.ocx
2016-04-05 18:36 - 2015-08-06 10:36 - 00152848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
2016-04-05 18:36 - 2015-08-06 10:36 - 00109248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswinsck.ocx
2016-04-05 18:36 - 2015-08-06 10:36 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2016-04-05 18:36 - 2001-04-05 05:43 - 00094208 ___RS (Microsoft Corporation) C:\Windows\SysWOW64\msstkprp.dll
2016-04-04 22:03 - 2016-04-04 22:03 - 00001390 _____ C:\Users\Levi\Desktop\MercenaryKings - Atalho.lnk
2016-04-04 21:59 - 2016-04-04 21:59 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2016-04-04 21:59 - 2016-04-04 21:59 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2016-04-04 21:59 - 2016-04-04 21:59 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2016-04-04 21:59 - 2016-04-04 21:59 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2016-04-04 21:59 - 2016-04-04 21:59 - 00000000 ____D C:\Program Files (x86)\OpenAL
2016-04-04 21:57 - 2016-04-04 21:57 - 00000000 ____D C:\Users\Levi\Documents\Tribute Games
2016-04-04 20:54 - 2016-04-04 20:54 - 00000323 _____ C:\Users\Levi\Downloads\Mercenary Kings Downloadlink.txt
2016-04-04 20:00 - 2016-04-04 20:00 - 00000000 ____D C:\Users\Levi\Documents\AKIBA'S TRIP
2016-04-03 17:49 - 2016-04-03 17:49 - 00000835 _____ C:\Users\Public\Desktop\The Witcher 2 Assassins of Kings.lnk
2016-04-03 17:49 - 2016-04-03 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 2 Assassins of Kings
2016-04-03 16:25 - 2016-04-03 16:25 - 00001463 _____ C:\Users\Levi\Desktop\SlimeRancher - Atalho.lnk
2016-04-03 11:51 - 2015-04-13 12:19 - 00000000 ____D C:\Users\Levi\Downloads\Mighty Number 9
2016-04-01 21:03 - 2016-04-01 21:03 - 00001177 _____ C:\Users\Levi\Desktop\Shank2 - Atalho.lnk
2016-04-01 18:10 - 2016-03-21 23:10 - 00112184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-04-01 18:05 - 2016-03-22 01:12 - 42923576 _____ C:\Windows\system32\nvcompiler.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 37567424 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 31555008 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 25321408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 21355248 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 20897416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 19004040 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 17748712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 17342392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 17248408 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 16446032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 14128840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 12567608 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-04-01 18:05 - 2016-03-22 01:12 - 10550736 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 08659472 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 03714472 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 03286992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 03235896 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 02809280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436472.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436472.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00959544 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00889400 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00879000 _____ C:\Windows\system32\nvmcumd.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00753208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00695864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00678520 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00571912 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00473592 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00391632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00129208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-04-01 18:05 - 2016-03-22 01:12 - 00037091 _____ C:\Windows\system32\nvinfo.pb
2016-04-01 18:05 - 2016-03-22 01:12 - 00000139 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-04-01 18:05 - 2016-03-22 01:12 - 00000139 _____ C:\Windows\system32\nv-vk64.json
2016-04-01 16:48 - 2016-03-29 22:06 - 01373680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-04-01 16:48 - 2016-03-29 22:05 - 01767248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-04-01 16:47 - 2016-04-01 18:08 - 00000000 ____D C:\Windows\LastGood
2016-04-01 16:47 - 2016-03-21 17:01 - 00109632 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-04-01 16:47 - 2016-03-21 17:01 - 00100416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-04-01 16:47 - 2016-03-21 17:01 - 00056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-04-01 13:59 - 2016-04-01 13:59 - 00003360 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Durval
2016-04-01 13:46 - 2016-04-01 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-03-31 21:02 - 2016-03-31 21:02 - 00000000 ____D C:\GOG Games
2016-03-31 18:06 - 2016-03-31 18:06 - 00000000 ____D C:\Users\Levi\AppData\Roaming\SmartSteamEmu
2016-03-30 21:49 - 2014-10-20 14:12 - 00099432 _____ (hxxp://x360ce.googlecode.com) C:\Windows\system32\xinput1_3.dll
2016-03-30 21:43 - 2012-08-30 13:15 - 00421200 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll
2016-03-30 21:43 - 2012-08-17 10:38 - 00773968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2016-03-30 21:39 - 2016-04-02 21:39 - 00000308 _____ C:\Windows\Tasks\DLL-files.com Fixer_UPDATES.job
2016-03-30 21:39 - 2016-03-31 13:36 - 00000292 _____ C:\Windows\Tasks\DLL-files.com Fixer_MONTHLY.job
2016-03-30 21:39 - 2016-03-30 21:39 - 00003026 _____ C:\Windows\System32\Tasks\DLL-files.com Fixer_UPDATES
2016-03-30 21:39 - 2016-03-30 21:39 - 00003012 _____ C:\Windows\System32\Tasks\DLL-files.com Fixer_MONTHLY
2016-03-30 21:39 - 2016-03-30 21:39 - 00002044 _____ C:\Users\Levi\Desktop\DLL-Files.com FIXER.lnk
2016-03-30 21:39 - 2016-03-30 21:39 - 00000000 ____D C:\Users\Levi\AppData\Roaming\dll-files.com
2016-03-30 21:39 - 2016-03-30 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files.com Fixer
2016-03-30 21:39 - 2016-03-30 21:39 - 00000000 ____D C:\Program Files (x86)\Dll-Files.com Fixer
2016-03-30 21:36 - 2016-03-30 21:36 - 00000000 ____D C:\Users\Levi\Downloads\Dll-files + Crack
2016-03-30 21:35 - 2016-03-30 21:35 - 03543466 _____ C:\Users\Levi\Downloads\Dll-files + Crack.zip
2016-03-30 20:14 - 2016-03-30 20:14 - 00000000 ____D C:\Users\Levi\AppData\Local\Deployment
2016-03-30 20:14 - 2016-03-30 20:14 - 00000000 ____D C:\Users\Levi\AppData\Local\Apps\2.0
2016-03-30 19:25 - 2016-03-30 19:25 - 00000759 _____ C:\Users\Levi\Desktop\Dragonball Xenoverse.lnk
2016-03-30 19:25 - 2016-03-30 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragonball Xenoverse
2016-03-30 18:54 - 2016-03-30 18:54 - 00000000 ___HD C:\Users\Levi\Documents\HU10KKRRSHS0397E0A
2016-03-30 18:47 - 2016-04-23 07:46 - 00002872 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Durval)
2016-03-30 18:44 - 2016-03-30 18:44 - 00000000 ____D C:\Users\Levi Neto\AppData\Local\NVIDIA Corporation
2016-03-30 18:42 - 2016-03-30 18:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-30 18:42 - 2016-03-30 18:42 - 00000000 ___RD C:\Users\Levi\SkyDrive
2016-03-29 18:33 - 2016-04-05 19:35 - 00000000 ____D C:\Users\Levi\AppData\Local\ApplicationHistory
2016-03-29 18:33 - 2016-03-29 18:33 - 00000092 _____ C:\Users\Levi\AppData\Local\fusioncache.dat
2016-03-29 18:31 - 2016-03-29 18:31 - 00000000 ____D C:\Users\Todos os Usuários\X360CE
2016-03-29 18:31 - 2016-03-29 18:31 - 00000000 ____D C:\ProgramData\X360CE
2016-03-29 17:48 - 2016-04-14 16:06 - 00000000 ____D C:\Users\Levi\Desktop\Minhas Musicas
2016-03-28 22:52 - 2016-03-28 22:52 - 00000000 ____D C:\Users\Todos os Usuários\McAfee
2016-03-28 22:52 - 2016-03-28 22:52 - 00000000 ____D C:\ProgramData\McAfee
2016-03-28 19:05 - 2016-03-28 19:05 - 00000000 ____D C:\Users\Levi\AppData\Roaming\MK10
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-04-23 12:00 - 2016-01-16 12:18 - 00000000 ____D C:\Users\Levi\AppData\Roaming\uTorrent
2016-04-23 11:55 - 2016-01-24 22:16 - 00000000 ____D C:\Users\Levi\AppData\Local\CrashDumps
2016-04-23 11:42 - 2016-03-23 11:40 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-23 11:15 - 2016-01-14 10:58 - 00001090 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-23 08:16 - 2016-01-14 11:16 - 00000000 ____D C:\Users\Levi\AppData\Roaming\DMCache
2016-04-23 07:44 - 2016-01-30 15:35 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-04-23 07:44 - 2016-01-14 10:58 - 00001086 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-23 07:44 - 2016-01-14 10:43 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2016-04-23 07:44 - 2016-01-14 10:43 - 00000000 ____D C:\ProgramData\ProductData
2016-04-23 07:43 - 2016-01-14 10:25 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2016-04-23 07:43 - 2016-01-14 10:25 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-23 07:43 - 2016-01-14 10:05 - 00000000 ____D C:\Users\Levi
2016-04-23 07:43 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-21 20:37 - 2016-01-14 10:10 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1159380290-3088336871-3338150919-1001
2016-04-21 12:15 - 2016-01-15 13:42 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2016-04-21 12:15 - 2016-01-15 13:42 - 00000000 ____D C:\ProgramData\Oracle
2016-04-21 12:14 - 2016-03-06 15:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-21 12:14 - 2016-03-06 15:49 - 00000000 ____D C:\Program Files (x86)\Java
2016-04-21 12:14 - 2016-01-15 13:42 - 00000000 ____D C:\Users\Levi\.oracle_jre_usage
2016-04-21 08:54 - 2016-03-15 14:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-21 08:54 - 2016-03-15 14:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-18 17:40 - 2016-03-23 08:12 - 00000000 ____D C:\Users\Public\Documents\WinDS PRO
2016-04-13 15:59 - 2016-01-14 10:09 - 00005686 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-13 15:59 - 2013-08-31 13:31 - 01177026 _____ C:\Windows\system32\prfh0416.dat
2016-04-13 15:59 - 2013-08-31 13:31 - 00538414 _____ C:\Windows\system32\prfc0416.dat
2016-04-12 16:48 - 2016-01-16 12:30 - 00000000 ____D C:\Users\Levi\AppData\Roaming\NVIDIA
2016-04-12 14:19 - 2016-03-23 11:36 - 00268352 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2016-04-12 10:05 - 2016-01-14 11:00 - 00002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-12 10:05 - 2016-01-14 11:00 - 00002201 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-10 14:30 - 2016-01-15 21:45 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-04-10 14:30 - 2016-01-15 21:44 - 00000000 ____D C:\Program Files\Rockstar Games
2016-04-10 11:09 - 2016-01-14 10:59 - 00000000 ____D C:\Users\Todos os Usuários\KMSAutoS
2016-04-10 11:09 - 2016-01-14 10:59 - 00000000 ____D C:\ProgramData\KMSAutoS
2016-04-08 13:43 - 2016-03-23 11:40 - 00003790 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-07 18:09 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\Inf
2016-04-06 11:47 - 2016-01-30 14:57 - 00000000 ____D C:\Users\Levi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-04-05 18:39 - 2016-02-19 14:54 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-05 18:36 - 2016-03-22 16:40 - 00119296 _____ C:\Windows\SysWOW64\zlib.dll
2016-04-05 18:36 - 2016-02-17 18:14 - 00000000 ____D C:\Users\Levi Neto
2016-04-05 08:11 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\AppReadiness
2016-04-04 22:22 - 2013-08-22 10:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-04-03 18:09 - 2016-01-21 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tribo Gamer
2016-04-03 18:06 - 2016-01-14 11:16 - 00000000 ____D C:\Users\Levi\AppData\Roaming\IDM
2016-04-03 17:27 - 2016-01-21 15:15 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-04-03 15:35 - 2016-02-19 18:10 - 00000000 ____D C:\Users\Levi\AppData\Roaming\Media Player Classic
2016-04-03 11:53 - 2016-01-15 21:48 - 00000000 ____D C:\Users\Levi\Documents\My Games
2016-04-01 20:24 - 2016-01-14 11:00 - 00000000 ____D C:\Users\Levi\AppData\Roaming\DAEMON Tools Pro
2016-04-01 18:11 - 2016-01-14 10:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-04-01 18:11 - 2016-01-14 10:25 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA Corporation
2016-04-01 18:11 - 2016-01-14 10:25 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-04-01 18:07 - 2016-01-14 10:24 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-04-01 16:48 - 2016-01-14 10:28 - 00001397 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-04-01 14:17 - 2016-01-14 10:43 - 00000000 ____D C:\Users\Todos os Usuários\IObit
2016-04-01 14:17 - 2016-01-14 10:43 - 00000000 ____D C:\Users\Levi\AppData\Roaming\IObit
2016-04-01 14:17 - 2016-01-14 10:43 - 00000000 ____D C:\ProgramData\IObit
2016-04-01 14:17 - 2016-01-14 10:43 - 00000000 ____D C:\Program Files (x86)\IObit
2016-04-01 14:04 - 2016-01-30 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-04-01 14:04 - 2016-01-14 15:57 - 00000000 ____D C:\Windows\Panther
2016-03-31 21:39 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\System
2016-03-31 21:31 - 2016-02-17 18:21 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1159380290-3088336871-3338150919-1002
2016-03-31 20:16 - 2013-08-22 12:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-31 20:13 - 2016-02-17 18:14 - 00000000 ____D C:\Users\Levi Neto\AppData\Local\Packages
2016-03-30 21:59 - 2016-01-14 11:28 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-30 18:48 - 2016-02-17 18:22 - 00000000 ____D C:\Users\Levi Neto\.oracle_jre_usage
2016-03-30 18:16 - 2016-01-14 10:43 - 00003236 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2016-03-30 18:16 - 2016-01-14 10:43 - 00002868 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Levi)
2016-03-29 22:06 - 2016-01-14 10:26 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-03-29 22:05 - 2016-01-16 13:55 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-03-29 22:05 - 2016-01-14 10:26 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-03-28 19:15 - 2016-01-21 13:55 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-03-28 19:15 - 2016-01-21 13:55 - 00000372 __RSH C:\ProgramData\ntuser.pol
==================== Arquivos na raiz de alguns diretórios =======
2016-01-21 14:55 - 2016-01-31 15:25 - 0000093 _____ () C:\Users\Levi\AppData\Roaming\WB.CFG
2016-03-29 18:33 - 2016-03-29 18:33 - 0000092 _____ () C:\Users\Levi\AppData\Local\fusioncache.dat
Alguns arquivos em TEMP:
====================
C:\Users\Levi\AppData\Local\Temp\ICReinstall_Office_2013_Completo_em_Portugues_PT_BR.exe
C:\Users\Levi\AppData\Local\Temp\ICReinstall_setup.exe
C:\Users\Levi\AppData\Local\Temp\jre-8u91-windows-au.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-04-18 18:37
==================== Fim de FRST.txt ============================