Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-06-2016
Ran by GAMES (administrator) on GAMES-PC (28-06-2016 20:24:53)
Running from C:\Users\GAMES\Downloads
Loaded Profiles: GAMES (Available Profiles: GAMES)
Platform: Windows 7 Ultimate (X64) Language: Português (Portugal)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\SysWOW64\ANIWConnService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files (x86)\HDD Regenerator\hrsrv.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccsvchst.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(CMD SOFTWARES) C:\Users\GAMES\AppData\Local\UFIWHPUI\UGHIGUI.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(PowerISO Computing, Inc.) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(D-Link Corp.) C:\Program Files (x86)\D-Link\D-Link Wireless G DWA-510\AirGCFG.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccsvchst.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\MegaDownloader\MegaDownloader.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [307200 2011-06-15] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [ANIWZCS2Service] => C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
HKLM-x32\...\Run: [D-Link D-Link Wireless G DWA-510] => C:\Program Files (x86)\D-Link\D-Link Wireless G DWA-510\AirGCFG.exe [1708032 2009-09-23] (D-Link Corp.)
HKLM-x32\...\Run: [WZCSLDR2] => C:\Program Files (x86)\D-Link\D-Link Wireless G DWA-510\WZCSLDR2.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [HDD Regenerator] => C:\Program Files (x86)\HDD Regenerator\Shell.exe [90336 2013-05-08] ()
HKU\S-1-5-21-1078521506-908536720-2966548903-1000\...\Run: [UGHIGUI] => C:\Users\GAMES\AppData\Local\UFIWHPUI\UGHIGUI.exe [28954112 2015-07-13] (CMD SOFTWARES)
HKU\S-1-5-21-1078521506-908536720-2966548903-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-1078521506-908536720-2966548903-1000\...\Run: [Driver Manager] => C:\Users\GAMES\AppData\Local\Temp\ProcessEX.exe <===== ATTENTION
HKU\S-1-5-21-1078521506-908536720-2966548903-1000\...\MountPoints2: E - E:\setup.exe
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\5.2.2.3\buShell.dll [2011-03-25] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\5.2.2.3\buShell.dll [2011-03-25] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\5.2.2.3\buShell.dll [2011-03-25] (Symantec Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{28854566-EA74-49E6-86FE-B4851A0F78F5}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-1078521506-908536720-2966548903-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dregol.com/?f=1&a=drg_ggbg_15_30&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyDyCtDtAyByC0E0FyByCtCtN0D0Tzu0StCtBzytDtN1L2XzutAtFtCtCtFtAtFtBtN1L1Czu1OtN1L1G1B1V1N2Y1L1Qzu2StA0CyE0DyDtDtBtCtGyDzz0BzytG0ByBtD0BtGtAtAtC0EtGzzyByDtAtCyB0F0F0FyE0AyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtB0A0FyEyE0D0FtG0DyC0D0AtGyEyB0D0EtG0ByD0AtAtGtB0AtAtAyE0CyCtCtBzy0E0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzuzzyCtB&cr=1018220341&ir=
SearchScopes: HKU\S-1-5-21-1078521506-908536720-2966548903-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_ggbg_15_30&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyDyCtDtAyByC0E0FyByCtCtN0D0Tzu0StCtBzytDtN1L2XzutAtFtCtCtFtAtFtBtN1L1Czu1OtN1L1G1B1V1N2Y1L1Qzu2StA0CyE0DyDtDtBtCtGyDzz0BzytG0ByBtD0BtGtAtAtC0EtGzzyByDtAtCyB0F0F0FyE0AyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtB0A0FyEyE0D0FtG0DyC0D0AtGyEyB0D0EtG0ByD0AtAtGtB0AtAtAyE0CyCtCtBzy0E0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzuzzyCtB&cr=1018220341&ir=
SearchScopes: HKU\S-1-5-21-1078521506-908536720-2966548903-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_ggbg_15_30&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyDyCtDtAyByC0E0FyByCtCtN0D0Tzu0StCtBzytDtN1L2XzutAtFtCtCtFtAtFtBtN1L1Czu1OtN1L1G1B1V1N2Y1L1Qzu2StA0CyE0DyDtDtBtCtGyDzz0BzytG0ByBtD0BtGtAtAtC0EtGzzyByDtAtCyB0F0F0FyE0AyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtB0A0FyEyE0D0FtG0DyC0D0AtGyEyB0D0EtG0ByD0AtAtGtB0AtAtAyE0CyCtCtBzy0E0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzuzzyCtB&cr=1018220341&ir=
SearchScopes: HKU\S-1-5-21-1078521506-908536720-2966548903-1000 -> {D1217C8D-7C44-42F8-95E7-37BCC87C5231} URL = hxxps://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=435371&p={searchTerms}
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2015-10-19] (pdfforge GmbH)
BHO-x32: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\IPS\IPSBHO.DLL [2011-03-31] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-16] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-16] (Oracle Corporation)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2015-10-19] (pdfforge GmbH)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-1078521506-908536720-2966548903-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\GAMES\AppData\Roaming\Mozilla\Firefox\Profiles\ac1zy8gg.default
FF DefaultSearchEngine: Ask Web Search
FF SelectedSearchEngine: Ask Web Search
FF Homepage: hxxp://www.google.com.br/
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-16] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-17] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2015-10-19] (pdfforge GmbH)
FF SearchPlugin: C:\Users\GAMES\AppData\Roaming\Mozilla\Firefox\Profiles\ac1zy8gg.default\searchplugins\ask-web-search.xml [2016-01-07]
FF SearchPlugin: C:\Users\GAMES\AppData\Roaming\Mozilla\Firefox\Profiles\ac1zy8gg.default\searchplugins\dregol.xml [2015-07-14]
FF SearchPlugin: C:\Users\GAMES\AppData\Roaming\Mozilla\Firefox\Profiles\ac1zy8gg.default\searchplugins\yahoo_ff.xml [2015-07-17]
FF Extension: MEGA - C:\Users\GAMES\AppData\Roaming\Mozilla\Firefox\Profiles\ac1zy8gg.default\Extensions\firefox@mega.co.nz.xpi [2016-06-25]
FF Extension: PriceFountain - C:\Users\GAMES\AppData\Roaming\Mozilla\Firefox\Profiles\ac1zy8gg.default\Extensions\{b6a94784-0ffb-4121-88c6-435139067ee2}.xpi [2015-07-14] [not signed]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: PDF Architect 4 Creator - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2015-12-04] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_13_2
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_13_2 [2016-06-28] [not signed]
Chrome:
=======
CHR Profile: C:\Users\GAMES\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\GAMES\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-24]
CHR Extension: (Google Docs) - C:\Users\GAMES\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-24]
CHR Extension: (Google Drive) - C:\Users\GAMES\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-24]
CHR Extension: (YouTube) - C:\Users\GAMES\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-24]
CHR Extension: (Tweeter) - C:\Users\GAMES\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfmbfdpdipmkjeebhpmbalplhfkfhcef [2016-05-07]
CHR Extension: (Google Search) - C:\Users\GAMES\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-24]
CHR Extension: (Planilhas do Google) - C:\Users\GAMES\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-24]
CHR Extension: (Documentos Google off-line) - C:\Users\GAMES\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-13]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\GAMES\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-23]
CHR Extension: (Gmail) - C:\Users\GAMES\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-24]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ANIWConnService; C:\Windows\SysWOW64\ANIWConnService.exe [151552 2009-07-07] () [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-17] (NVIDIA Corporation)
R2 hddrsrv; C:\Program Files (x86)\HDD Regenerator\hrsrv.exe [82144 2013-05-08] ()
R2 N360; C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe [130008 2011-04-16] (Symantec Corporation)
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [724992 2006-10-09] (Nero AG) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-17] (NVIDIA Corporation)
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2015-10-19] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2015-10-19] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2015-10-19] (pdfforge GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20160627.001\BHDrvx64.sys [1832176 2016-05-12] (Symantec Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-05-04] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156912 2016-05-04] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20160628.001\IDSvia64.sys [876248 2016-05-24] (Symantec Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [115272 2012-03-25] (MotioninJoy) [File not signed]
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20160628.001\ENG64.SYS [138456 2016-06-06] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20160628.001\EX64.SYS [2148056 2016-06-06] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 RT61; C:\Windows\System32\DRIVERS\rt61.sys [438784 2009-06-02] (Ralink Technology, Corp.)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\0502020.003\SRTSP64.SYS [744568 2011-03-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\0502020.003\SRTSPX64.SYS [40568 2011-03-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\0502020.003\SYMDS64.SYS [450680 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\0502020.003\SYMEFA64.SYS [912504 2011-03-14] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2015-12-28] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS [171128 2010-11-15] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\0502020.003\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Three Months Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-28 20:21 - 2016-06-28 20:24 - 00018486 _____ C:\Users\GAMES\Downloads\FRST.txt
2016-06-28 20:21 - 2016-06-28 20:22 - 00031119 _____ C:\Users\GAMES\Downloads\Addition.txt
2016-06-28 20:19 - 2016-06-28 20:24 - 00000000 ____D C:\FRST
2016-06-28 20:19 - 2016-06-28 20:19 - 02389504 _____ (Farbar) C:\Users\GAMES\Downloads\FRST64.exe
2016-06-28 20:03 - 2016-06-28 20:04 - 14572000 _____ (Microsoft Corporation) C:\Users\GAMES\Downloads\vc_redist.x64.exe
2016-06-28 20:02 - 2015-05-29 10:28 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-06-28 20:01 - 2016-06-28 20:01 - 00003143 _____ C:\Users\GAMES\Desktop\api-ms-win-crt-runtime-l1-1-0.zip
2016-06-28 19:53 - 2016-06-28 19:53 - 304823856 _____ C:\Users\GAMES\Downloads\Não confirmado 227105.crdownload
2016-06-28 19:43 - 2016-06-28 20:19 - 846447262 _____ C:\Users\GAMES\Downloads\Turok - Evolution (USA)[FertingaX360].7z
2016-06-28 19:43 - 2016-06-28 19:43 - 00000000 _____ C:\Users\GAMES\Desktop\FertingaX360.txt
2016-06-28 19:29 - 2016-06-28 19:29 - 00243054 _____ C:\Users\GAMES\Downloads\GC-Legend of Zelda, The - The Wind Waker (EUR-PAL) (T-BR) (T-Lucjedi G-Trans-Center)(0.1 2006).zip
2016-06-28 19:24 - 2016-06-28 19:24 - 00507198 _____ C:\Users\GAMES\Downloads\[GC] The Legend of Zelda - Twilight Princess (USA-NTSC) [T-BR] [T-Lucjedi e MajinBatata G-Trans-Center] [V-1.0 A-2009].zip
2016-06-28 19:24 - 2016-06-28 19:24 - 00243054 _____ C:\Users\GAMES\Downloads\[GC] The Legend of Zelda - The Wind Waker (EUR-PAL) [T-BR] [T-Lucjedi G-Trans-Center] [V-0.1 beta A-2006].zip
2016-06-28 19:23 - 2016-06-28 19:23 - 00269254 _____ C:\Users\GAMES\Downloads\[GC] The Legend of Zelda - The Wind Waker (USA-NTSC) [T-BR] [T-Lucjedi G-Trans-Center] [V-0.2 beta A-2009].zip
2016-06-28 19:16 - 2016-06-28 19:16 - 391030602 _____ C:\Users\GAMES\Downloads\Não confirmado 366968.crdownload
2016-06-28 19:10 - 2016-06-28 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin
2016-06-28 19:10 - 2016-06-28 19:12 - 00000000 ____D C:\Program Files\Dolphin
2016-06-28 19:10 - 2016-06-28 19:10 - 00000832 _____ C:\Users\Public\Desktop\Dolphin.lnk
2016-06-26 20:51 - 2016-06-26 20:51 - 00000000 ____D C:\Users\GAMES\Documents\PCSX2
2016-06-26 20:50 - 2016-06-26 20:51 - 00000000 ____D C:\Program Files (x86)\PCSX2 1.2.1
2016-06-26 20:50 - 2016-06-26 20:50 - 00002021 _____ C:\Users\Public\Desktop\PCSX2 1.2.1 (r5875).lnk
2016-06-26 20:50 - 2016-06-26 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2016-06-26 14:10 - 2016-06-28 19:06 - 00000000 ____D C:\Users\GAMES\Desktop\ppsspp
2016-06-26 14:00 - 2016-06-26 14:00 - 00000000 ____D C:\Users\GAMES\Downloads\Minecraft 1.8.4 by TeamExtremeMc.com
2016-06-26 10:33 - 2016-06-26 10:33 - 01132306 _____ C:\Users\GAMES\Downloads\UMDGen_v4.00.rar
2016-06-26 10:33 - 2016-06-26 10:33 - 01132306 _____ C:\Users\GAMES\Desktop\UMDGen_v4.00.rar
2016-06-25 23:39 - 2016-06-25 23:42 - 00000000 ____D C:\Users\GAMES\Desktop\Fear The Walking Dead 2ª Temporada
2016-06-25 22:49 - 2016-06-25 22:49 - 00295008 _____ C:\Windows\Minidump\062516-34413-01.dmp
2016-06-25 20:44 - 2016-06-24 23:59 - 269058048 _____ C:\Users\GAMES\Desktop\Resident Evil 4 PS2- PT-BR.iso
2016-06-25 19:46 - 2016-06-28 19:07 - 00000000 ____D C:\Users\GAMES\Desktop\Walisson_
2016-06-20 21:11 - 2016-06-20 21:13 - 00000000 ____D C:\Users\GAMES\Desktop\Fear The Walking Dead 1ª Temporada Parte 1 (2015) WEB-DL 720p Dual Áudio - WWW.THEPIRATEFILMES.COM
2016-06-20 16:55 - 2016-06-25 22:49 - 587472747 _____ C:\Windows\MEMORY.DMP
2016-06-20 16:55 - 2016-06-20 16:55 - 00287488 _____ C:\Windows\Minidump\062016-32042-01.dmp
2016-06-16 22:01 - 2016-06-20 15:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-09 22:26 - 2016-06-10 18:41 - 00000000 ____D C:\Users\GAMES\Desktop\demolidor 1 temporada
2016-06-08 19:39 - 2016-06-08 19:43 - 00000000 ____D C:\Users\GAMES\Desktop\Spartacus - Blood and Sand - The Pirate Filmes
2016-06-04 15:38 - 2016-06-04 15:38 - 00019738 _____ C:\Users\GAMES\.recently-used.xbel
2016-05-30 18:53 - 2016-05-30 18:59 - 00000000 ____D C:\Users\GAMES\Desktop\The Walking Dead - 6ª Temporada (2016) Dual Áudio 720p Completo (By-LuanHarper)
2016-05-30 18:48 - 2016-06-14 20:25 - 00000000 ____D C:\Users\GAMES\Desktop\x1
2016-05-27 19:30 - 2016-06-26 10:40 - 00000000 ____D C:\Users\GAMES\Desktop\ps3 b
2016-05-27 18:49 - 2016-05-27 18:49 - 00000462 _____ C:\Users\GAMES\Desktop\Disco Local (E) - Atalho.lnk
2016-05-21 16:04 - 2016-06-04 15:38 - 00000000 ____D C:\Users\GAMES\AppData\Roaming\gtk-2.0
2016-05-21 16:00 - 2016-05-21 16:00 - 00000000 ____D C:\Users\GAMES\.thumbnails
2016-05-21 15:58 - 2016-06-04 15:39 - 00000000 ____D C:\Users\GAMES\.gimp-2.6
2016-05-21 15:58 - 2016-05-21 15:58 - 00000000 ____D C:\Users\GAMES\Documents\gegl-0.0
2016-05-21 15:52 - 2016-05-21 15:52 - 00001131 _____ C:\Users\Public\Desktop\GIMP 2.lnk
2016-05-21 15:52 - 2016-05-21 15:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
2016-05-21 15:52 - 2016-05-21 15:52 - 00000000 ____D C:\Program Files (x86)\GIMP-2.0
2016-05-21 15:50 - 2016-05-21 15:50 - 20240823 _____ C:\Users\GAMES\Desktop\Gimp 2.6.11 (XBCLASSICRP).rar
2016-05-21 15:46 - 2016-05-21 15:46 - 00854937 _____ C:\Users\GAMES\Downloads\OpenBOR_-_v3688.7z
2016-05-15 14:56 - 2016-05-15 14:56 - 00001069 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashFXP.lnk
2016-05-15 14:56 - 2016-05-15 14:56 - 00001057 _____ C:\Users\Public\Desktop\FlashFXP.lnk
2016-05-15 14:56 - 2016-05-15 14:56 - 00000000 ____D C:\ProgramData\FlashFXP
2016-05-15 14:56 - 2016-05-15 14:56 - 00000000 ____D C:\Program Files (x86)\FlashFXP 4
2016-05-15 14:13 - 2016-05-26 14:51 - 00000000 ____D C:\Users\GAMES\AppData\Roaming\FileZilla
2016-05-15 14:13 - 2016-05-15 14:13 - 00001894 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2016-05-15 14:13 - 2016-05-15 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-05-15 14:13 - 2016-05-15 14:13 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2016-05-15 14:10 - 2016-05-15 14:10 - 06522536 _____ (Tim Kosse) C:\Users\GAMES\Downloads\FileZilla_3.17.0.1_win64-setup_bundled.exe
2016-05-13 19:36 - 2016-05-13 19:47 - 00000000 ____D C:\ProgramData\TEMP
2016-05-13 19:35 - 2016-05-13 19:39 - 00000000 ____D C:\Program Files (x86)\HDD Regenerator
2016-05-13 19:35 - 2016-05-13 19:35 - 00002011 _____ C:\Users\Public\Desktop\HDD Regenerator.lnk
2016-05-13 19:35 - 2016-05-13 19:35 - 00000000 ____D C:\Users\GAMES\AppData\Local\Downloaded Installations
2016-05-13 19:35 - 2016-05-13 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Regenerator
2016-05-13 19:34 - 2016-05-13 19:44 - 00000000 ____D C:\Users\GAMES\Downloads\HDD.Regenerator.2011-RES
2016-05-13 19:33 - 2016-05-13 19:35 - 00000000 ____D C:\Users\GAMES\Downloads\HDD_Regenerator_2011
2016-05-12 20:04 - 2016-05-12 20:04 - 05171607 _____ C:\Users\GAMES\Desktop\Flash FXP (XBCLASSICRP).rar
2016-05-12 19:25 - 2016-05-12 19:25 - 00003093 _____ C:\Users\GAMES\Desktop\cxboxtool - Atalho.lnk
2016-05-12 19:24 - 2016-05-12 19:25 - 00000000 ____D C:\Users\GAMES\Documents\C-XBox Tool 2
2016-05-12 19:24 - 2016-05-12 19:24 - 03485578 _____ C:\Users\GAMES\Documents\FILEZILLA_2_2_24B_SETUP.rar
2016-05-12 19:23 - 2016-05-12 19:24 - 02919580 _____ C:\Users\GAMES\Documents\C-XBox Tool 2.rar
2016-05-08 00:09 - 2016-05-08 00:09 - 00077824 _____ ( ) C:\Users\GAMES\Downloads\guiformat.exe
2016-05-07 22:35 - 2016-05-07 22:35 - 00000944 _____ C:\Users\GAMES\Downloads\e89a07ae79 (1).dlc
2016-05-07 22:32 - 2016-05-07 22:32 - 00000944 _____ C:\Users\GAMES\Downloads\e89a07ae79.dlc
2016-05-07 21:17 - 2016-05-07 21:21 - 00000000 ____D C:\Users\GAMES\AppData\Local\MegaDownloader
2016-05-07 21:16 - 2016-05-07 21:16 - 00000920 _____ C:\Users\Public\Desktop\MegaDownloader.lnk
2016-05-07 21:16 - 2016-05-07 21:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaDownloader
2016-05-07 21:16 - 2016-05-07 21:16 - 00000000 ____D C:\Program Files\MegaDownloader
2016-05-07 21:15 - 2016-05-07 21:15 - 02068488 _____ C:\Users\GAMES\Downloads\MgDown v1.7.rar
2016-05-07 19:14 - 2016-06-26 10:24 - 00000000 ___SD C:\Users\GAMES\AppData\LocalLow\Temp
2016-05-07 19:13 - 2016-05-07 19:28 - 00058126 _____ C:\Users\GAMES\Downloads\Download Auto-installer deluxe direct download.pdf
2016-04-29 20:59 - 2016-04-29 21:15 - 00000000 ____D C:\Users\GAMES\Desktop\Under The Dome 3 Temporada
2016-04-29 20:13 - 2016-04-29 20:31 - 00000000 ____D C:\Users\GAMES\AppData\Roaming\ImgBurn
2016-04-29 20:07 - 2016-04-29 20:07 - 00001913 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2016-04-29 20:07 - 2016-04-29 20:07 - 00001901 _____ C:\Users\Public\Desktop\ImgBurn.lnk
2016-04-29 20:07 - 2016-04-29 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2016-04-29 20:07 - 2016-04-29 20:07 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2016-04-29 20:06 - 2016-04-29 20:06 - 03469871 _____ (LIGHTNING UK!) C:\Users\GAMES\Downloads\SetupImgBurn_2.5.8.0(1).exe
2016-04-29 20:05 - 2016-04-29 20:05 - 02300679 _____ C:\Users\GAMES\Downloads\SetupImgBurn_2.5.8.0.exe
2016-04-29 20:02 - 2016-04-29 20:03 - 01623197 _____ C:\Users\GAMES\Downloads\imgburn-2-5-8-0-es-en-win.exe
2016-04-02 16:41 - 2016-04-02 16:41 - 00000000 _____ C:\Users\GAMES\AppData\Local\{38F60A2B-6783-4229-A198-033CB53751D5}
==================== Three Months Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-28 19:42 - 2016-01-24 09:23 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-28 19:11 - 2015-07-10 18:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-28 18:54 - 2009-07-14 01:45 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-28 18:54 - 2009-07-14 01:45 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-28 18:49 - 2016-01-10 10:34 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
2016-06-28 18:47 - 2016-02-13 17:47 - 00000084 _____ C:\Users\GAMES\AppData\Local\UGHIGUI.BIZ
2016-06-28 18:47 - 2016-01-24 09:23 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-28 18:46 - 2015-07-06 18:55 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-28 18:46 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-26 21:07 - 2016-01-08 13:17 - 00000000 ____D C:\Users\GAMES\AppData\Local\CrashDumps
2016-06-26 20:50 - 2015-07-18 14:56 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-06-26 20:50 - 2015-07-18 14:56 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-06-26 17:56 - 2009-07-14 01:45 - 00274824 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-26 15:29 - 2015-12-25 17:19 - 00000000 ____D C:\ProgramData\Norton
2016-06-26 14:08 - 2009-08-15 14:10 - 00720208 _____ C:\Windows\system32\prfh0816.dat
2016-06-26 14:08 - 2009-08-15 14:10 - 00152160 _____ C:\Windows\system32\prfc0816.dat
2016-06-26 14:08 - 2009-07-14 02:13 - 01653922 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-26 14:08 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-06-26 14:06 - 2015-07-13 21:59 - 00000000 ____D C:\Users\GAMES\AppData\Roaming\uTorrent
2016-06-26 13:11 - 2016-01-24 10:27 - 00000000 ___HD C:\Users\GAMES\Desktop\.picasaoriginals
2016-06-25 22:49 - 2015-07-22 18:52 - 00000000 ____D C:\Windows\Minidump
2016-06-25 20:23 - 2015-07-08 21:03 - 00000000 ____D C:\Users\GAMES\AppData\Local\Mirillis
2016-06-22 20:04 - 2016-01-24 11:39 - 00000000 ____D C:\Users\Public\Downloads\Norton
2016-06-20 19:41 - 2015-07-09 22:57 - 00000000 ____D C:\Users\GAMES\AppData\Local\ElevatedDiagnostics
2016-06-20 15:28 - 2015-07-08 21:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-18 21:43 - 2016-01-24 09:25 - 00002229 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-18 21:43 - 2016-01-24 09:25 - 00002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-04 15:38 - 2015-07-06 18:38 - 00000000 ____D C:\Users\GAMES
==================== Files in the root of some directories =======
2015-07-13 19:36 - 2015-07-14 20:36 - 0003284 _____ () C:\Users\GAMES\AppData\Roaming\ANIWZCS{28854566-EA74-49E6-86FE-B4851A0F78F5}
2015-07-16 19:31 - 2015-07-16 19:31 - 0000043 _____ () C:\Users\GAMES\AppData\Roaming\WB.CFG
2015-07-13 21:48 - 2015-07-13 21:48 - 0000000 _____ () C:\Users\GAMES\AppData\Local\B5S.dat
2015-07-19 22:59 - 2015-07-24 20:43 - 0007597 _____ () C:\Users\GAMES\AppData\Local\Resmon.ResmonCfg
2016-02-13 17:47 - 2016-06-28 18:47 - 0000084 _____ () C:\Users\GAMES\AppData\Local\UGHIGUI.BIZ
2016-04-02 16:41 - 2016-04-02 16:41 - 0000000 _____ () C:\Users\GAMES\AppData\Local\{38F60A2B-6783-4229-A198-033CB53751D5}
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-20 19:34
==================== End of FRST.txt ============================
Ran by GAMES (administrator) on GAMES-PC (28-06-2016 20:24:53)
Running from C:\Users\GAMES\Downloads
Loaded Profiles: GAMES (Available Profiles: GAMES)
Platform: Windows 7 Ultimate (X64) Language: Português (Portugal)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\SysWOW64\ANIWConnService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files (x86)\HDD Regenerator\hrsrv.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccsvchst.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(CMD SOFTWARES) C:\Users\GAMES\AppData\Local\UFIWHPUI\UGHIGUI.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(PowerISO Computing, Inc.) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(D-Link Corp.) C:\Program Files (x86)\D-Link\D-Link Wireless G DWA-510\AirGCFG.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccsvchst.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\MegaDownloader\MegaDownloader.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [307200 2011-06-15] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [ANIWZCS2Service] => C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
HKLM-x32\...\Run: [D-Link D-Link Wireless G DWA-510] => C:\Program Files (x86)\D-Link\D-Link Wireless G DWA-510\AirGCFG.exe [1708032 2009-09-23] (D-Link Corp.)
HKLM-x32\...\Run: [WZCSLDR2] => C:\Program Files (x86)\D-Link\D-Link Wireless G DWA-510\WZCSLDR2.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [HDD Regenerator] => C:\Program Files (x86)\HDD Regenerator\Shell.exe [90336 2013-05-08] ()
HKU\S-1-5-21-1078521506-908536720-2966548903-1000\...\Run: [UGHIGUI] => C:\Users\GAMES\AppData\Local\UFIWHPUI\UGHIGUI.exe [28954112 2015-07-13] (CMD SOFTWARES)
HKU\S-1-5-21-1078521506-908536720-2966548903-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-1078521506-908536720-2966548903-1000\...\Run: [Driver Manager] => C:\Users\GAMES\AppData\Local\Temp\ProcessEX.exe <===== ATTENTION
HKU\S-1-5-21-1078521506-908536720-2966548903-1000\...\MountPoints2: E - E:\setup.exe
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\5.2.2.3\buShell.dll [2011-03-25] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\5.2.2.3\buShell.dll [2011-03-25] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\5.2.2.3\buShell.dll [2011-03-25] (Symantec Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{28854566-EA74-49E6-86FE-B4851A0F78F5}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-1078521506-908536720-2966548903-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dregol.com/?f=1&a=drg_ggbg_15_30&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyDyCtDtAyByC0E0FyByCtCtN0D0Tzu0StCtBzytDtN1L2XzutAtFtCtCtFtAtFtBtN1L1Czu1OtN1L1G1B1V1N2Y1L1Qzu2StA0CyE0DyDtDtBtCtGyDzz0BzytG0ByBtD0BtGtAtAtC0EtGzzyByDtAtCyB0F0F0FyE0AyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtB0A0FyEyE0D0FtG0DyC0D0AtGyEyB0D0EtG0ByD0AtAtGtB0AtAtAyE0CyCtCtBzy0E0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzuzzyCtB&cr=1018220341&ir=
SearchScopes: HKU\S-1-5-21-1078521506-908536720-2966548903-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_ggbg_15_30&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyDyCtDtAyByC0E0FyByCtCtN0D0Tzu0StCtBzytDtN1L2XzutAtFtCtCtFtAtFtBtN1L1Czu1OtN1L1G1B1V1N2Y1L1Qzu2StA0CyE0DyDtDtBtCtGyDzz0BzytG0ByBtD0BtGtAtAtC0EtGzzyByDtAtCyB0F0F0FyE0AyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtB0A0FyEyE0D0FtG0DyC0D0AtGyEyB0D0EtG0ByD0AtAtGtB0AtAtAyE0CyCtCtBzy0E0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzuzzyCtB&cr=1018220341&ir=
SearchScopes: HKU\S-1-5-21-1078521506-908536720-2966548903-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_ggbg_15_30&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyDyCtDtAyByC0E0FyByCtCtN0D0Tzu0StCtBzytDtN1L2XzutAtFtCtCtFtAtFtBtN1L1Czu1OtN1L1G1B1V1N2Y1L1Qzu2StA0CyE0DyDtDtBtCtGyDzz0BzytG0ByBtD0BtGtAtAtC0EtGzzyByDtAtCyB0F0F0FyE0AyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtB0A0FyEyE0D0FtG0DyC0D0AtGyEyB0D0EtG0ByD0AtAtGtB0AtAtAyE0CyCtCtBzy0E0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzuzzyCtB&cr=1018220341&ir=
SearchScopes: HKU\S-1-5-21-1078521506-908536720-2966548903-1000 -> {D1217C8D-7C44-42F8-95E7-37BCC87C5231} URL = hxxps://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=435371&p={searchTerms}
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2015-10-19] (pdfforge GmbH)
BHO-x32: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\IPS\IPSBHO.DLL [2011-03-31] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-16] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-16] (Oracle Corporation)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2015-10-19] (pdfforge GmbH)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-1078521506-908536720-2966548903-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\GAMES\AppData\Roaming\Mozilla\Firefox\Profiles\ac1zy8gg.default
FF DefaultSearchEngine: Ask Web Search
FF SelectedSearchEngine: Ask Web Search
FF Homepage: hxxp://www.google.com.br/
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-16] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-17] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2015-10-19] (pdfforge GmbH)
FF SearchPlugin: C:\Users\GAMES\AppData\Roaming\Mozilla\Firefox\Profiles\ac1zy8gg.default\searchplugins\ask-web-search.xml [2016-01-07]
FF SearchPlugin: C:\Users\GAMES\AppData\Roaming\Mozilla\Firefox\Profiles\ac1zy8gg.default\searchplugins\dregol.xml [2015-07-14]
FF SearchPlugin: C:\Users\GAMES\AppData\Roaming\Mozilla\Firefox\Profiles\ac1zy8gg.default\searchplugins\yahoo_ff.xml [2015-07-17]
FF Extension: MEGA - C:\Users\GAMES\AppData\Roaming\Mozilla\Firefox\Profiles\ac1zy8gg.default\Extensions\firefox@mega.co.nz.xpi [2016-06-25]
FF Extension: PriceFountain - C:\Users\GAMES\AppData\Roaming\Mozilla\Firefox\Profiles\ac1zy8gg.default\Extensions\{b6a94784-0ffb-4121-88c6-435139067ee2}.xpi [2015-07-14] [not signed]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: PDF Architect 4 Creator - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2015-12-04] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_13_2
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_13_2 [2016-06-28] [not signed]
Chrome:
=======
CHR Profile: C:\Users\GAMES\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\GAMES\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-24]
CHR Extension: (Google Docs) - C:\Users\GAMES\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-24]
CHR Extension: (Google Drive) - C:\Users\GAMES\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-24]
CHR Extension: (YouTube) - C:\Users\GAMES\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-24]
CHR Extension: (Tweeter) - C:\Users\GAMES\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfmbfdpdipmkjeebhpmbalplhfkfhcef [2016-05-07]
CHR Extension: (Google Search) - C:\Users\GAMES\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-24]
CHR Extension: (Planilhas do Google) - C:\Users\GAMES\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-24]
CHR Extension: (Documentos Google off-line) - C:\Users\GAMES\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-13]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\GAMES\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-23]
CHR Extension: (Gmail) - C:\Users\GAMES\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-24]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ANIWConnService; C:\Windows\SysWOW64\ANIWConnService.exe [151552 2009-07-07] () [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-17] (NVIDIA Corporation)
R2 hddrsrv; C:\Program Files (x86)\HDD Regenerator\hrsrv.exe [82144 2013-05-08] ()
R2 N360; C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe [130008 2011-04-16] (Symantec Corporation)
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [724992 2006-10-09] (Nero AG) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-17] (NVIDIA Corporation)
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2015-10-19] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2015-10-19] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2015-10-19] (pdfforge GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20160627.001\BHDrvx64.sys [1832176 2016-05-12] (Symantec Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-05-04] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156912 2016-05-04] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20160628.001\IDSvia64.sys [876248 2016-05-24] (Symantec Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [115272 2012-03-25] (MotioninJoy) [File not signed]
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20160628.001\ENG64.SYS [138456 2016-06-06] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20160628.001\EX64.SYS [2148056 2016-06-06] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 RT61; C:\Windows\System32\DRIVERS\rt61.sys [438784 2009-06-02] (Ralink Technology, Corp.)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\0502020.003\SRTSP64.SYS [744568 2011-03-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\0502020.003\SRTSPX64.SYS [40568 2011-03-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\0502020.003\SYMDS64.SYS [450680 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\0502020.003\SYMEFA64.SYS [912504 2011-03-14] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2015-12-28] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS [171128 2010-11-15] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\0502020.003\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Three Months Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-28 20:21 - 2016-06-28 20:24 - 00018486 _____ C:\Users\GAMES\Downloads\FRST.txt
2016-06-28 20:21 - 2016-06-28 20:22 - 00031119 _____ C:\Users\GAMES\Downloads\Addition.txt
2016-06-28 20:19 - 2016-06-28 20:24 - 00000000 ____D C:\FRST
2016-06-28 20:19 - 2016-06-28 20:19 - 02389504 _____ (Farbar) C:\Users\GAMES\Downloads\FRST64.exe
2016-06-28 20:03 - 2016-06-28 20:04 - 14572000 _____ (Microsoft Corporation) C:\Users\GAMES\Downloads\vc_redist.x64.exe
2016-06-28 20:02 - 2015-05-29 10:28 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-06-28 20:01 - 2016-06-28 20:01 - 00003143 _____ C:\Users\GAMES\Desktop\api-ms-win-crt-runtime-l1-1-0.zip
2016-06-28 19:53 - 2016-06-28 19:53 - 304823856 _____ C:\Users\GAMES\Downloads\Não confirmado 227105.crdownload
2016-06-28 19:43 - 2016-06-28 20:19 - 846447262 _____ C:\Users\GAMES\Downloads\Turok - Evolution (USA)[FertingaX360].7z
2016-06-28 19:43 - 2016-06-28 19:43 - 00000000 _____ C:\Users\GAMES\Desktop\FertingaX360.txt
2016-06-28 19:29 - 2016-06-28 19:29 - 00243054 _____ C:\Users\GAMES\Downloads\GC-Legend of Zelda, The - The Wind Waker (EUR-PAL) (T-BR) (T-Lucjedi G-Trans-Center)(0.1 2006).zip
2016-06-28 19:24 - 2016-06-28 19:24 - 00507198 _____ C:\Users\GAMES\Downloads\[GC] The Legend of Zelda - Twilight Princess (USA-NTSC) [T-BR] [T-Lucjedi e MajinBatata G-Trans-Center] [V-1.0 A-2009].zip
2016-06-28 19:24 - 2016-06-28 19:24 - 00243054 _____ C:\Users\GAMES\Downloads\[GC] The Legend of Zelda - The Wind Waker (EUR-PAL) [T-BR] [T-Lucjedi G-Trans-Center] [V-0.1 beta A-2006].zip
2016-06-28 19:23 - 2016-06-28 19:23 - 00269254 _____ C:\Users\GAMES\Downloads\[GC] The Legend of Zelda - The Wind Waker (USA-NTSC) [T-BR] [T-Lucjedi G-Trans-Center] [V-0.2 beta A-2009].zip
2016-06-28 19:16 - 2016-06-28 19:16 - 391030602 _____ C:\Users\GAMES\Downloads\Não confirmado 366968.crdownload
2016-06-28 19:10 - 2016-06-28 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin
2016-06-28 19:10 - 2016-06-28 19:12 - 00000000 ____D C:\Program Files\Dolphin
2016-06-28 19:10 - 2016-06-28 19:10 - 00000832 _____ C:\Users\Public\Desktop\Dolphin.lnk
2016-06-26 20:51 - 2016-06-26 20:51 - 00000000 ____D C:\Users\GAMES\Documents\PCSX2
2016-06-26 20:50 - 2016-06-26 20:51 - 00000000 ____D C:\Program Files (x86)\PCSX2 1.2.1
2016-06-26 20:50 - 2016-06-26 20:50 - 00002021 _____ C:\Users\Public\Desktop\PCSX2 1.2.1 (r5875).lnk
2016-06-26 20:50 - 2016-06-26 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2016-06-26 14:10 - 2016-06-28 19:06 - 00000000 ____D C:\Users\GAMES\Desktop\ppsspp
2016-06-26 14:00 - 2016-06-26 14:00 - 00000000 ____D C:\Users\GAMES\Downloads\Minecraft 1.8.4 by TeamExtremeMc.com
2016-06-26 10:33 - 2016-06-26 10:33 - 01132306 _____ C:\Users\GAMES\Downloads\UMDGen_v4.00.rar
2016-06-26 10:33 - 2016-06-26 10:33 - 01132306 _____ C:\Users\GAMES\Desktop\UMDGen_v4.00.rar
2016-06-25 23:39 - 2016-06-25 23:42 - 00000000 ____D C:\Users\GAMES\Desktop\Fear The Walking Dead 2ª Temporada
2016-06-25 22:49 - 2016-06-25 22:49 - 00295008 _____ C:\Windows\Minidump\062516-34413-01.dmp
2016-06-25 20:44 - 2016-06-24 23:59 - 269058048 _____ C:\Users\GAMES\Desktop\Resident Evil 4 PS2- PT-BR.iso
2016-06-25 19:46 - 2016-06-28 19:07 - 00000000 ____D C:\Users\GAMES\Desktop\Walisson_
2016-06-20 21:11 - 2016-06-20 21:13 - 00000000 ____D C:\Users\GAMES\Desktop\Fear The Walking Dead 1ª Temporada Parte 1 (2015) WEB-DL 720p Dual Áudio - WWW.THEPIRATEFILMES.COM
2016-06-20 16:55 - 2016-06-25 22:49 - 587472747 _____ C:\Windows\MEMORY.DMP
2016-06-20 16:55 - 2016-06-20 16:55 - 00287488 _____ C:\Windows\Minidump\062016-32042-01.dmp
2016-06-16 22:01 - 2016-06-20 15:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-09 22:26 - 2016-06-10 18:41 - 00000000 ____D C:\Users\GAMES\Desktop\demolidor 1 temporada
2016-06-08 19:39 - 2016-06-08 19:43 - 00000000 ____D C:\Users\GAMES\Desktop\Spartacus - Blood and Sand - The Pirate Filmes
2016-06-04 15:38 - 2016-06-04 15:38 - 00019738 _____ C:\Users\GAMES\.recently-used.xbel
2016-05-30 18:53 - 2016-05-30 18:59 - 00000000 ____D C:\Users\GAMES\Desktop\The Walking Dead - 6ª Temporada (2016) Dual Áudio 720p Completo (By-LuanHarper)
2016-05-30 18:48 - 2016-06-14 20:25 - 00000000 ____D C:\Users\GAMES\Desktop\x1
2016-05-27 19:30 - 2016-06-26 10:40 - 00000000 ____D C:\Users\GAMES\Desktop\ps3 b
2016-05-27 18:49 - 2016-05-27 18:49 - 00000462 _____ C:\Users\GAMES\Desktop\Disco Local (E) - Atalho.lnk
2016-05-21 16:04 - 2016-06-04 15:38 - 00000000 ____D C:\Users\GAMES\AppData\Roaming\gtk-2.0
2016-05-21 16:00 - 2016-05-21 16:00 - 00000000 ____D C:\Users\GAMES\.thumbnails
2016-05-21 15:58 - 2016-06-04 15:39 - 00000000 ____D C:\Users\GAMES\.gimp-2.6
2016-05-21 15:58 - 2016-05-21 15:58 - 00000000 ____D C:\Users\GAMES\Documents\gegl-0.0
2016-05-21 15:52 - 2016-05-21 15:52 - 00001131 _____ C:\Users\Public\Desktop\GIMP 2.lnk
2016-05-21 15:52 - 2016-05-21 15:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
2016-05-21 15:52 - 2016-05-21 15:52 - 00000000 ____D C:\Program Files (x86)\GIMP-2.0
2016-05-21 15:50 - 2016-05-21 15:50 - 20240823 _____ C:\Users\GAMES\Desktop\Gimp 2.6.11 (XBCLASSICRP).rar
2016-05-21 15:46 - 2016-05-21 15:46 - 00854937 _____ C:\Users\GAMES\Downloads\OpenBOR_-_v3688.7z
2016-05-15 14:56 - 2016-05-15 14:56 - 00001069 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashFXP.lnk
2016-05-15 14:56 - 2016-05-15 14:56 - 00001057 _____ C:\Users\Public\Desktop\FlashFXP.lnk
2016-05-15 14:56 - 2016-05-15 14:56 - 00000000 ____D C:\ProgramData\FlashFXP
2016-05-15 14:56 - 2016-05-15 14:56 - 00000000 ____D C:\Program Files (x86)\FlashFXP 4
2016-05-15 14:13 - 2016-05-26 14:51 - 00000000 ____D C:\Users\GAMES\AppData\Roaming\FileZilla
2016-05-15 14:13 - 2016-05-15 14:13 - 00001894 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2016-05-15 14:13 - 2016-05-15 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-05-15 14:13 - 2016-05-15 14:13 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2016-05-15 14:10 - 2016-05-15 14:10 - 06522536 _____ (Tim Kosse) C:\Users\GAMES\Downloads\FileZilla_3.17.0.1_win64-setup_bundled.exe
2016-05-13 19:36 - 2016-05-13 19:47 - 00000000 ____D C:\ProgramData\TEMP
2016-05-13 19:35 - 2016-05-13 19:39 - 00000000 ____D C:\Program Files (x86)\HDD Regenerator
2016-05-13 19:35 - 2016-05-13 19:35 - 00002011 _____ C:\Users\Public\Desktop\HDD Regenerator.lnk
2016-05-13 19:35 - 2016-05-13 19:35 - 00000000 ____D C:\Users\GAMES\AppData\Local\Downloaded Installations
2016-05-13 19:35 - 2016-05-13 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Regenerator
2016-05-13 19:34 - 2016-05-13 19:44 - 00000000 ____D C:\Users\GAMES\Downloads\HDD.Regenerator.2011-RES
2016-05-13 19:33 - 2016-05-13 19:35 - 00000000 ____D C:\Users\GAMES\Downloads\HDD_Regenerator_2011
2016-05-12 20:04 - 2016-05-12 20:04 - 05171607 _____ C:\Users\GAMES\Desktop\Flash FXP (XBCLASSICRP).rar
2016-05-12 19:25 - 2016-05-12 19:25 - 00003093 _____ C:\Users\GAMES\Desktop\cxboxtool - Atalho.lnk
2016-05-12 19:24 - 2016-05-12 19:25 - 00000000 ____D C:\Users\GAMES\Documents\C-XBox Tool 2
2016-05-12 19:24 - 2016-05-12 19:24 - 03485578 _____ C:\Users\GAMES\Documents\FILEZILLA_2_2_24B_SETUP.rar
2016-05-12 19:23 - 2016-05-12 19:24 - 02919580 _____ C:\Users\GAMES\Documents\C-XBox Tool 2.rar
2016-05-08 00:09 - 2016-05-08 00:09 - 00077824 _____ ( ) C:\Users\GAMES\Downloads\guiformat.exe
2016-05-07 22:35 - 2016-05-07 22:35 - 00000944 _____ C:\Users\GAMES\Downloads\e89a07ae79 (1).dlc
2016-05-07 22:32 - 2016-05-07 22:32 - 00000944 _____ C:\Users\GAMES\Downloads\e89a07ae79.dlc
2016-05-07 21:17 - 2016-05-07 21:21 - 00000000 ____D C:\Users\GAMES\AppData\Local\MegaDownloader
2016-05-07 21:16 - 2016-05-07 21:16 - 00000920 _____ C:\Users\Public\Desktop\MegaDownloader.lnk
2016-05-07 21:16 - 2016-05-07 21:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaDownloader
2016-05-07 21:16 - 2016-05-07 21:16 - 00000000 ____D C:\Program Files\MegaDownloader
2016-05-07 21:15 - 2016-05-07 21:15 - 02068488 _____ C:\Users\GAMES\Downloads\MgDown v1.7.rar
2016-05-07 19:14 - 2016-06-26 10:24 - 00000000 ___SD C:\Users\GAMES\AppData\LocalLow\Temp
2016-05-07 19:13 - 2016-05-07 19:28 - 00058126 _____ C:\Users\GAMES\Downloads\Download Auto-installer deluxe direct download.pdf
2016-04-29 20:59 - 2016-04-29 21:15 - 00000000 ____D C:\Users\GAMES\Desktop\Under The Dome 3 Temporada
2016-04-29 20:13 - 2016-04-29 20:31 - 00000000 ____D C:\Users\GAMES\AppData\Roaming\ImgBurn
2016-04-29 20:07 - 2016-04-29 20:07 - 00001913 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2016-04-29 20:07 - 2016-04-29 20:07 - 00001901 _____ C:\Users\Public\Desktop\ImgBurn.lnk
2016-04-29 20:07 - 2016-04-29 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2016-04-29 20:07 - 2016-04-29 20:07 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2016-04-29 20:06 - 2016-04-29 20:06 - 03469871 _____ (LIGHTNING UK!) C:\Users\GAMES\Downloads\SetupImgBurn_2.5.8.0(1).exe
2016-04-29 20:05 - 2016-04-29 20:05 - 02300679 _____ C:\Users\GAMES\Downloads\SetupImgBurn_2.5.8.0.exe
2016-04-29 20:02 - 2016-04-29 20:03 - 01623197 _____ C:\Users\GAMES\Downloads\imgburn-2-5-8-0-es-en-win.exe
2016-04-02 16:41 - 2016-04-02 16:41 - 00000000 _____ C:\Users\GAMES\AppData\Local\{38F60A2B-6783-4229-A198-033CB53751D5}
==================== Three Months Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-28 19:42 - 2016-01-24 09:23 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-28 19:11 - 2015-07-10 18:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-28 18:54 - 2009-07-14 01:45 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-28 18:54 - 2009-07-14 01:45 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-28 18:49 - 2016-01-10 10:34 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
2016-06-28 18:47 - 2016-02-13 17:47 - 00000084 _____ C:\Users\GAMES\AppData\Local\UGHIGUI.BIZ
2016-06-28 18:47 - 2016-01-24 09:23 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-28 18:46 - 2015-07-06 18:55 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-28 18:46 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-26 21:07 - 2016-01-08 13:17 - 00000000 ____D C:\Users\GAMES\AppData\Local\CrashDumps
2016-06-26 20:50 - 2015-07-18 14:56 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-06-26 20:50 - 2015-07-18 14:56 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-06-26 17:56 - 2009-07-14 01:45 - 00274824 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-26 15:29 - 2015-12-25 17:19 - 00000000 ____D C:\ProgramData\Norton
2016-06-26 14:08 - 2009-08-15 14:10 - 00720208 _____ C:\Windows\system32\prfh0816.dat
2016-06-26 14:08 - 2009-08-15 14:10 - 00152160 _____ C:\Windows\system32\prfc0816.dat
2016-06-26 14:08 - 2009-07-14 02:13 - 01653922 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-26 14:08 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-06-26 14:06 - 2015-07-13 21:59 - 00000000 ____D C:\Users\GAMES\AppData\Roaming\uTorrent
2016-06-26 13:11 - 2016-01-24 10:27 - 00000000 ___HD C:\Users\GAMES\Desktop\.picasaoriginals
2016-06-25 22:49 - 2015-07-22 18:52 - 00000000 ____D C:\Windows\Minidump
2016-06-25 20:23 - 2015-07-08 21:03 - 00000000 ____D C:\Users\GAMES\AppData\Local\Mirillis
2016-06-22 20:04 - 2016-01-24 11:39 - 00000000 ____D C:\Users\Public\Downloads\Norton
2016-06-20 19:41 - 2015-07-09 22:57 - 00000000 ____D C:\Users\GAMES\AppData\Local\ElevatedDiagnostics
2016-06-20 15:28 - 2015-07-08 21:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-18 21:43 - 2016-01-24 09:25 - 00002229 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-18 21:43 - 2016-01-24 09:25 - 00002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-04 15:38 - 2015-07-06 18:38 - 00000000 ____D C:\Users\GAMES
==================== Files in the root of some directories =======
2015-07-13 19:36 - 2015-07-14 20:36 - 0003284 _____ () C:\Users\GAMES\AppData\Roaming\ANIWZCS{28854566-EA74-49E6-86FE-B4851A0F78F5}
2015-07-16 19:31 - 2015-07-16 19:31 - 0000043 _____ () C:\Users\GAMES\AppData\Roaming\WB.CFG
2015-07-13 21:48 - 2015-07-13 21:48 - 0000000 _____ () C:\Users\GAMES\AppData\Local\B5S.dat
2015-07-19 22:59 - 2015-07-24 20:43 - 0007597 _____ () C:\Users\GAMES\AppData\Local\Resmon.ResmonCfg
2016-02-13 17:47 - 2016-06-28 18:47 - 0000084 _____ () C:\Users\GAMES\AppData\Local\UGHIGUI.BIZ
2016-04-02 16:41 - 2016-04-02 16:41 - 0000000 _____ () C:\Users\GAMES\AppData\Local\{38F60A2B-6783-4229-A198-033CB53751D5}
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-20 19:34
==================== End of FRST.txt ============================