Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 27-07-2016 Executado por Igor (administrador) em IGOR-PC (29-07-2016 18:08:48) Executando a partir de C:\Users\Igor\Desktop Perfis Carregados: Igor (Perfis Disponíveis: Igor) Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil) Internet Explorer Versão 8 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Riot Games\LolScreenSaver\service\service.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Sun Microsystems, Inc.) C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe (A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe (Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe (Razer, Inc.) C:\Users\Igor\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.24\deploy\LoLLauncher.exe () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.64\deploy\LoLPatcher.exe () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.207\deploy\LolClient.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16409496 2016-02-03] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [594240 2016-01-13] (Razer Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Java\jre6\bin\jusched.exe [136600 2016-02-10] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-10-16] () HKU\S-1-5-21-1016689697-3733000138-1141061354-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.) HKU\S-1-5-21-1016689697-3733000138-1141061354-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-08] (Valve Corporation) HKU\S-1-5-21-1016689697-3733000138-1141061354-1000\...\Run: [WTFast Tray] => C:\Program Files (x86)\WTFast\WTFast.exe [6777856 2016-02-14] (AAA Internet Publishing, Inc.) HKU\S-1-5-21-1016689697-3733000138-1141061354-1000\...\Run: [Chromium] => "c:\users\igor\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session HKU\S-1-5-21-1016689697-3733000138-1141061354-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\lol.scr [3721216 2016-03-30] () CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 192.168.25.1 Tcpip\..\Interfaces\{65A0C0A0-74E2-4701-8A38-C32D30E7D418}: [DhcpNameServer] 192.168.25.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_27¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyBtC0B0CyCyB0A0AyC0CtC0BtB0BtN0D0Tzu0StCyCyEtBtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyB0CzzyE0BtAzytDtGtCyB0D0AtGyC0A0F0FtGyB0BzzzytG0E0B0A0EyCtD0ByEtCzzyC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0EyCzy0B0CtByCtGtA0EyDyBtGyEyEzyzytGzyyByCtDtG0ByC0CyEyCyB0DtB0EyD0EyB2QtN0A0LzuyE%26cr%3D1196796854%26a%3Dwbf_fs_16_27%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_27¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyBtC0B0CyCyB0A0AyC0CtC0BtB0BtN0D0Tzu0StCyCyEtBtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyB0CzzyE0BtAzytDtGtCyB0D0AtGyC0A0F0FtGyB0BzzzytG0E0B0A0EyCtD0ByEtCzzyC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0EyCzy0B0CtByCtGtA0EyDyBtGyEyEzyzytGzyyByCtDtG0ByC0CyEyCyB0DtB0EyD0EyB2QtN0A0LzuyE%26cr%3D1196796854%26a%3Dwbf_fs_16_27%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate HKU\S-1-5-21-1016689697-3733000138-1141061354-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_27¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyBtC0B0CyCyB0A0AyC0CtC0BtB0BtN0D0Tzu0StCyCyEtBtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyB0CzzyE0BtAzytDtGtCyB0D0AtGyC0A0F0FtGyB0BzzzytG0E0B0A0EyCtD0ByEtCzzyC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0EyCzy0B0CtByCtGtA0EyDyBtGyEyEzyzytGzyyByCtDtG0ByC0CyEyCyB0DtB0EyD0EyB2QtN0A0LzuyE%26cr%3D1196796854%26a%3Dwbf_fs_16_27%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_27¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyBtC0B0CyCyB0A0AyC0CtC0BtB0BtN0D0Tzu0StCyCyEtBtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyB0CzzyE0BtAzytDtGtCyB0D0AtGyC0A0F0FtGyB0BzzzytG0E0B0A0EyCtD0ByEtCzzyC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0EyCzy0B0CtByCtGtA0EyDyBtGyEyEzyzytGzyyByCtDtG0ByC0CyEyCyB0DtB0EyD0EyB2QtN0A0LzuyE%26cr%3D1196796854%26a%3Dwbf_fs_16_27%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_27¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyBtC0B0CyCyB0A0AyC0CtC0BtB0BtN0D0Tzu0StCyCyEtBtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyB0CzzyE0BtAzytDtGtCyB0D0AtGyC0A0F0FtGyB0BzzzytG0E0B0A0EyCtD0ByEtCzzyC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0EyCzy0B0CtByCtGtA0EyDyBtGyEyEzyzytGzyyByCtDtG0ByC0CyEyCyB0DtB0EyD0EyB2QtN0A0LzuyE%26cr%3D1196796854%26a%3Dwbf_fs_16_27%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_27¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyBtC0B0CyCyB0A0AyC0CtC0BtB0BtN0D0Tzu0StCyCyEtBtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyB0CzzyE0BtAzytDtGtCyB0D0AtGyC0A0F0FtGyB0BzzzytG0E0B0A0EyCtD0ByEtCzzyC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0EyCzy0B0CtByCtGtA0EyDyBtGyEyEzyzytGzyyByCtDtG0ByC0CyEyCyB0DtB0EyD0EyB2QtN0A0LzuyE%26cr%3D1196796854%26a%3Dwbf_fs_16_27%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_27¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyBtC0B0CyCyB0A0AyC0CtC0BtB0BtN0D0Tzu0StCyCyEtBtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyB0CzzyE0BtAzytDtGtCyB0D0AtGyC0A0F0FtGyB0BzzzytG0E0B0A0EyCtD0ByEtCzzyC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0EyCzy0B0CtByCtGtA0EyDyBtGyEyEzyzytGzyyByCtDtG0ByC0CyEyCyB0DtB0EyD0EyB2QtN0A0LzuyE%26cr%3D1196796854%26a%3Dwbf_fs_16_27%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKU\S-1-5-21-1016689697-3733000138-1141061354-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_27¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyBtC0B0CyCyB0A0AyC0CtC0BtB0BtN0D0Tzu0StCyCyEtBtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyB0CzzyE0BtAzytDtGtCyB0D0AtGyC0A0F0FtGyB0BzzzytG0E0B0A0EyCtD0ByEtCzzyC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0EyCzy0B0CtByCtGtA0EyDyBtGyEyEzyzytGzyyByCtDtG0ByC0CyEyCyB0DtB0EyD0EyB2QtN0A0LzuyE%26cr%3D1196796854%26a%3Dwbf_fs_16_27%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKU\S-1-5-21-1016689697-3733000138-1141061354-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_27¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyBtC0B0CyCyB0A0AyC0CtC0BtB0BtN0D0Tzu0StCyCyEtBtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyB0CzzyE0BtAzytDtGtCyB0D0AtGyC0A0F0FtGyB0BzzzytG0E0B0A0EyCtD0ByEtCzzyC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0EyCzy0B0CtByCtGtA0EyDyBtGyEyEzyzytGzyyByCtDtG0ByC0CyEyCyB0DtB0EyD0EyB2QtN0A0LzuyE%26cr%3D1196796854%26a%3Dwbf_fs_16_27%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2016-02-10] (Sun Microsystems, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2016-02-10] (Sun Microsystems, Inc.) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [1999-12-31] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [1999-12-31] (Intel Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-02-09] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-02-09] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) Chrome: ======= CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms} CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms} CHR Profile: C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Apresentações) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-03] CHR Extension: (Google Docs) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-03] CHR Extension: (Google Drive) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-03] CHR Extension: (YouTube) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-03] CHR Extension: (Google Search) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-03] CHR Extension: (Gotas de chuva(Non-Aero)) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpagcfbbmlebfnkeogkigellbgmfkjfg [2016-07-15] CHR Extension: (Planilhas do Google) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-03] CHR Extension: (Documentos Google off-line) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (AdBlock) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-29] CHR Extension: (Steam Market Float Checker) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\imjcjjbacacnhoibdbghilhicllgegcf [2016-07-19] CHR Extension: (Top Friends) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncmgphifjenjiafflmilknefljfccgnf [2016-04-07] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR Extension: (Enhanced Steam) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2016-07-19] CHR Extension: (Gmail) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-03] CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1016689697-3733000138-1141061354-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx ==================== Serviços (Whitelisted) ======================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1314848 2016-01-19] () R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Arquivo não assinado] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 1999-12-31] (Intel Corporation) R2 KinoniSvc; C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe [537088 2016-03-18] () [Arquivo não assinado] R2 LolScreenSaverService; C:\Riot Games\LolScreenSaver\service\service.exe [707072 2016-03-30] () [Arquivo não assinado] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-04] () R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4254720 2015-07-28] (A-Volute) [Arquivo não assinado] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-02-03] (REALiX(tm)) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation) S3 kinonivd; C:\Windows\System32\DRIVERS\kinonivd.sys [2782848 2016-03-18] (Windows (R) Win 7 DDK provider) S3 KINONI_Wave; C:\Windows\System32\drivers\kinonivad.sys [23040 2016-03-18] (Windows (R) Win 7 DDK provider) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 1999-12-31] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation) R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [61656 2016-02-03] (Realtek Semiconductor Corporation ) R3 rzdaendpt; C:\Windows\System32\DRIVERS\rzdaendpt.sys [43720 2015-08-13] (Razer Inc) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.) R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.) R3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2015-07-28] (Windows (R) Win 7 DDK provider) R3 rzvkeyboard; C:\Windows\System32\DRIVERS\rzvkeyboard.sys [44232 2015-08-13] (Razer Inc) S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2016-04-17] (SlimWare Utilities, Inc.) R2 WtfEngineDrv; C:\Windows\System32\DRIVERS\WtfEngineDrv.sys [27392 2016-02-01] (AAA Internet Publishing, Inc.) S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] S3 xspirit; \??\C:\Windows\xspirit.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Três Meses Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-07-29 18:08 - 2016-07-29 18:09 - 00022060 _____ C:\Users\Igor\Desktop\FRST.txt 2016-07-29 18:08 - 2016-07-29 18:08 - 00000000 ____D C:\FRST 2016-07-29 18:07 - 2016-07-29 18:07 - 02394112 _____ (Farbar) C:\Users\Igor\Downloads\FRST64.exe 2016-07-29 18:07 - 2016-07-29 18:07 - 02394112 _____ (Farbar) C:\Users\Igor\Desktop\FRST64.exe 2016-07-29 18:05 - 2016-07-29 18:06 - 00629006 _____ C:\Users\Igor\Downloads\Windows6.1-KB2999226-x86.msu 2016-07-29 18:04 - 2016-07-29 18:05 - 01034556 _____ C:\Users\Igor\Downloads\Windows6.1-KB2999226-x64.msu 2016-07-29 17:59 - 2016-07-29 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kinoni 2016-07-29 17:59 - 2016-07-29 17:59 - 00000000 ____D C:\Program Files (x86)\Kinoni 2016-07-29 17:58 - 2016-07-29 17:58 - 03719392 _____ (Kinoni) C:\Users\Igor\Downloads\KinoniWinInstaller281.exe 2016-07-26 18:44 - 2016-07-26 18:44 - 00000000 ____D C:\Users\Igor\Downloads\Vizinhos 2 2016 WEBRip 720p Legendado - WWW.THEPIRATEFILMES.COM 2016-07-24 04:25 - 2016-07-24 04:53 - 2358662450 ____R C:\Users\Igor\Downloads\OpEx_Especial_007_FHD.mkv 2016-07-23 22:58 - 2016-07-23 22:58 - 00003544 ____N C:\bootsqm.dat 2016-07-23 22:57 - 2016-07-23 22:57 - 00000000 __SHD C:\found.000 2016-07-18 19:41 - 2016-07-18 19:44 - 00000000 ____D C:\Users\Igor\Downloads\Deadpool 2016 Bluray 1080p 5.1 CH Dublado - WWW.THEPIRATEFILMES.COM 2016-07-17 19:48 - 2016-07-17 19:50 - 00000000 ____D C:\Users\Igor\Downloads\Amizade Colorida (2011) - Dublado 720p (5.1 CH).By-LuanHarper 2016-07-17 19:47 - 2016-07-26 18:42 - 00000000 ____D C:\Users\Igor\AppData\LocalLow\uTorrent 2016-07-17 19:32 - 2016-07-22 03:58 - 00000158 _____ C:\Users\Igor\Desktop\scamm.txt 2016-07-17 11:29 - 2016-07-17 11:29 - 412461476 _____ C:\Users\Igor\Downloads\OpEx_750_FHD.mkv 2016-07-17 11:19 - 2016-07-17 11:19 - 00136207 _____ C:\Users\Igor\Downloads\boleto.pdf 2016-07-10 10:51 - 2016-07-10 10:51 - 396861742 _____ C:\Users\Igor\Downloads\OpEx_749_FHD.mkv 2016-07-09 18:39 - 2016-07-09 20:02 - 00000000 ____D C:\Program Files (x86)\Project64 2.2 2016-07-09 18:38 - 2016-07-09 18:38 - 02583689 _____ (Project64 ) C:\Users\Igor\Downloads\project64-2-2-0-3.exe 2016-07-09 18:36 - 2016-07-09 18:36 - 25885408 _____ C:\Users\Igor\Downloads\Mario Party 3 (USA).zip 2016-07-07 14:52 - 2016-07-07 14:52 - 03642129 _____ C:\Users\Igor\Downloads\Forma Perfeita Expo (1).pdf 2016-07-06 22:57 - 2016-07-06 22:57 - 03642129 _____ C:\Users\Igor\Downloads\Forma Perfeita Expo.pdf 2016-07-06 22:56 - 2016-07-06 22:56 - 00000239 _____ C:\Users\Igor\Downloads\vcard-571fd564d32a5.vcf 2016-07-06 00:32 - 2016-07-06 00:35 - 00425696 _____ C:\Users\Igor\Downloads\Kansas - Carry on Wayward Son Instrumental-Studio Version.mp3.sfk 2016-07-06 00:17 - 2016-07-06 00:17 - 00000976 _____ C:\Users\Igor\Documents\Track 9 - 6.sfk 2016-07-06 00:16 - 2016-07-06 00:17 - 00235242 _____ C:\Users\Igor\Documents\Track 9 - 6.wav 2016-07-06 00:16 - 2016-07-06 00:16 - 00003488 _____ C:\Users\Igor\Documents\Track 9 - 5.sfk 2016-07-06 00:15 - 2016-07-06 00:16 - 00878954 _____ C:\Users\Igor\Documents\Track 9 - 5.wav 2016-07-06 00:15 - 2016-07-06 00:15 - 00484966 _____ C:\Users\Igor\Documents\Track 9 - 4.wav 2016-07-06 00:15 - 2016-07-06 00:15 - 00279906 _____ C:\Users\Igor\Documents\Track 9 - 3.wav 2016-07-06 00:15 - 2016-07-06 00:15 - 00001952 _____ C:\Users\Igor\Documents\Track 9 - 4.sfk 2016-07-06 00:15 - 2016-07-06 00:15 - 00001152 _____ C:\Users\Igor\Documents\Track 9 - 3.sfk 2016-07-06 00:13 - 2016-07-06 00:13 - 00353442 _____ C:\Users\Igor\Documents\Track 9 - 1.wav 2016-07-06 00:13 - 2016-07-06 00:13 - 00126402 _____ C:\Users\Igor\Documents\Track 9 - 2.wav 2016-07-06 00:13 - 2016-07-06 00:13 - 00001440 _____ C:\Users\Igor\Documents\Track 9 - 1.sfk 2016-07-06 00:13 - 2016-07-06 00:13 - 00000552 _____ C:\Users\Igor\Documents\Track 9 - 2.sfk 2016-07-05 23:28 - 2016-07-05 23:28 - 00000000 ____D C:\Users\Igor\Documents\OFX Presets 2016-07-05 15:47 - 2016-07-05 15:47 - 00000000 ____D C:\Users\Igor\AppData\Roaming\Sony Creative Software Inc 2016-07-05 15:39 - 2016-07-05 15:39 - 00001824 _____ C:\Users\Igor\Documents\Track 7 - 31.sfk 2016-07-05 15:38 - 2016-07-05 15:39 - 00453198 _____ C:\Users\Igor\Documents\Track 7 - 31.wav 2016-07-05 15:38 - 2016-07-05 15:38 - 01955178 _____ C:\Users\Igor\Documents\Track 7 - 30.wav 2016-07-05 15:38 - 2016-07-05 15:38 - 00007696 _____ C:\Users\Igor\Documents\Track 7 - 30.sfk 2016-07-05 15:38 - 2016-07-05 15:38 - 00004496 _____ C:\Users\Igor\Documents\Track 7 - 29.sfk 2016-07-05 15:32 - 2016-07-05 15:38 - 01135794 _____ C:\Users\Igor\Documents\Track 7 - 29.wav 2016-07-05 15:32 - 2016-07-05 15:32 - 03289818 _____ C:\Users\Igor\Documents\Track 7 - 28.wav 2016-07-05 15:32 - 2016-07-05 15:32 - 00012904 _____ C:\Users\Igor\Documents\Track 7 - 28.sfk 2016-07-05 15:32 - 2016-07-05 15:32 - 00003240 _____ C:\Users\Igor\Documents\Track 7 - 27.sfk 2016-07-05 15:31 - 2016-07-05 15:32 - 00815426 _____ C:\Users\Igor\Documents\Track 7 - 27.wav 2016-07-05 15:31 - 2016-07-05 15:31 - 01450462 _____ C:\Users\Igor\Documents\Track 7 - 26.wav 2016-07-05 15:31 - 2016-07-05 15:31 - 00005720 _____ C:\Users\Igor\Documents\Track 7 - 26.sfk 2016-07-05 15:27 - 2016-07-05 15:27 - 01420538 _____ C:\Users\Igor\Documents\Track 8 - 3.wav 2016-07-05 15:27 - 2016-07-05 15:27 - 00006024 _____ C:\Users\Igor\Documents\Track 8 - 2.sfk 2016-07-05 15:27 - 2016-07-05 15:27 - 00005608 _____ C:\Users\Igor\Documents\Track 8 - 3.sfk 2016-07-05 15:26 - 2016-07-05 15:27 - 01527982 _____ C:\Users\Igor\Documents\Track 8 - 2.wav 2016-07-05 15:26 - 2016-07-05 15:26 - 01693002 _____ C:\Users\Igor\Documents\Track 8 - 1.wav 2016-07-05 15:26 - 2016-07-05 15:26 - 00006672 _____ C:\Users\Igor\Documents\Track 8 - 1.sfk 2016-07-05 15:26 - 2016-07-05 15:26 - 00003856 _____ C:\Users\Igor\Documents\Track 7 - 25.sfk 2016-07-05 15:25 - 2016-07-05 15:26 - 00972354 _____ C:\Users\Igor\Documents\Track 7 - 25.wav 2016-07-05 15:25 - 2016-07-05 15:25 - 00012624 _____ C:\Users\Igor\Documents\Track 7 - 24.sfk 2016-07-05 15:24 - 2016-07-05 15:25 - 03217350 _____ C:\Users\Igor\Documents\Track 7 - 24.wav 2016-07-05 15:24 - 2016-07-05 15:24 - 01567650 _____ C:\Users\Igor\Documents\Track 7 - 23.wav 2016-07-05 15:24 - 2016-07-05 15:24 - 00006176 _____ C:\Users\Igor\Documents\Track 7 - 23.sfk 2016-07-05 15:24 - 2016-07-05 15:24 - 00004584 _____ C:\Users\Igor\Documents\Track 7 - 22.sfk 2016-07-05 15:22 - 2016-07-05 15:24 - 01158614 _____ C:\Users\Igor\Documents\Track 7 - 22.wav 2016-07-05 15:22 - 2016-07-05 15:22 - 01898958 _____ C:\Users\Igor\Documents\Track 7 - 20.wav 2016-07-05 15:22 - 2016-07-05 15:22 - 01420922 _____ C:\Users\Igor\Documents\Track 7 - 21.wav 2016-07-05 15:22 - 2016-07-05 15:22 - 00007472 _____ C:\Users\Igor\Documents\Track 7 - 20.sfk 2016-07-05 15:22 - 2016-07-05 15:22 - 00005608 _____ C:\Users\Igor\Documents\Track 7 - 21.sfk 2016-07-05 15:22 - 2016-07-05 15:22 - 00004696 _____ C:\Users\Igor\Documents\Track 7 - 19.sfk 2016-07-05 15:21 - 2016-07-05 15:22 - 01187290 _____ C:\Users\Igor\Documents\Track 7 - 19.wav 2016-07-05 15:21 - 2016-07-05 15:21 - 00006888 _____ C:\Users\Igor\Documents\Track 7 - 18.sfk 2016-07-05 15:20 - 2016-07-05 15:21 - 01749114 _____ C:\Users\Igor\Documents\Track 7 - 18.wav 2016-07-05 15:20 - 2016-07-05 15:20 - 00013416 _____ C:\Users\Igor\Documents\Track 7 - 17.sfk 2016-07-05 15:14 - 2016-07-05 15:20 - 03420326 _____ C:\Users\Igor\Documents\Track 7 - 17.wav 2016-07-05 15:14 - 2016-07-05 15:14 - 01658798 _____ C:\Users\Igor\Documents\Track 7 - 16.wav 2016-07-05 15:14 - 2016-07-05 15:14 - 01379926 _____ C:\Users\Igor\Documents\Track 7 - 15.wav 2016-07-05 15:14 - 2016-07-05 15:14 - 00641630 _____ C:\Users\Igor\Documents\Track 7 - 14.wav 2016-07-05 15:14 - 2016-07-05 15:14 - 00006536 _____ C:\Users\Igor\Documents\Track 7 - 16.sfk 2016-07-05 15:14 - 2016-07-05 15:14 - 00005448 _____ C:\Users\Igor\Documents\Track 7 - 15.sfk 2016-07-05 15:14 - 2016-07-05 15:14 - 00003536 _____ C:\Users\Igor\Documents\Track 7 - 13.sfk 2016-07-05 15:14 - 2016-07-05 15:14 - 00002560 _____ C:\Users\Igor\Documents\Track 7 - 14.sfk 2016-07-05 15:13 - 2016-07-05 15:14 - 00891126 _____ C:\Users\Igor\Documents\Track 7 - 13.wav 2016-07-05 15:13 - 2016-07-05 15:13 - 00002528 _____ C:\Users\Igor\Documents\Track 7 - 12.sfk 2016-07-05 15:12 - 2016-07-05 15:17 - 00014064 _____ C:\Users\Igor\Documents\Track 7 - 10.sfk 2016-07-05 15:12 - 2016-07-05 15:13 - 00633310 _____ C:\Users\Igor\Documents\Track 7 - 12.wav 2016-07-05 15:12 - 2016-07-05 15:12 - 02051118 _____ C:\Users\Igor\Documents\Track 7 - 11.wav 2016-07-05 15:12 - 2016-07-05 15:12 - 00008064 _____ C:\Users\Igor\Documents\Track 7 - 11.sfk 2016-07-05 15:11 - 2016-07-05 15:12 - 01792586 _____ C:\Users\Igor\Documents\Track 7 - 10.wav 2016-07-05 15:11 - 2016-07-05 15:11 - 01596866 _____ C:\Users\Igor\Documents\Track 7 - 9.wav 2016-07-05 15:11 - 2016-07-05 15:11 - 00012536 _____ C:\Users\Igor\Documents\Track 7 - 9.sfk 2016-07-05 15:11 - 2016-07-05 15:11 - 00007832 _____ C:\Users\Igor\Documents\Track 7 - 8.sfk 2016-07-05 15:10 - 2016-07-05 15:11 - 00994418 _____ C:\Users\Igor\Documents\Track 7 - 8.wav 2016-07-05 15:10 - 2016-07-05 15:11 - 00007664 _____ C:\Users\Igor\Documents\Track 7 - 7.sfk 2016-07-05 15:04 - 2016-07-05 15:10 - 00973670 _____ C:\Users\Igor\Documents\Track 7 - 7.wav 2016-07-05 15:04 - 2016-07-05 15:06 - 00013120 _____ C:\Users\Igor\Documents\Track 7 - 6.sfk 2016-07-05 15:04 - 2016-07-05 15:06 - 00012824 _____ C:\Users\Igor\Documents\Track 7 - 3.sfk 2016-07-05 15:04 - 2016-07-05 15:06 - 00006504 _____ C:\Users\Igor\Documents\Track 7 - 4.sfk 2016-07-05 15:04 - 2016-07-05 15:06 - 00006368 _____ C:\Users\Igor\Documents\Track 7 - 5.sfk 2016-07-05 15:04 - 2016-07-05 15:04 - 01672138 _____ C:\Users\Igor\Documents\Track 7 - 6.wav 2016-07-05 15:04 - 2016-07-05 15:04 - 00825018 _____ C:\Users\Igor\Documents\Track 7 - 4.wav 2016-07-05 15:04 - 2016-07-05 15:04 - 00807422 _____ C:\Users\Igor\Documents\Track 7 - 5.wav 2016-07-05 15:03 - 2016-07-05 15:06 - 00007120 _____ C:\Users\Igor\Documents\Track 7 - 2.sfk 2016-07-05 15:03 - 2016-07-05 15:04 - 01633846 _____ C:\Users\Igor\Documents\Track 7 - 3.wav 2016-07-05 15:03 - 2016-07-05 15:03 - 00904242 _____ C:\Users\Igor\Documents\Track 7 - 2.wav 2016-07-05 15:03 - 2016-07-05 15:03 - 00010976 _____ C:\Users\Igor\Documents\Track 7 - 1.sfk 2016-07-05 15:02 - 2016-07-05 15:03 - 01397586 _____ C:\Users\Igor\Documents\Track 7 - 1.wav 2016-07-05 14:58 - 2016-07-05 15:02 - 00021992 _____ C:\Users\Igor\Downloads\Finding Nemo - Darla s entrance in beautiful HD.mp3.sfk 2016-07-05 14:43 - 2016-07-05 14:43 - 01513834 _____ C:\Users\Igor\Documents\Track 6 - 5.wav 2016-07-05 14:43 - 2016-07-05 14:43 - 00005968 _____ C:\Users\Igor\Documents\Track 6 - 5.sfk 2016-07-05 14:43 - 2016-07-05 14:43 - 00004720 _____ C:\Users\Igor\Documents\Track 6 - 4.sfk 2016-07-05 14:42 - 2016-07-05 14:43 - 01193190 _____ C:\Users\Igor\Documents\Track 6 - 4.wav 2016-07-05 14:42 - 2016-07-05 14:42 - 00008912 _____ C:\Users\Igor\Documents\Track 6 - 3.sfk 2016-07-05 14:41 - 2016-07-05 14:42 - 02267554 _____ C:\Users\Igor\Documents\Track 6 - 3.wav 2016-07-05 14:41 - 2016-07-05 14:41 - 00020208 _____ C:\Users\Igor\Documents\Track 6 - 2.sfk 2016-07-05 14:39 - 2016-07-05 14:41 - 05158050 _____ C:\Users\Igor\Documents\Track 6 - 2.wav 2016-07-05 14:39 - 2016-07-05 14:39 - 04830490 _____ C:\Users\Igor\Documents\Track 6 - 1.wav 2016-07-05 14:39 - 2016-07-05 14:39 - 00018928 _____ C:\Users\Igor\Documents\Track 6 - 1.sfk 2016-07-04 19:04 - 2016-07-04 19:04 - 215700424 _____ C:\Users\Igor\Downloads\OpEx_Especial_711_FHD.mkv 2016-07-04 18:59 - 2016-07-04 18:59 - 395057820 _____ C:\Users\Igor\Downloads\OpEx_748_FHD.mkv 2016-07-04 17:01 - 2016-07-04 17:03 - 00246776 _____ C:\Users\Igor\Downloads\B J Thomas - Raindrops Keep Fallin On My Head.mp3.sfk 2016-07-04 16:56 - 2016-07-04 16:56 - 00255592 _____ C:\Users\Igor\Downloads\The Sound of Silence Original Version from 1964.mp3.sfk 2016-07-04 16:49 - 2016-07-04 16:49 - 00000132 _____ C:\Users\Igor\AppData\Roaming\Adobe PNG Format CS6 Prefs 2016-07-04 16:42 - 2016-07-04 16:42 - 00006523 _____ C:\Users\Igor\Downloads\roman_rustica.zip 2016-07-04 16:24 - 2016-07-04 17:04 - 00003089 _____ C:\Users\Igor\Downloads\Roteiro do conto O Espelho.odt 2016-07-04 16:21 - 2016-07-04 16:21 - 00001640 _____ C:\Users\Igor\Documents\Track 5 - 2.sfk 2016-07-04 16:20 - 2016-07-04 16:21 - 00404902 _____ C:\Users\Igor\Documents\Track 5 - 2.wav 2016-07-04 16:20 - 2016-07-04 16:20 - 00715366 _____ C:\Users\Igor\Documents\Track 5 - 1.wav 2016-07-04 16:20 - 2016-07-04 16:20 - 00002848 _____ C:\Users\Igor\Documents\Track 5 - 1.sfk 2016-07-04 16:08 - 2016-07-04 16:19 - 00082656 _____ C:\Users\Igor\Downloads\The Best Of The Spongebob TimeCards.mp4.sfk 2016-07-04 15:46 - 2016-07-04 15:46 - 09145654 _____ C:\Users\Igor\Downloads\The Best Of The Spongebob TimeCards.mp4 2016-06-30 18:12 - 2016-06-30 18:17 - 00094780 _____ C:\Users\Igor\Downloads\FUNK - Mc Koringa - Danca Sensual Playback Musical.mp3.sfk 2016-06-30 17:58 - 2016-06-30 17:58 - 00000000 ____D C:\Users\Igor\AppData\Local\fontconfig 2016-06-30 17:58 - 2016-06-30 17:58 - 00000000 ____D C:\Users\Igor\.cache 2016-06-30 17:45 - 2016-06-30 17:45 - 00000000 ____D C:\Users\Igor\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence 2016-06-30 17:43 - 2016-06-30 17:43 - 00000047 _____ C:\Users\Igor\AppData\Roaming\WB.CFG 2016-06-30 16:44 - 2016-07-01 13:05 - 00000000 ____D C:\Users\Igor\AppData\Local\Chromium 2016-06-30 16:44 - 2016-06-30 16:44 - 00000000 ____D C:\FFOutput 2016-06-30 16:43 - 2016-07-01 13:05 - 00000000 ____D C:\Users\Igor\AppData\Local\{45DC7367-608E-1E11-0BB8-39C3D76AC4FD} 2016-06-30 16:43 - 2016-06-30 16:43 - 00001071 _____ C:\Users\Igor\Desktop\Format Factory.lnk 2016-06-30 16:43 - 2016-06-30 16:43 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol 2016-06-30 16:43 - 2016-06-30 16:43 - 00000372 __RSH C:\ProgramData\ntuser.pol 2016-06-30 16:43 - 2016-06-30 16:43 - 00000000 ____D C:\Users\Igor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory 2016-06-30 16:42 - 2016-06-30 16:43 - 00000000 ____D C:\Program Files (x86)\FormatFactory 2016-06-30 16:41 - 2016-06-30 16:42 - 45376272 _____ (Free Time Co., Ltd) C:\Users\Igor\Downloads\FFSetup.exe 2016-06-26 13:28 - 2016-06-26 13:29 - 304490699 _____ C:\Users\Igor\Downloads\OpEx_747_FHD.mkv 2016-06-25 22:13 - 2016-06-25 22:13 - 00005435 _____ C:\Users\Igor\Downloads\comment_37668388 (2).jse 2016-06-25 22:13 - 2016-06-25 22:13 - 00000040 ____H C:\44725256B47D 2016-06-25 22:13 - 2016-06-25 22:13 - 00000000 ____D C:\Users\Igor\AppData\LocalLow\Adobe 2016-06-25 22:12 - 2016-06-25 22:12 - 00005435 _____ C:\Users\Igor\Downloads\comment_37668388.jse 2016-06-25 22:12 - 2016-06-25 22:12 - 00005435 _____ C:\Users\Igor\Downloads\comment_37668388 (1).jse 2016-06-25 22:12 - 2016-06-25 22:12 - 00002424 _____ C:\Users\Igor\Desktop\Adobe Photoshop CS6.lnk 2016-06-25 22:11 - 2016-06-25 22:11 - 132199538 _____ C:\Users\Igor\Downloads\Photoshop CS6.rar 2016-06-25 22:11 - 2016-06-25 22:11 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-06-14 21:50 - 2016-04-14 02:38 - 00113216 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2016-06-14 21:50 - 2016-04-14 02:38 - 00102976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2016-06-14 21:50 - 2016-04-14 02:38 - 00056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2016-05-21 17:47 - 2016-05-21 17:47 - 00000000 ____D C:\Crash 2016-05-03 19:59 - 2016-05-03 19:59 - 00000000 ____D C:\Users\Igor\Documents\PointBlank 2016-05-03 19:41 - 2016-05-03 20:12 - 00000000 ____D C:\Users\Igor\AppData\Local\PointBlank 2016-05-03 19:19 - 2016-05-03 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PointBlank 2016-05-03 19:15 - 2016-05-03 19:15 - 00000000 ____D C:\ongame 2016-05-03 17:58 - 2016-05-03 17:58 - 00000000 ____D C:\Windows\PCHEALTH 2016-05-03 17:58 - 2016-05-03 17:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-05-03 17:56 - 2016-05-03 17:58 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help 2016-05-03 17:56 - 2016-05-03 17:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-05-03 17:56 - 2016-05-03 17:56 - 00000000 ____D C:\Users\Igor\AppData\Local\Microsoft Help 2016-05-03 17:56 - 2016-05-03 17:56 - 00000000 ____D C:\Program Files\Microsoft Office 2016-05-03 17:55 - 2016-05-03 17:55 - 00000000 __RHD C:\MSOCache 2016-05-03 17:32 - 2016-05-03 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Microsoft Office Interactive Guides 2016-05-03 17:24 - 2016-05-03 17:24 - 00000000 ____D C:\Program Files (x86)\MSECache ==================== Três Meses Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-07-29 18:08 - 2016-02-03 15:15 - 00000000 _____ C:\Windows\system32\RzSurroundVADAudioDeviceManager_log.txt 2016-07-29 18:01 - 2016-02-03 20:44 - 00000000 ____D C:\Users\Igor\AppData\Roaming\Skype 2016-07-29 18:00 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf 2016-07-29 17:56 - 2016-02-11 04:37 - 00000000 ____D C:\Program Files (x86)\Steam 2016-07-29 17:53 - 2016-02-03 14:36 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-07-29 16:11 - 2016-02-11 14:53 - 00000386 _____ C:\Windows\Tasks\update-sys.job 2016-07-29 15:15 - 2016-02-11 14:53 - 00000386 _____ C:\Windows\Tasks\update-S-1-5-21-1016689697-3733000138-1141061354-1000.job 2016-07-29 15:09 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-07-29 15:09 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-07-29 15:01 - 2016-02-16 23:30 - 00000000 ____D C:\Users\Igor\Desktop\Vídeos 2016-07-29 15:01 - 2016-02-03 14:36 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-07-29 15:00 - 2016-02-03 15:25 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA 2016-07-29 15:00 - 2016-02-03 15:25 - 00000000 ____D C:\ProgramData\NVIDIA 2016-07-29 15:00 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-07-28 22:00 - 2016-04-17 22:00 - 00000364 _____ C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Igor).job 2016-07-28 19:48 - 2016-02-03 14:36 - 00004066 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-07-28 19:48 - 2016-02-03 14:36 - 00003814 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-07-28 01:27 - 2016-02-12 01:25 - 00000000 ____D C:\Users\Igor\AppData\Roaming\TS3Client 2016-07-27 00:07 - 2009-07-29 13:08 - 00704478 _____ C:\Windows\system32\prfh0416.dat 2016-07-27 00:07 - 2009-07-29 13:08 - 00146784 _____ C:\Windows\system32\prfc0416.dat 2016-07-27 00:07 - 2009-07-14 02:13 - 01631590 _____ C:\Windows\system32\PerfStringBackup.INI 2016-07-26 19:27 - 2016-02-15 06:42 - 00000000 ____D C:\Users\Igor\AppData\Roaming\uTorrent 2016-07-26 18:42 - 2016-02-15 07:15 - 00000000 ___SD C:\Users\Igor\AppData\LocalLow\Temp 2016-07-24 19:16 - 2016-02-04 20:15 - 00000000 ____D C:\Users\Igor\AppData\Roaming\vlc 2016-07-21 19:19 - 2009-07-14 02:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-07-14 14:03 - 2016-02-23 23:00 - 00000000 ____D C:\Users\Igor\AppData\Local\osu! 2016-07-05 13:00 - 2016-02-03 14:36 - 00062904 _____ C:\Users\Igor\AppData\Local\GDIPFONTCACHEV1.DAT 2016-07-05 13:00 - 2009-07-14 01:45 - 00293728 _____ C:\Windows\system32\FNTCACHE.DAT 2016-06-30 17:58 - 2016-02-03 14:24 - 00000000 ____D C:\Users\Igor 2016-06-30 16:43 - 2009-07-14 00:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2016-06-30 16:43 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy ==================== Arquivos na raiz de alguns diretórios ======= 2016-07-04 16:49 - 2016-07-04 16:49 - 0000132 _____ () C:\Users\Igor\AppData\Roaming\Adobe PNG Format CS6 Prefs 2016-06-30 17:43 - 2016-06-30 17:43 - 0000047 _____ () C:\Users\Igor\AppData\Roaming\WB.CFG 2016-02-11 14:53 - 2016-02-11 14:53 - 0000003 _____ () C:\Users\Igor\AppData\Local\updater.log 2016-02-11 14:53 - 2016-02-11 14:53 - 0000424 _____ () C:\Users\Igor\AppData\Local\UserProducts.xml 2016-02-03 14:35 - 2016-02-03 14:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Alguns arquivos em TEMP: ==================== C:\Users\Igor\AppData\Local\Temp\287c499808bcff52a39d16f78044882a.dll C:\Users\Igor\AppData\Local\Temp\52dfb96d2b3c07123e491aa75b37244d.dll C:\Users\Igor\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Igor\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\Igor\AppData\Local\Temp\nvStInst.exe C:\Users\Igor\AppData\Local\Temp\scpC5D3.tmp.exe C:\Users\Igor\AppData\Local\Temp\_tmpdgp.exe ==================== Bamital & volsnap ================= (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2016-06-20 15:29 ==================== Fim de FRST.txt ============================