Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 19-11-2016 01
Executado por Joao (administrador) em JOAO-PC (19-11-2016 13:18:20)
Executando a partir de C:\Users\Joao\Downloads\Programs
Perfis Carregados: Joao (Perfis Disponíveis: Joao)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(Motorola) C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [14467328 2015-07-30] (Realtek Semiconductor)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [187152 2016-09-13] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)
HKU\S-1-5-21-2771025670-3476556053-1698448686-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3966064 2016-07-14] (Tonec Inc.)
HKU\S-1-5-21-2771025670-3476556053-1698448686-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [4556048 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-2771025670-3476556053-1698448686-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-2771025670-3476556053-1698448686-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [2852128 2016-08-02] (Valve Corporation)
HKU\S-1-5-21-2771025670-3476556053-1698448686-1000\...\MountPoints2: E - E:\setup.exe /autorun
HKU\S-1-5-21-2771025670-3476556053-1698448686-1000\...\MountPoints2: {0b55eaf8-5355-11e6-9463-001a4dafa9cd} - E:\Launcher.exe
HKU\S-1-5-21-2771025670-3476556053-1698448686-1000\...\MountPoints2: {2d35998c-1d2d-11e6-ae9e-001a4dafa9cd} - E:\setup.exe
HKU\S-1-5-21-2771025670-3476556053-1698448686-1000\...\MountPoints2: {77e1dab5-2f64-11e6-b7cd-001a4dafa9cd} - E:\AutoRun.exe
HKU\S-1-5-21-2771025670-3476556053-1698448686-1000\...\MountPoints2: {c09f9f99-3009-11e6-ab88-001a4dafa9cd} - E:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2016-05-22] (Microsoft Corporation)
IFEO\driverupdateui.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\javacpl.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\javaw.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\javaws.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\skype.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\steam.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
GroupPolicy: Restrição ? <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [147456 2008-12-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5526FC97-7ADE-4681-80E1-3C7ACD240559}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{5526FC97-7ADE-4681-80E1-3C7ACD240559}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{EBECB296-A5F3-4410-A7CD-66514CB8DCD5}: [DhcpNameServer] 177.155.175.254 208.67.222.222
ManualProxies: 0hxxp://noneblock.com/wpad.dat?2dbfefff096a3373ad489d67c51745f017916697

Internet Explorer:
==================
HKU\S-1-5-21-2771025670-3476556053-1698448686-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131091939966705132&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-21-2771025670-3476556053-1698448686-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2771025670-3476556053-1698448686-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2771025670-3476556053-1698448686-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2016-07-13] (Internet Download Manager, Tonec Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-29] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-29] (Oracle Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: 2p59kbqg.default
FF ProfilePath: C:\Users\Joao\AppData\Roaming\Mozilla\Firefox\Profiles\7xbhjkdt.default [2016-08-01]
FF ProfilePath: C:\Users\Joao\AppData\Roaming\Profiles\2p59kbqg.default [2016-08-01]
FF NewTab: Profiles\2p59kbqg.default -> hxxp://www.hohosearch.com/?ts=AHEqAnAoAnYoCE..&v=20160513&uid=E6C7CF99B0A4F5ED962C6E8709040AB1&ptid=pro&mode=loadm
FF DefaultSearchEngine: Profiles\2p59kbqg.default -> hohosearch
FF DefaultSearchEngine.US: Profiles\2p59kbqg.default -> data:text/plain,browser.search.defaultenginename.US=hohosearch
FF SelectedSearchEngine: Profiles\2p59kbqg.default -> hohosearch
FF Homepage: Profiles\2p59kbqg.default -> hxxp://www.hohosearch.com/?ts=AHEqAnAoAnYoCE..&v=20160513&uid=E6C7CF99B0A4F5ED962C6E8709040AB1&ptid=pro&mode=loadm
FF Keyword.URL: Profiles\2p59kbqg.default -> hxxp://www.hohosearch.com/chrome.php?uid=E6C7CF99B0A4F5ED962C6E8709040AB1&ptid=pro&ts=AHEqAnAoAnYoCE..&v=20160513&mode=ffexttoolbar&q=
FF Extension: (GsearchFinder) - C:\Users\Joao\AppData\Roaming\Profiles\2p59kbqg.default\Extensions\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi [2016-05-13]
FF SearchPlugin: C:\Users\Joao\AppData\Roaming\Profiles\2p59kbqg.default\searchplugins\ejcaemc8.xml [2016-05-15]
FF HKU\S-1-5-21-2771025670-3476556053-1698448686-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2016-06-08]
FF HKU\S-1-5-21-2771025670-3476556053-1698448686-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Joao\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Joao\AppData\Roaming\IDM\idmmzcc5 [2016-11-19] [não assinado]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-29] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-16] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default [2016-11-19]
CHR Extension: (Google Docs) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-16]
CHR Extension: (Google Drive) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-16]
CHR Extension: (YouTube) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-16]
CHR Extension: (Documentos Google off-line) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-16]
CHR Extension: (Vysor) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2016-11-18]
CHR Extension: (IDM Integration Module) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-11-16]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-16]
CHR Extension: (Gmail) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-16]
CHR Extension: (Chrome Media Router) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-16]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2016-07-13]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2771025670-3476556053-1698448686-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [945936 2016-09-13] (AVG Technologies CZ, s.r.o.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1030928 2015-02-27] (Disc Soft Ltd)
S4 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [396952 2016-06-08] ()
S4 Motorola Device Manager; C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility LLC)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation)
S3 npggsvc; C:\Windows\system32\GameMon.des [5687272 2016-07-10] (INCA Internet Co., Ltd.)
R2 PST Service; C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Arquivo não assinado]
S4 SystemUsageReportSvc_WILLAMETTE; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [3844880 2016-11-02] (AVG Technologies CZ, s.r.o.)
S4 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [396952 2016-06-08] ()
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [48912 2016-11-02] (AVG Technologies CZ, s.r.o.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 DroidCam; C:\Windows\System32\DRIVERS\droidcam.sys [30008 2016-08-10] (Dev47Apps)
R3 DroidCamVideo; C:\Windows\System32\DRIVERS\droidcamvideo.sys [225720 2016-08-10] (Dev47Apps)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [25104 2016-05-18] (Disc Soft Ltd)
S3 gdrv; C:\Windows\gdrv.sys [17488 2016-07-27] (Windows (R) 2000 DDK provider)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2016-05-30] (REALiX(tm))
R3 int0800; C:\Windows\System32\DRIVERS\flashud.sys [42496 2009-09-09] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [17920 2014-01-12] (Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [76288 2014-01-12] (Nuvoton Technology Corp.)
R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [31792 2016-06-01] (AVG Netherlands B.V.)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2015-11-05] (Apple, Inc.) [Arquivo não assinado]
S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [113904 2016-10-18] (Oracle Corporation)
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-11-19 13:18 - 2016-11-19 13:18 - 00000000 ____D C:\FRST
2016-11-18 14:07 - 2016-11-18 14:07 - 00041862 _____ C:\Users\Joao\Downloads\download.htm
2016-11-18 13:19 - 2016-11-18 13:19 - 00000000 ____D C:\Users\Joao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome
2016-11-16 19:00 - 2016-11-16 19:01 - 00000000 ____D C:\Users\Joao\Documents\Minhas Musicas
2016-11-16 18:36 - 2016-11-16 18:45 - 00000000 ____D C:\FFOutput
2016-11-16 18:36 - 2016-11-16 18:36 - 00000000 ____D C:\Users\Todos os Usuários\Baidu
2016-11-16 18:36 - 2016-11-16 18:36 - 00000000 ____D C:\Users\Public\Documents\Baidu
2016-11-16 18:36 - 2016-11-16 18:36 - 00000000 ____D C:\ProgramData\Baidu
2016-11-16 18:33 - 2016-11-16 18:33 - 00001120 _____ C:\Users\Joao\Desktop\Format Factory.lnk
2016-11-16 18:33 - 2016-11-16 18:33 - 00000000 ____D C:\Users\Joao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2016-11-16 18:32 - 2016-11-16 18:32 - 00000000 ____D C:\Program Files\FreeTime
2016-11-16 18:22 - 2016-11-16 18:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKV Player
2016-11-16 18:22 - 2016-11-16 18:22 - 00000000 ____D C:\Program Files\MKV Player
2016-11-16 15:31 - 2016-11-16 16:21 - 00000000 ____D C:\Users\Joao\Downloads\Esquadrão Suicida 2016 [WEB-DL] WWW.BLUDV.COM
2016-11-16 15:05 - 2016-11-18 13:10 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-16 15:05 - 2016-11-16 15:05 - 00002175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-16 14:30 - 2016-11-19 12:43 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-16 14:30 - 2016-11-18 18:35 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-16 14:30 - 2016-11-16 15:04 - 00000000 ____D C:\Program Files\Google
2016-11-15 16:04 - 2016-11-15 16:04 - 00116796 _____ C:\Users\Joao\Documents\project.cedprj
2016-11-15 15:54 - 2016-11-15 15:54 - 00190528 _____ C:\Users\Joao\Downloads\bully.ps2.fulldvd.ntsc[www.gamestorrent.biz].torrent
2016-11-15 15:34 - 2016-11-15 15:34 - 00000000 ____D C:\Users\Joao\Documents\Ashampoo Burning Studio 16
2016-11-15 14:32 - 2016-11-15 18:45 - 00000000 ____D C:\Users\Joao\Downloads\GOD OF WAR 2 LEGENDADO PT-Br
2016-11-15 14:30 - 2016-11-15 14:30 - 00016550 _____ C:\Users\Joao\Downloads\[baixargamestorrent.biz]god.of.war.2.legendado.pt.br.torrent
2016-11-15 14:10 - 2016-11-15 14:10 - 00001330 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 16.lnk
2016-11-15 14:10 - 2016-11-15 14:10 - 00000214 _____ C:\Users\Public\Desktop\My Software Deals.url
2016-11-15 14:10 - 2016-11-15 14:10 - 00000000 ____D C:\Users\Joao\AppData\Roaming\Ashampoo
2016-11-15 14:10 - 2016-11-15 14:10 - 00000000 ____D C:\Users\Joao\AppData\Local\ashampoo
2016-11-15 14:10 - 2016-11-15 14:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2016-11-15 14:08 - 2016-11-15 14:10 - 00000000 ____D C:\Users\Todos os Usuários\Ashampoo
2016-11-15 14:08 - 2016-11-15 14:10 - 00000000 ____D C:\ProgramData\Ashampoo
2016-11-15 14:08 - 2016-11-15 14:08 - 00000000 ____D C:\Program Files\Ashampoo
2016-11-14 18:12 - 2016-11-14 18:34 - 3805544448 _____ C:\Users\Joao\Documents\SPIDERMAN3.ISO
2016-11-09 16:48 - 2016-11-09 16:48 - 00000000 ____D C:\Windows\system32\{reg}
2016-11-09 16:47 - 2016-11-09 16:48 - 00000000 ____D C:\Program Files\IV2SAv0.5
2016-11-09 16:47 - 2016-11-09 16:47 - 00000032 _____ C:\Windows\CD_Start.INI
2016-11-09 16:44 - 2016-11-09 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mad Penguin Productions
2016-11-08 18:50 - 2016-11-09 16:38 - 00000000 ____D C:\Users\Joao\Desktop\Alci's IMG Editor 1.5 [www.modsgtasa.com.br]
2016-11-08 15:10 - 2016-11-08 15:10 - 00009679 _____ C:\Users\Joao\Downloads\Pack de Animações Realistas para CJ.rar
2016-11-08 14:19 - 2016-11-08 14:19 - 00000930 _____ C:\Users\Joao\Desktop\GameSpy Arcade.lnk
2016-11-08 14:19 - 2016-11-08 14:19 - 00000000 ____D C:\Users\Joao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2016-11-08 14:19 - 2016-11-08 14:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2016-11-08 14:19 - 2016-11-08 14:19 - 00000000 ____D C:\Program Files\GameSpy Arcade
2016-11-08 14:18 - 2016-11-09 22:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2016-11-08 14:18 - 2016-11-08 21:41 - 00002102 _____ C:\Users\Public\Desktop\Halo.lnk
2016-11-08 13:31 - 2016-11-08 13:51 - 00000000 ____D C:\Users\Joao\Downloads\Halo Combat Evolved Full PC Game ISO + Crack [grvtyne0k]
2016-11-08 13:17 - 2016-11-08 13:17 - 00013276 _____ C:\Users\Joao\Downloads\Halo.torrent
2016-11-08 13:05 - 2016-11-08 13:06 - 00000000 ___RD C:\Users\Joao\Documents\Notes
2016-11-07 19:08 - 2016-11-07 19:08 - 00000000 ____D C:\Users\Todos os Usuários\AirDroid
2016-11-07 19:08 - 2016-11-07 19:08 - 00000000 ____D C:\ProgramData\AirDroid
2016-11-07 18:28 - 2016-11-07 18:28 - 00000990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall .lnk
2016-11-06 17:32 - 2016-11-06 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bonjour
2016-11-06 17:32 - 2016-11-06 17:32 - 00000000 ____D C:\Program Files\Bonjour
2016-11-06 17:24 - 2016-11-06 17:24 - 00571203 _____ C:\Users\Joao\Downloads\Animações do Espetacular Homem Aranha.rar
2016-11-06 16:14 - 2016-11-06 16:14 - 00007248 _____ C:\Users\Joao\Downloads\Estuprador Mod.rar
2016-11-06 15:19 - 2016-11-08 18:44 - 00000000 ____D C:\Users\Joao\Documents\GTA San Andreas User Files
2016-11-06 15:13 - 2011-04-23 22:46 - 00415232 _____ C:\Users\Joao\Desktop\San Andreas FPS Increaser.exe
2016-11-06 14:44 - 2016-11-06 14:44 - 00001798 _____ C:\Users\Joao\Desktop\GTA San Andreas.lnk
2016-11-06 11:12 - 2016-11-06 11:41 - 00000000 ____D C:\Users\Joao\.VirtualBox
2016-11-06 11:11 - 2016-11-06 11:11 - 00000000 ____D C:\Program Files\Oracle
2016-11-06 10:55 - 2016-11-06 10:58 - 00043123 _____ C:\Users\Joao\genymotion-log.zip
2016-11-06 10:53 - 2016-11-06 11:53 - 00000000 ____D C:\Users\Joao\AppData\Local\Genymobile
2016-11-05 16:26 - 2016-11-05 16:26 - 00000000 ____D C:\Users\Joao\Downloads\MEmu Download
2016-11-05 15:32 - 2016-08-11 07:14 - 01505104 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100d.dll
2016-11-05 15:31 - 2016-08-10 11:54 - 00773968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2016-11-05 15:19 - 2014-11-07 19:00 - 00053760 _____ C:\vorbisFile.dll
2016-11-05 15:19 - 2013-02-16 14:02 - 00107584 _____ (Un4seen Developments) C:\bass.dll
2016-11-05 15:19 - 2005-06-07 23:59 - 14383616 _____ C:\GTA_SA.exe
2016-11-05 15:19 - 2003-11-16 13:48 - 00065536 _____ C:\vorbisHooked.dll
2016-11-05 12:54 - 2016-11-05 12:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GTA DW
2016-11-05 12:42 - 2016-11-05 12:51 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-05 12:42 - 2016-11-05 12:42 - 00001977 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-11-05 12:31 - 2016-11-05 12:31 - 00001088 _____ C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.6.lnk
2016-11-05 12:31 - 2016-11-05 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-11-05 12:31 - 2016-11-05 12:31 - 00000000 ____D C:\Program Files\Intel Driver Update Utility
2016-11-05 11:51 - 2016-11-05 11:51 - 00001227 _____ C:\Users\Public\Desktop\Utilitário para identificação do processador Intel(R).lnk
2016-11-05 11:51 - 2016-11-05 11:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Utilitário para identificação do processador Intel(R)
2016-11-05 11:51 - 2016-11-05 11:51 - 00000000 ____D C:\Program Files\Intel Corporation
2016-11-04 18:41 - 2016-11-02 13:14 - 00048912 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\uxtuneup.dll
2016-11-04 18:41 - 2016-11-02 13:14 - 00042256 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\authuitu.dll
2016-11-04 18:26 - 2016-11-15 20:05 - 00000000 ____D C:\Users\Joao\Downloads\Video
2016-11-01 17:36 - 2016-11-09 17:08 - 00000000 ____D C:\Program Files\GTA San Andreas
2016-10-24 21:43 - 2007-04-06 17:36 - 12346864 _____ (Activision) C:\Users\Joao\Desktop\Game.exe
2016-10-24 21:39 - 2016-10-24 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
2016-10-24 20:47 - 2016-10-24 20:47 - 00000000 ____D C:\Users\Joao\Documents\Activision
2016-10-24 20:47 - 2016-10-24 20:47 - 00000000 ____D C:\Users\Joao\AppData\Roaming\Activision
2016-10-24 20:46 - 2016-10-24 21:39 - 00000307 _____ C:\Windows\game.ini
2016-10-24 20:46 - 2016-10-24 20:46 - 00000000 __SHD C:\Windows\ftpcache
2016-10-24 20:35 - 2016-10-24 20:35 - 00000000 ____D C:\Program Files\Activision
2016-10-23 17:39 - 2016-10-23 17:39 - 00000000 ____D C:\Users\Joao\Downloads\LEGO.Batman.2.DC.Super.Heroes-RELOADED
2016-10-21 15:37 - 2016-10-21 15:42 - 00000000 ____D C:\Users\Joao\AppData\Local\Razer
2016-10-21 15:36 - 2016-10-21 15:42 - 00000000 ____D C:\Program Files\Razer
2016-10-21 15:36 - 2016-10-21 15:36 - 00000000 ____D C:\Users\Todos os Usuários\Razer
2016-10-21 15:36 - 2016-10-21 15:36 - 00000000 ____D C:\ProgramData\Razer

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-11-19 13:15 - 2016-05-28 12:32 - 00000000 ____D C:\Users\Joao\AppData\Roaming\IDM
2016-11-19 13:06 - 2007-01-01 01:16 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-19 12:49 - 2009-07-14 02:34 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-19 12:49 - 2009-07-14 02:34 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-19 12:43 - 2009-07-14 02:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-18 19:32 - 2016-05-28 12:32 - 00000000 ____D C:\Users\Joao\AppData\Roaming\DMCache
2016-11-18 19:21 - 2016-05-15 11:31 - 00000000 ____D C:\Users\Joao\AppData\Local\Microsoft Games
2016-11-17 19:23 - 2016-07-06 15:58 - 00000000 ____D C:\Users\Joao\Documents\AirDroid
2016-11-16 19:16 - 2016-05-18 17:03 - 00000000 ____D C:\Users\Joao\AppData\Roaming\uTorrent
2016-11-16 17:36 - 2016-09-08 19:07 - 00000774 _____ C:\Users\Joao\Desktop\BloodStrike.lnk
2016-11-16 15:05 - 2016-05-15 11:35 - 00000000 ____D C:\Users\Joao\AppData\Local\Google
2016-11-15 16:06 - 2016-08-31 17:56 - 00000000 ____D C:\Users\Joao\Downloads\Compressed
2016-11-14 15:28 - 2016-05-28 12:32 - 00000000 ____D C:\Program Files\Internet Download Manager
2016-11-14 15:28 - 2009-07-14 00:37 - 00000000 ____D C:\Windows\inf
2016-11-13 19:08 - 2016-08-19 18:55 - 00000000 ____D C:\Users\Joao\AppData\Roaming\ImgBurn
2016-11-09 21:55 - 2016-06-30 17:12 - 00000000 ____D C:\Users\Joao\Documents\My Games
2016-11-09 20:43 - 2016-10-06 14:49 - 00000000 ____D C:\Users\Joao\Desktop\SDATA
2016-11-08 15:06 - 2007-01-01 01:16 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-11-08 15:06 - 2007-01-01 01:16 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-11-08 15:06 - 2007-01-01 01:16 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-08 14:21 - 2016-06-26 15:10 - 00000000 ____D C:\Users\Joao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-11-08 14:16 - 2009-07-14 02:52 - 00000000 ____D C:\Program Files\Microsoft Games
2016-11-07 19:08 - 2016-08-10 14:44 - 00000000 ____D C:\Program Files\AirDroid
2016-11-06 14:44 - 2016-10-19 16:19 - 00001828 _____ C:\Users\Joao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jogar GTA San Andreas.lnk
2016-11-06 11:54 - 2016-08-10 17:15 - 00000000 ____D C:\Users\Joao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-11-06 11:54 - 2016-08-10 17:14 - 00000000 ____D C:\Users\Joao\AppData\Local\Discord
2016-11-06 11:12 - 2016-05-14 17:34 - 00000000 ____D C:\Users\Joao
2016-11-05 16:30 - 2016-07-16 16:49 - 00000000 ____D C:\Program Files\Microvirt
2016-11-05 16:25 - 2016-07-16 16:50 - 00000000 ____D C:\Users\Joao\.android
2016-11-05 12:54 - 2016-06-26 15:10 - 00000000 ____D C:\Users\Todos os Usuários\modloader
2016-11-05 12:54 - 2016-06-26 15:10 - 00000000 ____D C:\Users\Joao\AppData\Local\modloader
2016-11-05 12:54 - 2016-06-26 15:10 - 00000000 ____D C:\ProgramData\modloader
2016-11-05 12:44 - 2016-07-27 18:03 - 00000000 ____D C:\Users\Joao\AppData\Local\Adobe
2016-11-05 12:41 - 2016-07-27 18:07 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-11-05 12:41 - 2016-06-26 17:24 - 00000000 ____D C:\Program Files\Adobe
2016-11-05 12:31 - 2016-07-16 17:50 - 00000000 ____D C:\Program Files\Intel
2016-11-05 12:31 - 2016-05-18 17:29 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-11-05 12:31 - 2016-05-18 17:29 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-05 11:41 - 2016-07-16 16:22 - 00000000 ____D C:\Users\Joao\AppData\Local\Nox
2016-11-02 13:19 - 2016-07-08 17:03 - 00049936 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe
2016-11-01 17:58 - 2016-07-08 16:59 - 00000000 ____D C:\Users\Joao\AppData\Local\Avg
2016-10-25 17:37 - 2016-05-22 16:35 - 00407720 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-10-24 21:40 - 2009-07-14 02:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-10-24 20:46 - 2016-06-11 19:00 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-10-21 14:44 - 2016-07-26 20:39 - 00000808 _____ C:\Users\Joao\Desktop\LEGO® Batman™ 2 DC Super Heroes - Atalho.lnk
2016-10-21 14:33 - 2009-07-29 16:46 - 00704478 _____ C:\Windows\system32\prfh0416.dat
2016-10-21 14:33 - 2009-07-29 16:46 - 00146784 _____ C:\Windows\system32\prfc0416.dat
2016-10-21 14:33 - 2002-01-01 06:41 - 01631590 _____ C:\Windows\system32\PerfStringBackup.INI

==================== Arquivos na raiz de alguns diretórios =======

2016-07-07 15:50 - 2016-07-07 15:50 - 0000092 _____ () C:\Program Files\FRAPSLOG.TXT
2016-05-15 18:25 - 2016-05-15 18:25 - 0001336 _____ () C:\Users\Joao\AppData\Roaming\Bubble Dock.boostrap.log
2016-05-15 18:25 - 2016-05-15 18:25 - 0000097 _____ () C:\Users\Joao\AppData\Roaming\WindApp.boostrap.log
2016-05-17 19:34 - 2016-05-17 19:35 - 0000000 _____ () C:\Users\Joao\AppData\Local\{F73BF8D1-D385-4007-BB54-2F95AA147D6F}
2007-01-01 01:17 - 2007-01-01 01:17 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-10 17:26 - 2016-08-13 16:46 - 0000033 _____ () C:\ProgramData\droidcam-settings

Alguns arquivos em TEMP:
====================
C:\Users\Joao\AppData\Local\Temp\comver.dll


==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-07-27 13:45

==================== Fim de FRST.txt ============================