Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 29-09-2017
Executado por patrick joão (administrador) em PC (29-09-2017 21:35:24)
Executando a partir de C:\Users\patrick joão\Desktop
Perfis Carregados: patrick joão (Perfis Disponíveis: patrick joão & outros)
Platform: Windows 8.1 Single Language (Update) (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
() C:\Users\patrick joão\AppData\Roaming\NetService\netservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
() C:\Users\patrick joão\AppData\Roaming\WinNetSvc\WinNetSvc.exe
() C:\Users\patrick joão\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Network\Dsq\browser\syshostctl.exe
(Mega Limited) C:\Users\patrick joão\AppData\Local\MEGAsync\MEGAsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
() C:\ProgramData\KingsIsle Entertainment\Wizard101\PatchClient\BankB\WizardLauncher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NC Interactive, LLC) C:\Users\patrick joão\AppData\Local\Temp\{DC5D2449-239C-4B9E-8555-7EDA92A99EDF}\setup.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe

==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-21] (AVAST Software)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll [X]
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\...\Policies\Explorer: [TaskbarNoThumbnail] 1
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\...\MountPoints2: {026f5b6a-d114-11e2-beda-eca86bb2c9ad} - "F:\AutoRun.exe" "motorola.html"
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\...\MountPoints2: {270de048-d3ef-11e4-81d1-eca86bb2c9ad} - "F:\setup.exe" 
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\...\MountPoints2: {36e33d8d-8f75-11e4-8194-eca86bb2c9ad} - "D:\autorun.exe" 
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\...\MountPoints2: {4c375b28-7b07-11e3-8251-eca86bb2c9ad} - "F:\setup.exe" 
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\...\MountPoints2: {9e6cb0cb-c761-11e3-8089-eca86bb2c9ad} - "E:\LGAutoRun.exe" 
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => Nenhum Arquivo
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => Nenhum Arquivo
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll -> Nenhum Arquivo
Startup: C:\Users\patrick joão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-04-02]
ShortcutTarget: MEGAsync.lnk -> C:\Users\patrick joão\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
GroupPolicy: Restrição - Chrome <==== ATENÇÃO
GroupPolicyUsers\S-1-5-21-3732197090-2549513608-2655625776-1002\User: Restrição <==== ATENÇÃO
GroupPolicyUsers\S-1-5-21-3732197090-2549513608-2655625776-1001\User: Restrição <==== ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

ProxyEnable: [.DEFAULT] => Proxy está habilitado.
ProxyServer: [.DEFAULT] => http=127.0.0.1:58261;https=127.0.0.1:58261
ProxyEnable: [S-1-5-21-3732197090-2549513608-2655625776-1001] => Proxy está habilitado.
ProxyServer: [S-1-5-21-3732197090-2549513608-2655625776-1001] => http=127.0.0.1:8080;https=127.0.0.1:8080
Winsock: Catalog5 01 C:\ProgramData\Windows\System32\Mswapi32.dll => Nenhum Arquivo 
Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\sslsp105.dll [73984 2015-07-13] (SumRando)
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\sslsp105.dll [73984 2015-07-13] (SumRando)
Winsock: Catalog9 13 C:\WINDOWS\SysWOW64\sslsp105.dll [73984 2015-07-13] (SumRando)
Winsock: Catalog5-x64 01 C:\ProgramData\Windows\System32\Mswapi64.dll [3302400 2017-07-18] ()
Winsock: Catalog9-x64 01 C:\WINDOWS\system32\sslsp105.dll [75520 2015-07-13] (SumRando)
Winsock: Catalog9-x64 02 C:\WINDOWS\system32\sslsp105.dll [75520 2015-07-13] (SumRando)
Winsock: Catalog9-x64 13 C:\WINDOWS\system32\sslsp105.dll [75520 2015-07-13] (SumRando)
Tcpip\..\Interfaces\{3518D999-C675-4CB6-9E8B-1644006F8234}: [NameServer] 192.168.15.1
ManualProxies: 1http=127.0.0.1:8080;https=127.0.0.1:8080

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.top8844.com?oem=top8844&uid=S2A8V6P1_ST500DM002-1BD142&tm=1449944017
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.top8844.com?oem=top8844&uid=S2A8V6P1_ST500DM002-1BD142&tm=1449944017
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1435714507&z=a5371985838014af282c9bagaz0cdwfmagfz3b9w4g&from=cornl&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.top8844.com?oem=top8844&uid=S2A8V6P1_ST500DM002-1BD142&tm=1449944017
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1435714507&z=a5371985838014af282c9bagaz0cdwfmagfz3b9w4g&from=cornl&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.123rede.com?oem=mbtkv5&uid=S2A8V6P1_ST500DM002-1BD142&tm=1468481232
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = www.123rede.com?oem=mbtkv5&uid=S2A8V6P1_ST500DM002-1BD142&tm=1468481232
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=119556&babsrc=HP_ss&mntrId=2252ECA86BB2C9AD
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM-x32 - (Sem Nome) - {e0301295-ab3e-4af3-979f-3d453c5f9f48} - Nenhum Arquivo
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1435714507&z=a5371985838014af282c9bagaz0cdwfmagfz3b9w4g&from=cornl&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&q={searchTerms}
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1435714507&z=a5371985838014af282c9bagaz0cdwfmagfz3b9w4g&from=cornl&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&q={searchTerms}
SearchScopes: HKLM -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.searchult.com/?bd=ds&oem=Somo&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&version=2.2.0.7859&pid=414031160&tid=329&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1435714507&z=a5371985838014af282c9bagaz0cdwfmagfz3b9w4g&from=cornl&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&q={searchTerms}
SearchScopes: HKLM-x32 -> {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = hxxp://search.speedbit.com/search.aspx?s=D9Ne105&q={searchTerms}
SearchScopes: HKLM-x32 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.searchult.com/?bd=ds&oem=Somo&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&version=2.2.0.7859&pid=414031160&tid=329&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?pr=vmn&id=toolbarcleaner_ot&v=2_0&ent=ch_5146&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=2252ECA86BB2C9AD&affID=119821&tsp=4948
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ir_14_50_ch&cd=2XzuyEtN2Y1L1Qzu0E0C0AzzyC0B0BtB0Czy0A0D0FtBtDtCtN0D0Tzu0SzyyDtAtN1L2XzutBtFtBtCtFtCzztFyBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyDyDyE0B0EyCyB0FtGtDtB0A0AtGyEzy0EtAtGtA0CyEzztGyC0AtDtA0E0A0C0D0B0BtB0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0AtDyByCtBtA0BtGyCyDyDyBtG0A0FzztAtGyEyBtAtAtGyBtDtDtC0CtD0Czy0D0BzztD2Q&cr=2011952802&ir=
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1435714507&z=a5371985838014af282c9bagaz0cdwfmagfz3b9w4g&from=cornl&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?pr=vmn&id=toolbarcleaner_ot&v=2_0&ent=ch_5146&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {78D20564-C350-454B-B525-072680AC9B52} URL = 
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = hxxp://search.speedbit.com/search.aspx?s=D9Ne105&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {B791756F-CBFD-4B92-A735-A8BBCCC53B8A} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ir_14_50_ch&cd=2XzuyEtN2Y1L1Qzu0E0C0AzzyC0B0BtB0Czy0A0D0FtBtDtCtN0D0Tzu0SzyyDtAtN1L2XzutBtFtBtCtFtCzztFyEtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StByD0DzyyEtByB0BtGyC0E0C0CtGtByBtCyCtGtB0EyB0FtGtDtC0D0AtA0DtDzyzytBtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0AtDyByCtBtA0BtGyCyDyDyBtG0A0FzztAtGyEyBtAtAtGyBtDtDtC0CtD0Czy0D0BzztD2Q&cr=1251716020&ir=
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {DBCCBCB1-05D0-4ECB-8A8D-5618B7B31D5D} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=pt_BR&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^BR&apn_uid=A0D88606-1D42-4AAD-8335-D5FC8FCDF786&apn_sauid=E62B3AF9-AEAD-44A5-837F-71279CBA5D02
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.searchult.com/?bd=ds&oem=Somo&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&version=2.2.0.7859&pid=414031160&tid=329&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2017-05-22] (IObit)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-10-10] (Oracle Corporation)
BHO-x32: Sem Nome -> {2f3dc1cf-3023-4906-9b17-c022e853c2d8} -> Nenhum Arquivo
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-26] (Oracle Corporation)
Toolbar: HKLM - Sem Nome - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Nenhum Arquivo
Toolbar: HKLM - Sem Nome - {A13C2648-91D4-4bf3-BC6D-0079707C4389} -  Nenhum Arquivo
Toolbar: HKLM-x32 - Sem Nome - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Nenhum Arquivo
Toolbar: HKLM-x32 - Sem Nome - {A13C2648-91D4-4bf3-BC6D-0079707C4389} -  Nenhum Arquivo
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  Nenhum Arquivo
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{121C6AF3-6778-4360-AFDB-57BD4E3E4343}] - C:\Program Files\Playzy\Firefox => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [SpecialSavings@SpecialSavings.com] - C:\Users\patrick joão\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [speedanalysis@SpeedAnalysis.com] - C:\Users\patrick joão\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] - C:\Users\patrick joão\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [searchpredict@speedbit.com] - C:\Program Files (x86)\SearchPredict\PRFireFox => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}] - C:\Program Files (x86)\SPEEDbit Video Downloader\SPFireFox => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-08-02] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.0.43\coFFPlgn
FF Extension: (Norton Identity Safe Toolbar) - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.0.43\coFFPlgn [2014-12-02] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [{121C6AF3-6778-4360-AFDB-57BD4E3E4343}] - C:\Program Files\Playzy\Firefox => não encontrado (a)
FF HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\...\Firefox\Extensions: [SpecialSavings@SpecialSavings.com] - C:\Users\patrick joão\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com => não encontrado (a)
FF HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\...\Firefox\Extensions: [speedanalysis@SpeedAnalysis.com] - C:\Users\patrick joão\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com => não encontrado (a)
FF HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] - C:\Users\patrick joão\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com => não encontrado (a)
FF HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\patrick joão\AppData\Local\GAS Tecnologia\GBBD\bb\xpi => não encontrado (a)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml [2015-06-30]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml [2014-08-19]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahootc.xml [2014-06-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-12] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-10-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-10-10] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [Nenhum Arquivo]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-10-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-23] (Nero AG)
FF Plugin-x32: @nexon.com/NxGame -> C:\ProgramData\Nexon\NGM\npnxgame.dll [2013-06-08] (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\patrick joão\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2013-03-30] (Raidcall)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [Nenhum Arquivo]
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [Nenhum Arquivo]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3732197090-2549513608-2655625776-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\patrick joão\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3732197090-2549513608-2655625776-1001: gastecnologia.com.br/sf/gas64 -> C:\Users\patrick joão\AppData\Local\GAS Tecnologia\GBBD\npsf_gas_64.dll [Nenhum Arquivo]
FF Plugin HKU\S-1-5-21-3732197090-2549513608-2655625776-1001: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [Nenhum Arquivo]
FF Plugin HKU\S-1-5-21-3732197090-2549513608-2655625776-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-04-30] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-10-17] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\patrick joão\AppData\Local\Google\Chrome\User Data\Default [2017-09-29]
CHR Extension: (Adblock Plus) - C:\Users\patrick joão\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-26]
CHR Extension: (AdBlock) - C:\Users\patrick joão\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-09-26]
CHR Extension: (Super Animes) - C:\Users\patrick joão\AppData\Local\Google\Chrome\User Data\Default\Extensions\glokngbimckbfigmglafekkfcaflbaef [2017-09-29]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\patrick joão\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Chrome Media Router) - C:\Users\patrick joão\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-27]
CHR Profile: C:\Users\patrick joão\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-09-29]

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-08] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-08] (Avast Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530888 2017-08-03] ()
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [395024 2016-12-27] (EasyAntiCheat Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-09-19] (Hi-Rez Studios) [Arquivo não assinado]
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [Arquivo não assinado]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Arquivo não assinado]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [206112 2017-06-14] (IObit)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility LLC)
R2 NetTcpHandler; C:\Users\patrick joão\AppData\Roaming\NetService\netservice.exe [173848 2015-06-12] ()
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4762272 2013-09-01] (INCA Internet Co., Ltd.)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-14] (NVIDIA Corporation)
R2 PLFlash DeviceIoControl Service; C:\WINDOWS\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Arquivo não assinado]
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2016-09-02] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2016-09-02] ()
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Arquivo não assinado]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [27792 2012-07-06] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WinNetSvc; C:\Users\patrick joão\AppData\Roaming\WinNetSvc\WinNetSvc.exe [4845408 2015-12-16] () <==== ATENÇÃO
R2 WMPNetworkAcSvc; C:\Users\patrick joão\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe [3879373 2017-09-13] () [Arquivo não assinado] <==== ATENÇÃO
S2 GbpSv; C:\PROGRA~2\GbPlugin\GbpSv.exe [X]
S4 hshld; "C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe" [X]
S2 Util Clock Hand; "C:\Program Files (x86)\Clock Hand\bin\utilClockHand.exe" [X]

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [29208 2014-11-08] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [83280 2014-11-08] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [93568 2014-11-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-08] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1050432 2014-11-21] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [436624 2014-11-08] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [116728 2014-11-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-08] ()
R1 ccSet_NST; C:\WINDOWS\system32\drivers\NSTx64\7DE07060.00F\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
S3 CEDRIVER60; C:\Program Files (x86)\Cheat Engine 6.4\dbk64.sys [64064 2014-06-20] ()
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 droidpad; C:\WINDOWS\System32\drivers\droidpad.sys [21320 2013-04-18] (Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30352 2015-03-26] (Disc Soft Ltd)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2014-12-28] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-16] (Symantec Corporation)
R0 gbpddreg; C:\WINDOWS\System32\drivers\gbpddreg64.sys [29816 2017-03-18] (GAS Tecnologia)
S3 hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [46136 2014-11-03] (LogMeIn Inc.)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [21928 2017-06-06] (IObit.com)
R3 IURegProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys [27048 2017-06-13] (IObit.com)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-14] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S1 SymIM; C:\WINDOWS\system32\DRIVERS\SymIMv.sys [43680 2013-03-04] (Symantec Corporation)
R3 taphss6; C:\WINDOWS\system32\DRIVERS\taphss6.sys [42088 2015-11-12] (Anchorfree Inc.)
S3 tun3326; C:\WINDOWS\system32\DRIVERS\tun3326.sys [32368 2013-03-22] (The OpenVPN Project)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-08] (Avast Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 AFTrafMgr1.2; \??\C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_2_64.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S3 GBPRCM; \??\C:\Program Files (x86)\GbPlugin\gbprcm64.sys [X]
S3 mwars; \??\C:\Game\SoftnyxGame\MicroWarsPS\bin\avital\mwars64.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
S3 Warsaw_PP; \??\C:\PROGRA~2\GbPlugin\wsftprp64.sys [X]
S3 X6va016; \??\C:\WINDOWS\SysWOW64\Drivers\X6va016 [X]
S3 X6va017; \??\C:\WINDOWS\SysWOW64\Drivers\X6va017 [X]
S3 X6va022; \??\C:\WINDOWS\SysWOW64\Drivers\X6va022 [X]
S3 X6va027; \??\C:\WINDOWS\SysWOW64\Drivers\X6va027 [X]
S3 X6va028; \??\C:\WINDOWS\SysWOW64\Drivers\X6va028 [X]
S3 X6va029; \??\C:\WINDOWS\SysWOW64\Drivers\X6va029 [X]
S3 xhunter1; \??\C:\WINDOWS\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-09-29 21:35 - 2017-09-29 21:36 - 000033577 _____ C:\Users\patrick joão\Desktop\FRST.txt
2017-09-29 21:33 - 2017-09-29 21:33 - 002399744 _____ (Farbar) C:\Users\patrick joão\Downloads\FRST64.exe
2017-09-29 21:33 - 2017-09-29 21:33 - 002399744 _____ (Farbar) C:\Users\patrick joão\Desktop\FRST64.exe
2017-09-29 21:20 - 2017-09-29 21:20 - 000000000 ____D C:\Users\patrick joão\AppData\Roaming\Mozilla
2017-09-29 21:20 - 2017-09-29 21:20 - 000000000 ____D C:\Users\patrick joão\AppData\Local\Mozilla
2017-09-29 21:14 - 2017-09-29 21:14 - 000003162 _____ C:\WINDOWS\System32\Tasks\{87A3E29E-1C07-456C-92B1-7DDF95E6EA5E}
2017-09-29 21:07 - 2017-09-29 21:07 - 000001353 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2017-09-29 21:07 - 2017-09-29 21:07 - 000001341 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2017-09-29 21:07 - 2017-09-29 21:07 - 000000000 ____D C:\Users\Todos os Usuários\ProductData
2017-09-29 21:07 - 2017-09-29 21:07 - 000000000 ____D C:\Users\patrick joão\AppData\LocalLow\IObit
2017-09-29 21:07 - 2017-09-29 21:07 - 000000000 ____D C:\ProgramData\ProductData
2017-09-29 21:07 - 2017-09-29 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2017-09-29 21:07 - 2017-09-29 21:07 - 000000000 ____D C:\Program Files (x86)\IObit
2017-09-29 21:06 - 2017-09-29 21:09 - 000000000 ____D C:\Users\patrick joão\AppData\Roaming\IObit
2017-09-29 21:06 - 2017-09-29 21:07 - 000000000 ____D C:\Users\Todos os Usuários\IObit
2017-09-29 21:06 - 2017-09-29 21:07 - 000000000 ____D C:\ProgramData\IObit
2017-09-29 21:06 - 2017-09-29 21:06 - 014582384 _____ (IObit ) C:\Users\patrick joão\Downloads\iobituninstaller.exe
2017-09-29 20:38 - 2017-09-29 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toolbar Cleaner
2017-09-29 20:38 - 2017-09-29 20:38 - 001139568 _____ (Visicom Media Inc.) C:\Users\patrick joão\Downloads\ToolbarCleaner_softonic_2.0.0.10.exe
2017-09-29 20:34 - 2017-09-29 20:34 - 000276372 _____ C:\Users\patrick joão\Downloads\ASKRemover.zip
2017-09-29 20:34 - 2017-09-29 20:34 - 000276372 _____ C:\Users\patrick joão\Downloads\ASKRemover (1).zip
2017-09-29 20:33 - 2017-09-29 20:33 - 000276372 _____ C:\Users\patrick joão\Downloads\ASK-Remover.zip
2017-09-29 20:19 - 2017-09-29 20:19 - 000388608 _____ (Trend Micro Inc.) C:\Users\patrick joão\Downloads\HijackThis.exe
2017-09-29 20:16 - 2017-09-29 20:16 - 006685392 _____ (Glarysoft Ltd ) C:\Users\patrick joão\Downloads\gusetup_slim.exe
2017-09-29 19:53 - 2017-09-29 19:53 - 002178872 _____ (Reason Software Company Inc.) C:\Users\patrick joão\Downloads\ShouldIRemoveIt_Setup.exe
2017-09-29 07:38 - 2017-09-29 07:38 - 000065536 _____ C:\Users\patrick\cert8.db
2017-09-29 07:38 - 2017-09-29 07:38 - 000016384 _____ C:\Users\patrick\secmod.db
2017-09-29 07:38 - 2017-09-29 07:38 - 000016384 _____ C:\Users\patrick\key3.db
2017-09-25 22:09 - 2017-09-29 07:38 - 000000000 ____D C:\Users\patrick
2017-09-25 22:09 - 2017-09-25 22:09 - 000000003 _____ C:\Users\patrick\HRUPPROG.TXT
2017-09-25 22:09 - 2017-09-25 22:09 - 000000003 _____ C:\Users\patrick\HRUPPROG.EXIT
2017-09-24 21:06 - 2017-09-24 21:06 - 000000833 _____ C:\Users\Public\Desktop\Play Wizard101.lnk
2017-09-24 21:06 - 2017-09-24 21:06 - 000000000 ____D C:\Users\Todos os Usuários\KingsIsle Entertainment
2017-09-24 21:06 - 2017-09-24 21:06 - 000000000 ____D C:\ProgramData\KingsIsle Entertainment
2017-09-24 21:04 - 2017-09-24 21:04 - 012261480 _____ (Acresso Software Inc.) C:\Users\patrick joão\Downloads\InstallWizard101.exe
2017-09-24 12:46 - 2017-09-24 12:46 - 000000000 ____D C:\Users\Usuário Padrão\AppData\Roaming\Macromedia
2017-09-24 12:46 - 2017-09-24 12:46 - 000000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2017-09-24 12:46 - 2017-09-24 12:46 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2017-09-24 12:45 - 2017-09-24 12:45 - 010936832 _____ (Adobe Systems Inc.) C:\Users\patrick joão\Downloads\AdobeAIRInstaller.exe
2017-09-24 12:45 - 2017-09-24 12:45 - 000146988 ____H C:\WINDOWS\SysWOW64\mlfcache.dat
2017-09-20 11:03 - 2017-09-20 11:03 - 000062203 _____ C:\Users\patrick joão\Desktop\c14c7363-d0ec-4281-a7e7-5b30585bd8b1.pdf
2017-09-19 09:43 - 2017-09-19 09:46 - 317441000 _____ C:\Users\patrick joão\Downloads\Detonado Completo - Dark Souls II Scholar of the First Sin (PC DX11) - Parte 9.mp4
2017-09-19 09:39 - 2017-09-19 09:41 - 123561714 _____ C:\Users\patrick joão\Downloads\Detonado Completo - Dark Souls II Scholar of the First Sin (PC DX11) - Parte 8.mp4
2017-09-19 09:32 - 2017-09-19 09:38 - 364866629 _____ C:\Users\patrick joão\Downloads\Detonado Completo - Dark Souls II Scholar of the First Sin (PC DX11) - Parte 6.mp4
2017-09-19 09:32 - 2017-09-19 09:35 - 194186827 _____ C:\Users\patrick joão\Downloads\Detonado Completo - Dark Souls II Scholar of the First Sin (PC DX11) - Parte 7.mp4
2017-09-17 19:01 - 2017-09-17 19:01 - 001519575 _____ C:\Users\patrick joão\Downloads\x360ce_x64.zip
2017-09-17 19:01 - 2015-10-04 10:11 - 002948760 _____ (TocaEdit) C:\Users\patrick joão\Desktop\x360ce_x64.exe
2017-09-16 22:03 - 2017-09-16 22:03 - 032019165 _____ C:\Users\patrick joão\Downloads\Emulador PS2.rar
2017-09-16 22:03 - 2015-07-19 11:46 - 000000000 ____D C:\Users\patrick joão\Desktop\Emulador PS2
2017-09-16 16:23 - 2017-09-16 17:55 - 2434000860 _____ C:\Users\patrick joão\Downloads\Dark Cloud 2 (USA) (v2.00).7z
2017-09-16 00:05 - 2017-09-16 00:07 - 000000000 ____D C:\Users\patrick joão\AppData\Roaming\DarkSoulsII
2017-09-15 21:31 - 2017-09-15 21:31 - 000000000 ____D C:\Users\patrick joão\AppData\Local\BANDAI NAMCO Games
2017-09-15 09:55 - 2017-09-15 09:55 - 000000222 _____ C:\Users\patrick joão\Desktop\DARK SOULS II Scholar of the First Sin.url
2017-09-14 23:55 - 2017-09-14 23:55 - 000000222 _____ C:\Users\patrick joão\Desktop\Tales of Zestiria.url
2017-09-13 00:30 - 2017-09-13 00:30 - 011356563 _____ C:\Users\patrick joão\Desktop\Novos Arquétipos.pdf
2017-09-12 01:34 - 2017-09-12 01:34 - 000000000 ____D C:\Users\patrick joão\Desktop\D&D personages
2017-09-11 01:12 - 2017-09-11 01:12 - 000575740 _____ C:\Users\patrick joão\Desktop\Ladino Ganta.pdf
2017-09-10 17:20 - 2017-09-10 17:33 - 000000000 ____D C:\Users\patrick joão\Documents\RRPG
2017-09-10 17:20 - 2017-09-10 17:20 - 000001387 _____ C:\Users\patrick joão\Desktop\RRPG Firecast.lnk
2017-09-10 17:20 - 2017-09-10 17:20 - 000000000 ____D C:\Users\patrick joão\AppData\Roaming\RRPGFirecast
2017-09-10 17:20 - 2017-09-10 17:20 - 000000000 ____D C:\Users\patrick joão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RRPG Firecast
2017-09-10 17:19 - 2017-09-10 17:26 - 000000000 ____D C:\RRPG
2017-09-10 17:19 - 2011-03-02 21:44 - 001345024 _____ C:\WINDOWS\SysWOW64\RRPGActiveX.ocx
2017-08-29 02:20 - 2017-08-29 02:20 - 000000000 ____D C:\WINDOWS\pss
2017-08-27 13:17 - 2017-08-27 13:17 - 000000000 ____D C:\Users\patrick joão\AppData\Roaming\EasyAntiCheat
2017-08-19 15:04 - 2017-08-19 15:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2017-08-19 15:02 - 2017-08-20 16:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
2017-08-05 20:08 - 2017-08-05 20:08 - 000000000 ____D C:\Users\patrick joão\AppData\Local\Fredaikis AB
2017-08-05 20:02 - 2017-08-05 20:02 - 000000000 ____D C:\Users\patrick joão\Documents\FredaikisAB
2017-08-03 10:56 - 2017-08-03 10:56 - 000000000 ____D C:\Users\patrick joão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokémon Trading Card Game Online
2017-08-03 10:00 - 2017-08-03 10:00 - 000001017 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-08-03 09:51 - 2017-08-03 09:51 - 000001654 _____ C:\Users\Todos os Usuários\bgfpt.wsf
2017-08-03 09:51 - 2017-08-03 09:51 - 000001654 _____ C:\ProgramData\bgfpt.wsf
2017-08-02 00:27 - 2017-08-02 00:31 - 000000000 ____D C:\AdwCleaner
2017-07-19 04:43 - 2017-09-29 21:35 - 000000000 ____D C:\FRST
2017-07-19 04:06 - 2017-07-19 04:06 - 000000000 ____D C:\WINDOWS\system32\tmp
2017-07-19 04:06 - 2017-07-19 04:06 - 000000000 ____D C:\Users\Todos os Usuários\Windows
2017-07-19 04:06 - 2017-07-19 04:06 - 000000000 ____D C:\ProgramData\Windows
2017-07-18 00:22 - 2017-07-19 17:36 - 000000000 ____D C:\Temp
2017-07-18 00:09 - 2017-08-03 10:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-09-29 21:34 - 2013-03-16 11:26 - 000003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3732197090-2549513608-2655625776-1001
2017-09-29 21:33 - 2012-12-05 04:58 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-09-29 21:31 - 2014-05-15 23:31 - 000000300 _____ C:\WINDOWS\Tasks\FF Watcher {BF6D65E5-A203-4925-82DC-C8F6FD699017}.job
2017-09-29 21:30 - 2014-05-15 23:30 - 000001338 _____ C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-7.job
2017-09-29 21:30 - 2013-08-22 12:36 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-29 21:30 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-29 21:29 - 2013-03-16 11:20 - 000000000 ____D C:\Users\patrick joão\AppData\Local\Packages
2017-09-29 21:24 - 2015-07-16 19:24 - 000005522 _____ C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-6.job
2017-09-29 21:24 - 2015-07-16 19:24 - 000003142 _____ C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-6.job
2017-09-29 21:24 - 2014-04-03 18:02 - 000004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2017-09-29 21:20 - 2017-03-20 12:09 - 000000000 __SHD C:\Users\patrick joão\IntelGraphicsProfiles
2017-09-29 21:20 - 2016-05-11 21:26 - 000000034 _____ C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}
2017-09-29 21:20 - 2015-07-16 19:24 - 000005522 _____ C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-7.job
2017-09-29 21:20 - 2015-07-16 19:24 - 000004498 _____ C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-3.job
2017-09-29 21:20 - 2015-07-16 19:24 - 000003478 _____ C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-7.job
2017-09-29 21:20 - 2015-07-16 19:24 - 000002450 _____ C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-5.job
2017-09-29 21:20 - 2015-07-16 19:22 - 000001076 _____ C:\WINDOWS\Tasks\Crossbrowse.job
2017-09-29 21:20 - 2014-05-15 23:31 - 000001488 _____ C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-5.job
2017-09-29 21:20 - 2014-05-15 23:31 - 000001394 _____ C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-2.job
2017-09-29 21:20 - 2014-05-15 23:30 - 000003470 _____ C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-3.job
2017-09-29 21:20 - 2014-05-15 23:30 - 000002154 _____ C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-4.job
2017-09-29 21:20 - 2014-05-15 23:30 - 000000966 _____ C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2017-09-29 21:20 - 2014-04-13 08:28 - 000000000 __RDO C:\Users\patrick joão\SkyDrive
2017-09-29 21:20 - 2014-03-29 15:56 - 000002442 _____ C:\WINDOWS\Tasks\Torntv V9.0-firefoxinstaller.job
2017-09-29 21:20 - 2014-03-29 15:56 - 000001526 _____ C:\WINDOWS\Tasks\Torntv V9.0-updater.job
2017-09-29 21:20 - 2014-03-29 15:56 - 000001470 _____ C:\WINDOWS\Tasks\Torntv V9.0-codedownloader.job
2017-09-29 21:20 - 2014-03-29 15:56 - 000001360 _____ C:\WINDOWS\Tasks\Torntv V9.0-enabler.job
2017-09-29 21:20 - 2014-03-29 15:55 - 000003112 _____ C:\WINDOWS\Tasks\Torntv V9.0-chromeinstaller.job
2017-09-29 21:19 - 2015-11-04 06:28 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-09-29 21:18 - 2015-02-26 18:11 - 000000000 ____D C:\Users\Todos os Usuários\NVIDIA
2017-09-29 21:18 - 2015-02-26 18:11 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-29 21:18 - 2013-08-22 11:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-29 21:17 - 2014-01-11 18:22 - 000000000 ____D C:\Users\patrick joão
2017-09-29 21:13 - 2014-01-14 01:06 - 000003802 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0BCF1C57-98DE-4586-A103-D89E57D8EF5A}
2017-09-29 21:10 - 2014-02-23 11:32 - 000000000 __SHD C:\AI_RecycleBin
2017-09-29 21:10 - 2013-06-16 14:44 - 000000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2017-09-29 20:23 - 2017-04-02 13:33 - 000000000 ____D C:\Users\patrick joão\AppData\LocalLow\Mozilla
2017-09-29 19:58 - 2015-10-29 17:02 - 000000000 ____D C:\Users\patrick joão\AppData\Local\CrashDumps
2017-09-29 19:43 - 2015-10-23 18:25 - 000002274 _____ C:\Users\patrick joão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-29 19:29 - 2014-05-15 23:30 - 000000970 _____ C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
2017-09-29 17:01 - 2014-06-16 04:40 - 000000472 ____H C:\WINDOWS\Tasks\Norton Security Scan for patrick joão.job
2017-09-29 07:37 - 2016-07-14 04:27 - 000000000 ____D C:\Users\patrick joão\AppData\Roaming\excdir
2017-09-26 18:28 - 2015-02-07 15:26 - 000000000 ____D C:\Program Files (x86)\Steam
2017-09-26 05:47 - 2016-03-19 15:45 - 000000000 ____D C:\Users\patrick joão\AppData\Roaming\WMPNetworkAcSvc
2017-09-25 18:14 - 2016-01-03 01:34 - 000002180 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-24 20:51 - 2015-02-08 19:12 - 000000000 ____D C:\Users\patrick joão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-09-24 12:46 - 2013-03-16 11:20 - 000000000 ____D C:\Users\patrick joão\AppData\Roaming\Adobe
2017-09-24 12:46 - 2012-12-05 02:32 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-09-24 12:46 - 2012-12-05 02:31 - 000000000 ____D C:\Users\Todos os Usuários\Adobe
2017-09-24 12:46 - 2012-12-05 02:31 - 000000000 ____D C:\ProgramData\Adobe
2017-09-24 12:45 - 2015-12-03 13:21 - 000000000 ____D C:\Users\patrick joão\AppData\Local\Adobe
2017-09-19 14:10 - 2016-01-08 09:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-14 21:36 - 2016-09-01 19:26 - 000000000 ____D C:\Users\Todos os Usuários\Origin
2017-09-14 21:36 - 2016-09-01 19:26 - 000000000 ____D C:\ProgramData\Origin
2017-09-14 21:24 - 2016-09-10 08:42 - 000000000 ____D C:\Users\patrick joão\Desktop\Desk 2
2017-09-12 22:45 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-09-12 22:45 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-09-12 22:45 - 2013-07-19 23:33 - 000004360 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-09-07 21:29 - 2016-07-13 21:56 - 000000000 ____D C:\Users\patrick joão\AppData\Local\Bluestacks
2017-09-06 23:41 - 2016-09-17 12:22 - 000000000 ____D C:\Users\Todos os Usuários\Jagex
2017-09-06 23:41 - 2016-09-17 12:22 - 000000000 ____D C:\Users\patrick joão\AppData\Local\Jagex
2017-09-06 23:41 - 2016-09-17 12:22 - 000000000 ____D C:\ProgramData\Jagex

==================== Arquivos na raiz de alguns diretórios =======

2015-10-16 17:45 - 2015-10-16 17:45 - 006420480 _____ () C:\Program Files (x86)\GUTBB8C.tmp
2016-12-29 12:32 - 2016-12-29 12:32 - 000000000 _____ () C:\Users\patrick joão\AppData\Roaming\0_0
2014-12-20 12:17 - 2014-12-20 12:17 - 000033792 _____ () C:\Users\patrick joão\AppData\Roaming\cmsetac.dll
2015-04-19 09:20 - 2015-04-19 09:20 - 000005872 _____ () C:\Users\patrick joão\AppData\Roaming\EyYD2Icv3p8nDGonphE1
2015-04-20 11:05 - 2015-04-20 11:05 - 001579520 _____ () C:\Users\patrick joão\AppData\Roaming\EyYD2Icv3p8nDGonphE1.exe
2016-12-29 12:32 - 2016-12-29 12:32 - 000000002 _____ () C:\Users\patrick joão\AppData\Roaming\file.exe
2016-12-29 12:32 - 2016-12-29 12:32 - 000126976 _____ () C:\Users\patrick joão\AppData\Roaming\GFpukiBot_v1.4.exe
2016-12-29 12:32 - 2016-12-29 12:32 - 000006656 _____ () C:\Users\patrick joão\AppData\Roaming\GFpukiBot_v1.41.exe
2013-05-30 16:41 - 2014-12-20 19:16 - 000013264 _____ () C:\Users\patrick joão\AppData\Roaming\KB8888239.log
2014-07-13 22:30 - 2014-07-14 23:27 - 000000097 _____ () C:\Users\patrick joão\AppData\Roaming\LauncherSettings_live.cfg
2005-11-23 22:11 - 2013-06-22 02:19 - 002344392 ____H () C:\Users\patrick joão\AppData\Roaming\logs.dat
2015-04-14 13:28 - 2015-04-14 13:28 - 000004387 _____ () C:\Users\patrick joão\AppData\Roaming\OXuXcmDnUryvQraERDoHBaz
2015-04-20 11:05 - 2015-04-20 11:05 - 001246720 _____ () C:\Users\patrick joão\AppData\Roaming\OXuXcmDnUryvQraERDoHBaz.exe
2005-05-27 16:19 - 2014-06-06 15:12 - 000009688 ____H () C:\Users\patrick joão\AppData\Roaming\patrick joãov1.18.0 - Trial versionlog.dat
2014-07-13 22:43 - 2014-07-13 22:43 - 000008144 _____ () C:\Users\patrick joão\AppData\Roaming\TheHunterSettings_live.bin
2014-07-13 22:41 - 2014-07-13 22:41 - 000000039 _____ () C:\Users\patrick joão\AppData\Roaming\TheHunterSettings_steam_live.cfg
2014-01-11 07:55 - 2014-08-24 12:18 - 000000149 _____ () C:\Users\patrick joão\AppData\Roaming\WB.CFG
2013-04-03 14:45 - 2013-04-03 14:45 - 000000057 _____ () C:\ProgramData\Ament.ini
2014-10-27 19:11 - 2014-10-27 19:11 - 000000020 _____ () C:\ProgramData\bc.ini
2017-08-03 09:51 - 2017-08-03 09:51 - 000001654 _____ () C:\ProgramData\bgfpt.wsf
2013-06-08 10:24 - 2013-06-08 10:24 - 000000006 _____ () C:\ProgramData\Conf.log
2013-06-08 10:24 - 2013-06-08 10:24 - 000089020 _____ () C:\ProgramData\imagdfgegeg43545435345fgdxxxem.gif
2013-06-08 10:24 - 2013-06-08 10:24 - 000000006 _____ () C:\ProgramData\uac.log

Alguns arquivos em TEMP:
====================
2017-08-19 22:28 - 2017-08-20 14:33 - 000000000 _____ () C:\Users\patrick joão\AppData\Local\Temp\3fc1552ba19ee3472398342b0fadfa41.dll
2017-08-19 22:29 - 2017-08-20 13:17 - 000000088 _____ () C:\Users\patrick joão\AppData\Local\Temp\8b8068ce81224a13f5a56acd0ae43ef0.dll
2017-09-07 21:29 - 2017-08-16 08:31 - 000838200 _____ (BlueStack Systems, Inc.) C:\Users\patrick joão\AppData\Local\Temp\BlueStacksClientUninstaller.exe
2017-03-19 01:32 - 2016-06-14 08:27 - 000945688 _____ (BlueStack Systems, Inc.) C:\Users\patrick joão\AppData\Local\Temp\BluestacksUninstaller.exe
2017-03-19 01:32 - 2016-06-14 08:26 - 000187416 _____ (BlueStack Systems) C:\Users\patrick joão\AppData\Local\Temp\HD-LibraryHandler.dll
2017-03-19 01:32 - 2016-06-14 08:24 - 000246808 _____ (BlueStack Systems) C:\Users\patrick joão\AppData\Local\Temp\HD-Logger-Native.dll
2017-03-29 20:17 - 2017-07-11 21:08 - 000037376 _____ (Microsoft) C:\Users\patrick joão\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
2017-03-29 20:17 - 2017-07-11 14:16 - 000020480 _____ (Microsoft) C:\Users\patrick joão\AppData\Local\Temp\HiRezLauncherControls.dll
2017-09-07 21:29 - 2017-08-16 08:30 - 000421400 _____ (CodeTitans) C:\Users\patrick joão\AppData\Local\Temp\JSON.dll

==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

LastRegBack: 2014-12-02 18:02

==================== Fim de FRST.txt ============================