Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 15-03-2017 Executado por CapaDeEspingarda (administrador) em CAPADEESPINGARD (30-03-2017 23:47:15) Executando a partir de E:\MODS Perfis Carregados: CapaDeEspingarda (Perfis Disponíveis: CapaDeEspingarda) Platform: Windows 8.1 Pro (X64) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão: "C:\Program Files (x86)\Applefat\Application\chrome.exe" "%1") Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Kyubey.exe) C:\Users\CapaDeEspingarda\AppData\Roaming\clean\Kyubey.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Sony) C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe (LogMeIn Inc.) E:\Nova pasta\x64\hamachi-2.exe (LogMeIn, Inc.) E:\Nova pasta\x64\LMIGuardianSvc.exe (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe () C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe (Spotify Ltd) C:\Users\CapaDeEspingarda\AppData\Roaming\Spotify\SpotifyWebHelper.exe (BitTorrent Inc.) C:\Users\CapaDeEspingarda\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) C:\Users\CapaDeEspingarda\AppData\Roaming\uTorrent\updates\3.4.9_43388\utorrentie.exe (BitTorrent Inc.) C:\Users\CapaDeEspingarda\AppData\Roaming\uTorrent\updates\3.4.9_43388\utorrentie.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Google Inc.) C:\Program Files (x86)\Applefat\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Applefat\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Applefat\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Applefat\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Applefat\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Applefat\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Applefat\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Applefat\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Applefat\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Applefat\Application\chrome.exe ==================== Registro (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [iTunesHelper] => E:\Nova pasta\iTunesHelper.exe [169744 2015-09-12] (Apple Inc.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-01-11] (Realtek Semiconductor) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-18] (AVAST Software) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => E:\Nova pasta\hamachi-2-ui.exe [5883912 2017-03-02] (LogMeIn Inc.) HKLM\...\Winlogon: [Userinit] Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2068066710-1894597914-935236861-1001\...\Run: [Spotify Web Helper] => C:\Users\CapaDeEspingarda\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-03-24] (Spotify Ltd) HKU\S-1-5-21-2068066710-1894597914-935236861-1001\...\Run: [Spotify] => C:\Users\CapaDeEspingarda\AppData\Roaming\Spotify\Spotify.exe [7089776 2017-03-24] (Spotify Ltd) HKU\S-1-5-21-2068066710-1894597914-935236861-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.) HKU\S-1-5-21-2068066710-1894597914-935236861-1001\...\Run: [52adba63ef2997d6ddc354ed7ffdae43] => C:\Users\CapaDeEspingarda\AppData\Roaming\svchost.exe [24064 2016-12-08] () HKU\S-1-5-21-2068066710-1894597914-935236861-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd) HKU\S-1-5-21-2068066710-1894597914-935236861-1001\...\Run: [Google Update] => C:\Users\CapaDeEspingarda\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-16] (Google Inc.) HKU\S-1-5-21-2068066710-1894597914-935236861-1001\...\Run: [XperiaCompanionAgent] => "C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe" HKU\S-1-5-21-2068066710-1894597914-935236861-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd) HKU\S-1-5-21-2068066710-1894597914-935236861-1001\...\MountPoints2: {163b0b96-15a3-11e7-8370-3860776aee45} - "F:\setup.exe" HKU\S-1-5-21-2068066710-1894597914-935236861-1001\...\MountPoints2: {36d31b7f-9dd1-11e6-8253-3860776aee45} - "F:\Setup.exe" IFEO\MRT.exe: [Debugger] C:\Windows\TEMP\ouaBAA7.tmp\secondu71\Gubed.exe -Yrrehs IFEO\taskmgr.exe: [Debugger] ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-18] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-18] (AVAST Software) Startup: C:\Users\CapaDeEspingarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\52adba63ef2997d6ddc354ed7ffdae43.exe [2016-12-08] () Startup: C:\Users\CapaDeEspingarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ba4c12bee3027d94da5c81db2d196bfd.exe [2016-11-15] () Startup: C:\Users\CapaDeEspingarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-12-29] ShortcutTarget: Curse.lnk -> C:\Users\CapaDeEspingarda\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc) Startup: C:\Users\CapaDeEspingarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\eb640e8b43f9bcf2ebf89c553b4f3f01.exe [2016-10-23] () GroupPolicy: Restrição - Chrome <======= ATENÇÃO ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{4B8A3FF6-2548-42A9-9199-42B6B96F5C9E}: [NameServer] 208.67.222.222,208.67.220.220 Tcpip\..\Interfaces\{4B8A3FF6-2548-42A9-9199-42B6B96F5C9E}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startpageing123.com/?type=hp&ts=1487774926&z=709162205a4f0ee14999274g3z1bbm1mcm4z0t2o8w&from=che0812&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUE60100301003 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startpageing123.com/?type=hp&ts=1487774926&z=709162205a4f0ee14999274g3z1bbm1mcm4z0t2o8w&from=che0812&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUE60100301003 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.amisites.com/search/?type=ds&ts=1478515612&z=27557b87bd823921d99fe55g1zfm5b3w6g6w4q0gao&from=archer1028&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUE60100301003&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.amisites.com/search/?type=ds&ts=1478515612&z=27557b87bd823921d99fe55g1zfm5b3w6g6w4q0gao&from=archer1028&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUE60100301003&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.startpageing123.com/?type=hp&ts=1487774926&z=709162205a4f0ee14999274g3z1bbm1mcm4z0t2o8w&from=che0812&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUE60100301003 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.startpageing123.com/?type=hp&ts=1487774926&z=709162205a4f0ee14999274g3z1bbm1mcm4z0t2o8w&from=che0812&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUE60100301003 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.amisites.com/search/?type=ds&ts=1478515612&z=27557b87bd823921d99fe55g1zfm5b3w6g6w4q0gao&from=archer1028&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUE60100301003&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.amisites.com/search/?type=ds&ts=1478515612&z=27557b87bd823921d99fe55g1zfm5b3w6g6w4q0gao&from=archer1028&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUE60100301003&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-2068066710-1894597914-935236861-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.amisites.com/search/?type=ds&ts=1480330848&z=6baf72f383be6b41a9d35efg3z8bbe1cdc9e9b7zbm&from=archer1028&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUE60100301003&q={searchTerms} HKU\S-1-5-21-2068066710-1894597914-935236861-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp HKU\S-1-5-21-2068066710-1894597914-935236861-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startpageing123.com/?type=hp&ts=1487774926&z=709162205a4f0ee14999274g3z1bbm1mcm4z0t2o8w&from=che0812&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUE60100301003 HKU\S-1-5-21-2068066710-1894597914-935236861-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.startpageing123.com/?type=hp&ts=1487774926&z=709162205a4f0ee14999274g3z1bbm1mcm4z0t2o8w&from=che0812&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUE60100301003 SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1478515612&z=27557b87bd823921d99fe55g1zfm5b3w6g6w4q0gao&from=archer1028&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUE60100301003&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1478515612&z=27557b87bd823921d99fe55g1zfm5b3w6g6w4q0gao&from=archer1028&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUE60100301003&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1478515612&z=27557b87bd823921d99fe55g1zfm5b3w6g6w4q0gao&from=archer1028&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUE60100301003&q={searchTerms} SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1478515612&z=27557b87bd823921d99fe55g1zfm5b3w6g6w4q0gao&from=archer1028&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUE60100301003&q={searchTerms} SearchScopes: HKU\S-1-5-21-2068066710-1894597914-935236861-1001 -> {A13AE94D-CD55-48D2-AC6E-2D35BA9E8D99} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default BHO: Sem Nome -> {95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} -> Nenhum Arquivo BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-08] (Oracle Corporation) BHO-x32: Youtube AdBlock -> {95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} -> Nenhum Arquivo BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-08] (Oracle Corporation) StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.amisites.com/?type=sc&ts=1482172196&z=2cf1e514a988c580f58784cgbz9b4o7gambocg3t0q&from=archer1028&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUE60100301003 FireFox: ======== FF DefaultProfile: hdyeuulo.default FF DefaultProfile: 4dycgvqa.default FF ProfilePath: C:\Users\CapaDeEspingarda\AppData\Roaming\Mozilla\Firefox\Profiles\hdyeuulo.default [2017-02-26] FF Homepage: Mozilla\Firefox\Profiles\hdyeuulo.default -> hxxp://www.amisites.com/?type=hp&ts=1482172196&z=2cf1e514a988c580f58784cgbz9b4o7gambocg3t0q&from=archer1028&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUE60100301003 FF Extension: (Search and New Tab by Yahoo) - C:\Users\CapaDeEspingarda\AppData\Roaming\Mozilla\Firefox\Profiles\hdyeuulo.default\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi [2017-01-17] FF SearchPlugin: C:\Users\CapaDeEspingarda\AppData\Roaming\Mozilla\Firefox\Profiles\hdyeuulo.default\searchplugins\amisites.xml [2016-12-19] FF ProfilePath: C:\Users\CapaDeEspingarda\AppData\Roaming\Firefox\Firefox\Profiles\4dycgvqa.default [2017-03-28] FF Extension: (SimilarWeb) - C:\Users\CapaDeEspingarda\AppData\Roaming\Firefox\Firefox\Profiles\4dycgvqa.default\Extensions\@DA3566E2-F709-11E5-8E87-A604BC8E7F8B.xpi [2017-01-09] [não assinado] FF Extension: (FF Adr) - C:\Users\CapaDeEspingarda\AppData\Roaming\Firefox\Firefox\Profiles\4dycgvqa.default\Extensions\@H99KV4DO-UCCF-9PFO-9ZLK-8RRP4FVOKD9O.xpi [2017-01-09] [não assinado] FF Extension: (Português (pt-BR) Language Pack) - C:\Users\CapaDeEspingarda\AppData\Roaming\Firefox\Firefox\Profiles\4dycgvqa.default\Extensions\langpack-pt-BR@firefox.mozilla.org.xpi [2017-01-25] [não assinado] FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] () FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-08] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-08] (Oracle Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin HKU\S-1-5-21-2068066710-1894597914-935236861-1001: @tools.google.com/Google Update;version=3 -> C:\Users\CapaDeEspingarda\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin HKU\S-1-5-21-2068066710-1894597914-935236861-1001: @tools.google.com/Google Update;version=9 -> C:\Users\CapaDeEspingarda\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.startpageing123.com/?type=sc&ts=1490804069&z=950276dad9346447d1162fdgfzat0edb3e0z0e5q0b&from=che0812&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUE60100301003 Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://www.startpageing123.com/?type=hp&ts=1487774926&z=709162205a4f0ee14999274g3z1bbm1mcm4z0t2o8w&from=che0812&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUE60100301003 CHR StartupUrls: Default -> "hxxp://www.startpageing123.com/?type=hp&ts=1487774926&z=709162205a4f0ee14999274g3z1bbm1mcm4z0t2o8w&from=che0812&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUE60100301003" CHR DefaultSearchURL: Default -> hxxp://www.amisites.com/search/?type=ds&ts=1481554913&z=7f91477777f8abd0a4db35egazabfg5w6w7z0t5g5c&from=che0812&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUE60100301003&q={searchTerms} CHR DefaultSearchKeyword: Default -> amisites CHR Profile: C:\Users\CapaDeEspingarda\AppData\Local\Google\Chrome\User Data\Default [2017-02-26] CHR Extension: (Google Apresentações) - C:\Users\CapaDeEspingarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-08] CHR Extension: (Google Docs) - C:\Users\CapaDeEspingarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-08] CHR Extension: (Google Drive) - C:\Users\CapaDeEspingarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-08] CHR Extension: (YouTube) - C:\Users\CapaDeEspingarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-08] CHR Extension: (Adblock Plus) - C:\Users\CapaDeEspingarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-01-12] CHR Extension: (Slither.io Skins, Mods, Hack & Guide) - C:\Users\CapaDeEspingarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dggomkijbihggjgcgdbnleolpleddaid [2016-12-08] CHR Extension: (Avast SafePrice) - C:\Users\CapaDeEspingarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-12-08] CHR Extension: (Planilhas do Google) - C:\Users\CapaDeEspingarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-08] CHR Extension: (Documentos Google off-line) - C:\Users\CapaDeEspingarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-08] CHR Extension: (AdBlock) - C:\Users\CapaDeEspingarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-01-12] CHR Extension: (Avast Online Security) - C:\Users\CapaDeEspingarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-08] CHR Extension: (TwitchAlerts Stream Labels) - C:\Users\CapaDeEspingarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmggmdngboajiakmbpdknfpdelbjbcg [2017-01-12] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\CapaDeEspingarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-08] CHR Extension: (Gmail) - C:\Users\CapaDeEspingarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-08] CHR Extension: (Chrome Media Router) - C:\Users\CapaDeEspingarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-08] CHR HKU\S-1-5-21-2068066710-1894597914-935236861-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.startpageing123.com/?type=sc&ts=1490804069&z=950276dad9346447d1162fdgfzat0edb3e0z0e5q0b&from=che0812&uid=WDCXWD5000AAKX-003CA0_WD-WMAYUE60100301003 HKU\S-1-5-21-2068066710-1894597914-935236861-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Applefat\Application\chrome.exe (Google Inc.) <==== ATENÇÃO ==================== Serviços (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-18] (AVAST Software s.r.o.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-18] (AVAST Software) R2 clean; C:\Users\CapaDeEspingarda\AppData\Roaming\clean\kyubey.exe [113664 2017-03-27] (Kyubey.exe) [Arquivo não assinado] R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd) R2 FirefoxU; C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe [154624 2017-01-23] () [Arquivo não assinado] R2 Hamachi2Svc; E:\Nova pasta\x64\hamachi-2.exe [3416584 2017-03-02] (LogMeIn Inc.) R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2604664 2017-03-01] (AnchorFree Inc.) R3 iThemes5; C:\Program Files (x86)\Common Files\Services\iThemes.dll [455168 2017-02-08] () [Arquivo não assinado] <==== ATENÇÃO R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2016-10-29] () R2 Themes; C:\Windows\system32\themeservice.dll [50688 2013-08-22] (Microsoft Corporation) [DependOnService: iThemes5]<==== ATENÇÃO S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation) R2 WinSAPSvc; C:\Users\CapaDeEspingarda\AppData\Roaming\WinSAPSvc\WinSAP.dll [218624 2017-03-28] (Windows) [Arquivo não assinado] R2 WINSNARE; C:\Users\CapaDeEspingarda\AppData\Roaming\WINSNARE\WinSnare.dll [1293312 2017-03-29] (InterSect Alliance Pty Ltd) [Arquivo não assinado] <==== ATENÇÃO R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2205568 2017-02-07] (Sony) S2 ed2kidle; "C:\Program Files (x86)\amuleC\ed2k.exe" -downloadwhenidle [X] <==== ATENÇÃO S4 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [X] S4 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe" [X] S2 MBAMService; "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe" [X] S2 YSearchUtilSvc; "C:\Program Files (x86)\Yahoo!\yset\{9373CB7F-FD18-7C4B-ABEF-8485A2CC3419}\YSearchUtilSvc.exe" [X] ===================== Drivers (Whitelisted) ====================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-18] (AVAST Software s.r.o.) R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-18] (AVAST Software s.r.o.) R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-18] (AVAST Software s.r.o.) R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-18] (AVAST Software s.r.o.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-18] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-18] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-18] (AVAST Software) R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-18] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-18] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-21] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-18] (AVAST Software) R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-18] (AVAST Software) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30352 2016-10-29] (Disc Soft Ltd) R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c64x64.sys [472016 2016-10-27] (Intel Corporation) R1 f755b408233387144bda425b16cc2670; C:\Windows\system32\drivers\f755b408233387144bda425b16cc2670.sys [57424 2016-10-24] (OMKWK1) <==== ATENÇÃO R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2017-02-27] (LogMeIn Inc.) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-10-27] (REALiX(tm)) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42064 2017-03-01] (Anchorfree Inc.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation) S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation) R2 WtfEngineDrv; C:\Windows\system32WtfEngineDrv.sys [40352 2016-12-14] (AAA Internet Publishing, Inc.) S3 AFTrafMgr1.2; \??\C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_2_64.sys [X] S1 p1482171892am; \??\C:\Users\CAPADE~1\AppData\Local\Temp\bkA9B.tmp\p1482171892am.sys [X] <==== ATENÇÃO ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2017-03-30 23:47 - 2017-03-30 23:47 - 00000000 ____D C:\FRST 2017-03-30 23:14 - 2017-03-30 23:14 - 00000817 _____ C:\Users\CapaDeEspingarda\Desktop\theHunter Call of the Wild.lnk 2017-03-30 23:14 - 2017-03-30 23:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\theHunter Call of the Wild 2017-03-30 23:05 - 2017-03-30 23:05 - 00001755 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2017-03-30 23:05 - 2017-03-30 23:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2017-03-30 23:04 - 2017-03-30 23:05 - 00000000 ____D C:\Program Files\DAEMON Tools Lite 2017-03-30 22:26 - 2017-03-30 22:26 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\LocalLow\uTorrent 2017-03-30 15:16 - 2017-03-30 15:16 - 00000000 ____D C:\Users\Todos os Usuários\SWCUTemp 2017-03-30 15:16 - 2017-03-30 15:16 - 00000000 ____D C:\ProgramData\SWCUTemp 2017-03-30 11:47 - 2017-03-30 11:47 - 00000000 ____D C:\Program Files (x86)\n1 2017-03-30 11:47 - 2017-03-30 11:47 - 00000000 ____D C:\Program Files (x86)\MIO 2017-03-28 09:09 - 2017-03-29 13:11 - 00000000 ____D C:\Program Files (x86)\WinSnare(4.4.0) 2017-03-27 12:15 - 2017-03-27 12:15 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\Roaming\clean 2017-03-18 15:05 - 2017-03-28 15:06 - 00004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update 2017-03-18 15:05 - 2017-03-18 15:05 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2017-03-18 15:05 - 2017-03-18 15:04 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys 2017-03-18 15:05 - 2017-03-18 15:04 - 00309272 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys 2017-03-18 15:05 - 2017-03-18 15:04 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys 2017-03-18 15:05 - 2017-03-18 15:04 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys 2017-03-14 12:32 - 2017-03-17 13:12 - 00003208 _____ C:\Windows\System32\Tasks\BikaQ_FetchAndUpgrade_CanBeDel 2017-03-14 12:32 - 2017-03-14 12:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BikaQ 2017-03-13 15:44 - 2017-03-13 15:44 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\Roaming\Bertware 2017-03-13 15:43 - 2017-03-13 15:43 - 00000000 ____D C:\Users\CapaDeEspingarda\Desktop\Arquivos para criar o servidor 2017-03-13 15:37 - 2017-03-29 13:29 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\Roaming\.minecraft 2017-03-13 15:23 - 2017-03-13 15:23 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC 2017-03-13 15:23 - 2017-03-13 15:23 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\Local\Vitalwerks 2017-03-13 15:23 - 2017-03-13 15:23 - 00000000 ____D C:\Program Files (x86)\No-IP 2017-03-13 15:15 - 2017-03-13 15:44 - 00000000 ____D C:\Users\CapaDeEspingarda\Desktop\Servidor 2017-03-13 15:04 - 2017-03-13 15:04 - 00000000 ____D C:\Program Files\Java 2017-03-13 14:06 - 2014-01-14 22:29 - 00000000 ____D C:\Users\CapaDeEspingarda\Desktop\Minecraft Servidor 2017-03-13 13:48 - 2017-03-13 13:48 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2017-03-13 13:48 - 2017-03-13 13:48 - 00000000 ____D C:\Program Files\Realtek 2017-03-13 13:47 - 2017-01-11 11:38 - 72520712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2017-03-13 13:47 - 2017-01-11 11:38 - 23547544 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRenderAVX64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 23447352 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRender64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 17398616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioCapture64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 15202032 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE3.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 14057248 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 13122576 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 12988344 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 10536160 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 09124224 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2017-03-13 13:47 - 2017-01-11 11:38 - 07172912 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 06244200 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV3apo.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 05922376 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat 2017-03-13 13:47 - 2017-01-11 11:38 - 05593608 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 05545472 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2017-03-13 13:47 - 2017-01-11 11:38 - 03503048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 03410832 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 03299816 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 03203584 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 03203424 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 03122656 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 03014144 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2017-03-13 13:47 - 2017-01-11 11:38 - 02830480 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 02291304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 02201600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 02190984 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 02110592 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 02050176 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 01920870 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat 2017-03-13 13:47 - 2017-01-11 11:38 - 01435136 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 01422920 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 01382232 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 01353824 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 01337640 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaeapo64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 01334376 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 01213656 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 01186840 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 01166152 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 01003856 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 01003512 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDHF64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00999848 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00984912 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00965024 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00962128 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tosasfapo64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00931616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00923736 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00873464 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00866096 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SEHDHF32.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00859912 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00854208 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00726112 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00689880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00678176 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00677672 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00618184 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00601144 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaemaxapo64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00588032 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00571376 _____ (Intel Corporation) C:\Windows\system32\tbb_waves.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00532376 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00514872 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00467152 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00447720 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00447176 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\toseaeapo64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00426568 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2APIPCLL.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00416504 _____ (Harman) C:\Windows\system32\HMUI.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00387312 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00381408 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00378384 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00366120 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\HMAPO.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00360344 _____ (Harman) C:\Windows\system32\HMClariFi.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00343704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00341144 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00341144 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00330560 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00258864 _____ (TODO: ) C:\Windows\system32\slprp64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00231912 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00221968 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00214832 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00209536 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00203840 _____ (Harman) C:\Windows\system32\HMHVS.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00192976 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00190928 _____ (Harman) C:\Windows\system32\HMEQ_Voice.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00190928 _____ (Harman) C:\Windows\system32\HMEQ.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00179592 _____ (Harman) C:\Windows\system32\HMLimiter.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00166200 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00158696 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00151784 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00134200 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00110984 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00090912 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00088344 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00088320 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00084616 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00083624 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00075536 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll 2017-03-13 13:47 - 2017-01-11 11:38 - 00023688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 07096184 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 06264632 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 05347000 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 03302272 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 02993720 _____ (Audyssey Labs) C:\Windows\system32\AudysseyEfx.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 02444688 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 01965808 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 01959600 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 01780616 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 01615656 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 01591056 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 01529136 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64Proxy.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 01516896 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOProp.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 01508928 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 01363096 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOv251.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 01133584 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 00785608 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOvlldp.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 00743960 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 00727432 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 00708312 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 00574752 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 00514520 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 00504304 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 00500552 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 00445400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 00441264 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 00438688 _____ (Conexant Systems, Inc.) C:\Windows\system32\CAF64APO2.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 00428224 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 00362048 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 00327448 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 00310416 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 00272712 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 00253896 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 00253864 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 00252872 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 00154360 _____ (Harman) C:\Windows\system32\HarmanAudioInterface.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 00122320 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 00118592 _____ C:\Windows\system32\AcpiServiceVnA64.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 00118592 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 00112488 _____ (Conexant Systems, Inc.) C:\Windows\system32\Caf64api.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 00105304 _____ C:\Windows\system32\audioLibVc.dll 2017-03-13 13:46 - 2017-01-11 11:37 - 00005604 _____ C:\Windows\system32\cxapo.lncs 2017-03-13 13:46 - 2017-01-11 11:37 - 00000736 _____ C:\Windows\system32\cxapo.prop 2017-03-13 13:36 - 2017-03-13 13:54 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\Roaming\discord 2017-03-13 13:36 - 2017-03-13 13:36 - 00002268 _____ C:\Users\CapaDeEspingarda\Desktop\Discord.lnk 2017-03-13 13:36 - 2017-03-13 13:36 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc 2017-03-13 13:35 - 2017-03-13 13:36 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\Local\SquirrelTemp 2017-03-13 13:35 - 2017-03-13 13:36 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\Local\Discord 2017-03-12 15:07 - 2017-03-12 15:07 - 00001647 _____ C:\Users\CapaDeEspingarda\Desktop\untitled.fsc 2017-03-10 16:20 - 2017-03-10 16:31 - 00000000 ____D C:\Users\CapaDeEspingarda\Documents\FabFilter 2017-03-10 16:20 - 2017-03-10 16:31 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\Roaming\FabFilter 2017-03-10 16:19 - 2017-03-10 16:19 - 00000000 __HDC C:\Users\Todos os Usuários\{E26B3878-7CEC-469C-B449-5CAA336DF8CD} 2017-03-10 16:19 - 2017-03-10 16:19 - 00000000 __HDC C:\ProgramData\{E26B3878-7CEC-469C-B449-5CAA336DF8CD} 2017-03-10 16:18 - 2017-03-10 16:18 - 00000000 ____D C:\Program Files\Common Files\VST3 2017-03-10 16:16 - 2012-07-30 11:08 - 00000000 ____D C:\Users\CapaDeEspingarda\Desktop\data 2017-03-10 16:15 - 2017-03-10 16:15 - 00000000 ____D C:\Users\CapaDeEspingarda\Documents\LennarDigital 2017-03-10 16:15 - 2017-03-10 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1 2017-03-10 16:15 - 2017-03-10 16:15 - 00000000 ____D C:\Program Files\Steinberg 2017-03-10 16:15 - 2017-03-10 16:15 - 00000000 ____D C:\Program Files\LennarDigital 2017-03-10 16:09 - 2017-03-10 16:10 - 00000000 ____D C:\Users\CapaDeEspingarda\Desktop\WOW 2017-03-07 21:48 - 2017-03-07 21:48 - 00000925 _____ C:\Users\CapaDeEspingarda\Desktop\LeagueClient - Atalho.lnk 2017-03-07 11:46 - 2017-03-07 11:48 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Local\LogMeIn Hamachi 2017-03-07 11:46 - 2017-03-07 11:48 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi 2017-03-07 11:46 - 2017-03-07 11:48 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi 2017-03-07 11:46 - 2017-03-07 11:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2017-03-05 20:23 - 2017-03-05 20:23 - 00000000 ____D C:\WTFast 2017-03-05 20:22 - 2017-03-05 20:22 - 00000000 ____D C:\Users\CapaDeEspingarda\Documents\Fiddler2 2017-03-05 20:18 - 2017-03-05 20:18 - 00000000 ____D C:\Program Files (x86)\WTFast 2017-03-05 20:18 - 2012-07-11 13:12 - 00079464 _____ (Initex) C:\Windows\system32\WTFastDrv.dll 2017-03-05 20:18 - 2012-07-11 13:12 - 00072296 _____ (Initex) C:\Windows\SysWOW64\WTFastDrv.dll 2017-03-05 20:18 - 1997-06-06 15:52 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SPORDER.DLL 2017-03-05 20:03 - 2017-03-05 20:03 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\Roaming\UnknownApplicationVendor 2017-03-05 20:01 - 2017-03-05 20:01 - 00000000 ____D C:\Users\CapaDeEspingarda\.gradle 2017-03-05 19:52 - 2017-03-06 12:48 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield 2017-03-05 19:52 - 2017-03-05 19:52 - 00000000 ____D C:\Users\Todos os Usuários\Hotspot Shield 2017-03-05 19:52 - 2017-03-05 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield 2017-03-05 19:52 - 2017-03-05 19:52 - 00000000 ____D C:\ProgramData\Hotspot Shield 2017-03-04 23:48 - 2017-03-04 23:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2017-03-04 23:48 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll 2017-03-04 23:48 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll 2017-03-04 23:48 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll 2017-03-04 23:48 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll 2017-03-04 23:48 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll 2017-03-03 15:18 - 2017-03-03 15:18 - 00002104 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-03-03 13:59 - 2017-03-03 13:59 - 00000000 ____D C:\Users\CapaDeEspingarda\Documents\Sony 2017-03-02 12:48 - 2017-03-28 09:10 - 00000000 _____ C:\Windows\SysWOW64\4 2017-03-02 12:48 - 2017-03-28 09:10 - 00000000 _____ C:\Windows\SysWOW64\3 2017-03-01 20:57 - 2017-03-01 20:57 - 00000772 _____ C:\Windows\SysWOW64\ping.cfg 2017-03-01 14:41 - 2017-03-01 14:41 - 00042064 _____ (Anchorfree Inc.) C:\Windows\system32\Drivers\taphss6.sys 2017-03-01 11:16 - 2017-03-30 15:09 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\Roaming\Kyubey 2017-02-28 18:11 - 2017-02-28 18:12 - 00000000 ____D C:\Users\CapaDeEspingarda\Desktop\card_images ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2017-03-30 23:47 - 2016-10-29 10:38 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\Roaming\uTorrent 2017-03-30 23:43 - 2016-11-15 18:43 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache 2017-03-30 23:43 - 2016-11-15 18:43 - 00000000 ____D C:\ProgramData\Package Cache 2017-03-30 23:41 - 2013-08-22 01:48 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2068066710-1894597914-935236861-1001 2017-03-30 23:39 - 2016-12-16 11:22 - 00000040 _____ C:\Program Files (x86)\settings.dat 2017-03-30 23:05 - 2016-10-29 12:22 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\Roaming\DAEMON Tools Lite 2017-03-30 22:59 - 2016-11-10 11:01 - 00000000 _____ C:\Users\Public\Documents\report.dat 2017-03-30 22:27 - 2016-10-27 14:10 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\Roaming\Skype 2017-03-30 22:03 - 2016-10-27 13:29 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\Local\Spotify 2017-03-30 21:13 - 2016-10-27 13:28 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\Roaming\Spotify 2017-03-30 20:47 - 2016-10-26 05:16 - 00000354 _____ C:\Windows\Tasks\Update Service for Youtube AdBlock.job 2017-03-30 20:46 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-03-30 12:30 - 2016-10-28 14:00 - 00000354 _____ C:\Windows\Tasks\Update Service for Youtube AdBlock2.job 2017-03-30 11:47 - 2017-02-17 11:27 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\Roaming\WinSAPSvc 2017-03-30 11:47 - 2017-02-15 11:00 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\Roaming\WinSnare 2017-03-30 11:47 - 2017-01-25 11:02 - 00003620 _____ C:\Windows\System32\Tasks\Milimili 2017-03-30 11:47 - 2016-11-10 11:00 - 00000000 _____ C:\Users\Public\Documents\temp.dat 2017-03-28 13:41 - 2016-12-18 14:26 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\LocalLow\Mozilla 2017-03-27 12:11 - 2017-01-17 11:16 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\Local\LogMeIn Hamachi 2017-03-25 01:45 - 2013-08-22 10:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2017-03-23 12:01 - 2016-11-07 07:46 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC 2017-03-23 12:01 - 2016-11-07 07:46 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\Roaming\aMule 2017-03-23 11:56 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\Inf 2017-03-21 12:53 - 2016-11-15 14:49 - 00548928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2017-03-19 16:02 - 2016-12-29 20:39 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\Roaming\Curse Client 2017-03-18 21:57 - 2016-10-27 14:13 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\Roaming\TS3Client 2017-03-18 15:05 - 2016-11-15 14:49 - 00547904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.148986034731204 2017-03-18 15:05 - 2016-11-15 14:49 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148986034943706 2017-03-18 15:05 - 2016-11-15 14:49 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys 2017-03-18 15:05 - 2016-11-15 14:49 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2017-03-18 15:05 - 2016-11-15 14:49 - 00126600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2017-03-18 15:05 - 2016-11-15 14:49 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2017-03-18 15:05 - 2016-11-15 14:49 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2017-03-18 15:05 - 2016-11-15 14:49 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2017-03-18 15:04 - 2016-11-15 14:49 - 00993608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2017-03-17 21:57 - 2017-01-18 15:57 - 00000000 ____D C:\Users\Todos os Usuários\wintools 2017-03-17 21:57 - 2017-01-18 15:57 - 00000000 ____D C:\ProgramData\wintools 2017-03-13 13:49 - 2016-11-18 20:35 - 00000000 ___HD C:\Program Files (x86)\Temp 2017-03-13 13:48 - 2017-02-08 14:04 - 00000000 ____D C:\Windows\LastGood 2017-03-13 13:48 - 2017-01-27 17:19 - 00000000 ____D C:\Windows\system32\DAX3 2017-03-13 13:48 - 2017-01-27 17:19 - 00000000 ____D C:\Users\Todos os Usuários\Audyssey Labs 2017-03-13 13:48 - 2017-01-27 17:19 - 00000000 ____D C:\ProgramData\Audyssey Labs 2017-03-13 13:48 - 2016-10-27 13:17 - 00000000 ____D C:\Windows\system32\DAX2 2017-03-13 13:46 - 2016-11-18 20:38 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-03-13 13:38 - 2016-10-27 13:19 - 00000000 ____D C:\Users\CapaDeEspingarda\Desktop\CapaDeEspingarda 2017-03-10 16:18 - 2016-12-23 15:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments 2017-03-10 15:39 - 2016-12-23 16:07 - 00076364 _____ C:\Users\CapaDeEspingarda\Desktop\untitled.flp 2017-03-08 16:48 - 2013-08-22 01:42 - 00000000 ____D C:\Users\CapaDeEspingarda 2017-03-05 20:23 - 2016-11-15 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WTFast 2017-03-04 23:48 - 2016-10-29 12:32 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\Roaming\Riot Games 2017-03-03 15:18 - 2017-01-12 19:37 - 00002597 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-03-03 13:59 - 2016-11-13 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony 2017-03-03 13:59 - 2016-11-13 16:21 - 00000000 ____D C:\Program Files\Sony 2017-03-02 15:02 - 2006-05-11 14:33 - 03269799 ____H C:\Users\CapaDeEspingarda\AppData\Roaming\logs.dat 2017-03-01 11:26 - 2016-10-29 11:58 - 00000000 ____D C:\Users\CapaDeEspingarda\AppData\Local\ElevatedDiagnostics 2017-03-01 11:25 - 2016-10-27 14:10 - 00000000 ___RD C:\Program Files (x86)\Skype 2017-03-01 11:25 - 2016-10-27 14:10 - 00000000 ____D C:\Users\Todos os Usuários\Skype 2017-03-01 11:25 - 2016-10-27 14:10 - 00000000 ____D C:\ProgramData\Skype ==================== Arquivos na raiz de alguns diretórios ======= 2016-12-16 11:22 - 2016-12-16 11:22 - 0000000 _____ () C:\Program Files (x86)\metadata 2016-12-16 11:22 - 2017-03-30 23:39 - 0000040 _____ () C:\Program Files (x86)\settings.dat 2006-05-11 14:33 - 2017-03-02 15:02 - 3269799 ____H () C:\Users\CapaDeEspingarda\AppData\Roaming\logs.dat 2016-11-01 12:37 - 2016-12-08 10:13 - 0024064 _____ () C:\Users\CapaDeEspingarda\AppData\Roaming\svchost.exe 2016-11-26 21:12 - 2016-11-26 21:12 - 0000017 _____ () C:\Users\CapaDeEspingarda\AppData\Local\resmon.resmoncfg 2016-11-01 11:30 - 2016-11-01 11:30 - 0000000 _____ () C:\Users\CapaDeEspingarda\AppData\Local\{18303E71-CA82-45B0-BA8F-9DD1B85A8FDF} 2016-10-27 13:17 - 2016-10-27 13:17 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Alguns arquivos em TEMP: ==================== 2017-03-13 15:44 - 2017-03-13 15:44 - 0017408 _____ () C:\Users\CapaDeEspingarda\AppData\Local\Temp\jansi-32.dll 2017-03-03 13:58 - 2017-03-03 13:58 - 49239544 _____ (Sony) C:\Users\CapaDeEspingarda\AppData\Local\Temp\xcsCFEF.tmp.exe ==================== Bamital & volsnap ====================== (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2017-03-24 11:57 ==================== Fim de FRST.txt ============================