Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
VitorAm

Lentidao, avgnet.exe erro na memoria

Recommended Posts

Meu pc vem apresentando muita lentidao, acredito que seja algum tipo de virus, recentemente ele deu esse erro

A instrução no 0x00ebb3a0 fez referencia a memoria no 0x00ebb3a0. A memoria nao pode ser written.

Na internet achei que uma das causas podia ser malware... então estou aqui

 

ZA-Scan.txt

ZA-Scan V1.0.0.5 Updated 31-December-2015
Tool run by User on 08/05/2016 at 17:54:28,28.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User\Downloads\ZA-Scan.exe [Z-Analyse Scan]

==== Running Processes ======================

C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
C:\Users\User\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Users\User\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Users\User\Downloads\ZA-Scan.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Users\User\AppData\Local\Temp\ZAScan.exe

==== Services(whitelist) ======================
Powered by E Dev

R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
R2 - [AntiVirSchedulerService] - Avira Agendamento - c:\program files (x86)\avira\antivir desktop\sched.exe
R2 - [AntiVirService] - Avira Real-Time Protection - c:\program files (x86)\avira\antivir desktop\avguard.exe
R2 - [Avira.ServiceHost] - Avira Service Host - c:\program files (x86)\avira\launcher\avira.servicehost.exe
R2 - [nvsvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe
R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
S2 - [AntiVirMailService] - Avira Mail Protection - c:\program files (x86)\avira\antivir desktop\avmailc7.exe
S2 - [AntiVirWebService] - Avira Web Protection - c:\program files (x86)\avira\antivir desktop\avwebg7.exe
S2 - [gupdate] - Serviço do Google Update (gupdate) - c:\program files (x86)\google\update\googleupdate.exe
S2 - [SkypeUpdate] - Skype Updater - c:\program files (x86)\skype\updater\updater.exe
S2 - [sppsvc] - Proteção de Software - c:\windows\system32\sppsvc.exe
S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
S3 - [ALG] - Serviço Gateway de Camada de Aplicativo - c:\windows\system32\alg.exe
S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
S3 - [ehRecvr] - Serviço Receptor do Windows Media Center - c:\windows\ehome\ehrecvr.exe
S3 - [ehSched] - Serviço Agendador do Windows Media Center - c:\windows\ehome\ehsched.exe
S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
S3 - [gupdatem] - Serviço do Google Update (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe
S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
S3 - [MSDTC] - Coordenador de transações distribuídas - c:\windows\system32\msdtc.exe
S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
S3 - [ose64] - Office 64 Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe
S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe
S3 - [PerfHost] - Host de DLL de Contador de Desempenho - c:\windows\syswow64\perfhost.exe
S3 - [RpcLocator] - Alocador Remote Procedure Call (RPC) - c:\windows\system32\locator.exe
S3 - [SNMPTRAP] - Interceptação SNMP - c:\windows\system32\snmptrap.exe
S3 - [Steam Client Service] - Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe
S3 - [TrustedInstaller] - Instalador de Módulos do Windows - c:\windows\servicing\trustedinstaller.exe
S3 - [vds] - Disco Virtual - c:\windows\system32\vds.exe
S3 - [VSS] - Cópia de Sombra de Volume - c:\windows\system32\vssvc.exe
S3 - [WatAdminSvc] - Serviço de Tecnologias de Ativação do Windows - c:\windows\system32\wat\watadminsvc.exe
S3 - [wbengine] - Serviço de Mecanismo de Backup em Nível de Bloco - c:\windows\system32\wbengine.exe
S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
S3 - [WMPNetworkSvc] - Serviço de Compartilhamento de Rede do Windows Media Player - c:\program files\windows media player\wmpnetwk.exe
S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe
S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe

==== Drivers(whitelist) ======================
Powered by E Dev

R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys
R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys
R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys
R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys
R3 - [srv] - Driver SMB 1.xxx do Servidor - C:\Windows\system32\Drivers\srv.sys
R3 - [srv2] - Driver SMB 2.xxx do Servidor - C:\Windows\system32\Drivers\srv2.sys
R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys
R0 - [amdxata] - amdxata - C:\Windows\system32\Drivers\amdxata.sys
R0 - [atapi] - Canal de IDE - C:\Windows\system32\Drivers\atapi.sys
R0 - [CLFS] - Log Comum (CLFS) - C:\Windows\system32\Drivers\CLFS.sys [x]
R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys
R0 - [Disk] - Driver de disco - C:\Windows\system32\Drivers\Disk.sys
R0 - [fvevol] - Driver de Filtro de Criptografia de Unidade de Disco BitLocker - C:\Windows\system32\Drivers\fvevol.sys
R0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys
R0 - [intelide] - intelide - C:\Windows\system32\Drivers\intelide.sys
R0 - [iusb3hcs] - Driver de comutação do controlador host Intel(R) USB 3.0 - C:\Windows\system32\Drivers\iusb3hcs.sys
R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys
R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys
R0 - [mountmgr] - Gerenciador de Pontos de Montagem - C:\Windows\system32\Drivers\mountmgr.sys
R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys
R0 - [NDIS] - Driver do Sistema NDIS - C:\Windows\system32\Drivers\NDIS.sys
R0 - [partmgr] - Gerenciador de Partições - C:\Windows\system32\Drivers\partmgr.sys
R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys
R0 - [pciide] - pciide - C:\Windows\system32\Drivers\pciide.sys
R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys
R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys
R0 - [spldr] - Security Processor Loader Driver - C:\Windows\system32\Drivers\spldr.sys
R0 - [storflt] - Driver de Filtro de Aceleração do Barramento da Máquina Virtual do Disco - C:\Windows\system32\Drivers\storflt.sys [x]
R0 - [Tcpip] - Driver de Protocolo TCP/IP - C:\Windows\system32\Drivers\Tcpip.sys
R0 - [vdrvroot] - Driver de enumerador da unidade virtual Microsoft - C:\Windows\system32\Drivers\vdrvroot.sys
R0 - [volmgr] - Volume Manager Driver - C:\Windows\system32\Drivers\volmgr.sys
R0 - [volmgrx] - Gerenciador de Volume Dinâmico - C:\Windows\system32\Drivers\volmgrx.sys
R0 - [volsnap] - Volumes de armazenamento - C:\Windows\system32\Drivers\volsnap.sys
R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys
R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys
R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys
R1 - [tdx] - Driver de Suporte a TDI Herdado de NetIO - C:\Windows\system32\Drivers\tdx.sys
R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-548115999-3031690571-1337500689-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="C:\Users\User\AppData\Local\Akamai\netsession_win.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"
"uTorrent"="C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min"
"Avira SystrayStartTrigger"="C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
"AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin"
"Aeria Ignite"="C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe silent"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="C:\Users\User\AppData\Local\Akamai\netsession_win.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"
"uTorrent"="C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Aeria Ignite]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Aeria Ignite"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Aeria Games\\Ignite\\aeriaignite.exe\" silent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\avgnt]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="avgnt"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Avira\\AntiVir Desktop\\avgnt.exe\" /min"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Avira SystrayStartTrigger]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Avira SystrayStartTrigger"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Avira\\Launcher\\Avira.SystrayStartTrigger.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CCleaner Monitoring"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PowerDVD14Agent]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PowerDVD14Agent"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\CyberLink\\PowerDVD14\\PowerDVD14Agent.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Steam"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Steam\\steam.exe\" -silent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""


==== Startup Folders ======================

2016-03-28 20:15:25    1952    ----a-w-    C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Deskjet 2540 series.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [22/03/2016 10:11]
C:\Windows\tasks\AutoKMS.job --a------ C:\Windows\AutoKMS.exe [22/03/2016 11:01]
C:\Windows\tasks\AutoKMSDaily.job --a------ C:\Windows\AutoKMS.exe [22/03/2016 11:01]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22/03/2016 10:42]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22/03/2016 10:42]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AutoKMS" [C:\Windows\AutoKMS.exe]
"C:\Windows\SysNative\tasks\AutoKMSDaily" [C:\Windows\AutoKMS.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\Driver Booster SkipUAC (User)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Chromium Look ======================


Google Slides - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Sheets - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Docs Offline - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Thank you pack 01 - 6/12 - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipgobllaeideplokfhgdpflnmkeahbed
Chrome Web Store Payments - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

==== EOF on 08/05/2016 at 17:55:19,97 ======================
 

Editado por Vitor Mazzo

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @Vitor Mazzo

 

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.

 

Por favor, atente para o seguinte:

  1. Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  2. O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  3. Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  4. Sempre coloque suas respostas neste tópico... Não abra outro!
  5. Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  6. Respeite a ordem das instruções passadas.

 

Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

 

# Etapa nº 1 #
 
Baixe o AdwCleaner e salve em sua Área de trabalho (Desktop)

Execute o arquivo adwcleaner.exe

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • Clique na aba Opções e deixe marcado apenas "Restaurar Políticas do IE" e "Restaurar Políticas do Chrome"
  • Clique no botão Verificar e aguarde o exame finalizar.
  • Clique no botão Limpar.
  • Abrirá um bloco de notas com o resultado.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.
  • O log também será salvo em C:\AdwCleaner


NOTA: Se o AdwCleaner encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC. Faça isso imediatamente, ao ser perguntado se quer reiniciar.
 
# Etapa nº 2 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Junkware Removal Tool (JRT) e salve em sua Área de trabalho (Desktop)

 

Clique duas vezes para executar o jrt.exe.
 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • A ferramenta começará o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Ao final um log se abrirá. Será salvo no desktop com o nome de JRT.txt.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 
# Etapa nº 3 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Faça o download do ZHPCleaner e salve em sua Área de trabalho (Desktop)

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

  • Clique no botão Scanner.
  • A ferramenta começara o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Em seguida clique no botão Reparar.
  • Será gerado um log chamado ZHPCleaner.txt
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @Vitor Mazzo

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Baixe o Farbar Recovery Scan Tool e salve-o na Área de Trabalho (Desktop).


32 bit (x86) ou 64 bit (x64)

 

  • Clique duas vezes para executar a ferramenta.
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png
  • Marque a caixa Arquivos 90 dias,  e clique no botão Examinar.
  • Aguarde e ao final os logs FRST.txt e Addition.txt serão salvos em sua Área de Trabalho (Desktop).
  • Selecione, copie e cole o conteúdo do log  FRST.txt em sua próxima resposta.
  • Anexe o log Addition.txt

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites
  • Autor do tópico
  • Segue o log:

    Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:09-05-2016
    Executado por User (administrador) em USER-PC (11-05-2016 17:27:31)
    Executando a partir de C:\Users\User\Desktop
    Perfis Carregados: User (Perfis Disponíveis: User)
    Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
    Internet Explorer Versão 11 (Navegador padrão: Chrome)
    Modo da Inicialização: Normal
    Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processos (Whitelisted) =================

    (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe


    ==================== Registro (Whitelisted) ===========================

    (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

    HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16408320 2016-03-22] (Realtek Semiconductor)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-09-17] (Intel Corporation)
    HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-22] (Avira Operations GmbH & Co. KG)
    HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-04-25] (Avira Operations GmbH & Co. KG)
    HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
    HKU\S-1-5-21-548115999-3031690571-1337500689-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\User\AppData\Local\Akamai\netsession_win.exe"
    HKU\S-1-5-21-548115999-3031690571-1337500689-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
    HKU\S-1-5-21-548115999-3031690571-1337500689-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-29] (Valve Corporation)
    HKU\S-1-5-21-548115999-3031690571-1337500689-1000\...\Run: [uTorrent] => C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe [1959424 2016-04-26] (BitTorrent Inc.)
    HKU\S-1-5-21-548115999-3031690571-1337500689-1000\...\Run: [AdobeBridge] => [X]
    Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Deskjet 2540 series.lnk [2016-05-11]
    ShortcutTarget: Monitorar alertas de tinta - HP Deskjet 2540 series.lnk -> C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

    ==================== Internet (Whitelisted) ====================

    (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{3931B240-E3E4-4B5C-A768-006738473B3C}: [DhcpNameServer] 192.168.1.1

    Internet Explorer:
    ==================
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-21-548115999-3031690571-1337500689-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-03-22] (Oracle Corporation)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-22] (Oracle Corporation)
    BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)

    FireFox:
    ========
    FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-22] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-22] (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)

    Chrome: 
    =======
    CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Apresentações) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-22]
    CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-22]
    CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-22]
    CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-22]
    CHR Extension: (Planilhas do Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-22]
    CHR Extension: (Documentos Google off-line) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-22]
    CHR Extension: (Thank you pack 01 - 6/12) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipgobllaeideplokfhgdpflnmkeahbed [2016-03-22]
    CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-07]
    CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-22]

    ==================== Serviços (Whitelisted) ========================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-22] (Avira Operations GmbH & Co. KG)
    R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-22] (Avira Operations GmbH & Co. KG)
    R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-22] (Avira Operations GmbH & Co. KG)
    S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1424880 2016-03-22] (Avira Operations GmbH & Co. KG)
    R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [280008 2016-04-25] (Avira Operations GmbH & Co. KG)
    S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2006-11-10] (Nero AG) [Arquivo não assinado]
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-11-22] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-22] (Avira Operations GmbH & Co. KG)
    R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [133168 2016-03-22] (Avira Operations GmbH & Co. KG)
    R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-02] (Avira Operations GmbH & Co. KG)
    R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [69888 2016-03-22] (Avira Operations GmbH & Co. KG)
    S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
    R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2016-03-22] (REALiX(tm))
    R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [180480 2016-03-22] (Intel Corporation)
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


    ==================== Três Meses Criados arquivos e pastas ========

    (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

    2016-05-11 17:27 - 2016-05-11 17:27 - 00011147 _____ C:\Users\User\Desktop\FRST.txt
    2016-05-11 17:27 - 2016-05-11 17:27 - 00000000 ____D C:\FRST
    2016-05-11 17:24 - 2016-05-11 17:25 - 02381312 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
    2016-05-10 18:00 - 2016-05-10 18:00 - 00000000 ____D C:\Users\User\Desktop\pc programas
    2016-05-10 17:49 - 2016-05-10 17:57 - 00000000 ____D C:\Users\User\AppData\Roaming\ZHP
    2016-05-10 17:26 - 2016-05-10 17:30 - 00000000 ____D C:\AdwCleaner
    2016-05-08 17:57 - 2016-05-08 17:57 - 00017217 _____ C:\Users\User\Downloads\ZA-Scan.txt
    2016-05-08 17:55 - 2016-05-08 17:55 - 00017217 _____ C:\ZA-Scan.txt
    2016-05-08 17:54 - 2016-05-08 17:54 - 00000000 ____D C:\zoek_backup
    2016-05-08 02:39 - 2016-05-08 13:28 - 00000000 ____D C:\Windows\Minidump
    2016-05-08 02:35 - 2016-05-08 02:35 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
    2016-05-06 23:09 - 2016-05-06 23:09 - 00642632 _____ (EFD Software ) C:\Users\User\Downloads\hdtune_255.exe
    2016-05-06 23:09 - 2016-05-06 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
    2016-05-06 23:09 - 2016-05-06 23:09 - 00000000 ____D C:\Program Files (x86)\HD Tune
    2016-05-06 21:53 - 2016-05-06 21:53 - 00000000 ____D C:\Program Files\Speccy
    2016-05-06 21:50 - 2016-05-06 21:52 - 04890736 _____ (Piriform Ltd) C:\Users\User\Downloads\spsetup126.exe
    2016-04-27 21:25 - 2016-04-27 21:25 - 00000000 ____D C:\Users\Todos os Usuários\regid.1986-12.com.adobe
    2016-04-27 21:25 - 2016-04-27 21:25 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
    2016-04-27 21:24 - 2016-04-27 21:24 - 00001650 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6.lnk
    2016-04-27 21:23 - 2016-04-27 21:23 - 00001518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6 (64 Bit).lnk
    2016-04-27 21:23 - 2016-04-27 21:23 - 00001169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
    2016-04-27 21:23 - 2016-04-27 21:23 - 00001037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
    2016-04-27 21:23 - 2016-04-27 21:23 - 00000000 ____D C:\Users\Todos os Usuários\ALM
    2016-04-27 21:23 - 2016-04-27 21:23 - 00000000 ____D C:\ProgramData\ALM
    2016-04-27 21:22 - 2016-04-27 21:23 - 00000000 ____D C:\Program Files\Adobe
    2016-04-27 21:21 - 2016-04-27 21:21 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
    2016-04-27 21:21 - 2016-04-27 21:21 - 00001353 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
    2016-04-27 21:21 - 2016-04-27 21:21 - 00000997 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
    2016-04-27 21:21 - 2016-04-27 21:21 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Roaming\Macromedia
    2016-04-27 21:21 - 2016-04-27 21:21 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
    2016-04-27 21:21 - 2016-04-27 21:21 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
    2016-04-27 21:18 - 2016-04-27 21:23 - 00000000 ____D C:\Program Files\Common Files\Adobe
    2016-04-27 21:13 - 2016-04-28 17:33 - 00000000 ____D C:\Users\User\AppData\Local\Adobe
    2016-04-27 21:06 - 2016-04-27 21:06 - 00000000 ____D C:\Users\User\Desktop\Adobe Illustrator CS6
    2016-04-26 18:57 - 2016-04-27 14:54 - 1396346733 ____R C:\Users\User\Downloads\Adobe Photoshop CS6 Extended.exe
    2016-04-26 18:56 - 2016-04-27 04:13 - 00000000 ____D C:\Users\User\Downloads\Adobe Illustrator CS6 16.0.0 (32-64 bit) [ChingLiu]
    2016-04-26 18:54 - 2016-05-11 16:33 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent
    2016-04-26 11:38 - 2016-04-26 11:59 - 00000000 ____D C:\Users\User\Downloads\Epigram
    2016-04-26 10:38 - 2016-05-11 16:33 - 00000000 ____D C:\Program Files (x86)\Steam
    2016-04-16 19:52 - 2016-04-16 19:52 - 00010213 _____ C:\Users\User\Downloads\Livro (1).xlsx
    2016-04-06 17:08 - 2016-04-06 17:08 - 00009694 _____ C:\Users\User\Downloads\Livro.xlsx
    2016-03-29 10:40 - 2016-03-29 10:40 - 00000000 __SHD C:\found.000
    2016-03-28 17:15 - 2016-03-28 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
    2016-03-28 17:15 - 2014-03-06 12:51 - 00763912 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPMC211.dll
    2016-03-28 17:14 - 2016-03-28 17:15 - 00000000 ____D C:\Users\User\AppData\Local\HP
    2016-03-28 17:14 - 2016-03-28 17:14 - 00000057 _____ C:\Users\Todos os Usuários\Ament.ini
    2016-03-28 17:14 - 2016-03-28 17:14 - 00000057 _____ C:\ProgramData\Ament.ini
    2016-03-28 17:14 - 2016-03-28 17:14 - 00000000 ____D C:\Users\Todos os Usuários\HP
    2016-03-28 17:14 - 2016-03-28 17:14 - 00000000 ____D C:\ProgramData\HP
    2016-03-28 17:14 - 2016-03-28 17:14 - 00000000 ____D C:\Program Files\HP
    2016-03-28 17:14 - 2016-03-28 17:14 - 00000000 ____D C:\Program Files (x86)\HP
    2016-03-28 17:12 - 2016-03-28 17:14 - 106859936 _____ C:\Users\User\Downloads\DJ2540_188.exe
    2016-03-25 12:49 - 2016-03-25 12:49 - 00000000 ____D C:\Users\User\AppData\Roaming\NVIDIA
    2016-03-25 12:48 - 2016-03-25 12:48 - 00000000 ____D C:\Windows\SysWOW64\AGEIA
    2016-03-25 12:48 - 2016-03-25 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2016-03-25 12:48 - 2016-03-25 12:48 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
    2016-03-24 21:04 - 2016-03-24 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
    2016-03-24 21:02 - 2016-03-24 21:02 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
    2016-03-24 20:57 - 2016-03-24 20:57 - 00000000 ____D C:\Users\User\AppData\Roaming\Day 1 Studios
    2016-03-24 20:57 - 2016-03-24 20:57 - 00000000 ____D C:\Users\User\AppData\Local\SKIDROW
    2016-03-24 20:46 - 2016-03-24 20:46 - 00002094 _____ C:\F.3.A.R..lnk
    2016-03-24 20:46 - 2016-03-24 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Catalyst
    2016-03-24 20:41 - 2016-03-24 20:41 - 00000000 ____D C:\Program Files (x86)\R.G. Catalyst
    2016-03-24 18:49 - 2016-03-24 18:49 - 00002494 _____ C:\The Sims 3.lnk
    2016-03-24 18:49 - 2016-03-24 18:49 - 00000000 ____D C:\Users\User\AppData\Roaming\The Sims 3
    2016-03-24 18:49 - 2016-03-24 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
    2016-03-24 17:44 - 2016-03-24 17:44 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
    2016-03-24 15:49 - 2016-03-24 15:50 - 00000000 ____D C:\Users\User\Desktop\Bully Scholarship Edition ~!~TECHTON
    2016-03-24 15:48 - 2016-05-10 21:30 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc
    2016-03-24 15:47 - 2016-03-24 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    2016-03-24 15:47 - 2016-03-24 15:47 - 00000000 ____D C:\Program Files (x86)\VideoLAN
    2016-03-24 15:40 - 2016-03-24 15:45 - 30510920 _____ C:\Users\User\Downloads\vlc-2.2.2-win32.exe
    2016-03-24 12:26 - 2016-05-08 13:26 - 00000000 ___HD C:\Windows\msdownld.tmp
    2016-03-24 12:26 - 2016-05-08 13:26 - 00000000 ____D C:\Windows\SysWOW64\directx
    2016-03-23 17:20 - 2016-04-13 22:24 - 00000000 ____D C:\Users\User\AppData\Local\Microsoft Games
    2016-03-22 19:18 - 2016-03-22 19:18 - 00000000 ____D C:\Users\User\AppData\Local\Steam
    2016-03-22 19:18 - 2016-03-22 19:18 - 00000000 ____D C:\Users\User\AppData\Local\CEF
    2016-03-22 18:59 - 2016-03-22 18:59 - 00000000 ____D C:\Users\User\AppData\Roaming\Macromedia
    2016-03-22 18:58 - 2016-03-22 18:58 - 00000000 ____D C:\Users\User\AppData\Local\Aeria Games
    2016-03-22 18:53 - 2016-03-22 18:53 - 00000000 ____D C:\Users\Todos os Usuários\Aeria Games
    2016-03-22 18:53 - 2016-03-22 18:53 - 00000000 ____D C:\ProgramData\Aeria Games
    2016-03-22 18:52 - 2016-05-09 16:42 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
    2016-03-22 18:52 - 2016-03-22 18:52 - 00000000 ____D C:\Users\User\AppData\Roaming\Aeria Games & Entertainment
    2016-03-22 18:32 - 2016-03-22 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
    2016-03-22 14:57 - 2016-03-22 14:57 - 00000000 ____D C:\Users\Public\CyberLink
    2016-03-22 14:56 - 2016-03-22 14:56 - 00000000 ____D C:\Users\User\AppData\Roaming\CyberLink
    2016-03-22 14:29 - 2016-03-22 11:44 - 00000000 ____D C:\Windows\Panther
    2016-03-22 14:23 - 2016-03-22 14:23 - 00000000 ____D C:\Skandia 1.6
    2016-03-22 14:23 - 2016-03-22 14:23 - 00000000 ____D C:\Project64 1.6
    2016-03-22 14:15 - 2016-03-22 14:15 - 00000000 ____D C:\Games
    2016-03-22 14:13 - 2016-05-06 19:18 - 00000000 ____D C:\AeriaGames
    2016-03-22 14:03 - 2016-05-03 17:27 - 00000262 _____ C:\Users\User\Desktop\thrthrt.txt
    2016-03-22 14:03 - 2016-03-22 14:03 - 00000000 ____D C:\Users\User\Downloads\[EA_&_Shinkai]_Boku_Dake_ga_Inai_Machi_-_01_ao_02_[720p_Hi10p_AAC]
    2016-03-22 14:03 - 2016-03-22 14:03 - 00000000 ____D C:\Users\User\Downloads\[Aenianos] Kyokai no Kanata [BD 1080 - Hi10p][Flac]
    2016-03-22 14:02 - 2016-03-22 14:02 - 00000000 ____D C:\Users\User\Downloads\Toradora!
    2016-03-22 14:02 - 2016-03-22 14:02 - 00000000 ____D C:\Users\User\Downloads\Nisemonogatari
    2016-03-22 13:58 - 2016-03-22 14:02 - 00000000 ____D C:\Users\User\Downloads\Fallout.4-CODEX
    2016-03-22 13:58 - 2016-03-22 13:58 - 00000000 ____D C:\Users\User\Downloads\DAN_MACHI_COMPLETO_[BD_1080p_Hi10p_Flac]
    2016-03-22 13:57 - 2016-03-24 18:48 - 00000000 ____D C:\Users\User\Documents\Electronic Arts
    2016-03-22 13:57 - 2016-03-22 13:58 - 00000000 ____D C:\Users\User\Downloads\Bakemonogatari Completo [ Blu-ray 720p 10bits ]
    2016-03-22 13:57 - 2016-03-22 13:57 - 00000000 ____D C:\Users\User\Documents\My Games
    2016-03-22 13:57 - 2016-03-22 13:57 - 00000000 ____D C:\Users\User\Documents\mgr
    2016-03-22 13:57 - 2016-03-22 13:57 - 00000000 ____D C:\Users\User\Documents\EA Games
    2016-03-22 13:57 - 2015-03-14 23:12 - 00000000 ____D C:\Users\User\Documents\Lightshot
    2016-03-22 13:56 - 2016-03-22 13:56 - 00000000 ____D C:\Users\User\Tracing
    2016-03-22 13:56 - 2016-03-22 13:56 - 00000000 ____D C:\Users\User\Documents\DyingLight
    2016-03-22 13:56 - 2016-03-22 13:56 - 00000000 ____D C:\Users\User\Desktop\fotos
    2016-03-22 13:56 - 2016-01-22 15:54 - 00000000 ____D C:\Users\User\aTubeCatcher
    2016-03-22 13:56 - 2015-11-11 20:17 - 00099328 ____H C:\Users\User\Desktop\photothumb.db
    2016-03-22 13:56 - 2015-04-01 19:59 - 00000129 _____ C:\Users\User\Documents\ergerger.txt
    2016-03-22 13:45 - 2016-03-22 13:45 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
    2016-03-22 11:56 - 2016-03-22 11:56 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
    2016-03-22 11:56 - 2016-03-22 11:56 - 00000000 ____D C:\Users\User\AppData\Roaming\Sun
    2016-03-22 11:56 - 2016-03-22 11:56 - 00000000 ____D C:\Users\User\AppData\LocalLow\Sun
    2016-03-22 11:56 - 2016-03-22 11:56 - 00000000 ____D C:\Users\User\AppData\LocalLow\Oracle
    2016-03-22 11:56 - 2016-03-22 11:56 - 00000000 ____D C:\Users\User\.oracle_jre_usage
    2016-03-22 11:56 - 2016-03-22 11:56 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
    2016-03-22 11:56 - 2016-03-22 11:56 - 00000000 ____D C:\ProgramData\Oracle
    2016-03-22 11:56 - 2016-03-22 11:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2016-03-22 11:56 - 2016-03-22 11:56 - 00000000 ____D C:\Program Files\Java
    2016-03-22 11:53 - 2016-03-24 21:05 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
    2016-03-22 11:53 - 2016-03-22 18:28 - 00000000 ____D C:\Users\User\AppData\Local\CyberLink
    2016-03-22 11:53 - 2016-03-22 11:53 - 00000000 ____D C:\Users\Todos os Usuários\PDVD
    2016-03-22 11:53 - 2016-03-22 11:53 - 00000000 ____D C:\ProgramData\PDVD
    2016-03-22 11:53 - 2016-03-22 11:53 - 00000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
    2016-03-22 11:52 - 2016-03-22 11:52 - 00000000 ____D C:\Users\Todos os Usuários\Temp
    2016-03-22 11:52 - 2016-03-22 11:52 - 00000000 ____D C:\ProgramData\Temp
    2016-03-22 11:51 - 2016-03-22 18:29 - 00000000 ____D C:\Users\Todos os Usuários\SUPPORTDIR
    2016-03-22 11:51 - 2016-03-22 18:29 - 00000000 ____D C:\ProgramData\SUPPORTDIR
    2016-03-22 11:51 - 2016-03-22 18:28 - 00000000 ____D C:\Users\Todos os Usuários\CyberLink
    2016-03-22 11:51 - 2016-03-22 18:28 - 00000000 ____D C:\ProgramData\CyberLink
    2016-03-22 11:51 - 2016-03-22 11:51 - 00000000 ____D C:\Users\Todos os Usuários\install_clap
    2016-03-22 11:51 - 2016-03-22 11:51 - 00000000 ____D C:\ProgramData\install_clap
    2016-03-22 11:50 - 2016-05-11 16:36 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
    2016-03-22 11:50 - 2016-05-11 16:36 - 00000000 ____D C:\ProgramData\Package Cache
    2016-03-22 11:49 - 2016-03-22 11:49 - 00000000 ____D C:\Users\User\AppData\Local\Ahead
    2016-03-22 11:49 - 2016-03-22 11:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition
    2016-03-22 11:48 - 2016-03-22 11:48 - 00000000 ____D C:\Users\User\AppData\Roaming\Ahead
    2016-03-22 11:48 - 2016-03-22 11:48 - 00000000 ____D C:\Users\Todos os Usuários\Nero
    2016-03-22 11:48 - 2016-03-22 11:48 - 00000000 ____D C:\ProgramData\Nero
    2016-03-22 11:48 - 2016-03-22 11:48 - 00000000 ____D C:\Program Files (x86)\Nero
    2016-03-22 11:43 - 2016-03-22 18:34 - 00000000 ____D C:\Users\User\AppData\Roaming\Avira
    2016-03-22 11:43 - 2016-03-22 14:59 - 00002788 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
    2016-03-22 11:43 - 2016-03-22 11:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2016-03-22 11:43 - 2016-03-22 11:43 - 00000000 ____D C:\Program Files\CCleaner
    2016-03-22 11:42 - 2016-05-11 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
    2016-03-22 11:42 - 2016-03-22 18:28 - 00154816 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
    2016-03-22 11:42 - 2016-03-22 18:28 - 00133168 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
    2016-03-22 11:42 - 2016-03-22 18:28 - 00069888 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
    2016-03-22 11:42 - 2016-03-22 18:28 - 00000000 ____D C:\Users\Todos os Usuários\Avira
    2016-03-22 11:42 - 2016-03-22 18:28 - 00000000 ____D C:\ProgramData\Avira
    2016-03-22 11:42 - 2016-03-22 11:51 - 00000000 ____D C:\Program Files (x86)\Avira
    2016-03-22 11:42 - 2014-07-02 17:26 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
    2016-03-22 11:17 - 2016-03-22 11:17 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
    2016-03-22 11:16 - 2016-04-27 21:32 - 00000000 ____D C:\Program Files (x86)\Adobe
    2016-03-22 11:16 - 2016-04-27 21:25 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
    2016-03-22 11:16 - 2016-04-27 21:25 - 00000000 ____D C:\ProgramData\Adobe
    2016-03-22 11:12 - 2016-04-18 19:50 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
    2016-03-22 11:12 - 2016-03-22 11:12 - 00000000 ___RD C:\Program Files (x86)\Skype
    2016-03-22 11:12 - 2016-03-22 11:12 - 00000000 ____D C:\Users\User\AppData\Local\Skype
    2016-03-22 11:12 - 2016-03-22 11:12 - 00000000 ____D C:\Users\Todos os Usuários\Skype
    2016-03-22 11:12 - 2016-03-22 11:12 - 00000000 ____D C:\ProgramData\Skype
    2016-03-22 11:12 - 2016-03-22 11:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    2016-03-22 11:01 - 2016-03-22 11:01 - 00650240 _____ C:\Windows\AutoKMS.exe
    2016-03-22 11:01 - 2016-03-22 11:01 - 00000182 _____ C:\Windows\AutoKMS.ini
    2016-03-22 10:49 - 2016-03-22 10:49 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
    2016-03-22 10:48 - 2016-03-22 10:48 - 00000000 ____D C:\Windows\PCHEALTH
    2016-03-22 10:48 - 2016-03-22 10:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
    2016-03-22 10:48 - 2016-03-22 10:48 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
    2016-03-22 10:48 - 2016-03-22 10:48 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
    2016-03-22 10:48 - 2016-03-22 10:48 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
    2016-03-22 10:46 - 2016-03-22 10:49 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
    2016-03-22 10:46 - 2016-03-22 10:48 - 00000000 ____D C:\Program Files\Microsoft Office
    2016-03-22 10:46 - 2016-03-22 10:46 - 00000000 __RHD C:\MSOCache
    2016-03-22 10:46 - 2016-03-22 10:46 - 00000000 ____D C:\Users\User\AppData\Local\Microsoft Help
    2016-03-22 10:46 - 2016-03-22 10:46 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
    2016-03-22 10:46 - 2016-03-22 10:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
    2016-03-22 10:46 - 2016-03-22 10:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
    2016-03-22 10:45 - 2016-03-22 10:45 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
    2016-03-22 10:42 - 2016-03-22 10:42 - 00000000 ____D C:\Program Files (x86)\Intel
    2016-03-22 10:42 - 2016-03-22 10:42 - 00000000 ____D C:\Intel
    2016-03-22 10:42 - 2013-09-17 11:47 - 00041984 _____ (Intel Corporation) C:\Windows\system32\Drivers\USB3Ver.dll
    2016-03-22 10:40 - 2016-03-22 10:40 - 00000000 ____D C:\Users\User\AppData\Roaming\WinRAR
    2016-03-22 10:40 - 2014-02-06 18:49 - 00000000 ____D C:\Users\User\Downloads\Intel(R)_USB_3.0_eXtensible_Host_Controller_Driver
    2016-03-22 10:40 - 2013-09-17 11:48 - 00795632 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
    2016-03-22 10:40 - 2013-09-17 11:48 - 00358896 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
    2016-03-22 10:40 - 2013-09-17 11:48 - 00020464 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys
    2016-03-22 10:40 - 2009-07-14 18:21 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
    2016-03-22 10:39 - 2016-03-22 10:39 - 05472920 _____ C:\Users\User\Downloads\Intel(R)_USB_3.0_eXtensible_Host_Controller_Driver.zip
    2016-03-22 10:39 - 2016-03-22 10:39 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
    2016-03-22 10:39 - 2016-03-22 10:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
    2016-03-22 10:39 - 2016-03-22 10:39 - 00000000 ____D C:\Program Files\WinRAR
    2016-03-22 10:37 - 2016-05-11 16:52 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2016-03-22 10:37 - 2016-05-10 21:47 - 00004066 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2016-03-22 10:37 - 2016-05-10 21:47 - 00003814 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2016-03-22 10:37 - 2016-05-02 17:35 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2016-03-22 10:36 - 2016-05-10 21:47 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2016-03-22 10:36 - 2016-03-23 17:47 - 00000000 ____D C:\Users\User\AppData\Local\Google
    2016-03-22 10:36 - 2016-03-22 10:37 - 00000000 ____D C:\Program Files (x86)\Google
    2016-03-22 10:15 - 2016-03-22 10:15 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
    2016-03-22 10:15 - 2016-03-22 10:15 - 00000000 ____D C:\ProgramData\NVIDIA
    2016-03-22 10:11 - 2016-03-22 15:46 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2016-03-22 10:11 - 2016-03-22 14:59 - 00003842 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2016-03-22 10:11 - 2016-03-22 10:11 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2016-03-22 10:11 - 2016-03-22 10:11 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2016-03-22 10:11 - 2016-03-22 10:11 - 00000000 ____D C:\Windows\SysWOW64\Macromed
    2016-03-22 10:11 - 2016-03-22 10:11 - 00000000 ____D C:\Windows\system32\Macromed
    2016-03-22 10:11 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
    2016-03-22 10:11 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
    2016-03-22 10:11 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
    2016-03-22 10:11 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
    2016-03-22 10:11 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
    2016-03-22 10:11 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
    2016-03-22 10:11 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
    2016-03-22 10:11 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
    2016-03-22 10:11 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
    2016-03-22 10:11 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
    2016-03-22 10:11 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
    2016-03-22 10:11 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
    2016-03-22 10:11 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
    2016-03-22 10:11 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
    2016-03-22 10:11 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
    2016-03-22 10:11 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
    2016-03-22 10:11 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
    2016-03-22 10:11 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
    2016-03-22 10:11 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
    2016-03-22 10:11 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
    2016-03-22 10:11 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
    2016-03-22 10:11 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
    2016-03-22 10:11 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
    2016-03-22 10:11 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
    2016-03-22 10:11 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
    2016-03-22 10:11 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
    2016-03-22 10:11 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
    2016-03-22 10:11 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
    2016-03-22 10:11 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
    2016-03-22 10:11 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
    2016-03-22 10:11 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
    2016-03-22 10:11 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
    2016-03-22 10:11 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
    2016-03-22 10:11 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
    2016-03-22 10:11 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
    2016-03-22 10:11 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
    2016-03-22 10:11 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
    2016-03-22 10:11 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
    2016-03-22 10:11 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
    2016-03-22 10:11 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
    2016-03-22 10:11 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
    2016-03-22 10:11 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
    2016-03-22 10:11 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
    2016-03-22 10:11 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
    2016-03-22 10:11 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
    2016-03-22 10:11 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
    2016-03-22 10:11 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
    2016-03-22 10:11 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
    2016-03-22 10:11 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
    2016-03-22 10:11 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
    2016-03-22 10:11 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
    2016-03-22 10:11 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
    2016-03-22 10:11 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
    2016-03-22 10:11 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
    2016-03-22 10:11 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
    2016-03-22 10:11 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
    2016-03-22 10:11 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
    2016-03-22 10:11 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
    2016-03-22 10:11 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
    2016-03-22 10:11 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
    2016-03-22 10:11 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
    2016-03-22 10:11 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
    2016-03-22 10:11 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
    2016-03-22 10:11 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
    2016-03-22 10:11 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
    2016-03-22 10:11 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
    2016-03-22 10:11 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
    2016-03-22 10:11 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
    2016-03-22 10:11 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
    2016-03-22 10:11 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
    2016-03-22 10:11 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
    2016-03-22 10:11 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
    2016-03-22 10:11 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
    2016-03-22 10:11 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
    2016-03-22 10:11 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
    2016-03-22 10:11 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
    2016-03-22 10:11 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
    2016-03-22 10:11 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
    2016-03-22 10:11 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
    2016-03-22 10:11 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
    2016-03-22 10:11 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
    2016-03-22 10:11 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
    2016-03-22 10:11 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
    2016-03-22 10:11 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
    2016-03-22 10:11 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
    2016-03-22 10:11 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
    2016-03-22 10:11 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
    2016-03-22 10:11 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
    2016-03-22 10:11 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
    2016-03-22 10:11 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
    2016-03-22 10:11 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
    2016-03-22 10:11 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
    2016-03-22 10:11 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
    2016-03-22 10:11 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
    2016-03-22 10:11 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
    2016-03-22 10:11 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
    2016-03-22 10:11 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
    2016-03-22 10:11 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
    2016-03-22 10:11 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
    2016-03-22 10:11 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
    2016-03-22 10:11 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
    2016-03-22 10:11 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
    2016-03-22 10:11 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
    2016-03-22 10:11 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
    2016-03-22 10:11 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
    2016-03-22 10:11 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
    2016-03-22 10:11 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
    2016-03-22 10:11 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
    2016-03-22 10:11 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
    2016-03-22 10:11 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
    2016-03-22 10:11 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
    2016-03-22 10:11 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
    2016-03-22 10:11 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
    2016-03-22 10:11 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
    2016-03-22 10:11 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
    2016-03-22 10:11 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
    2016-03-22 10:11 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
    2016-03-22 10:11 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
    2016-03-22 10:11 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
    2016-03-22 10:11 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
    2016-03-22 10:11 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
    2016-03-22 10:11 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
    2016-03-22 10:11 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
    2016-03-22 10:11 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
    2016-03-22 10:11 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
    2016-03-22 10:11 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
    2016-03-22 10:11 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
    2016-03-22 10:11 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
    2016-03-22 10:11 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
    2016-03-22 10:11 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
    2016-03-22 10:11 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
    2016-03-22 10:11 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
    2016-03-22 10:11 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
    2016-03-22 10:11 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
    2016-03-22 10:11 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
    2016-03-22 10:11 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
    2016-03-22 10:11 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
    2016-03-22 10:11 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
    2016-03-22 10:11 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
    2016-03-22 10:11 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
    2016-03-22 10:11 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
    2016-03-22 10:11 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
    2016-03-22 10:11 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
    2016-03-22 10:11 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
    2016-03-22 10:11 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
    2016-03-22 10:11 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
    2016-03-22 10:11 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
    2016-03-22 10:11 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
    2016-03-22 10:11 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
    2016-03-22 10:11 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
    2016-03-22 10:11 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
    2016-03-22 10:11 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
    2016-03-22 10:11 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
    2016-03-22 10:11 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
    2016-03-22 10:11 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
    2016-03-22 10:11 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
    2016-03-22 10:11 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
    2016-03-22 10:11 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
    2016-03-22 10:11 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
    2016-03-22 10:11 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
    2016-03-22 10:11 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
    2016-03-22 10:11 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
    2016-03-22 10:11 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
    2016-03-22 10:11 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
    2016-03-22 10:11 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
    2016-03-22 10:11 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
    2016-03-22 10:11 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
    2016-03-22 10:11 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
    2016-03-22 10:11 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
    2016-03-22 10:11 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
    2016-03-22 10:11 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
    2016-03-22 10:11 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
    2016-03-22 10:11 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
    2016-03-22 10:11 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
    2016-03-22 10:11 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
    2016-03-22 10:11 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
    2016-03-22 10:11 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
    2016-03-22 10:11 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
    2016-03-22 10:11 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
    2016-03-22 10:11 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
    2016-03-22 10:11 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
    2016-03-22 10:11 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 42968120 _____ C:\Windows\system32\nvcompiler.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 37609528 _____ C:\Windows\SysWOW64\nvcompiler.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 22932928 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 21313024 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 20854680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 18990976 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 18879544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 17725040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 17318184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 17246680 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 16439328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 14128496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 12564024 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
    2016-03-22 10:10 - 2016-03-22 10:10 - 10546944 _____ C:\Windows\system32\nvptxJitCompiler.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 08658120 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 03711024 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 03283896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 03233336 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 02808768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436451.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436451.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 00956984 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 00886840 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 00749504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 00693816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 00678520 _____ C:\Windows\system32\nvfatbinaryLoader.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 00571912 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 00502080 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 00473056 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 00423360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 00423080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 00391632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 00379448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 00175552 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
    2016-03-22 10:10 - 2016-03-22 10:10 - 00036743 _____ C:\Windows\system32\nvinfo.pb
    2016-03-22 10:10 - 2016-03-22 10:10 - 00000139 _____ C:\Windows\SysWOW64\nv-vk32.json
    2016-03-22 10:10 - 2016-03-22 10:10 - 00000139 _____ C:\Windows\system32\nv-vk64.json
    2016-03-22 10:10 - 2016-03-22 10:10 - 00000000 ____H C:\Users\Todos os Usuários\DP45977C.lfl
    2016-03-22 10:10 - 2016-03-22 10:10 - 00000000 ____H C:\ProgramData\DP45977C.lfl
    2016-03-22 10:10 - 2016-03-22 10:10 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA Corporation
    2016-03-22 10:10 - 2016-03-22 10:10 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
    2016-03-22 10:10 - 2016-03-22 10:10 - 00000000 ____D C:\Program Files\NVIDIA Corporation
    2016-03-22 10:10 - 2016-03-22 10:10 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2016-03-22 10:10 - 2016-03-08 03:27 - 06369728 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
    2016-03-22 10:10 - 2016-03-08 03:27 - 02994232 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
    2016-03-22 10:10 - 2016-03-08 03:27 - 02561472 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
    2016-03-22 10:10 - 2016-03-08 03:27 - 01264064 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
    2016-03-22 10:10 - 2016-03-08 03:27 - 00532536 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
    2016-03-22 10:10 - 2016-03-08 03:27 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
    2016-03-22 10:10 - 2016-03-08 03:27 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
    2016-03-22 10:10 - 2016-03-08 03:27 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
    2016-03-22 10:10 - 2016-03-07 01:23 - 06203411 _____ C:\Windows\system32\nvcoproc.bin
    2016-03-22 10:09 - 2016-03-22 10:09 - 72203792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
    2016-03-22 10:09 - 2016-03-22 10:09 - 14057256 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 13120760 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 12986520 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 10521552 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 07172920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 07096192 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 06264640 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
    2016-03-22 10:09 - 2016-03-22 10:09 - 05776688 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 05338936 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 05289952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 04705536 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
    2016-03-22 10:09 - 2016-03-22 10:09 - 04486133 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
    2016-03-22 10:09 - 2016-03-22 10:09 - 03299832 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 03282032 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 03271912 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 03195648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 03152591 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat
    2016-03-22 10:09 - 2016-03-22 10:09 - 03052880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 02893568 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
    2016-03-22 10:09 - 2016-03-22 10:09 - 02823280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 02692848 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 02437144 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 02190992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 02110600 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 02050184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 02030208 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 01965816 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 01959608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 01928632 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 01780624 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 01601952 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 01591064 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 01508936 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 01435144 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 01421104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 01382240 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 01356512 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 01334384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 01286152 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 01211840 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 01186168 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 01164336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 01008360 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 01003864 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00998032 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00965032 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00952984 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00933640 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00931624 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00923752 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00888472 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00873472 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00743968 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00727440 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00716112 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00708320 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00689888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00678192 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00677680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00618192 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00596120 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00589072 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL
    2016-03-22 10:09 - 2016-03-22 10:09 - 00574760 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00532384 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00514528 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00504312 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00500560 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00467168 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00448592 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00447728 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00445408 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00441272 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00428232 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00381416 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00369304 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00362056 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00341160 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00341160 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00340648 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00330568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00327464 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00310424 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00272720 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00258504 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00253904 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00253872 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00252880 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00231920 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00224264 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00221976 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00214840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00209544 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00192992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00180480 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
    2016-03-22 10:09 - 2016-03-22 10:09 - 00172584 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00158704 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00151792 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00134208 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00122328 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00118592 _____ C:\Windows\system32\AcpiServiceVnA64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00110992 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00105312 _____ C:\Windows\system32\audioLibVc.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00090920 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00088328 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00084616 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00075544 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00023696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
    2016-03-22 10:09 - 2016-03-22 10:09 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
    2016-03-22 10:09 - 2016-03-22 10:09 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
    2016-03-22 10:09 - 2016-03-22 10:09 - 00000000 ____D C:\Windows\system32\DAX2
    2016-03-22 10:09 - 2016-03-22 10:09 - 00000000 ____D C:\Program Files\Realtek
    2016-03-22 10:03 - 2016-03-22 10:03 - 01572496 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
    2016-03-22 10:03 - 2016-03-22 10:03 - 01026304 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
    2016-03-22 10:03 - 2016-03-22 10:03 - 00205456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
    2016-03-22 10:03 - 2016-03-22 10:03 - 00082544 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
    2016-03-22 10:03 - 2016-03-22 10:03 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
    2016-03-22 09:48 - 2016-05-10 17:44 - 00000000 ____D C:\Users\User\AppData\Roaming\IObit
    2016-03-22 09:48 - 2016-05-10 17:44 - 00000000 ____D C:\Users\Todos os Usuários\IObit
    2016-03-22 09:48 - 2016-05-10 17:44 - 00000000 ____D C:\ProgramData\IObit
    2016-03-22 09:48 - 2016-05-10 17:44 - 00000000 ____D C:\Program Files (x86)\IObit
    2016-03-22 09:48 - 2016-04-27 21:38 - 00084968 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
    2016-03-22 09:48 - 2016-03-22 09:49 - 00000000 ____D C:\Users\User\AppData\LocalLow\IObit
    2016-03-22 09:48 - 2016-03-22 09:48 - 00026528 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
    2016-03-22 09:48 - 2014-05-14 13:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2016-03-22 09:48 - 2014-05-14 13:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2016-03-22 09:48 - 2014-05-14 13:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2016-03-22 09:48 - 2014-05-14 13:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2016-03-22 09:48 - 2014-05-14 13:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2016-03-22 09:48 - 2014-05-14 13:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2016-03-22 09:48 - 2014-05-14 13:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
    2016-03-22 09:48 - 2014-05-14 13:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2016-03-22 09:48 - 2014-05-14 13:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2016-03-22 09:48 - 2014-05-14 13:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2016-03-22 09:48 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2016-03-22 09:48 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2016-03-22 09:48 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2016-03-22 09:48 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2016-03-22 09:46 - 2016-03-22 09:46 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
    2016-03-22 09:40 - 2016-04-27 21:23 - 00000000 ____D C:\Users\User\AppData\Roaming\Adobe
    2016-03-22 09:40 - 2016-03-22 09:40 - 00001413 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2016-03-22 09:40 - 2016-03-22 09:40 - 00000020 ___SH C:\Users\User\ntuser.ini
    2016-03-22 09:40 - 2016-03-22 09:40 - 00000000 _SHDL C:\Users\User\Modelos
    2016-03-22 09:40 - 2016-03-22 09:40 - 00000000 _SHDL C:\Users\User\Meus documentos
    2016-03-22 09:40 - 2016-03-22 09:40 - 00000000 _SHDL C:\Users\User\Menu Iniciar
    2016-03-22 09:40 - 2016-03-22 09:40 - 00000000 _SHDL C:\Users\User\Documents\Minhas músicas
    2016-03-22 09:40 - 2016-03-22 09:40 - 00000000 _SHDL C:\Users\User\Documents\Minhas imagens
    2016-03-22 09:40 - 2016-03-22 09:40 - 00000000 _SHDL C:\Users\User\Documents\Meus vídeos
    2016-03-22 09:40 - 2016-03-22 09:40 - 00000000 _SHDL C:\Users\User\Dados de aplicativos
    2016-03-22 09:40 - 2016-03-22 09:40 - 00000000 _SHDL C:\Users\User\Configurações locais
    2016-03-22 09:40 - 2016-03-22 09:40 - 00000000 _SHDL C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
    2016-03-22 09:40 - 2016-03-22 09:40 - 00000000 _SHDL C:\Users\User\AppData\Local\Histórico
    2016-03-22 09:40 - 2016-03-22 09:40 - 00000000 _SHDL C:\Users\User\AppData\Local\Dados de aplicativos
    2016-03-22 09:40 - 2016-03-22 09:40 - 00000000 _SHDL C:\Users\User\Ambiente de rede
    2016-03-22 09:40 - 2016-03-22 09:40 - 00000000 _SHDL C:\Users\User\Ambiente de impressão
    2016-03-22 09:40 - 2016-03-22 09:40 - 00000000 ____D C:\Users\User\AppData\Local\VirtualStore
    2016-03-22 09:40 - 2011-04-12 05:28 - 00000000 ____D C:\Users\User\AppData\Roaming\Media Center Programs
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas músicas
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas imagens
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus vídeos
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de aplicativos
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Usuário Padrão
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Todos os Usuários\Favoritos
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de aplicativos
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Todos os Usuários
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Public\Documents\Minhas músicas
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Public\Documents\Minhas imagens
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Public\Documents\Meus vídeos
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Default\Modelos
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Default\Meus documentos
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Default\Documents\Minhas músicas
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Default\Documents\Minhas imagens
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Default\Documents\Meus vídeos
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Default\Dados de aplicativos
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Default\Configurações locais
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de aplicativos
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Default\Ambiente de rede
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Default\Ambiente de impressão
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas músicas
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas imagens
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Default User\Documents\Meus vídeos
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de aplicativos
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\ProgramData\Modelos
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\ProgramData\Menu Iniciar
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\ProgramData\Favoritos
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\ProgramData\Documentos
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\ProgramData\Dados de aplicativos
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Program Files\Common Files\Sistema
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Program Files\Arquivos Comuns
    2016-03-22 09:39 - 2016-03-22 09:39 - 00000000 _SHDL C:\Arquivos de Programas
    2016-03-22 09:33 - 2016-03-22 09:33 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
    2016-03-22 09:33 - 2016-03-22 09:33 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
    2016-03-21 13:50 - 2016-03-22 10:03 - 00116304 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
    2016-03-21 13:50 - 2011-09-08 05:40 - 00508520 _____ (Realtek ) C:\Windows\system32\Drivers\Rtlh64.sys

    ==================== Três Meses Modificados arquivos e pastas ========

    (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

    2016-05-11 16:39 - 2009-07-14 01:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2016-05-11 16:39 - 2009-07-14 01:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2016-05-11 16:32 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2016-05-10 18:06 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
    2016-04-28 17:33 - 2009-07-14 01:45 - 04964864 _____ C:\Windows\system32\FNTCACHE.DAT
    2016-04-16 16:11 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\LiveKernelReports

    ==================== Arquivos na raiz de alguns diretórios =======

    2016-03-28 17:14 - 2016-03-28 17:14 - 0000057 _____ () C:\ProgramData\Ament.ini
    2016-03-22 10:10 - 2016-03-22 10:10 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

    Alguns arquivos em TEMP:
    ====================
    C:\Users\User\AppData\Local\Temp\avgnt.exe
    C:\Users\User\AppData\Local\Temp\libeay32.dll
    C:\Users\User\AppData\Local\Temp\msvcr120.dll
    C:\Users\User\AppData\Local\Temp\sqlite3.dll


    ==================== Bamital & volsnap =================

    (Não há correção automática para arquivos que não passaram na verificação.)

    C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
    C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
    C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
    C:\Windows\explorer.exe => O arquivo é assinado digitalmente
    C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
    C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
    C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
    C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
    C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
    C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
    C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
    C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
    C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
    C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
    C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
    C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


    LastRegBack: 2016-05-09 22:14

    ==================== Fim de FRST.txt ============================

    Addition.txt

    FRST.txt

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro @Vitor Mazzo

     

    >>>> Ative o firewall do Windows.

     

    Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

     

    Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está abaixo:

     

    Citação

    CreateRestorePoint:
    CloseProcesses:

    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-548115999-3031690571-1337500689-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    2016-03-22 10:10 - 2016-03-22 10:10 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
    C:\Users\User\AppData\Local\Temp\avgnt.exe
    C:\Users\User\AppData\Local\Temp\libeay32.dll
    C:\Users\User\AppData\Local\Temp\msvcr120.dll
    C:\Users\User\AppData\Local\Temp\sqlite3.dll

    CMD:ipconfig /flushdns
    EmptyTemp:

     

    • Salve este arquivo na Área de Trabalho (Desktop) como fixlist.txt
    • Execute novamente o FRST e clique no botão Corrigir;
    • Aguarde... ao final será gerado o log Fixlog.txt em sua Área de Trabalho (Desktop).
    • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • log
    fixlist Conteúdo:
    *****************
    CreateRestorePoint:
    CloseProcesses:
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-548115999-3031690571-1337500689-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    2016-03-22 10:10 - 2016-03-22 10:10 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
    C:\Users\User\AppData\Local\Temp\avgnt.exe
    C:\Users\User\AppData\Local\Temp\libeay32.dll
    C:\Users\User\AppData\Local\Temp\msvcr120.dll
    C:\Users\User\AppData\Local\Temp\sqlite3.dll
    CMD:ipconfig /flushdns
    EmptyTemp:
    *****************

    Ponto de Restauração criado com sucesso.
    Processos fechados com sucesso.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor restaurado com sucesso
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor restaurado com sucesso
    HKU\S-1-5-21-548115999-3031690571-1337500689-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor removido (a) com sucesso.
    VGPU => serviço removido (a) com sucesso.
    C:\ProgramData\DP45977C.lfl => movido com sucesso
    C:\Users\User\AppData\Local\Temp\avgnt.exe => movido com sucesso
    C:\Users\User\AppData\Local\Temp\libeay32.dll => movido com sucesso
    C:\Users\User\AppData\Local\Temp\msvcr120.dll => movido com sucesso
    C:\Users\User\AppData\Local\Temp\sqlite3.dll => movido com sucesso

    ========= ipconfig /flushdns =========


    Configura��o de IP do Windows

    Libera��o do Cache do DNS Resolver bem-sucedida.

    ========= Fim de CMD: =========

    EmptyTemp: => 619.1 MB de dados temporários Removidos.


    O sistema precisou ser reiniciado.

    ==== Fim de Fixlog 17:28:35 ====

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro @Vitor Mazzo

     

    Baixe a Malwarebytes Anti-Malware (MBAM).
     
    Clique duas vezes no mbam-setup.exe para instalar o programa.

    • Desmarque a caixa Ativar trial gratuito do MalwareBytes Anti-Malware PRO.
    • Se houver atualizações a serem feitas, serão baixadas e instaladas..
    • Clique em Configurações, clique em Detecção e proteção, marque Verificar por Rootkits.
    • Volte ao Painel e por fim clique em Verificar agora.
    • Começará então o exame. Aguarde, pois pode demorar.
    • Ao acabar o exame, se houver itens encontrados, certifique-se que estejam todas marcados e clique no botão Remover Selecionadas
    • Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo)
    • O log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Histórico -> Registros do aplicativo na janela principal do programa.
    • Clique duas vezes no log (Registro de verificação). Utilize o formato .txt para exportar o log.
    • O log de Proteção é desnecessário para a análise, exporte sempre o log correto.
    • Selecione, copie e cole o conteúdo deste log em sua próxima resposta.

     

    NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

     

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Malwarebytes Anti-Malware
    www.malwarebytes.org

    Data da verificação: 13/05/2016
    Hora da verificação: 17:54
    Arquivo de registro: regver.txt
    Administrador: Sim

    Versão: 2.2.1.1043
    Banco de dados de malware: v2016.05.13.06
    Banco de dados de rootkit: v2016.05.06.01
    Licença: Gratuita
    Proteção contra malware: Desabilitado
    Proteção contra website malicioso: Desabilitado
    Autoproteção: Desabilitado

    Sistema operacional: Windows 7 Service Pack 1
    CPU: x64
    Sistema de arquivos: NTFS
    Usuário: User

    Tipo de verificação: Verificação da ameaça
    Resultado: Concluído
    Objetos verificados: 280472
    Tempo decorrido: 9 min, 37 seg

    Memória: Habilitado
    Inicialização: Habilitado
    Sistema de arquivos: Habilitado
    Arquivos compactados: Habilitado
    Rootkits: Habilitado
    Heurística: Habilitado
    PUP: Habilitado
    PUM: Habilitado

    Processos: 0
    (Nenhum item malicioso detectado)

    Módulos: 0
    (Nenhum item malicioso detectado)

    Chaves de registro: 0
    (Nenhum item malicioso detectado)

    Valores de registro: 0
    (Nenhum item malicioso detectado)

    Dados de registro: 0
    (Nenhum item malicioso detectado)

    Pastas: 0
    (Nenhum item malicioso detectado)

    Arquivos: 1
    RiskWare.Tool.CK, C:\Users\User\AppData\Roaming\ZHP\Quarantine\KMSEmulator.exe, Quarentena, [5119d401722703336af248b25ba6aa56], 

    Setores físicos: 0
    (Nenhum item malicioso detectado)


    (end)

     

     

    Uma pergunta, tenho uma pasta no pc C://AeriaGames/AuraKingdom/Temp

    Ja desinstalei esse jogo, essa pasta continua, não consigo acessar muito menos excluir ela

    ''Um erro inesperado esta impedindo que você exclua a pasta, se você continuar a receber esse erro poderá usar o código de erro para buscar ajuda para esse problema. Erro 0x80070091: a pasta não vazia''

    E essa é a mensagem que recebo quando tento excluir ela....

    E quando eu tento entrar nela, recebo um aviso falando ''O arquivo ou pasta esta corrompido e ilegível''

    Editado por Vitor Mazzo

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro @Vitor Mazzo

     

    Ok, então vamos removê-la, assim como o que sobrou deste programa. ;)

     

    Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

     

    Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está abaixo:

     

    Citação

    CreateRestorePoint:
    CloseProcesses:

    2016-03-22 14:13 - 2016-05-06 19:18 - 00000000 ____D C:\AeriaGames

    FirewallRules: [{4FF383A8-397F-4D83-8222-C5A51FED7753}] => (Allow) C:\AeriaGames\AuraKingdom\game.bin
    FirewallRules: [{705D6DBA-EE86-4B44-891A-F06053AF7224}] => (Allow) C:\AeriaGames\AuraKingdom\game.bin

    Reboot:

     

    • Salve este arquivo na Área de Trabalho (Desktop) como fixlist.txt
    • Execute novamente o FRST e clique no botão Corrigir;
    • Aguarde... ao final será gerado o log Fixlog.txt em sua Área de Trabalho (Desktop).
    • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão:14-05-2016
    Executado por User (2016-05-14 11:33:36) Run:2
    Executando a partir de C:\Users\User\Desktop
    Perfis Carregados: User (Perfis Disponíveis: User)
    Modo da Inicialização: Normal
    ==============================================

    fixlist Conteúdo:
    *****************
    CreateRestorePoint:
    CloseProcesses:
    2016-03-22 14:13 - 2016-05-06 19:18 - 00000000 ____D C:\AeriaGames
    FirewallRules: [{4FF383A8-397F-4D83-8222-C5A51FED7753}] => (Allow) C:\AeriaGames\AuraKingdom\game.bin
    FirewallRules: [{705D6DBA-EE86-4B44-891A-F06053AF7224}] => (Allow) C:\AeriaGames\AuraKingdom\game.bin
    Reboot:
    *****************

    Ponto de Restauração criado com sucesso.
    Processos fechados com sucesso.
    C:\AeriaGames => movido com sucesso
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4FF383A8-397F-4D83-8222-C5A51FED7753} => valor removido (a) com sucesso.
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{705D6DBA-EE86-4B44-891A-F06053AF7224} => valor removido (a) com sucesso.


    O sistema precisou ser reiniciado.

    ==== Fim de Fixlog 11:33:48 ====

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro @Vitor Mazzo

     

    Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

    Baixe o Stinger e salve em sua Área de trabalho (Desktop).
    32 bit (x86) ou 64 bit (x64)

    • Execute o arquivo Stinger.exe
      • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png
    • Clique no botão “I Accept”


    Stinger%20a.png

    Na nova janela clique em “Advanced” e depois “Settings”

    Stinger%20b.png

    Na janela configurações deixe conforme imagem abaixo e clique no botão “Save”

    9hnsyu.png

    Clique em “Customize my Scan”

    Stinger%20f.png

    Selecione as unidades do sistema e em seguida clique no botão “Scan”

    Stinger%20g.png

    Ao final clique em “View log”, será aberto uma janela com o log em seu navegador.
    Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

     

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • @diego_moicano desculpa a demora, nao pude responder ontem

     

    McAfee® Labs Stinger™ Version 12.1.0.2011 built on May 17 2016 at 14:14:16
    Copyright© 2015, McAfee, Inc. All Rights Reserved.

    AV Engine version v5800.7501 for Windows.
    Virus data file v1000.0 created on May 17, 2016
    Ready to scan for 9778 viruses, trojans and variants.

    Custom scan initiated on terça-feira, maio 17, 2016 17:48:17

    C:\Windows\AutoKMS.exe is infected with Artemis!7F171A2BADAB

    Rootkit scan result : Infected.


    C:\Program Files (x86)\R.G. Catalyst\F.3.A.R\uninstall\iswin7logo.dll [MD5:1ea948aad25ddd347d9b80bef6df9779] is infected with Artemis!1EA948AAD25D
    C:\Program Files (x86)\R.G. Catalyst\F.3.A.R\uninstall\iswin7logo.dll has been Deleted
    C:\Windows\AutoKMS.exe [MD5:7f171a2badab032743efe43160a8cdcc] is infected with Artemis!7F171A2BADAB
    C:\Windows\AutoKMS.exe has been Deleted

    Summary Report on C:
    D:
    File(s)
        TotalFiles:............    448127
        Clean:.................    170104
        Not Scanned:........... 278020
        Possibly Infected:.....    3

    Time: 02:21:13

    Scan completed on terça-feira, maio 17, 2016 20:09:30
     

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro @Vitor Mazzo

     

    Baixe Security Check, by glax24 e salve em sua Área de trabalho (Desktop).

     

    Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

    • Aguarde enquanto a ferramenta faz o exame.
    • Ao final salve log como SecurityCheck.html
    • Abra o arquivo com o bloco de notas;
    • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Segue o log

    SecurityCheck by glax24 & Severnyj v.1.4.0.39 [23.04.16]
    WebSite: www.safezone.cc
    DateLog: 18.05.2016 21:02:25
    Path starting: C:\Users\User\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
    Log directory: C:\SecurityCheck\
    IsAdmin: True
    User: User
    VersionXML: 2.96is-18.05.2016
    ___________________________________________________________________________

    Windows 7(6.1.7601) Service Pack 1 (x64) Ultimate Lang: Portuguese(0416)
    Installation date OS: 22.03.2016 12:39:56
    LicenseStatus: Windows(R) 7, Ultimate edition The machine is permanently activated.
    Boot Mode: Normal
    Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    SystemDrive: C: FS: [NTFS] Capacity: [931.4 Gb] Used: [561.4 Gb] Free: [370 Gb]
    ------------------------------- [ Windows ] -------------------------------
    Internet Explorer 11.0.9600.16476 Warning! Download Update
    Online installation. Last version available when Windows update is enabled throught the Internet.
    User Account Control disabled
    The elevation prompt for administrators disabled
    ^It is recommended to enable: Win+R typing UserAccountControlSettings and Enter^
    Automatic Updates disabled
    Windows Update (wuauserv) - The service is running
    Central de Segurança (wscsvc) - The service is running
    Registro remoto (RemoteRegistry) - The service has stopped
    Descoberta SSDP (SSDPSRV) - The service is running
    Serviços de Área de Trabalho Remota (TermService) - The service has stopped
    Windows Remote Management (WS-Management) (WinRM) - The service has stopped
    ---------------------------- [ Antivirus_WMI ] ----------------------------
    Avira Antivirus (enabled and up to date)
    --------------------------- [ FirewallWindows ] ---------------------------
    Firewall do Windows (MpsSvc) - The service is running
    --------------------------- [ AntiSpyware_WMI ] ---------------------------
    Avira Antivirus (enabled and up to date)
    Windows Defender (enabled and out of date)
    ---------------------- [ AntiVirusFirewallInstall ] -----------------------
    Avira Antivirus v.15.0.16.282
    -------------------------- [ SecurityUtilities ] --------------------------
    Malwarebytes Anti-Malware versão 2.2.1.1043 v.2.2.1.1043
    --------------------------- [ OtherUtilities ] ----------------------------
    WinRAR 4.20 (64-bit) v.4.20.0 Warning! Download Update
    VLC media player v.2.2.2 Warning! Download Update
    --------------------------------- [ IM ] ----------------------------------
    Skype™ 6.14 v.6.14.104 Warning! Download Update
    ^Optional update.^
    --------------------------------- [ P2P ] ---------------------------------
    µTorrent v.3.4.6.42178 Warning! P2P-client.
    -------------------------------- [ Java ] ---------------------------------
    Java 8 Update 73 (64-bit) v.8.0.730.2 Warning! Download Update
    Uninstall old version and install new one.
    --------------------------- [ AdobeProduction ] ---------------------------
    Adobe AIR v.3.1.0.4880 Warning! Download Update
    Adobe Flash Player 21 ActiveX v.21.0.0.182 Warning! Download Update
    Adobe Reader X (10.1.0) - Português v.10.1.0 Warning! This software is no longer supported. Please uninstall it and use Adobe Reader XI or Adobe Acrobat Reader DC.
    ------------------------------- [ Browser ] -------------------------------
    Google Chrome v.50.0.2661.102
    --------------------------- [ RunningProcess ] ----------------------------
    Avira Agendamento (AntiVirSchedulerService) - The service is running
    C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe v.15.0.16.251
    Avira Real-Time Protection (AntiVirService) - The service is running
    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe v.15.0.16.251
    Avira Mail Protection (AntiVirMailService) - The service has stopped
    Avira Web Protection (AntiVirWebService) - The service has stopped
    C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe v.15.0.16.282
    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe v.15.0.16.262
    McAfee Validation Trust Protection Service (mfevtp) - The service is running
    C:\Windows\System32\mfevtps.exe
    Windows Defender (WinDefend) - The service is running
    ----------------------------- [ End of Log ] ------------------------------

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro @Vitor Mazzo

     

    Como está seu Windows?

     

    # Etapa nº 1 #

     

    Baixe o Delfix by Xplode e salve na sua área de trabalho.

     

    Clique duas vezes no delfix.exe para executá-lo. Marque as caixas conforme imagem.

     

    ** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo delfix.exe, depois clique em execadmin.png.

     

    2mez6ld.png

     

    Clique no botão Executar.

     

    Ao final será gerado um log, mas não é necessário postar.
     
    # Etapa nº 2 #
     
    imageproxy.php?img=http%3A%2F%2Fi65.tiny Versões antigas de programas têm vulnerabilidades que alguns malwares podem usar para infectar o seu sistema.
     
    Por isso, é recomendável atualizar os programas que o Security Check apontou como desatualizados (os updates opcionais ficam ao seu critério).
     
    Basta clicar no Download Update de cada aviso (post acima), que irá para o site do desenvolvedor.

    <<@>> Mantenha sempre seu Windows atualizado; mantenha uma vigilância constante com o firewall e antivírus e por fim, lembre-se que, a melhor forma de prevenir começa pelas nossas atitudes!

     

    # Etapa nº 3 #

     

    O Ccleaner é um excelente utilitário de limpeza para o computador.

     

    Faça o download dele aqui Ccleaner

     

    • Após a instalação vá até o local onde o programa foi instalado, geralmente em C:\Arquivos de programas\CCleaner.
    • Clique duas vezes nesta pasta;
    • Numa área vazia desta janela, clique com o botão direito do mouse e escolha Novo > pasta e crie uma nova pasta;
    • Coloque o nome de backups.
    • Abra o programa e clique em Executar Limpeza;
    • Clique no botão Registro > Procurar Erros > Corrigir erro(s) seleciona(s)...
    • Observação: Não se esqueça de aceitar o backup das correções, e salvá-los nas pasta criada acima!

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Desculpa a demora, meu pc deu pau de vez... Agora nao tem mais como continuar o processo ): pelo jeito acho que nao é virus... vou criar outro topico buscando ajuda, mas de qualquer forma muito obrigado

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Ok amigo... :)

     

    Porém darei o tópico como resolvido, pois chegamos até o final dele.

     

    No mais desejo boa sorte com o PC. :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    Visitante
    Este tópico está impedido de receber novos posts.





    Sobre o Clube do Hardware

    No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

    Direitos autorais

    Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

    ×