Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Adware Injection - Very Bad one [Closed]


  • This topic is locked This topic is locked

#1
bigdu

bigdu

    New Member

  • Member
  • Pip
  • 3 posts

I'm experiencing a serius problem here.

Some pages that I access are being inject by adwares, cards, pop ups...

 

I've formated my Windows 8 and the adware came back !

My phone got the same problem. I formated and then they came back!

 

I think is due some google sync, or internet explorer syncs that are bringuing them back,

 

I'm posting the farbar log

Attached Files


  • 0

Advertisements


#2
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Hello and Welcome! :welcome:

My name is Dan, and I'll be helping you with your issues. If someone else is helping you, either here or at another malware removal assistance site, please let me know so that I may direct my efforts to helping another user.  The Staff at Geeks To Go are ALL volunteers; please keep that in mind if I don’t answer your post as quickly as you’d like. I give what time I can.  PLEASE be patient. ;)

I am currently in training, so there will be another person reviewing my work.  This may cause a bit of a delay in my responses, but on the positive side, you will have two sets of eyes reviewing your logs instead of one... :cool:
 

  • Please note that you should have Administrator rights to perform any fixes.
     
  • Before we proceed, you may wish to print instructions for easy reference during the fix.  Please be aware that many of the required URLs are hyperlinks in the blue names shown on your screen. Part of the fix may require you to be in Safe Mode, which might not allow you to access the internet, or my instructions.
     
  • Please understand that malware removal is a complicated, multi-step process.  Therefore please stay with me until I tell you that your system is clean.  
     
  • Please do not make any system or program changes, or run any tools unless I specifically ask you to.  Attempting malware removal or clean-up yourself will only extend the time it will take to get your system clean.    If you get stuck or have questions, please stop and ask so I can help you.
     
  • Be sure to back up any personal data files you need to keep (documents, photos, etc.) to a USB flash drive or external hard disk.  While every attempt will be made to precisely repair the infections on your computer, due to the complexity and unpredictability of malware clean-up, there is always a risk of data loss.
     
  • When posting logs, please Copy & Paste the log file contents into a reply.  Use multiple posts if necessary, but please do not attach them or post them on a file hosting site unless specifically asked to do so.

OK, let's get started...

First

  1. When did the issues first start happening?
  2. What web browsers are giving you adware?
  3. Can you describe the type of adware you are seeing?

 

Next

 

Please do not post multiple threads or request help on another site while I'm working with you.  It looks like the other two similar threads to this were closed.  :)

 

I will be reviewing your logs and will get back to you with a plan of action.  I'll do my best to help you.  :)

 

Your patience is appreciated. 


  • 0

#3
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

For convenience, here are the contents of your attached FRST.txt and Addition.txt logs:

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-06-2015
Ran by CarlosEduardo (administrator) on KDU on 06-06-2015 19:52:53
Running from C:\Users\CarlosEduardo\Desktop
Loaded Profiles: CarlosEduardo (Available Profiles: CarlosEduardo)
Platform: Windows 8.1 (X64) OS Language: Inglês (Estados Unidos)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
() C:\Users\CarlosEduardo\AppData\Local\Viber\Viber.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [847160 2014-09-06] (GAS Tecnologia LTDA)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1689576 2015-02-06] (Bitdefender)
Winlogon\Notify\ GbPluginUni: C:\Program Files (x86)\GbPlugin\gbiehUni.dll [2014-08-12] (Banco Itaú Unibanco)
HKU\S-1-5-21-3030160730-3914295730-2292402835-1002\...\Run: [Agente da Carteira Bitdefender] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-01-15] (Bitdefender)
HKU\S-1-5-21-3030160730-3914295730-2292402835-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-3030160730-3914295730-2292402835-1002\...\Run: [Viber] => C:\Users\CarlosEduardo\AppData\Local\Viber\Viber.exe [80036560 2015-05-25] ()
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3030160730-3914295730-2292402835-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pt-br/?ocid=iehp
BHO: Carteira Bitdefender -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-01-28] (Bitdefender)
BHO-x32: Carteira Bitdefender -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-01-28] (Bitdefender)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files (x86)\GbPlugin\gbiehuni.dll [2014-08-12] (Banco Itaú Unibanco)
Toolbar: HKLM - Carteira Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-01-28] (Bitdefender)
Toolbar: HKLM-x32 - Carteira Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-01-28] (Bitdefender)
Toolbar: HKU\S-1-5-21-3030160730-3914295730-2292402835-1002 -> Carteira Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-01-28] (Bitdefender)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll [1760312 2014-08-12] (Banco Itaú Unibanco)
Tcpip\Parameters: [DhcpNameServer] 80.82.64.136 8.8.8.8

FireFox:
========
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-05] (Google Inc.)
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-06-05]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-06-05]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext

Chrome:
=======
CHR Profile: C:\Users\CarlosEduardo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\CarlosEduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-05]
CHR Extension: (Google Docs) - C:\Users\CarlosEduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-05]
CHR Extension: (Google Drive) - C:\Users\CarlosEduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-05]
CHR Extension: (YouTube) - C:\Users\CarlosEduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-05]
CHR Extension: (Google Search) - C:\Users\CarlosEduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-05]
CHR Extension: (Bitdefender Wallet) - C:\Users\CarlosEduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih [2015-06-05]
CHR Extension: (Google Sheets) - C:\Users\CarlosEduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-05]
CHR Extension: (Bookmark Manager) - C:\Users\CarlosEduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-05]
CHR Extension: (GBBD Guardião - Itaú 30 horas) - C:\Users\CarlosEduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmpojlddncminmkddkpoegdjhojjipg [2015-06-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\CarlosEduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-05]
CHR Extension: (Google Wallet) - C:\Users\CarlosEduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-05]
CHR Extension: (Gmail) - C:\Users\CarlosEduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-05]
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.goo...ice/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
R3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [547384 2014-08-12] (GAS Tecnologia)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-28] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-28] (NVIDIA Corporation)
S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-02-12] (Bitdefender)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [847160 2014-09-06] (GAS Tecnologia LTDA)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2015-03-09] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-03-09] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4221952 2015-06-05] (Qualcomm Atheros Communications, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-01-14] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [262544 2015-01-23] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-01-14] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2014-12-15] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2015-01-09] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-07-30] (BitDefender)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131328 2014-11-21] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32768 2014-11-21] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [155912 2014-10-22] (BitDefender LLC)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-06-05] (REALiX™)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2015-06-05] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-06-05] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-05-28] (NVIDIA Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2015-06-05] (Synaptics Incorporated)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-03-09] (Microsoft Corporation)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-04-01] (Basil)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-06 19:52 - 2015-06-06 19:52 - 00014487 _____ C:\Users\CarlosEduardo\Desktop\FRST.txt
2015-06-06 19:52 - 2015-06-06 19:52 - 00000000 ____D C:\FRST
2015-06-06 19:48 - 2015-06-06 19:48 - 02108928 _____ (Farbar) C:\Users\CarlosEduardo\Desktop\FRST64.exe
2015-06-06 19:40 - 2015-06-06 19:40 - 00278856 _____ C:\Users\CarlosEduardo\Downloads\OTL.Txt
2015-06-06 19:40 - 2015-06-06 19:40 - 00051714 _____ C:\Users\CarlosEduardo\Downloads\Extras.Txt
2015-06-06 19:35 - 2015-06-06 19:35 - 00602112 _____ (OldTimer Tools) C:\Users\CarlosEduardo\Downloads\OTL.exe
2015-06-06 19:30 - 2015-06-06 19:30 - 00000348 _____ C:\Windows\setupact.log
2015-06-06 19:30 - 2015-06-06 19:30 - 00000000 _____ C:\Windows\setuperr.log
2015-06-06 19:29 - 2015-06-06 19:29 - 00000492 _____ C:\Windows\PFRO.log
2015-06-06 19:27 - 2015-06-06 19:27 - 02231296 _____ C:\Users\CarlosEduardo\Downloads\AdwCleaner.exe
2015-06-06 11:10 - 2015-06-06 19:30 - 00000000 ____D C:\Users\CarlosEduardo\AppData\Roaming\ViberPC
2015-06-06 11:10 - 2015-06-06 11:10 - 64311016 _____ (Viber Media Inc) C:\Users\CarlosEduardo\Downloads\ViberSetup.exe
2015-06-06 11:10 - 2015-06-06 11:10 - 00001049 _____ C:\Users\CarlosEduardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk
2015-06-06 11:10 - 2015-06-06 11:10 - 00001041 _____ C:\Users\CarlosEduardo\Desktop\Viber.lnk
2015-06-06 11:10 - 2015-06-06 11:10 - 00000000 ____D C:\Users\CarlosEduardo\AppData\Local\Viber
2015-06-06 10:31 - 2015-06-06 10:31 - 00002796 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-06-06 10:31 - 2015-06-06 10:31 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-06-06 10:31 - 2015-06-06 10:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-06-06 10:31 - 2015-06-06 10:31 - 00000000 ____D C:\Program Files\CCleaner
2015-06-06 10:24 - 2015-06-06 10:24 - 00000000 ____D C:\Users\CarlosEduardo\AppData\Roaming\LolClient
2015-06-05 23:24 - 2015-06-05 23:24 - 00003816 _____ C:\Windows\System32\Tasks\klcp_update
2015-06-05 23:24 - 2015-06-05 23:24 - 00000000 ____D C:\Users\CarlosEduardo\AppData\Roaming\MPC-HC
2015-06-05 23:24 - 2015-06-05 23:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-06-05 23:24 - 2015-02-28 12:22 - 03571200 _____ (x264vfw project) C:\Windows\system32\x264vfw64.dll
2015-06-05 23:24 - 2015-02-28 12:21 - 03591680 _____ (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll
2015-06-05 23:24 - 2015-02-24 19:37 - 00655872 _____ C:\Windows\SysWOW64\xvidcore.dll
2015-06-05 23:24 - 2014-11-14 10:12 - 00254976 _____ C:\Windows\system32\xvidvfw.dll
2015-06-05 23:24 - 2014-11-13 11:05 - 00729088 _____ C:\Windows\system32\xvidcore.dll
2015-06-05 23:24 - 2011-12-07 14:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2015-06-05 23:24 - 2011-12-07 14:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2015-06-05 23:23 - 2015-06-05 23:23 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-06-05 23:23 - 2015-05-31 15:00 - 00112128 _____ C:\Windows\SysWOW64\ff_vfw.dll
2015-06-05 23:23 - 2015-02-24 19:37 - 00240128 _____ C:\Windows\SysWOW64\xvidvfw.dll
2015-06-05 23:23 - 2012-07-21 07:55 - 00180736 _____ (fccHandler) C:\Windows\system32\ac3acm.acm
2015-06-05 23:23 - 2012-07-21 07:54 - 00122880 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2015-06-05 23:22 - 2015-06-05 23:22 - 40735937 _____ ( ) C:\Users\CarlosEduardo\Downloads\K-Lite_Codec_Pack_1120_Mega.exe
2015-06-05 21:28 - 2015-06-05 21:28 - 00074000 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2015-06-05 21:27 - 2015-06-05 21:27 - 00631448 _____ C:\ProgramData\1433548416.bdinstall.bin
2015-06-05 20:59 - 2015-06-05 20:59 - 00000385 _____ C:\Users\CarlosEduardo\AppData\Roaminguser_gensett.xml
2015-06-05 20:58 - 2015-06-06 11:12 - 00000000 ____D C:\ProgramData\BDLogging
2015-06-05 20:58 - 2015-06-05 20:58 - 00002217 _____ C:\Users\Public\Desktop\Bitdefender Total Security 2015.lnk
2015-06-05 20:58 - 2015-06-05 20:58 - 00000684 ____H C:\bdr-cf01
2015-06-05 20:58 - 2015-06-05 20:58 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2015-06-05 20:58 - 2015-06-05 20:58 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-06-05 20:58 - 2015-06-05 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2015-06-05 20:58 - 2015-01-23 16:30 - 00262544 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-06-05 20:58 - 2015-01-14 13:13 - 00677104 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2015-06-05 20:58 - 2015-01-14 13:07 - 01306464 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2015-06-05 20:58 - 2015-01-09 11:59 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2015-06-05 20:58 - 2015-01-09 11:44 - 00074000 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2015-06-05 20:58 - 2014-12-15 18:04 - 00098768 _____ (BitDefender LLC) C:\Windows\system32\Drivers\bdfndisf6.sys
2015-06-05 20:58 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\Windows\system32\Drivers\bdelam.sys
2015-06-05 20:58 - 2013-07-30 18:41 - 00079192 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2015-06-05 20:58 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2015-06-05 20:55 - 2015-06-05 21:03 - 00000000 ____D C:\Users\CarlosEduardo\AppData\Roaming\Bitdefender
2015-06-05 20:55 - 2015-06-05 20:58 - 00253404 ____H C:\bdr-ld01
2015-06-05 20:55 - 2015-06-05 20:58 - 00009216 ____H C:\bdr-ld01.mbr
2015-06-05 20:55 - 2014-07-04 17:49 - 49563064 ____H C:\bdr-im01.gz
2015-06-05 20:55 - 2013-08-13 13:38 - 03271472 ____H C:\bdr-bz01
2015-06-05 20:53 - 2015-06-05 20:58 - 00000000 ____D C:\ProgramData\Bitdefender
2015-06-05 20:53 - 2015-06-05 20:53 - 02689384 _____ C:\Users\CarlosEduardo\Downloads\bitdefender_tsecurity.exe
2015-06-05 20:53 - 2015-06-05 20:53 - 00000000 ____D C:\Users\CarlosEduardo\AppData\Roaming\QuickScan
2015-06-05 20:53 - 2015-06-05 20:53 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2015-06-05 20:53 - 2015-06-05 20:53 - 00000000 ____D C:\Program Files\Bitdefender
2015-06-05 20:53 - 2015-01-09 11:44 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUISkin.dll
2015-06-05 20:53 - 2015-01-09 11:44 - 00033360 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUH.dll
2015-06-05 20:53 - 2014-10-22 09:29 - 00155912 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2015-06-05 20:53 - 2014-10-15 17:14 - 00452040 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2015-06-05 20:36 - 2015-06-05 20:36 - 00000000 ____D C:\ProgramData\Riot Games
2015-06-05 20:33 - 2015-06-05 20:33 - 00001489 _____ C:\Users\Public\Desktop\League of Legends.lnk
2015-06-05 20:33 - 2015-06-05 20:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2015-06-05 20:32 - 2015-06-05 20:33 - 00000000 ____D C:\Users\CarlosEduardo\AppData\Roaming\Riot Games
2015-06-05 20:31 - 2015-06-05 20:32 - 27870824 _____ (Riot Games) C:\Users\CarlosEduardo\Downloads\LeagueofLegends_BR_Installer_9_15_2014.exe
2015-06-05 20:28 - 2015-06-05 20:28 - 00001397 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-06-05 20:27 - 2015-06-05 20:28 - 00000000 ____D C:\Users\CarlosEduardo\AppData\Local\NVIDIA Corporation
2015-06-05 20:27 - 2015-06-05 20:28 - 00000000 ____D C:\Users\CarlosEduardo\AppData\Local\NVIDIA
2015-06-05 20:27 - 2015-06-05 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-05 20:27 - 2015-06-05 20:27 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-06-05 20:27 - 2015-05-28 04:04 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-06-05 20:27 - 2015-05-28 04:04 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-06-05 20:27 - 2015-05-28 04:04 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-06-05 20:27 - 2015-05-28 04:04 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-06-05 20:27 - 2015-05-28 00:52 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-06-05 20:27 - 2015-05-27 07:48 - 04408727 _____ C:\Windows\system32\nvcoproc.bin
2015-06-05 20:27 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-06-05 20:27 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-06-05 20:27 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-06-05 20:27 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-06-05 20:27 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-06-05 20:27 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-06-05 20:27 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-06-05 20:27 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-06-05 20:27 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-06-05 20:27 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-06-05 20:27 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-06-05 20:27 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-06-05 20:27 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-06-05 20:27 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-06-05 20:27 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-06-05 20:27 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-06-05 20:27 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-06-05 20:27 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-06-05 20:27 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-06-05 20:27 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-06-05 20:27 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-06-05 20:27 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-06-05 20:27 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-06-05 20:27 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-06-05 20:27 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-06-05 20:27 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-06-05 20:27 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-06-05 20:27 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-06-05 20:27 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-06-05 20:27 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-06-05 20:27 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-06-05 20:27 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-06-05 20:27 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-06-05 20:27 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-06-05 20:27 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-06-05 20:27 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-06-05 20:27 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-06-05 20:27 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-06-05 20:27 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-06-05 20:27 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-06-05 20:27 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-06-05 20:27 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-06-05 20:27 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-06-05 20:27 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-06-05 20:27 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-06-05 20:27 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-06-05 20:27 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-06-05 20:27 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-06-05 20:27 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-06-05 20:27 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-06-05 20:27 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-06-05 20:27 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-06-05 20:27 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-06-05 20:27 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-06-05 20:27 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-06-05 20:27 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-06-05 20:27 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-06-05 20:27 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-06-05 20:27 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-06-05 20:27 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-06-05 20:27 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-06-05 20:27 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-06-05 20:27 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-06-05 20:27 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-06-05 20:27 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-06-05 20:27 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-06-05 20:27 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-06-05 20:27 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-06-05 20:27 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-06-05 20:27 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-06-05 20:27 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-06-05 20:27 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-06-05 20:27 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-06-05 20:27 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-06-05 20:27 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-06-05 20:27 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-06-05 20:27 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-06-05 20:27 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-06-05 20:27 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-06-05 20:27 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-06-05 20:27 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-06-05 20:27 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-06-05 20:27 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-06-05 20:27 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-06-05 20:27 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-06-05 20:27 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-06-05 20:27 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-06-05 20:27 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-06-05 20:27 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-06-05 20:27 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-06-05 20:27 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-06-05 20:27 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-06-05 20:27 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-06-05 20:27 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-06-05 20:27 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-06-05 20:27 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-06-05 20:27 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-06-05 20:27 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-06-05 20:27 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-06-05 20:27 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-06-05 20:27 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-06-05 20:27 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-06-05 20:27 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-06-05 20:27 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-06-05 20:27 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-06-05 20:27 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-06-05 20:27 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-06-05 20:27 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-06-05 20:27 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-06-05 20:27 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-06-05 20:27 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-06-05 20:27 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-06-05 20:27 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-06-05 20:27 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-06-05 20:27 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-06-05 20:27 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-06-05 20:27 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-06-05 20:27 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-06-05 20:27 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-06-05 20:27 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-06-05 20:27 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-06-05 20:27 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-06-05 20:27 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-06-05 20:27 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-06-05 20:27 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-06-05 20:27 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-06-05 20:27 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-06-05 20:27 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-06-05 20:27 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-06-05 20:27 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-06-05 20:27 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-06-05 20:27 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-06-05 20:27 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-06-05 20:27 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-06-05 20:27 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-06-05 20:27 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-06-05 20:27 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-06-05 20:27 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-06-05 20:27 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-06-05 20:27 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-06-05 20:27 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-06-05 20:27 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-06-05 20:27 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-06-05 20:27 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-06-05 20:27 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-06-05 20:27 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-06-05 20:27 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-06-05 20:27 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-06-05 20:27 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-06-05 20:27 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-06-05 20:27 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-06-05 20:27 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-06-05 20:27 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-06-05 20:27 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-06-05 20:27 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-06-05 20:27 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-06-05 20:27 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-06-05 20:27 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-06-05 20:27 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-06-05 20:27 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-06-05 20:27 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-06-05 20:27 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-06-05 20:27 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-06-05 20:27 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-06-05 20:26 - 2015-06-05 20:27 - 00000000 ____D C:\Windows\LastGood.Tmp
2015-06-05 20:26 - 2015-06-05 20:26 - 04221952 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athwbx.sys
2015-06-05 20:26 - 2015-06-05 20:26 - 01558848 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-06-05 20:26 - 2015-06-05 20:26 - 00195912 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-06-05 20:26 - 2015-06-05 20:26 - 00031552 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 42719888 _____ C:\Windows\system32\nvcompiler.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 37741712 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 30480528 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 22946960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 16185352 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 15864064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 14495448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 13304280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 12852152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 11830512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 10995528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-05 20:26 - 2015-05-28 04:04 - 03379680 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 02986392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435306.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435306.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 01050440 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 00982856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 00407112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 00052880 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 00048784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-05 20:26 - 2015-05-28 04:04 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-06-05 20:26 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-06-05 20:26 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-06-05 20:26 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-06-05 20:26 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-06-05 20:26 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-06-05 20:26 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-06-05 20:26 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-06-05 20:26 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-06-05 20:26 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-06-05 20:26 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-06-05 20:26 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-06-05 20:26 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-06-05 20:26 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-06-05 20:26 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-06-05 20:26 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-06-05 20:26 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-06-05 20:26 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-06-05 20:26 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-06-05 20:25 - 2015-06-05 20:25 - 05706688 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2015-06-05 20:25 - 2015-06-05 20:25 - 04464344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-06-05 20:25 - 2015-06-05 20:25 - 02918104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-06-05 20:25 - 2015-06-05 20:25 - 02847448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-06-05 20:25 - 2015-06-05 20:25 - 02532568 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2015-06-05 20:25 - 2015-06-05 20:25 - 02048372 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-06-05 20:25 - 2015-06-05 20:25 - 01739992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-06-05 20:25 - 2015-06-05 20:25 - 01365768 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2015-06-05 20:25 - 2015-06-05 20:25 - 01316056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-06-05 20:25 - 2015-06-05 20:25 - 00858256 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2015-06-05 20:25 - 2015-06-05 20:25 - 00684176 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2015-06-05 20:25 - 2015-06-05 20:25 - 00555664 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL
2015-06-05 20:25 - 2015-06-05 20:25 - 00435856 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2015-06-05 20:23 - 2015-06-05 20:23 - 00000000 ____D C:\Users\CarlosEduardo\Downloads\KBFilter_Win81_64_VER1005
2015-06-05 20:18 - 2015-06-05 20:18 - 00038104 _____ (Basil) C:\Windows\system32\WinDivert64.sys
2015-06-05 20:18 - 2015-06-05 20:18 - 00034104 _____ (Basil) C:\Windows\system32\WinDivert.dll
2015-06-05 20:17 - 2015-06-05 20:17 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-06-05 20:16 - 2015-06-05 20:17 - 00001024 _____ C:\.rnd
2015-06-05 20:16 - 2015-06-05 20:16 - 00000000 ___HD C:\Program Files (x86)\GAS Tecnologia
2015-06-05 20:16 - 2015-06-05 20:16 - 00000000 ___HD C:\Program Files (x86)\Diebold
2015-06-05 20:16 - 2015-06-05 20:16 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-05 20:16 - 2015-06-05 20:16 - 00000000 ____D C:\Program Files\Diebold
2015-06-05 20:15 - 2015-06-06 19:30 - 00000000 ____D C:\ProgramData\GbPlugin
2015-06-05 20:15 - 2015-06-06 10:28 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2015-06-05 20:15 - 2015-06-05 20:17 - 00003134 _____ C:\Users\CarlosEduardo\Downloads\Instalação do Guardião Itaú 30 horas.log
2015-06-05 20:15 - 2015-06-05 20:15 - 03213368 _____ (Banco Itaú) C:\Users\CarlosEduardo\Downloads\DiagnosticoItau.exe
2015-06-05 20:15 - 2015-06-05 20:15 - 00000000 ____D C:\ProgramData\GAS Tecnologia
2015-06-05 19:48 - 2015-06-05 19:48 - 00003118 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2015-06-05 19:48 - 2015-06-05 19:48 - 00003092 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2015-06-05 19:48 - 2015-06-05 19:48 - 00003090 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2015-06-05 19:48 - 2015-06-05 19:48 - 00003062 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2015-06-05 19:48 - 2015-06-05 19:48 - 00003060 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2015-06-05 19:48 - 2015-06-05 19:48 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2015-06-05 19:41 - 2015-06-05 19:41 - 50294992 _____ (Microsoft Corporation) C:\Users\CarlosEduardo\Downloads\MouseKeyboardCenter_64bit_PTB_2.3.188.exe
2015-06-05 19:15 - 2015-06-05 19:15 - 00050896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\point64.sys
2015-06-05 19:15 - 2015-06-05 19:15 - 00034544 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-06-05 19:15 - 2015-06-05 19:15 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-06-05 19:15 - 2015-06-05 19:15 - 00000000 ____D C:\Program Files\Synaptics
2015-06-05 19:14 - 2015-06-05 20:26 - 00317063 _____ C:\Windows\system32\Drivers\RTWAVES40.dat
2015-06-05 19:14 - 2015-06-05 20:26 - 00006786 _____ C:\Windows\system32\Drivers\rtwavesEFX.dat
2015-06-05 19:14 - 2015-06-05 20:26 - 00002626 _____ C:\Windows\system32\Drivers\rtwavesMFX.dat
2015-06-05 19:14 - 2015-06-05 20:26 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2015-06-05 19:14 - 2015-06-05 19:14 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-06-05 19:14 - 2015-06-05 19:14 - 00129312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2015-06-05 19:14 - 2015-06-05 19:14 - 00076496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dc3d.sys
2015-06-05 19:14 - 2015-06-05 19:14 - 00003152 _____ C:\Windows\System32\Tasks\RtHDVBg
2015-06-05 19:14 - 2015-06-05 19:14 - 00003146 _____ C:\Windows\System32\Tasks\RTKCPL
2015-06-05 19:14 - 2015-06-05 19:14 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-06-05 19:14 - 2015-06-05 19:14 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-06-05 19:14 - 2015-06-05 19:14 - 00000000 ____D C:\Program Files\Realtek
2015-06-05 19:13 - 2015-06-05 20:26 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-05 19:13 - 2015-06-05 19:13 - 72113152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-06-05 19:13 - 2015-06-05 19:13 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 12975360 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 12834736 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 07087448 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 06242576 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2015-06-05 19:13 - 2015-06-05 19:13 - 05234952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 03262184 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 03218800 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 03182104 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 02789808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 02702040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-06-05 19:13 - 2015-06-05 19:13 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 01933584 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 01559744 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 01499984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 01413776 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 01104040 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00995120 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00979280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00943784 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00856992 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00734376 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00631000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00454288 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00369296 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00336144 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00329360 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00329360 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00328816 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00284944 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00250536 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00213432 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00168816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00096568 _____ C:\Windows\system32\audioLibVc.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2015-06-05 19:13 - 2015-06-05 19:13 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-06-05 19:11 - 2015-06-06 19:36 - 00774900 _____ C:\Windows\system32\prfh0416.dat
2015-06-05 19:11 - 2015-06-06 19:36 - 00158494 _____ C:\Windows\system32\prfc0416.dat
2015-06-05 19:11 - 2015-06-06 19:31 - 00002880 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (CarlosEduardo)
2015-06-05 19:11 - 2015-06-05 19:11 - 00026528 _____ (REALiX™) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-06-05 19:11 - 2015-06-05 19:11 - 00003238 _____ C:\Windows\System32\Tasks\Driver Booster Scan
2015-06-05 19:11 - 2015-06-05 19:11 - 00003182 _____ C:\Windows\System32\Tasks\Driver Booster Update
2015-06-05 19:11 - 2015-06-05 19:11 - 00002164 _____ C:\Users\Public\Desktop\Driver Booster 2.lnk
2015-06-05 19:11 - 2015-06-05 19:11 - 00000000 ____D C:\Users\CarlosEduardo\AppData\Roaming\IObit
2015-06-05 19:11 - 2015-06-05 19:11 - 00000000 ____D C:\ProgramData\ProductData
2015-06-05 19:11 - 2015-06-05 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-06-05 19:11 - 2015-06-05 19:11 - 00000000 ____D C:\ProgramData\IObit
2015-06-05 19:11 - 2015-06-05 19:11 - 00000000 ____D C:\Program Files (x86)\IObit
2015-06-05 19:11 - 2015-06-05 19:10 - 00328354 _____ C:\Windows\system32\prfi0416.dat
2015-06-05 19:11 - 2015-06-05 19:10 - 00040752 _____ C:\Windows\system32\prfd0416.dat
2015-06-05 19:10 - 2015-06-05 19:10 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2015-06-05 19:09 - 2015-06-05 19:09 - 00004193 _____ C:\Users\CarlosEduardo\Downloads\9A2580633E56E9B6AC7F51E77A8AE8EBBAB3D1E3.torrent
2015-06-05 19:08 - 2015-06-06 10:32 - 00000000 ____D C:\Users\CarlosEduardo\AppData\Roaming\uTorrent
2015-06-05 19:08 - 2015-06-05 19:08 - 00000900 _____ C:\Users\CarlosEduardo\Desktop\µTorrent.lnk
2015-06-05 19:08 - 2015-06-05 19:08 - 00000880 _____ C:\Users\CarlosEduardo\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-06-05 19:07 - 2015-06-05 19:07 - 01994592 _____ (BitTorrent Inc.) C:\Users\CarlosEduardo\Downloads\uTorrent.exe
2015-06-05 19:06 - 2015-06-05 19:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-05 19:06 - 2015-06-05 19:06 - 00000000 ____D C:\Windows\SysWOW64\Atheros_L1e
2015-06-05 19:05 - 2015-06-05 19:05 - 41429300 _____ C:\Users\CarlosEduardo\Downloads\WLAN_QualcommAtheros_Win81_64_VER1000287.zip
2015-06-05 19:05 - 2015-06-05 19:05 - 11688336 _____ C:\Users\CarlosEduardo\Downloads\Power4Gear_Hybrid_Win81_64_VER308.zip
2015-06-05 19:05 - 2015-06-05 19:05 - 07454716 _____ C:\Users\CarlosEduardo\Downloads\Splendid_G750JW_JX_JXA_Win81_64_VER2010021.zip
2015-06-05 19:05 - 2015-06-05 19:05 - 00160580 _____ C:\Users\CarlosEduardo\Downloads\KBFilter_Win81_64_VER1005.zip
2015-06-05 19:04 - 2015-06-05 19:05 - 19408598 _____ C:\Users\CarlosEduardo\Downloads\Touchpad_Elantech_Win81_64_VER115121.zip
2015-06-05 19:04 - 2015-06-05 19:05 - 09993488 _____ C:\Users\CarlosEduardo\Downloads\CardReader_Genesys_Win81_64_VER4307.zip
2015-06-05 19:04 - 2015-06-05 19:04 - 06173082 _____ C:\Users\CarlosEduardo\Downloads\LAN_QualcommAtheros_Win81_64_VER21021.zip
2015-06-05 19:02 - 2015-06-05 19:07 - 292211848 _____ (NVIDIA Corporation) C:\Users\CarlosEduardo\Downloads\353.06-notebook-win8-win7-64bit-international-whql.exe
2015-06-05 19:00 - 2015-06-05 19:00 - 00002277 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-05 19:00 - 2015-06-05 19:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-05 19:00 - 2015-03-03 10:17 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-05 18:58 - 2015-06-06 19:30 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-05 18:58 - 2015-06-06 19:08 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-05 18:58 - 2015-06-05 19:03 - 00004056 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-06-05 18:58 - 2015-06-05 19:03 - 00003820 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-06-05 18:58 - 2015-06-05 19:00 - 00000000 ____D C:\Users\CarlosEduardo\AppData\Local\Google
2015-06-05 18:58 - 2015-06-05 18:59 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-05 18:58 - 2015-06-05 18:58 - 00000000 ____D C:\Users\CarlosEduardo\AppData\Local\Deployment
2015-06-05 18:58 - 2015-06-05 18:58 - 00000000 ____D C:\Users\CarlosEduardo\AppData\Local\Apps\2.0
2015-06-05 18:57 - 2015-06-06 13:04 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3030160730-3914295730-2292402835-1002
2015-06-05 18:57 - 2015-06-05 18:57 - 00000000 __SHD C:\Users\CarlosEduardo\AppData\Local\EmieUserList
2015-06-05 18:57 - 2015-06-05 18:57 - 00000000 __SHD C:\Users\CarlosEduardo\AppData\Local\EmieSiteList
2015-06-05 18:57 - 2015-06-05 18:57 - 00000000 __SHD C:\Users\CarlosEduardo\AppData\Local\EmieBrowserModeList
2015-06-05 18:56 - 2015-06-06 16:22 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{196F6B66-3E26-4145-B16B-05CCD9D8DF1E}
2015-06-05 18:56 - 2015-06-05 18:56 - 00000000 ____D C:\Users\CarlosEduardo\AppData\Roaming\Macromedia
2015-06-05 18:55 - 2015-06-06 19:29 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-05 18:55 - 2015-06-05 20:28 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-05 18:55 - 2015-06-05 20:27 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-05 18:55 - 2015-05-28 04:04 - 00112968 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-06-05 18:55 - 2015-05-28 04:04 - 00105288 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-06-05 18:55 - 2015-05-28 01:15 - 06872904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-06-05 18:55 - 2015-05-28 01:15 - 03491984 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-06-05 18:55 - 2015-05-28 01:15 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-06-05 18:55 - 2015-05-28 01:15 - 00937288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-06-05 18:55 - 2015-05-28 01:15 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-06-05 18:55 - 2015-05-28 01:15 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-06-05 18:52 - 2015-06-06 19:30 - 00000000 ___RD C:\Users\CarlosEduardo\OneDrive
2015-06-05 18:48 - 2015-06-06 10:27 - 00000000 ____D C:\Users\CarlosEduardo\AppData\Local\VirtualStore
2015-06-05 18:48 - 2015-06-05 18:49 - 00000000 ____D C:\Users\CarlosEduardo\AppData\Local\PackageStaging
2015-06-05 18:48 - 2015-06-05 18:49 - 00000000 ____D C:\Users\CarlosEduardo\AppData\Local\Packages
2015-06-05 18:48 - 2015-06-05 18:48 - 00001446 _____ C:\Users\CarlosEduardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-05 18:48 - 2015-06-05 18:48 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-05 18:48 - 2015-06-05 18:48 - 00000000 ____D C:\Users\CarlosEduardo\AppData\Roaming\Adobe
2015-06-05 18:47 - 2015-06-05 18:52 - 00000000 ____D C:\Users\CarlosEduardo
2015-06-05 18:47 - 2015-06-05 18:47 - 00000020 ___SH C:\Users\CarlosEduardo\ntuser.ini
2015-06-05 18:47 - 2015-03-09 08:19 - 00000000 ___RD C:\Users\CarlosEduardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-05 18:47 - 2014-11-21 12:57 - 00000000 ___RD C:\Users\CarlosEduardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-05 18:47 - 2014-11-21 12:57 - 00000000 ___RD C:\Users\CarlosEduardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-06-05 18:47 - 2014-11-21 05:52 - 00000369 _____ C:\Users\CarlosEduardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-06-05 18:47 - 2014-11-21 05:52 - 00000369 _____ C:\Users\CarlosEduardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-06-05 18:47 - 2013-08-22 12:36 - 00000000 ____D C:\Users\CarlosEduardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-05 18:46 - 2015-05-15 19:01 - 00133288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-05 18:46 - 2015-05-15 18:05 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-05 18:46 - 2015-05-15 17:47 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-06-05 18:46 - 2015-05-15 17:23 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-06-05 18:46 - 2015-05-15 16:42 - 03682304 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-05 18:46 - 2015-05-15 16:32 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-05 18:46 - 2015-05-15 16:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-05 18:46 - 2015-05-15 16:28 - 02223104 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-05 18:46 - 2015-05-15 16:28 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-06-05 18:46 - 2015-05-15 16:28 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-05 18:46 - 2015-05-15 16:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-05 18:46 - 2015-05-15 16:21 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-06-05 18:46 - 2015-05-15 16:21 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-06-05 18:46 - 2015-05-15 16:19 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-06-05 18:46 - 2015-05-15 16:19 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-06-05 18:46 - 2015-03-13 22:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-05 18:46 - 2015-03-13 22:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-06-05 18:46 - 2015-03-13 21:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-06-05 18:45 - 2015-06-06 19:50 - 01779352 _____ C:\Windows\WindowsUpdate.log
2015-06-05 18:43 - 2015-06-05 18:43 - 00000830 _____ C:\Windows\system32\msdm.log
2015-06-05 18:43 - 2015-06-05 18:43 - 00000000 ____D C:\Windows\$ASUS$
2015-06-05 18:42 - 2015-06-05 18:42 - 00000000 __SHD C:\Recovery
2015-06-05 18:42 - 2015-06-05 18:42 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-06 19:36 - 2014-11-21 05:44 - 01797166 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-06 19:30 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-06 19:29 - 2013-08-22 11:44 - 00338048 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-06 19:29 - 2013-08-22 10:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-06-06 19:29 - 2013-08-22 10:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-06-06 19:00 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\sru
2015-06-06 12:33 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\AppReadiness
2015-06-06 10:32 - 2015-03-09 16:40 - 00000000 ____D C:\Windows\Panther
2015-06-05 23:41 - 2013-08-22 12:36 - 00262144 _____ C:\Windows\system32\config\BCD-Template
2015-06-05 20:55 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-06-05 20:23 - 2012-08-06 11:17 - 00017280 _____ ( ) C:\Windows\system32\Drivers\kbfiltr.sys
2015-06-05 20:17 - 2013-08-22 12:20 - 00000000 ____D C:\Windows\CbsTemp
2015-06-05 19:10 - 2014-11-21 05:25 - 00000000 ____D C:\Program Files\Windows Journal
2015-06-05 19:10 - 2014-11-21 05:00 - 00000000 ____D C:\Windows\SysWOW64\winrm
2015-06-05 19:10 - 2014-11-21 05:00 - 00000000 ____D C:\Windows\SysWOW64\WCN
2015-06-05 19:10 - 2014-11-21 05:00 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2015-06-05 19:10 - 2014-11-21 05:00 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-06-05 19:10 - 2014-11-21 05:00 - 00000000 ____D C:\Windows\system32\winrm
2015-06-05 19:10 - 2014-11-21 05:00 - 00000000 ____D C:\Windows\system32\WCN
2015-06-05 19:10 - 2014-11-21 05:00 - 00000000 ____D C:\Windows\system32\slmgr
2015-06-05 19:10 - 2014-11-21 05:00 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2015-06-05 19:10 - 2013-08-22 12:36 - 00000000 ___SD C:\Windows\system32\dsc
2015-06-05 19:10 - 2013-08-22 12:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-06-05 19:10 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\WinStore
2015-06-05 19:10 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\SysWOW64\MUI
2015-06-05 19:10 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\SysWOW64\Com
2015-06-05 19:10 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2015-06-05 19:10 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\MUI
2015-06-05 19:10 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\migwiz
2015-06-05 19:10 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\Com
2015-06-05 19:10 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-05 19:10 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\IME
2015-06-05 19:10 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\Help
2015-06-05 19:10 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\FileManager
2015-06-05 19:10 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-06-05 19:10 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-06-05 19:10 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files\Common Files\System
2015-06-05 19:10 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-06-05 19:10 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-06-05 19:10 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-06-05 19:10 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-06-05 19:10 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\system32\Sysprep
2015-06-05 19:10 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\system32\oobe
2015-06-05 19:10 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\system32\Dism
2015-06-05 19:10 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\servicing
2015-06-05 18:48 - 2013-08-22 11:45 - 00000000 ____D C:\Windows\Setup
2015-06-05 18:46 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\restore
2015-06-05 18:46 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-06-05 18:42 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\Recovery
2015-05-28 04:04 - 2013-12-10 08:13 - 17486856 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-05-28 04:04 - 2013-12-10 08:13 - 14987528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-05-28 04:04 - 2013-12-10 08:13 - 00030966 _____ C:\Windows\system32\nvinfo.pb

==================== Files in the root of some directories =======

2015-06-05 21:27 - 2015-06-05 21:27 - 0631448 _____ () C:\ProgramData\1433548416.bdinstall.bin
2015-06-05 19:14 - 2015-06-05 19:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\CarlosEduardo\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\CarlosEduardo\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-09 07:40

==================== End of log ============================

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:06-06-2015
Ran by CarlosEduardo at 2015-06-06 19:53:13
Running from C:\Users\CarlosEduardo\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3030160730-3914295730-2292402835-500 - Administrator - Disabled)
CarlosEduardo (S-1-5-21-3030160730-3914295730-2292402835-1002 - Administrator - Enabled) => C:\Users\CarlosEduardo
Guest (S-1-5-21-3030160730-3914295730-2292402835-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3030160730-3914295730-2292402835-1004 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivírus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3030160730-3914295730-2292402835-1002\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Atualizações da NVIDIA 2.4.5.28 (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.21.0.1497 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Central de Mouse e Teclado da Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Central de Mouse e Teclado da Microsoft (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Driver Booster 2.3 (HKLM-x32\...\Driver Booster_is1) (Version: 2.3 - IObit)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
K-Lite Mega Codec Pack 11.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.2.0 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
NVIDIA Driver de áudio HD 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Driver de gráficos 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Painel de controle da NVIDIA 353.06 (Version: 353.06 - NVIDIA Corporation) Hidden
Qualcomm Atheros Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7512 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
Viber (HKU\S-1-5-21-3030160730-3914295730-2292402835-1002\...\Viber) (Version: 5.1.1.15 - Viber Media Inc)
Warsaw 1.5.2.9896 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.5.2.9896 - GAS Tecnologia)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

05-06-2015 18:46:45 Windows Modules Installer
05-06-2015 19:13:33 Driver Booster : HID Keyboard Device

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 10:25 - 2015-06-06 19:30 - 00000822 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04F24453-4C69-4C88-BEA7-BBB17BD599CD} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-04-07] (IObit)
Task: {41B31809-251C-4291-A66A-A11D7168CC04} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {656ED234-B9D6-40CA-A1CF-734056F8EE97} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-05] (Realtek Semiconductor)
Task: {B06D8D05-8BD6-4286-9B9A-8941E8FEAF45} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2015-05-14] (IObit)
Task: {B2D17952-FC53-4785-9B39-7BECE9DF225F} - System32\Tasks\Driver Booster SkipUAC (CarlosEduardo) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-05-14] (IObit)
Task: {BC8B295D-85EA-4B57-912E-6DB306A75509} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {BDEECDED-4C89-495A-8A08-5DEA9DFAA81D} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {C31293FC-D1D4-4CFA-B8DB-A4BD7A134807} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-05] (Google Inc.)
Task: {CD31CAD2-A621-4F7B-B86C-3A10CD655C59} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {D35D1A67-0E6D-4F41-B566-46121618EA9D} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-05] (Realtek Semiconductor)
Task: {D3EF74B1-5351-47DC-824D-61DEBCFAF6BD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {DB29B46C-7463-45ED-91BF-373C8F30B144} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-05-31] ()
Task: {E9C2E294-EB85-41C6-9585-40B51425D371} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {F81606D5-D2C7-478C-ACCF-5D99DE35A921} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-05] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-06-05 20:58 - 2014-08-27 16:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2015-06-05 20:58 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2015-06-05 20:58 - 2015-03-23 17:57 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2015-06-05 20:58 - 2012-10-29 14:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2015-06-05 21:04 - 2015-06-05 21:04 - 00790368 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_002\ashttpbr.mdl
2015-06-05 21:04 - 2015-06-05 21:04 - 00711064 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_002\ashttpdsp.mdl
2015-06-05 21:04 - 2015-06-05 21:04 - 02683520 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_002\ashttpph.mdl
2015-06-05 21:04 - 2015-06-05 21:04 - 01326504 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_002\ashttprbl.mdl
2015-06-05 18:55 - 2015-05-28 01:15 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-06-06 11:10 - 2015-05-25 11:39 - 80036560 _____ () C:\Users\CarlosEduardo\AppData\Local\Viber\Viber.exe
2015-06-05 20:27 - 2015-05-28 04:04 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-06-06 11:10 - 2015-02-25 04:21 - 01507328 _____ () C:\Users\CarlosEduardo\AppData\Local\Viber\libGLESv2.dll
2015-06-06 11:10 - 2015-05-25 11:03 - 00100864 _____ () C:\Users\CarlosEduardo\AppData\Local\Viber\qfacebook.dll
2015-06-06 11:10 - 2015-05-25 11:02 - 00171008 _____ () C:\Users\CarlosEduardo\AppData\Local\Viber\exif.dll
2015-06-06 11:10 - 2015-02-25 04:21 - 00063488 _____ () C:\Users\CarlosEduardo\AppData\Local\Viber\libEGL.dll
2015-06-06 11:10 - 2015-02-25 04:36 - 00010240 _____ () C:\Users\CarlosEduardo\AppData\Local\Viber\QtQuick.2\qtquick2plugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\CarlosEduardo\OneDrive:ms-properties
AlternateDataStreams: C:\Users\CarlosEduardo\Desktop\FRST64.exe:BDU
AlternateDataStreams: C:\Users\CarlosEduardo\Downloads\AdwCleaner.exe:BDU
AlternateDataStreams: C:\Users\CarlosEduardo\Downloads\K-Lite_Codec_Pack_1120_Mega.exe:BDU
AlternateDataStreams: C:\Users\CarlosEduardo\Downloads\OTL.exe:BDU
AlternateDataStreams: C:\Users\CarlosEduardo\Downloads\ViberSetup.exe:BDU

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3030160730-3914295730-2292402835-1002\...\google.com -> www.google.com
IE trusted site: HKU\S-1-5-21-3030160730-3914295730-2292402835-1002\...\google.com.br -> www.google.com.br
IE trusted site: HKU\S-1-5-21-3030160730-3914295730-2292402835-1002\...\itau.b.br -> www.itau.b.br
IE trusted site: HKU\S-1-5-21-3030160730-3914295730-2292402835-1002\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-3030160730-3914295730-2292402835-1002\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-3030160730-3914295730-2292402835-1002\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-3030160730-3914295730-2292402835-1002\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3030160730-3914295730-2292402835-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\CarlosEduardo\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\twilight edited.jpg
DNS Servers: 80.82.64.136 - 8.8.8.8

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{3BB941DB-2FA5-4751-8C7A-0D17AF2536E0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{20BD506D-B2D1-43CE-96CB-F433C9DCC775}] => (Allow) C:\Users\CarlosEduardo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DCDA163E-D218-4C89-A079-F22B0911C3B2}] => (Allow) C:\Users\CarlosEduardo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E2BDF630-005C-40E0-86D1-ECE9A1B27484}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{13C02A0C-1858-454F-A489-56F71B1BF103}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{105B41C3-5424-4707-B930-C987645FAB96}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D50AFDCE-1853-432D-BDC4-4B78699057AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{FA798708-7DEE-429F-BA83-D876B66F11C5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6159762E-D800-4A84-9431-9270A660C56E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7853382B-D6E2-4B40-AE02-F936BF2721EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (06/06/2015 07:29:22 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Superfetch terminou com o erro:
%%1062

Error: (06/06/2015 07:28:55 PM) (Source: DCOM) (EventID: 10010) (User: KDU)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (06/06/2015 03:30:42 PM) (Source: disk) (EventID: 11) (User: )
Description: O driver detectou um erro de controlador em \Device\Harddisk2\DR2.


Microsoft Office:
=========================

==================== Memory info ===========================

Processor: Intel® Core™ i7-4700HQ CPU @ 2.40GHz
Percentage of memory in use: 16%
Total physical RAM: 16333.46 MB
Available physical RAM: 13643.06 MB
Total Pagefile: 19277.46 MB
Available Pagefile: 16475.01 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.14 GB) (Free:197.98 GB) NTFS
Drive d: (Storage Kdu) (Fixed) (Total:931.51 GB) (Free:272.22 GB) NTFS
Drive e: (W81_X64_ESD_OEM_en-US_Mar2015) (Removable) (Total:7.4 GB) (Free:3.02 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1EC820E8)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: B9F841C8)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.1 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 7.4 GB) (Disk ID: 006534C0)
Partition 1: (Active) - (Size=7.4 GB) - (Type=07 NTFS)

==================== End of log ============================


  • 0

#4
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Hello bigdu,

 

First
P2P Software Warning:
It seems you have uTorrent P2P software installed.  While this software may have been intentionally installed on the system, and the program itself may be safe, the files shared with these programs often carry an unknown malware payload.  Some of this malware is Ransomware which encrypts user files for ransom with a time limit.  

Pretty nasty stuff.

Besides installing malware,  the use of these programs can expose sensitive information belonging to you or your employer to the Internet, make your system vulnerable to unwanted attacks by exploiting known security issues, block your Internet access, and can possibly subject you to copyright infringement prosecution.

If you do decide to keep any P2P programs, please uninstall them or disable and keep from using them until after we've finished and your system is declared clean.

You can read more about the risks of using P2P software at these links:


Second
Run a FRST Fix

  • Download the attached fixlist.txt file and save it to the Desktop.

    (Note: It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.)

    Notice: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.
  • Run FRST/FRST64 from your Desktop and press the Fix button just once and wait.
    FRST_Fix_zps8lrdygec.png
  • If for some reason the tool needs a restart, please make sure you let the system restart normally.  After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop named Fixlog.txt. Please post the contents of that log file into your next reply.

Third

Run Junkware Removal Tool:

Please download Junkware Removal Tool to your Desktop.

  • Shut down your protection software now to avoid potential conflicts.  See here for more information.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

Finally
In your next reply, please copy/paste the contents of the following logs:

  • FRST fix log
  • JRT log

And tell me how the system is running. :)

 


  • 0

#5
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Sorry, it might help if I actually attached the fixlist.txt file!

 

Here it is: Attached File  fixlist.txt   1.3KB   111 downloads


  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP