Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Mouse disconnecting all peripherals + getting pc stuck


  • This topic is locked This topic is locked
13 replies to this topic

#1 Papadocks

Papadocks

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:02 AM

Posted 13 December 2016 - 02:07 PM

Hello,

 

I've got a Steelseries Sensei mouse and I was able to use it fine until I bought a new keyboard.

After I bought my new keyboard my mouse started disconnecting and reconnecting from time to time. At first I thought it was cuz my PSU was very low so I bought a new PSU... Well the problem still happens and now instead of only disconnecting itself it also disconnects all peripherals and they keep on trying to reconnect but they are not able to do it... All my peripherals have LEDS and the LEDS just keep on turning ON and OFF the whole time... Sometimes it will also get my computer stuck.

 

In the mean time I've been using another gaming mouse but with less power consumption and extras... Do you think this might be a virus? Can you help me?

 

I've already taken the Sensei to the guarantee and they said it was all fine with the mouse...

 

 

 

Best Regards,



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:02 PM

Posted 18 December 2016 - 02:10 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> https://www.bleepingcomputer.com/logreply/634750 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Papadocks

Papadocks
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:02 AM

Posted 18 December 2016 - 02:56 PM

Hello,
 
As you've asked, here's the logs in the attachments.
 
Let me know if you need anything else and thank you very much for your help.
 
 
Best Regards,

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2016
Ran by Miguel (administrator) on MIGUEL-PC (18-12-2016 19:50:11)
Running from C:\Users\Miguel\Downloads
Loaded Profiles: Miguel (Available Profiles: Miguel)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Português (Portugal)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
() C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Spotify Ltd) C:\Users\Miguel\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Creative Technology Ltd.) C:\Windows\V0330Mon.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) F:\Teamspeak3\ts3client_win64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe
(Valve Corporation) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16681728 2016-07-18] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [C:\Windows\system32\V0330Ext.ax] => C:\Windows\system32\RegSvr32.exe /s C:\Windows\system32\V0330Ext.ax
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [DriverPack Notifier] => C:\Program Files (x86)\DriverPack Notifier\DriverPackNotifier.exe [258560 2015-12-18] ()
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [V0330Mon.exe] => C:\Windows\V0330Mon.exe [32768 2007-04-30] (Creative Technology Ltd.)
HKLM-x32\...\Run: [C:\Windows\SysWOW64\V0330Ext.ax] => C:\Windows\system32\RegSvr32.exe /s C:\Windows\SysWOW64\V0330Ext.ax
HKU\S-1-5-21-1752991229-1062164544-2561520819-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3582240 2016-06-02] (Nota Inc.)
HKU\S-1-5-21-1752991229-1062164544-2561520819-1000\...\Run: [Spotify Web Helper] => C:\Users\Miguel\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-19] (Spotify Ltd)
HKU\S-1-5-21-1752991229-1062164544-2561520819-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-1752991229-1062164544-2561520819-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-1752991229-1062164544-2561520819-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-07-08] (Apple Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-06-12] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2016-12-11]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
Startup: C:\Users\Miguel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-12-14]
ShortcutTarget: Curse.lnk -> C:\Users\Miguel\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.1.254
Tcpip\..\Interfaces\{119785F5-BD97-446F-9196-B6000428985D}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{119785F5-BD97-446F-9196-B6000428985D}: [DhcpNameServer] 192.168.1.254 192.168.1.254

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-10-30] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-30] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-10-30] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-30] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-30] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-10-30] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-30] (Oracle Corporation)
BHO-x32: Programa Auxiliar de Início de Sessão da conta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-10-30] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-10-30] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-30] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: jh0pz1yn.default
FF ProfilePath: C:\Users\Miguel\AppData\Roaming\Mozilla\Firefox\Profiles\jh0pz1yn.default [2016-12-12]
FF Session Restore: Mozilla\Firefox\Profiles\jh0pz1yn.default -> is enabled.
FF Extension: (HackBar) - C:\Users\Miguel\AppData\Roaming\Mozilla\Firefox\Profiles\jh0pz1yn.default\Extensions\{F5DDF39C-9293-4d5e-9AA8-E04E6DD5E9B4}.xpi [2016-10-01]
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-30] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-10-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Session Restore: Profile 1 -> is enabled.
CHR Profile: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-06-20] <==== ATTENTION
CHR Profile: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-12-18]
CHR Extension: (Google Docs) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-20]
CHR Extension: (Google Drive) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-20]
CHR Extension: (YouTube) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-20]
CHR Extension: (Google Folhas de Cálculo) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-20]
CHR Extension: (Ban Checker For Steam With History) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fidfhokmiihfkmkhgpacakihkehklhka [2016-10-13]
CHR Extension: (Marcadores de iCloud) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fkepacicchenbjecpbpbclokcabebhah [2016-08-26]
CHR Extension: (LoungeDestroyer) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2016-10-17]
CHR Extension: (Documentos do Google offline) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-20]
CHR Extension: (AdBlock) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-12-18]
CHR Extension: (Pagamentos via Chrome Web Store) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-20]
CHR Extension: (Gmail) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-20]
CHR Extension: (Chrome Media Router) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-16]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1447944 2016-12-12] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3294912 2016-10-30] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [243984 2016-02-12] (EasyAntiCheat Ltd)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2016-04-12] ()
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-09-19] (Hi-Rez Studios) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-11-24] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation)
S3 Origin Client Service; F:\Origin\OriginClientService.exe [2122248 2016-07-19] (Electronic Arts)
R2 ovpnagent; C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe [949480 2016-08-29] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2016-07-18] (Popcorn Time) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 JtsLncs; "C:\Program Files (x86)\Jatosydinodom\JtsLncs.xhtm5" {79740E79-A383-47A7-B513-3DF6563D007F} {8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 busenum; C:\Windows\System32\DRIVERS\SteelBus64.sys [146944 2014-10-08] (SteelSeries Corporation) [File not signed]
S3 CSRBC; C:\Windows\System32\Drivers\csrbc.sys [38400 2012-08-02] (CSR plc.)
R1 ESEADriver2; C:\Users\Miguel\AppData\Local\Temp\ESEADriver2.sys [316256 2016-11-23] ()
R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [99464 2016-07-04] (<Turtle Entertainment>)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30960 2015-05-29] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [190032 2016-04-04] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation)
R3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2016-06-15] (The OpenVPN Project)
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [416472 2016-05-17] (Realsil Semiconductor Corporation)
S3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [39168 2014-10-08] (SteelSeries Corporation) [File not signed]
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31984 2013-07-30] (Synaptics Incorporated)
R3 ssdevfactory; C:\Windows\System32\DRIVERS\ssdevfactory.sys [41816 2016-11-03] (SteelSeries ApS)
S3 sshid; C:\Windows\System32\DRIVERS\sshid.sys [52960 2016-10-05] (SteelSeries ApS)
S3 V0330VID; C:\Windows\System32\DRIVERS\V0330Vid.sys [193408 2009-07-03] (Creative Technology Ltd.)
S3 blNetFilter; \??\C:\Windows\system32\drivers\blNetFilter.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-18 19:50 - 2016-12-18 19:50 - 00023192 _____ C:\Users\Miguel\Downloads\FRST.txt
2016-12-18 19:49 - 2016-12-18 19:50 - 00000000 ____D C:\FRST
2016-12-18 19:49 - 2016-12-18 19:49 - 02420224 _____ (Farbar) C:\Users\Miguel\Downloads\FRST64.exe
2016-12-18 19:44 - 2016-12-18 19:44 - 00000000 _____ C:\Windows\cd_127
2016-12-14 19:32 - 2016-12-14 19:32 - 00000000 ____D C:\Windows\pss
2016-12-13 10:53 - 2016-12-13 10:53 - 00000000 ____D C:\Users\Miguel\AppData\Local\Chromium
2016-12-12 23:26 - 2016-12-18 19:47 - 00000000 ____D C:\Users\Miguel\AppData\Roaming\Curse Client
2016-12-12 23:26 - 2016-12-12 23:26 - 83726296 _____ (Curse) C:\Users\Miguel\Downloads\CurseClientSetup_[addonclient-upsell].exe
2016-12-12 23:26 - 2016-12-12 23:26 - 00001036 _____ C:\Users\Miguel\Desktop\Curse.lnk
2016-12-12 23:26 - 2016-12-12 23:26 - 00001022 _____ C:\Users\Miguel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk
2016-12-12 23:26 - 2016-12-12 23:26 - 00000000 ____D C:\Users\Miguel\AppData\Roaming\Curse
2016-12-08 12:18 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2016-12-08 01:56 - 2016-12-08 01:56 - 02087271 _____ C:\Users\Miguel\Downloads\finder.zip
2016-12-07 22:54 - 2016-12-07 22:54 - 00000495 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-12-07 22:54 - 2016-12-07 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-12-07 22:52 - 2016-12-07 23:04 - 00000000 ____D C:\Users\Miguel\Documents\The Crew
2016-12-07 22:52 - 2016-12-07 23:00 - 00000000 ____D C:\Users\Miguel\Documents\ProfileCache
2016-12-07 22:51 - 2016-12-07 22:51 - 03126768 _____ (Blizzard Entertainment) C:\Users\Miguel\Downloads\Battle.net-Setup.exe
2016-12-07 22:51 - 2016-12-07 22:51 - 00000000 ____D C:\Users\Miguel\AppData\Local\Ubisoft
2016-12-07 22:48 - 2016-12-07 22:48 - 00000000 ____D C:\Windows\system32\appmgmt
2016-12-07 21:50 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-12-07 21:50 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-12-07 21:50 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-12-07 21:50 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-12-07 21:50 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-12-07 21:50 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-12-07 21:50 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-12-07 21:50 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-12-07 21:50 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-12-07 21:50 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-12-07 21:50 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-12-07 21:50 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-12-07 21:50 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2016-12-07 21:50 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2016-12-07 21:50 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-12-07 21:50 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-12-07 21:50 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-12-07 21:50 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-12-07 21:50 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-12-07 21:50 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-12-07 21:50 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-12-07 21:50 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2016-12-07 21:50 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-12-07 21:50 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-12-07 21:50 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-12-07 21:50 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-12-07 21:50 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2016-12-07 21:50 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-12-07 21:50 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-12-07 21:50 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-12-07 21:50 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-12-07 21:50 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-12-07 21:50 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-12-07 21:50 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-12-07 21:50 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2016-12-07 21:50 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-12-07 21:50 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2016-12-07 21:50 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2016-12-07 21:50 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-12-07 21:50 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-12-07 21:50 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2016-12-07 21:50 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-12-07 21:50 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2016-12-07 21:50 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-12-07 21:50 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2016-12-07 21:50 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-12-07 21:50 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2016-12-07 21:50 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-12-07 21:50 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-12-07 21:50 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-12-07 21:50 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-12-07 21:50 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-12-07 21:50 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-12-07 21:50 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-12-07 21:50 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-12-07 21:50 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-12-07 21:50 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-12-07 21:50 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-12-07 21:50 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-12-07 21:50 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-12-07 21:50 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-12-07 21:50 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-12-07 21:50 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-12-07 21:50 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-12-07 21:50 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-12-07 21:50 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-12-07 21:50 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-12-07 21:50 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-12-07 21:50 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-12-07 21:50 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-12-07 21:50 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-12-07 21:50 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-12-07 21:50 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-12-07 21:50 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-12-07 21:50 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2016-12-07 21:50 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2016-12-07 21:50 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-12-07 21:50 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-12-07 21:50 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2016-12-07 21:50 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2016-12-07 21:50 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-12-07 21:50 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-12-07 21:50 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2016-12-07 21:50 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-12-07 21:50 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2016-12-07 21:50 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-12-07 21:50 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2016-12-07 21:50 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-12-07 21:50 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2016-12-07 21:50 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2016-12-07 21:50 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-12-07 21:50 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-12-07 21:50 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2016-12-07 21:50 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-12-07 21:50 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2016-12-07 21:50 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-12-07 21:50 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2016-12-07 21:50 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-12-07 21:50 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2016-12-07 21:50 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-12-07 21:50 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2016-12-07 21:50 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-12-07 21:50 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2016-12-07 21:50 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-12-07 21:50 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2016-12-07 21:50 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-12-07 21:50 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2016-12-07 21:50 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-12-07 21:50 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2016-12-07 21:50 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-12-07 21:50 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2016-12-07 21:50 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-12-07 21:50 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2016-12-07 21:50 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-12-07 21:50 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2016-12-07 21:50 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-12-07 21:50 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2016-12-07 21:50 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-12-07 21:50 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2016-12-07 21:50 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-12-07 21:50 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2016-12-07 21:50 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-12-07 21:50 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2016-12-07 21:50 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-12-07 21:50 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2016-12-07 21:50 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-12-07 21:50 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2016-12-07 21:50 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-12-07 21:50 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2016-12-07 21:50 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-12-07 21:50 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2016-12-07 21:50 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-12-07 21:50 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2016-12-07 21:50 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-12-07 21:50 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2016-12-07 21:50 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-12-07 21:50 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2016-12-07 21:50 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2016-12-07 21:50 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-12-07 21:50 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-12-07 21:50 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-12-07 21:50 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-12-07 21:50 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2016-12-07 21:50 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-12-07 21:50 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2016-12-07 21:50 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2016-12-07 21:50 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-12-07 21:50 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-12-07 21:50 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-12-07 21:50 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2016-12-07 21:50 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2016-12-07 21:50 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2016-12-07 21:50 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-12-07 21:50 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-12-07 21:50 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-12-07 21:50 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-12-07 21:50 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-12-07 21:50 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-12-07 21:50 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-12-07 21:50 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-12-07 21:50 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2016-12-07 21:50 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-12-07 21:50 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2016-12-07 21:50 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-12-07 21:50 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-12-07 21:50 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-12-07 21:50 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2016-12-07 21:50 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-12-07 21:50 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2016-12-07 21:50 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-12-07 21:50 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2016-12-07 21:50 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-12-07 21:50 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2016-12-07 21:50 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-12-07 21:50 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2016-12-05 22:30 - 2016-12-05 22:30 - 02058776 _____ C:\Users\Miguel\Downloads\flag-icon-css-master.zip
2016-12-05 22:29 - 2016-12-05 22:30 - 00298618 _____ C:\Users\Miguel\Downloads\famfamfam_flag_icons.zip
2016-12-05 22:29 - 2016-12-05 22:29 - 02065409 _____ C:\Users\Miguel\Downloads\Flags.zip
2016-12-04 23:53 - 2016-12-04 23:53 - 00000000 ____D C:\Users\Miguel\Downloads\IP.Board_3.4.9_Nulled
2016-12-04 23:47 - 2016-12-04 23:50 - 08948268 _____ C:\Users\Miguel\Downloads\IP.Board_3.4.9_Nulled.zip
2016-12-04 20:42 - 2016-12-04 20:42 - 00000000 ____D C:\Users\Miguel\Downloads\OldSkill_Romania
2016-12-04 20:40 - 2016-12-04 20:41 - 04475426 _____ C:\Users\Miguel\Downloads\OldSkill_Romania.rar
2016-12-04 20:36 - 2016-12-04 20:36 - 04173477 _____ C:\Users\Miguel\Downloads\images-invezozo-img (1).xml.gz
2016-12-04 20:30 - 2016-12-04 20:30 - 04173477 _____ C:\Users\Miguel\Downloads\images-invezozo-img.xml.gz
2016-12-04 20:30 - 2016-12-04 20:30 - 00282073 _____ C:\Users\Miguel\Downloads\invezozo.xml.gz
2016-12-04 20:30 - 2016-12-04 20:30 - 00001800 _____ C:\Users\Miguel\Downloads\replacements-invezozo.xml.gz
2016-12-02 00:48 - 2016-12-02 00:48 - 00000884 _____ C:\Users\Miguel\Desktop\forum.txt
2016-12-01 22:24 - 2016-12-01 22:24 - 00040630 _____ C:\Users\Miguel\Downloads\(SOS33) Member Situation on Personal Card 1.0.1.zip
2016-12-01 22:23 - 2016-12-01 22:23 - 00012176 _____ C:\Users\Miguel\Downloads\Sliding Pop-up Message Box 1.6.1.rar
2016-12-01 22:22 - 2016-12-01 22:22 - 00007616 _____ C:\Users\Miguel\Downloads\Closing_Reason_as_Post.zip
2016-12-01 22:20 - 2016-12-01 22:20 - 00002599 _____ C:\Users\Miguel\Downloads\Profile Information Sidebar.zip
2016-12-01 22:07 - 2016-12-01 22:07 - 00224058 _____ C:\Users\Miguel\Downloads\(BS) Warning.zip
2016-12-01 22:06 - 2016-12-01 22:07 - 00050550 _____ C:\Users\Miguel\Downloads\1422120719036228_Contact Form 2.2.5.zip
2016-12-01 22:06 - 2016-12-01 22:06 - 01759307 _____ C:\Users\Miguel\Downloads\1421429338036228_IPBSlider 1.01 (1).zip
2016-12-01 22:05 - 2016-12-01 22:05 - 01394853 _____ C:\Users\Miguel\Downloads\Duplicate_Members_Logger_v3.0.4.zip
2016-12-01 22:05 - 2016-12-01 22:05 - 00666352 _____ C:\Users\Miguel\Downloads\(RC34) Board Life Status 1.0.1.zip
2016-12-01 22:01 - 2016-12-01 22:01 - 00054237 _____ C:\Users\Miguel\Downloads\Livestream.rar
2016-12-01 21:58 - 2016-12-01 21:58 - 00003758 _____ C:\Users\Miguel\Downloads\User Online Status in Topics 1.0.0 (IP.Board 3.2 & 3.3).zip
2016-12-01 21:57 - 2016-12-01 21:57 - 00144938 _____ C:\Users\Miguel\Downloads\1377249359010959_IPB 3.4 - AdvancedTagsPrefixes 2.1.6.zip
2016-12-01 21:56 - 2016-12-01 21:56 - 00274654 _____ C:\Users\Miguel\Downloads\1376396079010959_(e32) Custom Sidebar Blocks 2.1.1.zip
2016-12-01 21:55 - 2016-12-01 21:55 - 00131331 _____ C:\Users\Miguel\Downloads\server_list_TestScript.rar
2016-12-01 16:16 - 2016-12-01 16:16 - 01759307 _____ C:\Users\Miguel\Downloads\1421429338036228_IPBSlider 1.01.zip
2016-12-01 16:08 - 2016-12-01 16:08 - 00734041 _____ C:\Users\Miguel\Downloads\Promenu_Plus-3.2.1.zip
2016-12-01 16:08 - 2016-12-01 16:08 - 00199817 _____ C:\Users\Miguel\Downloads\promenu-plus-extra.zip
2016-12-01 01:40 - 2016-12-01 01:40 - 00009468 _____ C:\Users\Miguel\Downloads\cookiebar100.zip
2016-11-30 23:32 - 2016-11-30 23:32 - 00000000 ____D C:\Users\Miguel\Desktop\Haze IPS v1.0.8 Nulled by DaBeast
2016-11-30 23:27 - 2016-11-30 23:27 - 00000000 ____D C:\Users\Miguel\Desktop\OrtemSkin
2016-11-30 22:40 - 2016-11-30 22:40 - 00941087 _____ C:\Users\Miguel\Downloads\[Retail] Ortem.zip
2016-11-30 21:43 - 2016-11-30 21:43 - 02674374 _____ C:\Users\Miguel\Downloads\Aperture_xenfocus_1.4.x.zip
2016-11-29 23:31 - 2016-11-29 23:31 - 00000548 _____ C:\Users\Miguel\Desktop\SinusBot 0.9.15.lnk
2016-11-29 23:30 - 2016-11-29 23:30 - 21139744 _____ (Michael Friese) C:\Users\Miguel\Downloads\sinusbot-0.9.15.exe
2016-11-28 23:12 - 2016-11-28 23:12 - 00795568 _____ C:\Users\Miguel\Downloads\R2G - RED - by FratziWear.rar
2016-11-28 20:24 - 2016-11-24 19:22 - 00134712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-11-28 20:24 - 2016-09-09 18:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-11-28 20:24 - 2016-09-09 18:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll
2016-11-28 20:24 - 2016-09-09 18:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-11-28 20:24 - 2016-09-09 18:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe
2016-11-28 20:22 - 2016-11-24 20:54 - 40123840 _____ C:\Windows\system32\nvcompiler.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 35224632 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 34701760 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 28139576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 17440928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 14057528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-11-28 20:22 - 2016-11-24 20:54 - 10912744 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 10795312 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 10346208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 09151216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 08913512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 08754344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 03643840 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 03206592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 01951680 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437609.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437609.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 01036736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00974272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00945208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00895424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00683640 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00572888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00521096 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00439864 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00435904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00407248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00390200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00170872 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00153368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00148200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00131720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-11-28 20:18 - 2016-11-17 13:45 - 00101824 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-11-28 20:18 - 2016-11-17 13:45 - 00091584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-11-28 20:18 - 2016-11-17 13:45 - 00046016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-11-24 08:06 - 2016-11-02 15:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-24 08:06 - 2016-11-02 15:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-11-24 08:06 - 2016-11-02 15:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-24 08:06 - 2016-11-02 15:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-11-24 08:06 - 2016-11-02 15:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-11-24 08:06 - 2016-11-02 15:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-24 08:06 - 2016-11-02 15:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-11-24 08:06 - 2016-11-02 15:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-11-24 08:06 - 2016-11-02 15:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-11-24 08:06 - 2016-11-02 14:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-24 08:06 - 2016-10-28 03:59 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-24 08:06 - 2016-10-28 03:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-24 08:06 - 2016-10-27 19:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-11-24 08:06 - 2016-10-27 19:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-11-24 08:06 - 2016-10-27 18:55 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-11-24 08:06 - 2016-10-27 18:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-11-24 08:06 - 2016-10-27 18:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-11-24 08:06 - 2016-10-27 18:53 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-24 08:06 - 2016-10-27 18:53 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-11-24 08:06 - 2016-10-27 18:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-24 08:06 - 2016-10-27 18:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-11-24 08:06 - 2016-10-27 18:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-11-24 08:06 - 2016-10-27 18:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-11-24 08:06 - 2016-10-27 18:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-24 08:06 - 2016-10-27 18:37 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-11-24 08:06 - 2016-10-27 18:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-11-24 08:06 - 2016-10-27 18:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-11-24 08:06 - 2016-10-27 18:28 - 25763328 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-24 08:06 - 2016-10-27 18:28 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-24 08:06 - 2016-10-27 18:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-11-24 08:06 - 2016-10-27 18:19 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-24 08:06 - 2016-10-27 18:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-24 08:06 - 2016-10-27 18:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-11-24 08:06 - 2016-10-27 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-11-24 08:06 - 2016-10-27 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-24 08:06 - 2016-10-27 18:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-24 08:06 - 2016-10-27 18:02 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-11-24 08:06 - 2016-10-27 17:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-24 08:06 - 2016-10-27 17:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-24 08:06 - 2016-10-27 17:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-24 08:06 - 2016-10-27 17:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-24 08:06 - 2016-10-27 17:44 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-11-24 08:06 - 2016-10-27 17:17 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-24 08:06 - 2016-10-27 17:16 - 02920448 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-24 08:06 - 2016-10-27 17:03 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-24 08:06 - 2016-10-27 16:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-24 08:06 - 2016-10-27 15:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-24 08:06 - 2016-10-25 15:02 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-24 08:06 - 2016-10-22 17:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-11-24 08:06 - 2016-10-22 17:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-11-24 08:06 - 2016-10-22 17:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-11-24 08:06 - 2016-10-22 17:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-24 08:06 - 2016-10-22 17:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-11-24 08:06 - 2016-10-22 17:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-24 08:06 - 2016-10-22 17:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-24 08:06 - 2016-10-22 17:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-11-24 08:06 - 2016-10-22 17:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-11-24 08:06 - 2016-10-22 17:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-11-24 08:06 - 2016-10-22 17:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-24 08:06 - 2016-10-22 17:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-11-24 08:06 - 2016-10-22 17:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-11-24 08:06 - 2016-10-22 17:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-11-24 08:06 - 2016-10-22 17:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-11-24 08:06 - 2016-10-22 17:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-11-24 08:06 - 2016-10-22 16:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-11-24 08:06 - 2016-10-22 16:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-24 08:06 - 2016-10-22 16:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-24 08:06 - 2016-10-22 16:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-11-24 08:06 - 2016-10-22 16:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-24 08:06 - 2016-10-22 16:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-24 08:06 - 2016-10-22 16:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-24 08:06 - 2016-10-22 16:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-24 08:06 - 2016-10-22 16:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-11-24 08:06 - 2016-10-22 16:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-24 08:06 - 2016-10-22 16:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-24 08:06 - 2016-10-22 16:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-24 08:06 - 2016-10-22 16:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-24 08:06 - 2016-10-15 15:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-24 08:06 - 2016-10-15 15:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-24 08:06 - 2016-10-15 15:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-24 08:06 - 2016-10-15 15:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-11-24 08:06 - 2016-10-11 15:37 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-11-24 08:06 - 2016-10-11 15:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-11-24 08:06 - 2016-10-11 15:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-24 08:06 - 2016-10-11 15:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-11-24 08:06 - 2016-10-11 15:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-11-24 08:06 - 2016-10-11 15:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-24 08:06 - 2016-10-11 15:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-11-24 08:06 - 2016-10-11 15:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-11-24 08:06 - 2016-10-11 15:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-11-24 08:06 - 2016-10-11 15:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-11-24 08:06 - 2016-10-11 15:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-11-24 08:06 - 2016-10-11 15:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-11-24 08:06 - 2016-10-11 15:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-11-24 08:06 - 2016-10-11 15:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-11-24 08:06 - 2016-10-11 15:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-24 08:06 - 2016-10-11 15:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-11-24 08:06 - 2016-10-11 15:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-11-24 08:06 - 2016-10-11 15:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-24 08:06 - 2016-10-11 15:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-11-24 08:06 - 2016-10-11 15:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-11-24 08:06 - 2016-10-11 15:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-11-24 08:06 - 2016-10-11 15:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-11-24 08:06 - 2016-10-11 15:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-11-24 08:06 - 2016-10-11 15:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-11-24 08:06 - 2016-10-11 15:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-11-24 08:06 - 2016-10-11 13:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-24 08:06 - 2016-10-11 13:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-24 08:06 - 2016-10-10 15:38 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-24 08:06 - 2016-10-10 15:38 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-24 08:06 - 2016-10-10 15:34 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-24 08:06 - 2016-10-10 15:34 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-24 08:06 - 2016-10-10 15:34 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-24 08:06 - 2016-10-10 15:34 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-24 08:06 - 2016-10-10 15:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-24 08:06 - 2016-10-10 14:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-24 08:06 - 2016-10-10 14:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-24 08:06 - 2016-10-10 14:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-24 08:06 - 2016-10-10 14:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-24 08:06 - 2016-10-10 14:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-24 08:06 - 2016-10-10 14:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-24 08:06 - 2016-10-07 15:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-24 08:06 - 2016-10-07 15:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-24 08:06 - 2016-10-07 15:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-24 08:06 - 2016-10-07 15:35 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:18 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-24 08:06 - 2016-10-07 15:18 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-24 08:06 - 2016-10-07 15:15 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:04 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-24 08:06 - 2016-10-07 15:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-24 08:06 - 2016-10-07 15:04 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-24 08:06 - 2016-10-07 15:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-24 08:06 - 2016-10-07 15:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-24 08:06 - 2016-10-07 14:56 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-24 08:06 - 2016-10-07 14:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-24 08:06 - 2016-10-07 14:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-24 08:06 - 2016-10-07 14:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-24 08:06 - 2016-10-07 14:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-24 08:06 - 2016-10-07 14:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 14:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 14:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 14:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-24 08:06 - 2016-10-05 14:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-24 08:06 - 2016-09-15 14:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-11-24 08:06 - 2016-09-13 15:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-11-24 08:06 - 2016-09-13 15:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-11-24 08:06 - 2016-09-09 18:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-11-24 08:06 - 2016-09-09 18:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-11-24 08:06 - 2016-08-22 16:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-11-23 22:19 - 2016-11-23 22:19 - 01412032 _____ C:\Users\Miguel\Downloads\idle_master.zip
2016-11-23 22:19 - 2016-11-23 22:19 - 00000000 ____D C:\Users\Miguel\Desktop\idle
2016-11-23 22:19 - 2016-11-23 22:19 - 00000000 ____D C:\Users\Miguel\AppData\Local\IdleMaster
2016-11-22 20:22 - 2016-11-22 20:22 - 00000000 ____D C:\Users\Miguel\AppData\Local\TeamViewer
2016-11-22 20:14 - 2016-12-13 10:44 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-11-22 20:14 - 2016-11-22 22:34 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-11-22 20:14 - 2016-11-22 22:34 - 00000959 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-11-22 00:26 - 2016-11-22 00:26 - 01513867 _____ C:\Users\Miguel\Downloads\94629.webm
2016-11-22 00:26 - 2016-11-22 00:26 - 01513867 _____ C:\Users\Miguel\Downloads\94629 (1).webm
2016-11-21 20:53 - 2016-12-11 19:18 - 00000000 ____D C:\Users\Miguel\AppData\Roaming\steelseries-engine-3-client
2016-11-21 20:53 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-11-21 20:53 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-11-21 20:53 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-11-21 20:53 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-11-21 20:52 - 2016-11-21 20:52 - 80335280 _____ C:\Users\Miguel\Downloads\SteelSeriesEngine3.9.2Setup.exe
2016-11-20 20:05 - 2016-11-20 20:05 - 00080594 _____ C:\Users\Miguel\Desktop\Imprimir Encomenda # 100009406 - PCDIGA.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-18 19:50 - 2016-06-09 18:47 - 00000000 ____D C:\Users\Miguel\AppData\Roaming\TS3Client
2016-12-18 19:47 - 2016-06-09 18:49 - 00000000 ____D C:\Program Files\Steam
2016-12-18 19:46 - 2016-08-26 13:18 - 00000000 ___RD C:\Users\Miguel\iCloudDrive
2016-12-18 19:46 - 2016-06-09 18:59 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-18 19:46 - 2016-06-09 18:43 - 00001004 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-18 19:45 - 2016-06-21 20:54 - 00002756 _____ C:\Windows\System32\Tasks\AutoKMSDaily
2016-12-18 19:45 - 2016-06-21 20:54 - 00000218 _____ C:\Windows\Tasks\AutoKMSDaily.job
2016-12-18 19:45 - 2016-06-21 20:54 - 00000218 _____ C:\Windows\Tasks\AutoKMS.job
2016-12-18 19:44 - 2016-09-25 20:43 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2016-12-18 19:44 - 2016-06-21 20:54 - 00077824 _____ C:\Windows\KMSEmulator.exe
2016-12-18 19:44 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-16 19:00 - 2016-06-09 18:43 - 00001008 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-16 18:41 - 2009-07-14 04:45 - 00019904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-16 18:41 - 2009-07-14 04:45 - 00019904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-16 18:39 - 2009-08-15 17:10 - 00724022 _____ C:\Windows\system32\prfh0816.dat
2016-12-16 18:39 - 2009-08-15 17:10 - 00153624 _____ C:\Windows\system32\prfc0816.dat
2016-12-16 18:39 - 2009-07-14 05:13 - 01664484 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-16 18:39 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\inf
2016-12-16 01:10 - 2016-08-25 00:10 - 00000000 ____D C:\Users\Miguel\AppData\Local\Battle.net
2016-12-15 21:22 - 2016-06-09 18:43 - 00002229 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-15 21:22 - 2016-06-09 18:43 - 00002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-13 23:26 - 2016-09-20 20:12 - 00000416 _____ C:\Users\Miguel\Documents\ClownfishForTeamspeak.ini
2016-12-13 10:53 - 2016-06-09 18:50 - 00000000 ____D C:\Users\Miguel\AppData\Local\Steam
2016-12-08 17:00 - 2016-06-11 17:44 - 00000000 ____D C:\Users\Miguel\AppData\Local\CrashDumps
2016-12-08 12:50 - 2016-09-14 16:45 - 00000670 _____ C:\Users\Miguel\Desktop\Uplay.lnk
2016-12-08 04:52 - 2016-10-01 19:32 - 00000000 ____D C:\Users\Miguel\AppData\Local\PrivateTunnel
2016-12-08 04:52 - 2016-06-21 20:54 - 00000000 ____D C:\Windows\AutoKMS
2016-12-08 04:52 - 2016-06-21 20:29 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-12-08 04:52 - 2016-06-18 23:23 - 00000000 ____D C:\Users\Miguel\AppData\Roaming\vlc
2016-12-08 04:52 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\registration
2016-12-08 02:22 - 2016-06-09 18:39 - 00000000 ____D C:\Users\Miguel
2016-12-07 23:04 - 2016-09-14 16:45 - 00000000 ____D C:\Users\Miguel\AppData\Local\Ubisoft Game Launcher
2016-12-07 22:51 - 2009-07-14 05:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-12-07 22:48 - 2016-08-25 00:10 - 00000000 ____D C:\Users\Miguel\AppData\Roaming\Battle.net
2016-12-07 22:48 - 2016-08-07 18:54 - 00000000 ____D C:\ProgramData\Battle.net
2016-12-07 22:47 - 2009-07-14 07:46 - 00000000 ____D C:\Windows\ShellNew
2016-12-07 21:49 - 2016-06-09 18:47 - 00000794 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2016-12-06 23:57 - 2016-11-03 21:25 - 01804680 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2016-12-05 00:23 - 2016-06-28 19:39 - 00000000 ____D C:\Users\Miguel\AppData\Roaming\FileZilla
2016-12-02 20:40 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\rescache
2016-12-02 19:20 - 2016-11-07 21:42 - 00000000 ____D C:\Users\Miguel\AppData\Roaming\discord
2016-12-02 19:00 - 2009-07-14 04:45 - 00439408 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-02 00:55 - 2016-06-09 19:23 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-12-02 00:55 - 2016-06-09 19:23 - 00001912 _____ C:\Windows\epplauncher.mif
2016-12-02 00:55 - 2016-06-09 19:23 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-12-02 00:55 - 2016-06-09 19:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-12-01 01:43 - 2016-06-30 12:00 - 00000000 ____D C:\Users\Miguel\Desktop\Halcyon-WoW
2016-11-28 20:25 - 2016-09-15 18:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-11-28 20:25 - 2016-06-09 18:45 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-11-28 20:24 - 2016-07-28 19:55 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-11-28 20:18 - 2016-09-22 14:22 - 00003598 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-28 20:18 - 2016-09-15 18:55 - 00003836 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-28 20:18 - 2016-09-15 18:55 - 00003836 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-28 20:18 - 2016-09-15 18:55 - 00003786 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-28 20:18 - 2016-09-15 18:55 - 00003774 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-28 20:18 - 2016-09-15 18:55 - 00003538 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-28 20:18 - 2016-09-15 18:55 - 00001416 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-11-28 20:18 - 2016-06-09 18:45 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-11-28 20:18 - 2016-06-09 18:45 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-11-27 22:05 - 2016-06-09 19:28 - 00000000 ____D C:\Users\Miguel\AppData\Roaming\Skype
2016-11-27 20:44 - 2016-06-09 19:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-27 20:44 - 2016-06-09 19:22 - 00000000 ____D C:\ProgramData\Skype
2016-11-24 20:54 - 2016-10-25 18:16 - 00491536 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-11-24 20:54 - 2016-06-09 18:57 - 19948848 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-11-24 20:54 - 2016-06-09 18:57 - 17373312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-11-24 20:54 - 2016-06-09 18:57 - 14410120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-11-24 20:54 - 2016-06-09 18:57 - 03941720 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-11-24 20:54 - 2016-06-09 18:57 - 03479744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-11-24 20:54 - 2016-06-09 18:57 - 00041344 _____ C:\Windows\system32\nvinfo.pb
2016-11-24 19:39 - 2016-09-15 18:55 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2016-11-24 19:39 - 2016-06-09 18:58 - 06384576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-11-24 19:39 - 2016-06-09 18:58 - 02477624 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-11-24 19:39 - 2016-06-09 18:58 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-11-24 19:39 - 2016-06-09 18:58 - 00546752 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-11-24 19:39 - 2016-06-09 18:58 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-11-24 19:39 - 2016-06-09 18:58 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-11-24 19:39 - 2016-06-09 18:58 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-11-24 10:49 - 2016-06-12 19:11 - 00000000 ____D C:\Windows\system32\MRT
2016-11-24 10:47 - 2016-06-12 19:11 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-23 12:58 - 2016-06-09 18:58 - 07538847 _____ C:\Windows\system32\nvcoproc.bin
2016-11-22 23:59 - 2016-06-09 18:43 - 00111936 _____ C:\Users\Miguel\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-22 20:18 - 2016-07-01 10:24 - 00000000 ____D C:\Users\Miguel\AppData\Roaming\TeamViewer
2016-11-21 20:52 - 2016-06-09 19:54 - 00000000 ____D C:\Program Files\SteelSeries
2016-11-21 00:54 - 2016-10-01 19:29 - 00001888 _____ C:\Users\Miguel\Desktop\awaken.txt
2016-11-21 00:05 - 2016-06-28 11:01 - 00000600 _____ C:\Users\Miguel\AppData\Local\PUTTY.RND

==================== Files in the root of some directories =======

2016-06-20 16:11 - 2016-06-20 16:11 - 6867968 _____ () C:\Users\Miguel\AppData\Roaming\agent.dat
2016-06-20 16:11 - 2016-06-20 16:11 - 0128512 _____ () C:\Users\Miguel\AppData\Roaming\Installer.dat
2016-06-20 16:11 - 2016-06-20 16:11 - 0018432 _____ () C:\Users\Miguel\AppData\Roaming\Main.dat
2016-06-28 11:01 - 2016-11-21 00:05 - 0000600 _____ () C:\Users\Miguel\AppData\Local\PUTTY.RND
2016-08-24 11:47 - 2016-08-24 11:47 - 0000017 _____ () C:\Users\Miguel\AppData\Local\resmon.resmoncfg
2016-06-09 18:50 - 2016-06-09 18:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Miguel\AppData\Local\Temp\ChangeIcon.exe
C:\Users\Miguel\AppData\Local\Temp\CheckLang.dll
C:\Users\Miguel\AppData\Local\Temp\CtRunApp.dll
C:\Users\Miguel\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\Miguel\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Miguel\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Miguel\AppData\Local\Temp\nvStInst.exe
C:\Users\Miguel\AppData\Local\Temp\utils.dll
C:\Users\Miguel\AppData\Local\Temp\x2blapi.dll
C:\Users\Miguel\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe
[2016-06-16 15:34] - [2011-01-16 00:01] - 0389632 ____A (Microsoft Corporation) 81257415084B84F3C0D95C381A8D4C8F

C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2016-09-14 11:35] - [2011-01-16 00:01] - 1008640 ____A (Microsoft Corporation) 0B864E15A0BADFF0E7BB8B59009FDDCF

C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-07 01:57

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2016
Ran by Miguel (18-12-2016 19:50:41)
Running from C:\Users\Miguel\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2016-06-09 18:39:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1752991229-1062164544-2561520819-500 - Administrator - Disabled)
Convidado (S-1-5-21-1752991229-1062164544-2561520819-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1752991229-1062164544-2561520819-1002 - Limited - Enabled)
Miguel (S-1-5-21-1752991229-1062164544-2561520819-1000 - Administrator - Enabled) => C:\Users\Miguel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1752991229-1062164544-2561520819-1000\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.)
Actualizações da NVIDIA 2.13.0.21 (Version: 2.13.0.21 - NVIDIA Corporation) Hidden
Ansel (Version: 376.09 - NVIDIA Corporation) Hidden
AnyTrans 4.4.1 (HKLM-x32\...\{E580ED1F-AAF8-4F7E-B174-54BFA2B94E0B}}_is1) (Version: 4.4.1 - iMobie Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Axxa's World of Warcraft Logo Creator v1.2 (HKLM-x32\...\Axxa's World of Warcraft Logo Creator v1.2) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Chivalry: Medieval Warfare (HKLM\...\Steam App 219640) (Version: - Torn Banner Studios)
Creative WebCam Vista/Live! Cam Chat (VF0330) Driver (1.12.01.00) (HKLM\...\Creative VF0330) (Version: - )
Curse (HKLM-x32\...\{75B8ADD1-7E4D-4A31-B201-54776BCCC486}) (Version: 6.0.0.0 - Curse)
CutePDF Writer 3.1 (HKLM\...\CutePDF Writer Installation) (Version: 3.1 - Acro Software Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DiRT 3 Complete Edition (HKLM\...\Steam App 321040) (Version: - Codemasters Racing Studio)
Discord (HKU\S-1-5-21-1752991229-1062164544-2561520819-1000\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
DriverPack Notifier (HKLM-x32\...\DriverPack Notifier) (Version: 2.0.3 - DriverPack Solution)
ESEA Client (HKU\S-1-5-21-1752991229-1062164544-2561520819-1000\...\ESEA) (Version: 5.0.0.0 - E-Sports Entertainment LLC)
ESL Wire 1.19.0 (HKLM\...\ESL Wire_is1) (Version: - Turtle Entertainment GmbH)
FileZilla Client 3.22.2.2 (HKLM-x32\...\FileZilla Client) (Version: 3.22.2.2 - Tim Kosse)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.6.321 - Foxit Software Inc.)
Galeria de Fotografias (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Gyazo 3.2.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
iCloud (HKLM\...\{724A887F-2B55-4306-B6F9-8F0E7A04B1B5}) (Version: 5.2.2.87 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
InputMapper (HKLM-x32\...\{1A44056A-C7D8-4561-BC43-A0AA7D7AAA64}) (Version: 1.5.31.0 - DSDCS)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 21.0 - Intel)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Português) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2070) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - pt-pt (HKLM\...\O365ProPlusRetail - pt-pt) (Version: 16.0.7466.2038 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1752991229-1062164544-2561520819-1000\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 49.0.1 (x86 pt-PT) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 pt-PT)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1 - Mozilla)
MySQL Connector Net 6.9.8 (HKLM-x32\...\{D01DF7C8-6F2D-46BC-923B-418233EB1D14}) (Version: 6.9.8 - Oracle)
MySQL Workbench 6.3 CE (HKLM\...\{0D901124-B910-4985-9D4F-AC5C2FEF7493}) (Version: 6.3.7 - Oracle Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA Controlador 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Controlador gráfico 376.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA O controlador de 3D Vision 376.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.09 - NVIDIA Corporation)
NVIDIA O controlador de HD Audio 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA O software do sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7426.1015 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.12.1.43352 - Electronic Arts, Inc.)
Painel de controlo da NVIDIA 376.09 (Version: 376.09 - NVIDIA Corporation) Hidden
PrivateTunnel (HKLM-x32\...\PrivateTunnel) (Version: 2.7.0.10 - OpenVPN Technologies)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7878 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1752991229-1062164544-2561520819-1000\...\Spotify) (Version: 1.0.33.106.g60b5d1f0 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.9.4 (HKLM\...\SteelSeries Engine 3) (Version: 3.9.4 - SteelSeries ApS)
Stremio (HKU\S-1-5-21-1752991229-1062164544-2561520819-1000\...\Stremio) (Version: 3.6.5 - Smart Code Ltd.)
Suporte para Aplicações Apple (32-bits) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Suporte para Aplicações Apple (64-bits) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-1752991229-1062164544-2561520819-1000\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
Uplay (HKLM-x32\...\Uplay) (Version: 22.2 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows Driver Package - Microsoft (xusb21) XnaComposite (08/13/2009 2.1.0.1349) (HKLM\...\0AEBEF6F936CFE16E003F7E141631FAB754D9816) (Version: 08/13/2009 2.1.0.1349 - Microsoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.24-1 - Bitnami)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1752991229-1062164544-2561520819-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Miguel\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08C2459B-CDC3-4512-84D4-6F9B0A7E5BB2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-09] (Google Inc.)
Task: {1B9928FC-DF52-4872-A0A8-AC8330FF713A} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS\AutoKMS.exe [2016-06-21] ()
Task: {20E43959-2405-4935-8460-9625CBB6098B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {24BFAAD1-8B7D-452D-A6BD-266FFABEFF53} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation)
Task: {2864F9C6-0CE7-42BE-9602-85AC4218E07B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation)
Task: {3388C5CC-572C-4719-AB41-EC3F0D8E25FD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-11-17] (NVIDIA Corporation)
Task: {377B1666-9F2C-483E-8821-81A6DD1A89AA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {3FB3ADB1-C72B-44A5-8E7F-7162FC360BB7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {4682F581-30BE-4048-B7D4-403371D73D6E} - System32\Tasks\DriverPack Notifier => C:\Program Files (x86)\DriverPack Notifier\DriverPackNotifier.exe [2015-12-18] ()
Task: {4B8780A0-59BC-458C-AEBD-89D63EC8226C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-11-02] (Microsoft Corporation)
Task: {4F220CC3-D217-45B2-837A-9516A6EEC63B} - System32\Tasks\CMEClient => C:\Program Files (x86)\ChallengeMe.GG Client\ChallengeMeClient.exe
Task: {531DD981-E891-4ED8-BD38-031214049CC4} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-06-02] ()
Task: {5692483F-99A7-4F0C-9CF0-15033023E91D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-11-17] (NVIDIA Corporation)
Task: {5F54A6D1-B73D-4ABF-BA97-EDAB48003F4C} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {81F15B9E-0CFE-4E12-8542-E774FDC90E99} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {9F1D432E-259C-4C86-8291-13732CB1DF12} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-11-02] (Microsoft Corporation)
Task: {A114BCD3-5DEF-455A-857F-2F752B22B9AB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-09] (Google Inc.)
Task: {B9D769AE-E42C-4A8D-A3AE-D49AA0135266} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2016-06-21] ()
Task: {BCBF305A-5E77-4CA6-9B86-E63DB554BED2} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {C5EF1CDC-9966-4C94-9BE4-8C4CCFBB9AAF} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\WatTask => C:\Windows Activation Technologies\wat.exe [2006-04-21] ()
Task: {C9EEF9EE-0915-40B3-8CD5-AD586A4CAD98} - System32\Tasks\Jatosydinodom Launcher => C:\Program Files (x86)\Jatosydinodom\JtsLnctes.exe
Task: {D722730F-B0B4-458B-A3CB-C794FDF1DA49} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-06-02] ()
Task: {E165B4F1-FDBF-4B34-9682-287026A2169F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-11-02] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Miguel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->
ShortcutWithArgument: C:\Users\Miguel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->

==================== Loaded Modules (Whitelisted) ==============

2016-06-09 19:22 - 2016-01-22 15:57 - 00089008 _____ () C:\Windows\System32\cpwmon64.dll
2016-07-05 14:23 - 2016-07-05 14:23 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 14:23 - 2016-07-05 14:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-06-17 11:58 - 2016-04-12 13:39 - 00663056 _____ () C:\Program Files\EslWire\service\WireHelperSvc.exe
2016-06-17 11:58 - 2016-04-14 09:38 - 00214016 _____ () C:\Program Files\EslWire\service\NocIPC64.dll
2016-09-15 18:55 - 2016-11-17 13:45 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-15 18:55 - 2016-11-17 13:45 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-15 18:55 - 2016-11-17 13:45 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-08-29 17:31 - 2016-08-29 17:31 - 00949480 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe
2016-06-09 18:58 - 2016-11-24 19:39 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-16 23:24 - 2016-10-16 23:24 - 00959168 _____ () C:\Users\Miguel\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2016-11-01 18:10 - 2016-11-01 18:10 - 00052400 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2016-04-25 13:12 - 2016-07-28 11:17 - 00174872 _____ () F:\Teamspeak3\quazip.dll
2016-04-25 13:12 - 2016-07-28 11:17 - 00103192 _____ () F:\Teamspeak3\soundbackends\directsound_win64.dll
2016-04-25 13:12 - 2016-07-28 11:17 - 00107800 _____ () F:\Teamspeak3\soundbackends\windowsaudiosession_win64.dll
2016-09-20 20:11 - 2016-09-20 20:10 - 00263680 _____ () F:\Teamspeak3\plugins\ClownfishForTeamspeak_win64.dll
2016-04-25 13:13 - 2016-07-28 11:17 - 00312088 _____ () F:\Teamspeak3\plugins\clientquery_plugin.dll
2016-04-25 13:13 - 2016-07-28 11:17 - 00485656 _____ () F:\Teamspeak3\plugins\teamspeak_control_plugin.dll
2016-12-13 10:59 - 2016-12-13 10:59 - 31164504 _____ () C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.186\pepflashplayer.dll
2016-09-15 18:55 - 2016-11-17 13:45 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-15 18:55 - 2016-11-17 13:45 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-15 18:55 - 2016-11-17 13:45 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-07-05 14:23 - 2016-07-05 14:23 - 01041208 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-07-05 14:24 - 2016-07-05 14:24 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 14:23 - 2016-07-05 14:23 - 00244536 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-10-16 23:24 - 2016-10-16 23:24 - 00679624 _____ () C:\Users\Miguel\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-09-15 18:55 - 2016-11-17 13:44 - 60817344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-09-15 18:55 - 2016-11-17 10:20 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-15 18:55 - 2016-11-17 10:20 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-15 18:55 - 2016-11-17 10:20 - 02809912 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-15 18:55 - 2016-11-17 10:20 - 00245184 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-15 18:55 - 2016-11-17 10:20 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-15 18:55 - 2016-11-17 10:20 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-15 18:55 - 2016-11-17 10:20 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-06-09 18:49 - 2016-12-08 15:13 - 00656160 _____ () C:\Program Files\Steam\SDL2.dll
2016-06-09 18:49 - 2016-09-01 01:02 - 04969248 _____ () C:\Program Files\Steam\v8.dll
2016-06-09 18:49 - 2016-09-01 01:02 - 01563936 _____ () C:\Program Files\Steam\icui18n.dll
2016-06-09 18:49 - 2016-09-01 01:02 - 01195296 _____ () C:\Program Files\Steam\icuuc.dll
2016-06-09 18:49 - 2016-12-09 20:48 - 02322720 _____ () C:\Program Files\Steam\video.dll
2016-06-09 18:49 - 2016-01-27 07:49 - 02549760 _____ () C:\Program Files\Steam\libavcodec-56.dll
2016-06-09 18:49 - 2016-01-27 07:49 - 00442880 _____ () C:\Program Files\Steam\libavutil-54.dll
2016-06-09 18:49 - 2016-01-27 07:49 - 00491008 _____ () C:\Program Files\Steam\libavformat-56.dll
2016-06-09 18:49 - 2016-01-27 07:49 - 00332800 _____ () C:\Program Files\Steam\libavresample-2.dll
2016-06-09 18:49 - 2016-01-27 07:49 - 00485888 _____ () C:\Program Files\Steam\libswscale-3.dll
2016-06-09 18:49 - 2016-12-09 20:48 - 00838432 _____ () C:\Program Files\Steam\bin\chromehtml.DLL
2016-06-09 18:49 - 2016-07-04 22:17 - 00266560 _____ () C:\Program Files\Steam\openvr_api.dll
2016-12-13 10:53 - 2016-12-05 16:21 - 67304736 _____ () C:\Program Files\Steam\bin\cef\cef.win7\libcef.dll
2016-06-09 18:49 - 2015-09-24 23:52 - 00119208 _____ () C:\Program Files\Steam\winh264.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:34 - 2016-06-20 16:12 - 00001006 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1752991229-1062164544-2561520819-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Miguel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: ADSkipSvc => 2
MSCONFIG\Services: backlh => 2
MSCONFIG\Services: CloudPrinter => 2
MSCONFIG\Services: cofutyjizbt => 2
MSCONFIG\Services: dowidoly => 2
MSCONFIG\Services: JtsLncs => 2
MSCONFIG\Services: ProntSpooler => 2
MSCONFIG\Services: rijufoze => 2
MSCONFIG\Services: zigipyro => 2
MSCONFIG\startupfolder: C:^Users^Miguel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => C:\Windows\pss\Curse.lnk.Startup
MSCONFIG\startupreg: apphide => C:\Program Files (x86)\badu\uc.exe
MSCONFIG\startupreg: apphide2 => C:\Program Files (x86)\badu\uc.exe
MSCONFIG\startupreg: Discord => C:\Users\Miguel\AppData\Local\Discord\app-0.0.296\Discord.exe
MSCONFIG\startupreg: gplyra => C:\Users\Miguel\AppData\Roaming\gplyra\gplyra\start.cmd
MSCONFIG\startupreg: iTunesHelper => "F:\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: msiql => C:\Users\Miguel\AppData\Roaming\UPUpdata\msiql.exe /RUNNING
MSCONFIG\startupreg: QGuan10in1 => C:\Users\Miguel\AppData\Roaming\UPUpdata\service72564.exe /autorun
MSCONFIG\startupreg: QGuan10in12 => C:\Users\Miguel\AppData\Roaming\UPUpdata\service90132.exe /autorun
MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Miguel\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Miguel\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\steam.exe" -silent
MSCONFIG\startupreg: svchost0 => C:\Program Files (x86)\UCBrowser\Application\UUC0789.exe
MSCONFIG\startupreg: WINCOMU76 => "C:\Program Files (x86)\mpck\wincom_U76.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{210588CC-FC46-438A-BB60-7E8D7C6D77D1}] => E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{195958C6-4BE8-4273-B804-9D6B80DD19BD}] => E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{33739146-7E13-48AC-A683-5164466AFF97}] => E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{42016376-C5AB-4BDA-AE38-803DE4D1C96A}] => E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A805B68B-66F2-4CFA-9AD2-7B20E8E8F74F}] => C:\Program Files\Steam\Steam.exe
FirewallRules: [{358E8B43-EB38-4A64-88D1-7F9D247680C4}] => C:\Program Files\Steam\Steam.exe
FirewallRules: [{7320D306-DC12-41B9-8E1E-D6BDC686B65D}] => C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{27FCF53D-32DE-4F13-AEC4-7025D90AC35D}] => C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{D3D5422D-621C-495B-A1B4-CF5A894FFFD2}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{CA5FC064-4667-4B37-8C7C-465E214CFF93}E:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => E:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{29383BEC-8C77-4CE6-83EA-04C1AC21DED1}E:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => E:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{6CDE6303-7839-4DED-8FD2-0E046E61B7B1}F:\jogos\thenewz\thenewz.exe] => F:\jogos\thenewz\thenewz.exe
FirewallRules: [UDP Query User{55A67FA4-372B-4C4A-8D67-B779ED7FE178}F:\jogos\thenewz\thenewz.exe] => F:\jogos\thenewz\thenewz.exe
FirewallRules: [TCP Query User{7ED2A093-4845-4787-819F-9DA405B61795}C:\users\miguel\appdata\roaming\spotify\spotify.exe] => C:\users\miguel\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{010D5639-0795-41AA-88B2-3C7B1AEA30AD}C:\users\miguel\appdata\roaming\spotify\spotify.exe] => C:\users\miguel\appdata\roaming\spotify\spotify.exe
FirewallRules: [{B0379AAC-556F-4387-A6DE-A02FC5BD6D16}] => E:\Program Files (x86)\Steam\SteamApps\common\EasyAntiCheat\EasyAntiCheat.exe
FirewallRules: [{9ED91B31-29A8-4B9D-8CCE-0AFACB7CCC86}] => E:\Program Files (x86)\Steam\SteamApps\common\EasyAntiCheat\EasyAntiCheat.exe
FirewallRules: [TCP Query User{39745E36-3AB0-47E0-BBA2-F00F6CA0D84D}H:\miguel\pap\usbwebserver v8_en\mysql\bin\mysqld_usbwv8.exe] => H:\miguel\pap\usbwebserver v8_en\mysql\bin\mysqld_usbwv8.exe
FirewallRules: [UDP Query User{F506C96C-F9FE-4CD4-BF94-D4347A167020}H:\miguel\pap\usbwebserver v8_en\mysql\bin\mysqld_usbwv8.exe] => H:\miguel\pap\usbwebserver v8_en\mysql\bin\mysqld_usbwv8.exe
FirewallRules: [TCP Query User{F694CDC6-64BE-4D2F-A450-62321E8088A0}H:\miguel\pap\usbwebserver v8_en\apache\bin\httpd_usbwv8.exe] => H:\miguel\pap\usbwebserver v8_en\apache\bin\httpd_usbwv8.exe
FirewallRules: [UDP Query User{CB27932D-1047-4548-904C-711AC6F43F21}H:\miguel\pap\usbwebserver v8_en\apache\bin\httpd_usbwv8.exe] => H:\miguel\pap\usbwebserver v8_en\apache\bin\httpd_usbwv8.exe
FirewallRules: [{9F9077EF-23A0-4AED-9818-32A6A19A56EE}] => C:\Program Files\EslWire\wire.exe
FirewallRules: [{65B4FE45-DF85-480B-A0C3-9700C0BA9247}] => C:\Program Files\EslWire\wire.exe
FirewallRules: [{BAE2D30B-71CC-4A42-BB93-507B4A1541F0}] => C:\Users\Miguel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C123FFAA-AFEE-4CEF-A30A-57B22EFEFA31}] => C:\Users\Miguel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1188F2F0-E754-472B-A335-152BE74A4465}] => C:\Users\Miguel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E17EF95D-C8F1-488A-9936-1966915DD536}] => C:\Users\Miguel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{186B4C0A-6572-4B00-B088-5763CBCBDDDE}] => C:\Users\Miguel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{48A0D32D-85D3-4DB9-B1BE-CA83FBA85015}] => C:\Users\Miguel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3335D011-9EA2-450A-86B7-2823F974E385}] => C:\Program Files (x86)\ADSKIP\ADSkip.exe
FirewallRules: [{F2FC2C98-7007-43AD-A069-36F99B08DAD5}] => C:\Program Files (x86)\ADSKIP\ADSkipSvc.exe
FirewallRules: [{600A9A33-2E72-40FE-B426-BD49BCC314C6}] => C:\Program Files (x86)\ADSKIP\ADSkip.exe
FirewallRules: [{E2AB25EC-40D2-4DCC-9058-50A188816A73}] => C:\Program Files (x86)\ADSKIP\ADSkipSvc.exe
FirewallRules: [TCP Query User{15603C46-DBDB-4941-AF56-2D6E4D199494}C:\windows\kmsemulator.exe] => C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{4E236750-7CFD-40CD-81C3-5DB46E989CF1}C:\windows\kmsemulator.exe] => C:\windows\kmsemulator.exe
FirewallRules: [{7C945B66-EE88-4C42-9DE1-06E5B6866A47}] => E:\Rockstar\GTA5.exe
FirewallRules: [{423CE8EF-95A2-4B5B-9A66-927F1DD5C002}] => E:\Rockstar\GTA5.exe
FirewallRules: [TCP Query User{56286FDD-372B-49FA-BA35-CAAB8D8B5AB7}E:\program files (x86)\filezilla ftp client\filezilla.exe] => E:\program files (x86)\filezilla ftp client\filezilla.exe
FirewallRules: [UDP Query User{24730DEF-0D6D-4469-9CDD-35EF5F83CAD7}E:\program files (x86)\filezilla ftp client\filezilla.exe] => E:\program files (x86)\filezilla ftp client\filezilla.exe
FirewallRules: [{07852102-A267-4E6F-8F3A-9BCB47D4401D}] => C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{EBE06984-18D4-40C2-8005-DB48B326C4A3}] => C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [TCP Query User{8E18BE70-0432-4B86-9BDF-00ED76647EC4}C:\users\miguel\appdata\local\programs\lnv\stremio\stremio.exe] => C:\users\miguel\appdata\local\programs\lnv\stremio\stremio.exe
FirewallRules: [UDP Query User{C75C6EDC-6DA4-4955-92F9-6E92F24E0942}C:\users\miguel\appdata\local\programs\lnv\stremio\stremio.exe] => C:\users\miguel\appdata\local\programs\lnv\stremio\stremio.exe
FirewallRules: [{99225733-C16D-4F3C-97D9-8FC33F23E43A}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C246AF2F-D7B6-4FD3-8FA5-1A8BBA536324}] => LPort=2869
FirewallRules: [{33690B44-AE54-48AE-99DF-6DC17FCC8685}] => LPort=1900
FirewallRules: [{819139E1-EE5E-404C-B351-8EA242A61241}] => E:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{B341286E-6DDB-4D6D-81F6-563CD27A8A85}] => E:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{D515646A-CB73-4A15-B05D-E516936C25C1}] => E:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{E969A711-35E1-4136-8052-5018687CE34F}] => E:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{B7A16C24-9AA1-4F2B-BE56-74EB3077402C}] => E:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{D8782C8E-FBF6-4D64-B620-04F57822425D}] => E:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{6E2C1BE8-527D-4F6A-9362-E938244585B0}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5FF69402-3877-41C6-9B07-99226AD30782}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5B233F56-1047-4DC8-B898-79D3CBC06351}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{86EE2CBC-303A-4B95-9E94-6A65647C10C7}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C21D724E-95E9-4F69-B4C4-2C0B8FD4FBD8}] => F:\iTunes\iTunes.exe
FirewallRules: [TCP Query User{9E9A0040-2F9F-4A26-A93F-86C590DFBA7E}C:\users\miguel\downloads\zerobundle-win\zerobundle\python\python.exe] => C:\users\miguel\downloads\zerobundle-win\zerobundle\python\python.exe
FirewallRules: [UDP Query User{21D95FEA-416A-4CAF-8A1B-EB72BEEFAF6F}C:\users\miguel\downloads\zerobundle-win\zerobundle\python\python.exe] => C:\users\miguel\downloads\zerobundle-win\zerobundle\python\python.exe
FirewallRules: [TCP Query User{25283D58-1F7D-438E-A6B2-29398E752CCB}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{D9C5A3A6-B0BB-4072-80E3-752320A8DC3E}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [{D23C3A2D-AFF1-4F23-8BD7-9128E9539512}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{BE7F3BD2-870D-44B4-8EAC-60F73E2E9404}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F4CCC328-14EB-4758-A79C-C6B22690DACB}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{14326A67-7414-4700-B933-3C1C21955A80}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{AFF724E3-46CA-4828-A658-2190CE9FD3EF}E:\pen backup\usbwebserver v8_en\mysql\bin\mysqld_usbwv8.exe] => E:\pen backup\usbwebserver v8_en\mysql\bin\mysqld_usbwv8.exe
FirewallRules: [UDP Query User{8ECF5EBF-0AB0-4D4D-B086-25F5CEF1E875}E:\pen backup\usbwebserver v8_en\mysql\bin\mysqld_usbwv8.exe] => E:\pen backup\usbwebserver v8_en\mysql\bin\mysqld_usbwv8.exe
FirewallRules: [TCP Query User{E8DB0147-C3C6-49CF-995A-435640A95B46}E:\pen backup\usbwebserver v8_en\apache\bin\httpd_usbwv8.exe] => E:\pen backup\usbwebserver v8_en\apache\bin\httpd_usbwv8.exe
FirewallRules: [UDP Query User{CFAA1115-84CE-4862-817F-6CA9727BAAC3}E:\pen backup\usbwebserver v8_en\apache\bin\httpd_usbwv8.exe] => E:\pen backup\usbwebserver v8_en\apache\bin\httpd_usbwv8.exe
FirewallRules: [TCP Query User{4062751C-BA1A-416C-8E28-D0361B8C9231}F:\xampp\apache\bin\httpd.exe] => F:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{77635322-35CA-478E-BBB4-7EC9F2572B6B}F:\xampp\apache\bin\httpd.exe] => F:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{5ACA0219-EA48-40CC-A612-B7A35EED6399}F:\xampp\mysql\bin\mysqld.exe] => F:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{C59D8865-023A-4B29-9792-951E240FE7F5}F:\xampp\mysql\bin\mysqld.exe] => F:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{CF277555-6672-4BCE-8B05-8721B467723B}F:\xampp\filezillaftp\filezillaserver.exe] => F:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{67CFE3AA-BD19-4EA5-83D6-BC291673BED4}F:\xampp\filezillaftp\filezillaserver.exe] => F:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{F75E337A-5391-4447-8269-C8167C0CC865}F:\xampp\mercurymail\mercury.exe] => F:\xampp\mercurymail\mercury.exe
FirewallRules: [UDP Query User{1143B78A-E3B7-4DB7-92EE-2B47CAFCBF53}F:\xampp\mercurymail\mercury.exe] => F:\xampp\mercurymail\mercury.exe
FirewallRules: [TCP Query User{547913CA-D02F-464C-9247-12C62169D745}C:\program files\java\jre1.8.0_101\bin\java.exe] => C:\program files\java\jre1.8.0_101\bin\java.exe
FirewallRules: [UDP Query User{ECC826EA-D73A-4954-B191-91BF5F024851}C:\program files\java\jre1.8.0_101\bin\java.exe] => C:\program files\java\jre1.8.0_101\bin\java.exe
FirewallRules: [TCP Query User{217646F8-049E-4DC5-A058-855F8697402D}E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{36FB9695-6F8B-4174-92AF-EB16236C3712}E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [{8B677634-A09C-439C-840C-337282310EDA}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8DC61635-33BE-4EA1-8BDB-BD9681DB418D}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CD3C5241-CA24-4435-B3DA-02B76B80446F}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{449DB7B7-3FA7-416C-A138-A0598021839C}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{16B8F8FA-A010-44FB-A442-BEA0E2DBA806}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{8A52A5F4-03FC-477A-B0FB-943D679F57E8}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{F6E09D83-AB33-42B9-B3FB-ECFB569E03DD}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{0264D11B-83E6-43DB-AAD1-275C2B994069}E:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe] => E:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe
FirewallRules: [UDP Query User{50D25A69-5DCF-480E-9552-6926C9FC133B}E:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe] => E:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe
FirewallRules: [{EEEFD3F6-A969-4C92-BF87-CDF7040B5CA8}] => F:\jogos\TheNewZ\TheNewZ.exe
FirewallRules: [{9563CB27-978A-4C1C-B862-2AFFDDCD3C7D}] => E:\Program Files (x86)\Steam\SteamApps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{A9E8A68B-E6A5-4800-A208-1C555214E2F1}] => E:\Program Files (x86)\Steam\SteamApps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [TCP Query User{6EBCC9F0-863A-4467-8168-133617544689}E:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => E:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{14FC9CCA-CDD8-4EA6-806D-25DAE7FD4F8D}E:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => E:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{168365C1-55D4-4C48-AB21-7D704B825BEA}] => E:\Program Files (x86)\Steam\SteamApps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{00488786-BA20-40AE-882D-6D2FB368FED2}] => E:\Program Files (x86)\Steam\SteamApps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{98563681-9D14-4A47-BE2E-65FCF70B41AE}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F9E4A9AC-B668-4E13-BF27-F72E3C77DBFB}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{37560F21-EF6D-4A49-B811-962DA9C6B2A1}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{41E1C967-8EC0-4DAC-9C51-337A6C5D1658}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6A93A08A-BB19-4E38-8FE7-0FB56E4E33D7}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [TCP Query User{133953F9-208F-42C9-A47E-72553EF92CDB}F:\sinusbot\sinusbot.exe] => F:\sinusbot\sinusbot.exe
FirewallRules: [UDP Query User{841A59B4-4929-4159-A370-DFA9CD78E200}F:\sinusbot\sinusbot.exe] => F:\sinusbot\sinusbot.exe
FirewallRules: [{0FAE8BA3-14F1-400F-82F7-25A095A76347}] => F:\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{68B155EF-567C-4269-B7B6-096A638D47EA}] => F:\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{528DE619-14E4-4A91-913A-C042E7F73839}] => C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{3B37B227-EF10-4178-8387-812B7E9ED55B}] => C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{257336FF-F465-4C34-A0D7-71438C89611C}] => E:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{6D1F890A-E0F1-4589-91BE-3837624FDE4B}] => E:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{CD96A0A6-E72A-4E43-A585-665F60D43FA9}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

08-12-2016 12:18:50 Installed DirectX
08-12-2016 15:06:32 Installed DirectX
11-12-2016 19:17:36 Installed DirectX
11-12-2016 19:21:58 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/13/2016 06:27:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 17 1.0.0.127.in-addr.arpa. PTR Miguel-PC.local.

Error: (12/13/2016 06:27:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 127.0.0.1:5353 19 1.0.0.127.in-addr.arpa. PTR Miguel-PC-2.local.

Error: (12/13/2016 12:37:46 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha ao gerar o contexto de activação para "c:\program files (x86)\microsoft office\root\Office16\lync.exe.Manifest". Erro no ficheiro de manifesto ou de política "c:\program files (x86)\microsoft office\root\Office16\UccApi.DLL" na linha 1.
A identidade do componente existente no manifesto não corresponde à identidade do componente necessário.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Utilize sxstrace.exe para obter um diagnóstico detalhado.

Error: (12/08/2016 05:00:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: steamwebhelper.exe, versão: 3.65.13.80, carimbo de data/hora: 0x57fed9f2
Nome do módulo com falha: steamwebhelper.exe, versão: 3.65.13.80, carimbo de data/hora: 0x57fed9f2
Código de excepção: 0xc0000005
Desvio de falha: 0x00037b59
ID do processo com falha: 0x1cc4
Data/hora de início da aplicação com falha: 0x01d251707a8912d3
Caminho da aplicação com falha: C:\Program Files\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Caminho do módulo com falha: C:\Program Files\Steam\bin\cef\cef.winxp\steamwebhelper.exe
ID do Relatório: e167125e-bd67-11e6-b161-f80f4112023d

Error: (12/08/2016 04:31:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: steamwebhelper.exe, versão: 3.65.13.80, carimbo de data/hora: 0x57fed9f2
Nome do módulo com falha: steamwebhelper.exe, versão: 3.65.13.80, carimbo de data/hora: 0x57fed9f2
Código de excepção: 0xc0000005
Desvio de falha: 0x00037b59
ID do processo com falha: 0x1618
Data/hora de início da aplicação com falha: 0x01d2516d659f99f2
Caminho da aplicação com falha: C:\Program Files\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Caminho do módulo com falha: C:\Program Files\Steam\bin\cef\cef.winxp\steamwebhelper.exe
ID do Relatório: b7a37d58-bd63-11e6-b161-f80f4112023d

Error: (12/08/2016 04:09:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: steamwebhelper.exe, versão: 3.65.13.80, carimbo de data/hora: 0x57fed9f2
Nome do módulo com falha: steamwebhelper.exe, versão: 3.65.13.80, carimbo de data/hora: 0x57fed9f2
Código de excepção: 0xc0000005
Desvio de falha: 0x00037b59
ID do processo com falha: 0x1970
Data/hora de início da aplicação com falha: 0x01d2516632788b7d
Caminho da aplicação com falha: C:\Program Files\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Caminho do módulo com falha: C:\Program Files\Steam\bin\cef\cef.winxp\steamwebhelper.exe
ID do Relatório: a2807d0f-bd60-11e6-b161-f80f4112023d

Error: (12/08/2016 03:11:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Discord.exe versão 0.0.40.0 deixou de interagir com o Windows e foi fechado. Para verificar se existem mais informações disponíveis sobre o problema, consulte o histórico de problemas no painel de controlo do Centro de Acção.

ID do Processo: 10b0

Hora de Início: 01d2515195d6070f

Hora de Fim: 3

Caminho da Aplicação: C:\Users\Miguel\AppData\Local\Discord\app-0.0.296\Discord.exe

ID do Relatório: a3a8b9d6-bd58-11e6-b161-f80f4112023d

Error: (12/08/2016 12:51:49 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha ao gerar o contexto de activação para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Erro no ficheiro de manifesto ou de política "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" na linha 1.
A identidade do componente existente no manifesto não corresponde à identidade do componente necessário.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Utilize sxstrace.exe para obter um diagnóstico detalhado.

Error: (12/08/2016 12:51:49 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha ao gerar o contexto de activação para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Erro no ficheiro de manifesto ou de política "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" na linha 1.
A identidade do componente existente no manifesto não corresponde à identidade do componente necessário.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Utilize sxstrace.exe para obter um diagnóstico detalhado.

Error: (12/08/2016 12:39:20 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha ao gerar o contexto de activação para "c:\program files (x86)\microsoft office\root\Office16\lync.exe.Manifest". Erro no ficheiro de manifesto ou de política "c:\program files (x86)\microsoft office\root\Office16\UccApi.DLL" na linha 1.
A identidade do componente existente no manifesto não corresponde à identidade do componente necessário.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Utilize sxstrace.exe para obter um diagnóstico detalhado.


System errors:
=============
Error: (12/16/2016 07:09:35 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware encontrou um erro ao tentar atualizar as assinaturas.

Versão de Assinatura Nova:

Versão de Assinatura Anterior: 1.233.2078.0

Origem da Atualização: Servidor do Microsoft Update

Fase de Atualização: Pesquisar

Caminho da Fonte: http://www.microsoft.com

Tipo de Assinatura: Antivírus

Tipo de Atualização: Completa

Utilizador: NT AUTHORITY\SYSTEM

Versão de Motor Atual:

Versão de Motor Anterior: 1.1.13303.0

Código de erro: 0x8024001e

Descrição do erro: Ocorreu um problema inesperado ao procurar atualizações. Para obter informações sobre a instalação ou resolução de problemas de atualizações, consulte a Ajuda e Suporte.

Error: (12/13/2016 10:53:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: O serviço Steam Client Service falhou o arranque devido ao seguinte erro:
O serviço não respondeu ao pedido de início ou controlo atempadamente.

Error: (12/13/2016 10:53:27 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Foi atingido o tempo limite (30000 milissegundos) ao aguardar pela ligação do serviço Steam Client Service.

Error: (12/11/2016 09:32:24 PM) (Source: Disk) (EventID: 11) (User: )
Description: O controlador detectou um erro de controlador em \Device\Harddisk2\DR2.

Error: (12/11/2016 09:32:23 PM) (Source: Disk) (EventID: 11) (User: )
Description: O controlador detectou um erro de controlador em \Device\Harddisk2\DR2.

Error: (12/11/2016 09:32:22 PM) (Source: Disk) (EventID: 11) (User: )
Description: O controlador detectou um erro de controlador em \Device\Harddisk2\DR2.

Error: (12/07/2016 08:36:54 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Falha na inicialização da imagem de erro!

Error: (12/07/2016 08:53:05 PM) (Source: Microsoft Antimalware) (EventID: 2004) (User: )
Description: Microsoft Antimalware encontrou um erro ao tentar carregar as assinaturas e irá tentar reverter para um conjunto de assinaturas em bom estado.

Assinaturas Tentadas: Atual

Código de Erro: 0x80070002

Descrição do erro: O sistema não conseguiu localizar o ficheiro especificado.

Versão de assinatura: 0.0.0.0;0.0.0.0

Versão de motor: 0.0.0.0

Error: (12/06/2016 08:31:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Serviço de Bonjour terminou inesperadamente. Isto aconteceu 1 vez(es).

Error: (12/06/2016 12:01:49 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Serviço de Bonjour terminou inesperadamente. Isto aconteceu 1 vez(es).


CodeIntegrity:
===================================
Date: 2016-12-18 19:44:41.551
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-16 18:33:56.800
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-15 18:25:07.785
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-14 19:28:47.426
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-13 10:52:03.023
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-13 10:35:26.159
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-12 20:22:53.299
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-12 20:05:58.910
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-11 19:11:06.128
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-08 12:49:53.722
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 48%
Total physical RAM: 8174.04 MB
Available physical RAM: 4182.14 MB
Total Virtual: 16346.25 MB
Available Virtual: 12076.63 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:21.11 GB) NTFS
Drive d: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Packard Bell) (Fixed) (Total:456.71 GB) (Free:59.02 GB) NTFS
Drive f: (DATA) (Fixed) (Total:456.71 GB) (Free:55.34 GB) NTFS
Drive g: (HBCD 15.2) (CDROM) (Total:0.58 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 6C44167A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5FE8ED01)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=456.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=456.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Attached Files


Edited by Oh My!, 20 December 2016 - 09:55 AM.


#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,005 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:02 PM

Posted 20 December 2016 - 10:18 AM

Greetings Papadocks and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Unfortunately there is evidence of illegal software on your computer. I am going to request you completely uninstall Microsoft Office 365 ProPlus, Microsoft Office Professional Plus 2010, and any other products for which you do not have a valid Product Key, including all "cracked" software. If you are willing to do that please rerun a FRST scan and copy/paste both reports in your reply. If you prefer to leave the program(s) on your computer let me know that and I will be closing the Topic.

If you decide to remove the program(s) please run this after removal.

===================================================

CKScanner

--------------------
  • Download CKScanner and save it to your Desktop
  • Double click CKScanner
  • Select Search For Files
  • Once completed select Save List to File
  • A ckfiles.txt document will be placed on your Desktop
  • Copy and paste the results of that report in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • CKScanner report
  • FRST report
  • Addition report

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 Papadocks

Papadocks
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:02 AM

Posted 21 December 2016 - 06:19 PM

Hello,
 
My Office 365 was not cracked, I got it from my university but I removed it anyway...
 
Thank you for all you help and of course you can call me by my first name!
 
Best Regards,

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
Ran by Miguel (administrator) on MIGUEL-PC (21-12-2016 23:14:54)
Running from C:\Users\Miguel\Downloads
Loaded Profiles: Miguel (Available Profiles: Miguel)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Português (Portugal)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
() C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Spotify Ltd) C:\Users\Miguel\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Creative Technology Ltd.) C:\Windows\V0330Mon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
(TeamSpeak Systems GmbH) F:\Teamspeak3\ts3client_win64.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe
(Valve Corporation) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16681728 2016-07-18] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [C:\Windows\system32\V0330Ext.ax] => C:\Windows\system32\RegSvr32.exe /s C:\Windows\system32\V0330Ext.ax
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [DriverPack Notifier] => C:\Program Files (x86)\DriverPack Notifier\DriverPackNotifier.exe [258560 2015-12-18] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [V0330Mon.exe] => C:\Windows\V0330Mon.exe [32768 2007-04-30] (Creative Technology Ltd.)
HKLM-x32\...\Run: [C:\Windows\SysWOW64\V0330Ext.ax] => C:\Windows\system32\RegSvr32.exe /s C:\Windows\SysWOW64\V0330Ext.ax
HKU\S-1-5-21-1752991229-1062164544-2561520819-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3582240 2016-06-02] (Nota Inc.)
HKU\S-1-5-21-1752991229-1062164544-2561520819-1000\...\Run: [Spotify Web Helper] => C:\Users\Miguel\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-19] (Spotify Ltd)
HKU\S-1-5-21-1752991229-1062164544-2561520819-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-1752991229-1062164544-2561520819-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-1752991229-1062164544-2561520819-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-07-08] (Apple Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-06-12] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2016-12-21]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
Startup: C:\Users\Miguel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-12-14]
ShortcutTarget: Curse.lnk -> C:\Users\Miguel\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.1.254
Tcpip\..\Interfaces\{119785F5-BD97-446F-9196-B6000428985D}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{119785F5-BD97-446F-9196-B6000428985D}: [DhcpNameServer] 192.168.1.254 192.168.1.254

Internet Explorer:
==================
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-30] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-30] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-30] (Oracle Corporation)
BHO-x32: Programa Auxiliar de Início de Sessão da conta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-30] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: jh0pz1yn.default
FF ProfilePath: C:\Users\Miguel\AppData\Roaming\Mozilla\Firefox\Profiles\jh0pz1yn.default [2016-12-12]
FF Session Restore: Mozilla\Firefox\Profiles\jh0pz1yn.default -> is enabled.
FF Extension: (HackBar) - C:\Users\Miguel\AppData\Roaming\Mozilla\Firefox\Profiles\jh0pz1yn.default\Extensions\{F5DDF39C-9293-4d5e-9AA8-E04E6DD5E9B4}.xpi [2016-10-01]
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-30] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Session Restore: Profile 1 -> is enabled.
CHR Profile: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-06-20] <==== ATTENTION
CHR Profile: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-12-21]
CHR Extension: (Google Docs) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-20]
CHR Extension: (Google Drive) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-20]
CHR Extension: (YouTube) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-20]
CHR Extension: (Google Folhas de Cálculo) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-20]
CHR Extension: (Ban Checker For Steam With History) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fidfhokmiihfkmkhgpacakihkehklhka [2016-10-13]
CHR Extension: (Marcadores de iCloud) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fkepacicchenbjecpbpbclokcabebhah [2016-08-26]
CHR Extension: (LoungeDestroyer) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2016-10-17]
CHR Extension: (Documentos do Google offline) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-20]
CHR Extension: (AdBlock) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-12-21]
CHR Extension: (Pagamentos via Chrome Web Store) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-20]
CHR Extension: (Gmail) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-20]
CHR Extension: (Chrome Media Router) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-16]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1447944 2016-12-12] ()
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [243984 2016-02-12] (EasyAntiCheat Ltd)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2016-04-12] ()
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-09-19] (Hi-Rez Studios) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-11-24] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation)
S3 Origin Client Service; F:\Origin\OriginClientService.exe [2122248 2016-07-19] (Electronic Arts)
R2 ovpnagent; C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe [949480 2016-08-29] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2016-07-18] (Popcorn Time) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 JtsLncs; "C:\Program Files (x86)\Jatosydinodom\JtsLncs.xhtm5" {79740E79-A383-47A7-B513-3DF6563D007F} {8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 busenum; C:\Windows\System32\DRIVERS\SteelBus64.sys [146944 2014-10-08] (SteelSeries Corporation) [File not signed]
S3 CSRBC; C:\Windows\System32\Drivers\csrbc.sys [38400 2012-08-02] (CSR plc.)
R1 ESEADriver2; C:\Users\Miguel\AppData\Local\Temp\ESEADriver2.sys [316256 2016-11-23] ()
R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [99464 2016-07-04] (<Turtle Entertainment>)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30960 2015-05-29] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [190032 2016-04-04] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation)
R3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2016-06-15] (The OpenVPN Project)
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [416472 2016-05-17] (Realsil Semiconductor Corporation)
S3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [39168 2014-10-08] (SteelSeries Corporation) [File not signed]
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31984 2013-07-30] (Synaptics Incorporated)
R3 ssdevfactory; C:\Windows\System32\DRIVERS\ssdevfactory.sys [41816 2016-11-03] (SteelSeries ApS)
S3 sshid; C:\Windows\System32\DRIVERS\sshid.sys [52960 2016-10-05] (SteelSeries ApS)
S3 V0330VID; C:\Windows\System32\DRIVERS\V0330Vid.sys [193408 2009-07-03] (Creative Technology Ltd.)
S3 blNetFilter; \??\C:\Windows\system32\drivers\blNetFilter.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-21 23:13 - 2016-12-21 23:13 - 00000000 ____D C:\Users\Miguel\Downloads\FRST-OlderVersion
2016-12-21 23:13 - 2016-12-21 23:13 - 00000000 _____ C:\Windows\cd_127
2016-12-19 00:58 - 2016-12-19 00:58 - 00000000 ____D C:\Users\Miguel\AppData\Roaming\Code
2016-12-19 00:58 - 2016-12-19 00:58 - 00000000 ____D C:\Users\Miguel\.vscode
2016-12-18 19:50 - 2016-12-21 23:15 - 00019703 _____ C:\Users\Miguel\Downloads\FRST.txt
2016-12-18 19:50 - 2016-12-18 19:51 - 00058060 _____ C:\Users\Miguel\Downloads\Addition.txt
2016-12-18 19:49 - 2016-12-21 23:14 - 00000000 ____D C:\FRST
2016-12-18 19:49 - 2016-12-21 23:13 - 02420736 _____ (Farbar) C:\Users\Miguel\Downloads\FRST64.exe
2016-12-14 19:32 - 2016-12-14 19:32 - 00000000 ____D C:\Windows\pss
2016-12-13 10:53 - 2016-12-13 10:53 - 00000000 ____D C:\Users\Miguel\AppData\Local\Chromium
2016-12-12 23:26 - 2016-12-21 23:14 - 00000000 ____D C:\Users\Miguel\AppData\Roaming\Curse Client
2016-12-12 23:26 - 2016-12-12 23:26 - 83726296 _____ (Curse) C:\Users\Miguel\Downloads\CurseClientSetup_[addonclient-upsell].exe
2016-12-12 23:26 - 2016-12-12 23:26 - 00001036 _____ C:\Users\Miguel\Desktop\Curse.lnk
2016-12-12 23:26 - 2016-12-12 23:26 - 00001022 _____ C:\Users\Miguel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk
2016-12-12 23:26 - 2016-12-12 23:26 - 00000000 ____D C:\Users\Miguel\AppData\Roaming\Curse
2016-12-08 12:18 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2016-12-08 01:56 - 2016-12-08 01:56 - 02087271 _____ C:\Users\Miguel\Downloads\finder.zip
2016-12-07 22:54 - 2016-12-07 22:54 - 00000495 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-12-07 22:54 - 2016-12-07 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-12-07 22:52 - 2016-12-07 23:04 - 00000000 ____D C:\Users\Miguel\Documents\The Crew
2016-12-07 22:52 - 2016-12-07 23:00 - 00000000 ____D C:\Users\Miguel\Documents\ProfileCache
2016-12-07 22:51 - 2016-12-07 22:51 - 03126768 _____ (Blizzard Entertainment) C:\Users\Miguel\Downloads\Battle.net-Setup.exe
2016-12-07 22:51 - 2016-12-07 22:51 - 00000000 ____D C:\Users\Miguel\AppData\Local\Ubisoft
2016-12-07 22:48 - 2016-12-07 22:48 - 00000000 ____D C:\Windows\system32\appmgmt
2016-12-07 21:50 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-12-07 21:50 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-12-07 21:50 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-12-07 21:50 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-12-07 21:50 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-12-07 21:50 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-12-07 21:50 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-12-07 21:50 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-12-07 21:50 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-12-07 21:50 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-12-07 21:50 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-12-07 21:50 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-12-07 21:50 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2016-12-07 21:50 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2016-12-07 21:50 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-12-07 21:50 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-12-07 21:50 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-12-07 21:50 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-12-07 21:50 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-12-07 21:50 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-12-07 21:50 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-12-07 21:50 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2016-12-07 21:50 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-12-07 21:50 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-12-07 21:50 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-12-07 21:50 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-12-07 21:50 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2016-12-07 21:50 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-12-07 21:50 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-12-07 21:50 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-12-07 21:50 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-12-07 21:50 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-12-07 21:50 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-12-07 21:50 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-12-07 21:50 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2016-12-07 21:50 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-12-07 21:50 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2016-12-07 21:50 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2016-12-07 21:50 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-12-07 21:50 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-12-07 21:50 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2016-12-07 21:50 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-12-07 21:50 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2016-12-07 21:50 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-12-07 21:50 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2016-12-07 21:50 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-12-07 21:50 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2016-12-07 21:50 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-12-07 21:50 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-12-07 21:50 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-12-07 21:50 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-12-07 21:50 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-12-07 21:50 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-12-07 21:50 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-12-07 21:50 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-12-07 21:50 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-12-07 21:50 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-12-07 21:50 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-12-07 21:50 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-12-07 21:50 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-12-07 21:50 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-12-07 21:50 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-12-07 21:50 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-12-07 21:50 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-12-07 21:50 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-12-07 21:50 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-12-07 21:50 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-12-07 21:50 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-12-07 21:50 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-12-07 21:50 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-12-07 21:50 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-12-07 21:50 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-12-07 21:50 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-12-07 21:50 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-12-07 21:50 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2016-12-07 21:50 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2016-12-07 21:50 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-12-07 21:50 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-12-07 21:50 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2016-12-07 21:50 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2016-12-07 21:50 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-12-07 21:50 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-12-07 21:50 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2016-12-07 21:50 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-12-07 21:50 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2016-12-07 21:50 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-12-07 21:50 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2016-12-07 21:50 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-12-07 21:50 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2016-12-07 21:50 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2016-12-07 21:50 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-12-07 21:50 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-12-07 21:50 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2016-12-07 21:50 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-12-07 21:50 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2016-12-07 21:50 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-12-07 21:50 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2016-12-07 21:50 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-12-07 21:50 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2016-12-07 21:50 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-12-07 21:50 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2016-12-07 21:50 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-12-07 21:50 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2016-12-07 21:50 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-12-07 21:50 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2016-12-07 21:50 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-12-07 21:50 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2016-12-07 21:50 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-12-07 21:50 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2016-12-07 21:50 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-12-07 21:50 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2016-12-07 21:50 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-12-07 21:50 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2016-12-07 21:50 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-12-07 21:50 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2016-12-07 21:50 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-12-07 21:50 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2016-12-07 21:50 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-12-07 21:50 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2016-12-07 21:50 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-12-07 21:50 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2016-12-07 21:50 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-12-07 21:50 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2016-12-07 21:50 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-12-07 21:50 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2016-12-07 21:50 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-12-07 21:50 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2016-12-07 21:50 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-12-07 21:50 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2016-12-07 21:50 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-12-07 21:50 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2016-12-07 21:50 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-12-07 21:50 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2016-12-07 21:50 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-12-07 21:50 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2016-12-07 21:50 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-12-07 21:50 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2016-12-07 21:50 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2016-12-07 21:50 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-12-07 21:50 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-12-07 21:50 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-12-07 21:50 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-12-07 21:50 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2016-12-07 21:50 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-12-07 21:50 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2016-12-07 21:50 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2016-12-07 21:50 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-12-07 21:50 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-12-07 21:50 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-12-07 21:50 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2016-12-07 21:50 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2016-12-07 21:50 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2016-12-07 21:50 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-12-07 21:50 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-12-07 21:50 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-12-07 21:50 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-12-07 21:50 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-12-07 21:50 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-12-07 21:50 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-12-07 21:50 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-12-07 21:50 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2016-12-07 21:50 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-12-07 21:50 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2016-12-07 21:50 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-12-07 21:50 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-12-07 21:50 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-12-07 21:50 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2016-12-07 21:50 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-12-07 21:50 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2016-12-07 21:50 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-12-07 21:50 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2016-12-07 21:50 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-12-07 21:50 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2016-12-07 21:50 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-12-07 21:50 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2016-12-05 22:30 - 2016-12-05 22:30 - 02058776 _____ C:\Users\Miguel\Downloads\flag-icon-css-master.zip
2016-12-05 22:29 - 2016-12-05 22:30 - 00298618 _____ C:\Users\Miguel\Downloads\famfamfam_flag_icons.zip
2016-12-05 22:29 - 2016-12-05 22:29 - 02065409 _____ C:\Users\Miguel\Downloads\Flags.zip
2016-12-04 23:53 - 2016-12-04 23:53 - 00000000 ____D C:\Users\Miguel\Downloads\IP.Board_3.4.9_Nulled
2016-12-04 23:47 - 2016-12-04 23:50 - 08948268 _____ C:\Users\Miguel\Downloads\IP.Board_3.4.9_Nulled.zip
2016-12-04 20:42 - 2016-12-04 20:42 - 00000000 ____D C:\Users\Miguel\Downloads\OldSkill_Romania
2016-12-04 20:40 - 2016-12-04 20:41 - 04475426 _____ C:\Users\Miguel\Downloads\OldSkill_Romania.rar
2016-12-04 20:36 - 2016-12-04 20:36 - 04173477 _____ C:\Users\Miguel\Downloads\images-invezozo-img (1).xml.gz
2016-12-04 20:30 - 2016-12-04 20:30 - 04173477 _____ C:\Users\Miguel\Downloads\images-invezozo-img.xml.gz
2016-12-04 20:30 - 2016-12-04 20:30 - 00282073 _____ C:\Users\Miguel\Downloads\invezozo.xml.gz
2016-12-04 20:30 - 2016-12-04 20:30 - 00001800 _____ C:\Users\Miguel\Downloads\replacements-invezozo.xml.gz
2016-12-02 00:48 - 2016-12-02 00:48 - 00000884 _____ C:\Users\Miguel\Desktop\forum.txt
2016-12-01 22:24 - 2016-12-01 22:24 - 00040630 _____ C:\Users\Miguel\Downloads\(SOS33) Member Situation on Personal Card 1.0.1.zip
2016-12-01 22:23 - 2016-12-01 22:23 - 00012176 _____ C:\Users\Miguel\Downloads\Sliding Pop-up Message Box 1.6.1.rar
2016-12-01 22:22 - 2016-12-01 22:22 - 00007616 _____ C:\Users\Miguel\Downloads\Closing_Reason_as_Post.zip
2016-12-01 22:20 - 2016-12-01 22:20 - 00002599 _____ C:\Users\Miguel\Downloads\Profile Information Sidebar.zip
2016-12-01 22:07 - 2016-12-01 22:07 - 00224058 _____ C:\Users\Miguel\Downloads\(BS) Warning.zip
2016-12-01 22:06 - 2016-12-01 22:07 - 00050550 _____ C:\Users\Miguel\Downloads\1422120719036228_Contact Form 2.2.5.zip
2016-12-01 22:06 - 2016-12-01 22:06 - 01759307 _____ C:\Users\Miguel\Downloads\1421429338036228_IPBSlider 1.01 (1).zip
2016-12-01 22:05 - 2016-12-01 22:05 - 01394853 _____ C:\Users\Miguel\Downloads\Duplicate_Members_Logger_v3.0.4.zip
2016-12-01 22:05 - 2016-12-01 22:05 - 00666352 _____ C:\Users\Miguel\Downloads\(RC34) Board Life Status 1.0.1.zip
2016-12-01 22:01 - 2016-12-01 22:01 - 00054237 _____ C:\Users\Miguel\Downloads\Livestream.rar
2016-12-01 21:58 - 2016-12-01 21:58 - 00003758 _____ C:\Users\Miguel\Downloads\User Online Status in Topics 1.0.0 (IP.Board 3.2 & 3.3).zip
2016-12-01 21:57 - 2016-12-01 21:57 - 00144938 _____ C:\Users\Miguel\Downloads\1377249359010959_IPB 3.4 - AdvancedTagsPrefixes 2.1.6.zip
2016-12-01 21:56 - 2016-12-01 21:56 - 00274654 _____ C:\Users\Miguel\Downloads\1376396079010959_(e32) Custom Sidebar Blocks 2.1.1.zip
2016-12-01 21:55 - 2016-12-01 21:55 - 00131331 _____ C:\Users\Miguel\Downloads\server_list_TestScript.rar
2016-12-01 16:16 - 2016-12-01 16:16 - 01759307 _____ C:\Users\Miguel\Downloads\1421429338036228_IPBSlider 1.01.zip
2016-12-01 16:08 - 2016-12-01 16:08 - 00734041 _____ C:\Users\Miguel\Downloads\Promenu_Plus-3.2.1.zip
2016-12-01 16:08 - 2016-12-01 16:08 - 00199817 _____ C:\Users\Miguel\Downloads\promenu-plus-extra.zip
2016-12-01 01:40 - 2016-12-01 01:40 - 00009468 _____ C:\Users\Miguel\Downloads\cookiebar100.zip
2016-11-30 23:32 - 2016-11-30 23:32 - 00000000 ____D C:\Users\Miguel\Desktop\Haze IPS v1.0.8 Nulled by DaBeast
2016-11-30 23:27 - 2016-11-30 23:27 - 00000000 ____D C:\Users\Miguel\Desktop\OrtemSkin
2016-11-30 22:40 - 2016-11-30 22:40 - 00941087 _____ C:\Users\Miguel\Downloads\[Retail] Ortem.zip
2016-11-30 21:43 - 2016-11-30 21:43 - 02674374 _____ C:\Users\Miguel\Downloads\Aperture_xenfocus_1.4.x.zip
2016-11-29 23:31 - 2016-11-29 23:31 - 00000548 _____ C:\Users\Miguel\Desktop\SinusBot 0.9.15.lnk
2016-11-29 23:30 - 2016-11-29 23:30 - 21139744 _____ (Michael Friese) C:\Users\Miguel\Downloads\sinusbot-0.9.15.exe
2016-11-28 23:12 - 2016-11-28 23:12 - 00795568 _____ C:\Users\Miguel\Downloads\R2G - RED - by FratziWear.rar
2016-11-28 20:24 - 2016-11-24 19:22 - 00134712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-11-28 20:24 - 2016-09-09 18:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-11-28 20:24 - 2016-09-09 18:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll
2016-11-28 20:24 - 2016-09-09 18:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-11-28 20:24 - 2016-09-09 18:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe
2016-11-28 20:22 - 2016-11-24 20:54 - 40123840 _____ C:\Windows\system32\nvcompiler.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 35224632 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 34701760 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 28139576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 17440928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 14057528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-11-28 20:22 - 2016-11-24 20:54 - 10912744 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 10795312 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 10346208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 09151216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 08913512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 08754344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 03643840 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 03206592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 01951680 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437609.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437609.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 01036736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00974272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00945208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00895424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00683640 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00572888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00521096 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00439864 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00435904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00407248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00390200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00170872 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00153368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00148200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-11-28 20:22 - 2016-11-24 20:54 - 00131720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-11-28 20:18 - 2016-11-17 13:45 - 00101824 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-11-28 20:18 - 2016-11-17 13:45 - 00091584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-11-28 20:18 - 2016-11-17 13:45 - 00046016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-11-24 08:06 - 2016-11-02 15:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-24 08:06 - 2016-11-02 15:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-11-24 08:06 - 2016-11-02 15:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-24 08:06 - 2016-11-02 15:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-11-24 08:06 - 2016-11-02 15:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-11-24 08:06 - 2016-11-02 15:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-24 08:06 - 2016-11-02 15:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-11-24 08:06 - 2016-11-02 15:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-11-24 08:06 - 2016-11-02 15:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-11-24 08:06 - 2016-11-02 14:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-24 08:06 - 2016-10-28 03:59 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-24 08:06 - 2016-10-28 03:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-24 08:06 - 2016-10-27 19:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-11-24 08:06 - 2016-10-27 19:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-11-24 08:06 - 2016-10-27 18:55 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-11-24 08:06 - 2016-10-27 18:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-11-24 08:06 - 2016-10-27 18:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-11-24 08:06 - 2016-10-27 18:53 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-24 08:06 - 2016-10-27 18:53 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-11-24 08:06 - 2016-10-27 18:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-24 08:06 - 2016-10-27 18:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-11-24 08:06 - 2016-10-27 18:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-11-24 08:06 - 2016-10-27 18:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-11-24 08:06 - 2016-10-27 18:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-24 08:06 - 2016-10-27 18:37 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-11-24 08:06 - 2016-10-27 18:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-11-24 08:06 - 2016-10-27 18:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-11-24 08:06 - 2016-10-27 18:28 - 25763328 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-24 08:06 - 2016-10-27 18:28 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-24 08:06 - 2016-10-27 18:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-11-24 08:06 - 2016-10-27 18:19 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-24 08:06 - 2016-10-27 18:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-24 08:06 - 2016-10-27 18:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-11-24 08:06 - 2016-10-27 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-11-24 08:06 - 2016-10-27 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-24 08:06 - 2016-10-27 18:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-24 08:06 - 2016-10-27 18:02 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-11-24 08:06 - 2016-10-27 17:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-24 08:06 - 2016-10-27 17:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-24 08:06 - 2016-10-27 17:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-24 08:06 - 2016-10-27 17:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-24 08:06 - 2016-10-27 17:44 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-11-24 08:06 - 2016-10-27 17:17 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-24 08:06 - 2016-10-27 17:16 - 02920448 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-24 08:06 - 2016-10-27 17:03 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-24 08:06 - 2016-10-27 16:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-24 08:06 - 2016-10-27 15:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-24 08:06 - 2016-10-25 15:02 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-24 08:06 - 2016-10-22 17:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-11-24 08:06 - 2016-10-22 17:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-11-24 08:06 - 2016-10-22 17:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-11-24 08:06 - 2016-10-22 17:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-24 08:06 - 2016-10-22 17:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-11-24 08:06 - 2016-10-22 17:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-24 08:06 - 2016-10-22 17:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-24 08:06 - 2016-10-22 17:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-11-24 08:06 - 2016-10-22 17:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-11-24 08:06 - 2016-10-22 17:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-11-24 08:06 - 2016-10-22 17:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-24 08:06 - 2016-10-22 17:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-11-24 08:06 - 2016-10-22 17:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-11-24 08:06 - 2016-10-22 17:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-11-24 08:06 - 2016-10-22 17:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-11-24 08:06 - 2016-10-22 17:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-11-24 08:06 - 2016-10-22 16:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-11-24 08:06 - 2016-10-22 16:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-24 08:06 - 2016-10-22 16:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-24 08:06 - 2016-10-22 16:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-11-24 08:06 - 2016-10-22 16:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-24 08:06 - 2016-10-22 16:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-24 08:06 - 2016-10-22 16:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-24 08:06 - 2016-10-22 16:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-24 08:06 - 2016-10-22 16:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-11-24 08:06 - 2016-10-22 16:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-24 08:06 - 2016-10-22 16:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-24 08:06 - 2016-10-22 16:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-24 08:06 - 2016-10-22 16:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-24 08:06 - 2016-10-15 15:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-24 08:06 - 2016-10-15 15:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-24 08:06 - 2016-10-15 15:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-24 08:06 - 2016-10-15 15:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-11-24 08:06 - 2016-10-11 15:37 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-11-24 08:06 - 2016-10-11 15:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-11-24 08:06 - 2016-10-11 15:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-24 08:06 - 2016-10-11 15:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-11-24 08:06 - 2016-10-11 15:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-11-24 08:06 - 2016-10-11 15:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-24 08:06 - 2016-10-11 15:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-11-24 08:06 - 2016-10-11 15:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-11-24 08:06 - 2016-10-11 15:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-11-24 08:06 - 2016-10-11 15:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-11-24 08:06 - 2016-10-11 15:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-11-24 08:06 - 2016-10-11 15:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-11-24 08:06 - 2016-10-11 15:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-11-24 08:06 - 2016-10-11 15:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-11-24 08:06 - 2016-10-11 15:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-24 08:06 - 2016-10-11 15:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-11-24 08:06 - 2016-10-11 15:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-11-24 08:06 - 2016-10-11 15:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-24 08:06 - 2016-10-11 15:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-11-24 08:06 - 2016-10-11 15:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-11-24 08:06 - 2016-10-11 15:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-11-24 08:06 - 2016-10-11 15:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-11-24 08:06 - 2016-10-11 15:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-11-24 08:06 - 2016-10-11 15:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-11-24 08:06 - 2016-10-11 15:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-11-24 08:06 - 2016-10-11 13:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-24 08:06 - 2016-10-11 13:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-24 08:06 - 2016-10-10 15:38 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-24 08:06 - 2016-10-10 15:38 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-24 08:06 - 2016-10-10 15:34 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-24 08:06 - 2016-10-10 15:34 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-24 08:06 - 2016-10-10 15:34 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-24 08:06 - 2016-10-10 15:34 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-24 08:06 - 2016-10-10 15:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-24 08:06 - 2016-10-10 15:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-24 08:06 - 2016-10-10 15:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-24 08:06 - 2016-10-10 14:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-24 08:06 - 2016-10-10 14:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-24 08:06 - 2016-10-10 14:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-24 08:06 - 2016-10-10 14:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-24 08:06 - 2016-10-10 14:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-24 08:06 - 2016-10-10 14:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-24 08:06 - 2016-10-07 15:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-24 08:06 - 2016-10-07 15:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-24 08:06 - 2016-10-07 15:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-24 08:06 - 2016-10-07 15:35 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:18 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-24 08:06 - 2016-10-07 15:18 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-24 08:06 - 2016-10-07 15:15 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 15:04 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-24 08:06 - 2016-10-07 15:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-24 08:06 - 2016-10-07 15:04 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-24 08:06 - 2016-10-07 15:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-24 08:06 - 2016-10-07 15:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-24 08:06 - 2016-10-07 14:56 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-24 08:06 - 2016-10-07 14:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-24 08:06 - 2016-10-07 14:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-24 08:06 - 2016-10-07 14:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-24 08:06 - 2016-10-07 14:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-24 08:06 - 2016-10-07 14:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 14:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 14:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-24 08:06 - 2016-10-07 14:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-24 08:06 - 2016-10-05 14:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-24 08:06 - 2016-09-15 14:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-11-24 08:06 - 2016-09-13 15:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-11-24 08:06 - 2016-09-13 15:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-11-24 08:06 - 2016-09-09 18:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-11-24 08:06 - 2016-09-09 18:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-11-24 08:06 - 2016-08-22 16:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-11-23 22:19 - 2016-11-23 22:19 - 01412032 _____ C:\Users\Miguel\Downloads\idle_master.zip
2016-11-23 22:19 - 2016-11-23 22:19 - 00000000 ____D C:\Users\Miguel\Desktop\idle
2016-11-23 22:19 - 2016-11-23 22:19 - 00000000 ____D C:\Users\Miguel\AppData\Local\IdleMaster
2016-11-22 20:22 - 2016-11-22 20:22 - 00000000 ____D C:\Users\Miguel\AppData\Local\TeamViewer
2016-11-22 20:14 - 2016-12-13 10:44 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-11-22 20:14 - 2016-11-22 22:34 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-11-22 20:14 - 2016-11-22 22:34 - 00000959 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-11-22 00:26 - 2016-11-22 00:26 - 01513867 _____ C:\Users\Miguel\Downloads\94629.webm
2016-11-22 00:26 - 2016-11-22 00:26 - 01513867 _____ C:\Users\Miguel\Downloads\94629 (1).webm
2016-11-21 20:53 - 2016-12-21 20:57 - 00000000 ____D C:\Users\Miguel\AppData\Roaming\steelseries-engine-3-client
2016-11-21 20:53 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-11-21 20:53 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-11-21 20:53 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-11-21 20:53 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-11-21 20:52 - 2016-11-21 20:52 - 80335280 _____ C:\Users\Miguel\Downloads\SteelSeriesEngine3.9.2Setup.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-21 23:14 - 2016-08-26 13:18 - 00000000 ___RD C:\Users\Miguel\iCloudDrive
2016-12-21 23:14 - 2016-06-09 18:59 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-21 23:14 - 2016-06-09 18:49 - 00000000 ____D C:\Program Files\Steam
2016-12-21 23:14 - 2016-06-09 18:47 - 00000000 ____D C:\Users\Miguel\AppData\Roaming\TS3Client
2016-12-21 23:14 - 2016-06-09 18:43 - 00109904 _____ C:\Users\Miguel\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-21 23:13 - 2016-09-25 20:43 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2016-12-21 23:13 - 2016-06-21 20:54 - 00000218 _____ C:\Windows\Tasks\AutoKMSDaily.job
2016-12-21 23:13 - 2016-06-21 20:54 - 00000218 _____ C:\Windows\Tasks\AutoKMS.job
2016-12-21 23:13 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-21 23:13 - 2009-07-14 04:45 - 00436304 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-21 21:02 - 2016-06-21 20:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-21 21:02 - 2009-07-14 04:45 - 00019904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-21 21:02 - 2009-07-14 04:45 - 00019904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-21 21:02 - 2009-07-14 03:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-12-21 21:01 - 2009-08-15 17:10 - 00724022 _____ C:\Windows\system32\prfh0816.dat
2016-12-21 21:01 - 2009-08-15 17:10 - 00153624 _____ C:\Windows\system32\prfc0816.dat
2016-12-21 21:01 - 2009-07-14 05:13 - 01664484 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-21 21:01 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\inf
2016-12-21 21:00 - 2016-06-21 20:29 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-12-21 21:00 - 2009-07-14 07:46 - 00000000 ____D C:\Windows\ShellNew
2016-12-21 21:00 - 2009-07-14 05:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-12-21 20:55 - 2016-06-21 20:54 - 00077824 _____ C:\Windows\KMSEmulator.exe
2016-12-21 20:55 - 2016-06-21 20:54 - 00002756 _____ C:\Windows\System32\Tasks\AutoKMSDaily
2016-12-21 20:55 - 2009-07-14 05:08 - 00032578 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-20 00:13 - 2016-08-25 00:10 - 00000000 ____D C:\Users\Miguel\AppData\Local\Battle.net
2016-12-19 00:58 - 2016-06-09 18:39 - 00000000 ____D C:\Users\Miguel
2016-12-18 20:02 - 2016-06-09 18:43 - 00003440 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-18 20:02 - 2016-06-09 18:43 - 00003312 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-15 21:22 - 2016-06-09 18:43 - 00002229 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-15 21:22 - 2016-06-09 18:43 - 00002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-13 23:26 - 2016-09-20 20:12 - 00000416 _____ C:\Users\Miguel\Documents\ClownfishForTeamspeak.ini
2016-12-13 10:53 - 2016-06-09 18:50 - 00000000 ____D C:\Users\Miguel\AppData\Local\Steam
2016-12-08 17:00 - 2016-06-11 17:44 - 00000000 ____D C:\Users\Miguel\AppData\Local\CrashDumps
2016-12-08 12:50 - 2016-09-14 16:45 - 00000670 _____ C:\Users\Miguel\Desktop\Uplay.lnk
2016-12-08 04:52 - 2016-10-01 19:32 - 00000000 ____D C:\Users\Miguel\AppData\Local\PrivateTunnel
2016-12-08 04:52 - 2016-06-21 20:54 - 00000000 ____D C:\Windows\AutoKMS
2016-12-08 04:52 - 2016-06-21 20:29 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-12-08 04:52 - 2016-06-18 23:23 - 00000000 ____D C:\Users\Miguel\AppData\Roaming\vlc
2016-12-08 04:52 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\registration
2016-12-07 23:04 - 2016-09-14 16:45 - 00000000 ____D C:\Users\Miguel\AppData\Local\Ubisoft Game Launcher
2016-12-07 22:51 - 2009-07-14 05:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-12-07 22:48 - 2016-08-25 00:10 - 00000000 ____D C:\Users\Miguel\AppData\Roaming\Battle.net
2016-12-07 22:48 - 2016-08-07 18:54 - 00000000 ____D C:\ProgramData\Battle.net
2016-12-07 21:49 - 2016-06-09 18:47 - 00000794 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2016-12-06 23:57 - 2016-11-03 21:25 - 01804680 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2016-12-05 00:23 - 2016-06-28 19:39 - 00000000 ____D C:\Users\Miguel\AppData\Roaming\FileZilla
2016-12-02 20:40 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\rescache
2016-12-02 19:20 - 2016-11-07 21:42 - 00000000 ____D C:\Users\Miguel\AppData\Roaming\discord
2016-12-02 00:55 - 2016-06-09 19:23 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-12-02 00:55 - 2016-06-09 19:23 - 00001912 _____ C:\Windows\epplauncher.mif
2016-12-02 00:55 - 2016-06-09 19:23 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-12-02 00:55 - 2016-06-09 19:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-12-01 01:43 - 2016-06-30 12:00 - 00000000 ____D C:\Users\Miguel\Desktop\Halcyon-WoW
2016-11-28 20:25 - 2016-09-15 18:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-11-28 20:25 - 2016-06-09 18:45 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-11-28 20:24 - 2016-07-28 19:55 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-11-28 20:18 - 2016-09-22 14:22 - 00003598 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-28 20:18 - 2016-09-15 18:55 - 00003836 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-28 20:18 - 2016-09-15 18:55 - 00003836 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-28 20:18 - 2016-09-15 18:55 - 00003786 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-28 20:18 - 2016-09-15 18:55 - 00003774 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-28 20:18 - 2016-09-15 18:55 - 00003538 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-28 20:18 - 2016-09-15 18:55 - 00001416 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-11-28 20:18 - 2016-06-09 18:45 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-11-28 20:18 - 2016-06-09 18:45 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-11-27 22:05 - 2016-06-09 19:28 - 00000000 ____D C:\Users\Miguel\AppData\Roaming\Skype
2016-11-27 20:44 - 2016-06-09 19:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-27 20:44 - 2016-06-09 19:22 - 00000000 ____D C:\ProgramData\Skype
2016-11-24 20:54 - 2016-10-25 18:16 - 00491536 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-11-24 20:54 - 2016-06-09 18:57 - 19948848 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-11-24 20:54 - 2016-06-09 18:57 - 17373312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-11-24 20:54 - 2016-06-09 18:57 - 14410120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-11-24 20:54 - 2016-06-09 18:57 - 03941720 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-11-24 20:54 - 2016-06-09 18:57 - 03479744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-11-24 20:54 - 2016-06-09 18:57 - 00041344 _____ C:\Windows\system32\nvinfo.pb
2016-11-24 19:39 - 2016-09-15 18:55 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2016-11-24 19:39 - 2016-06-09 18:58 - 06384576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-11-24 19:39 - 2016-06-09 18:58 - 02477624 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-11-24 19:39 - 2016-06-09 18:58 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-11-24 19:39 - 2016-06-09 18:58 - 00546752 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-11-24 19:39 - 2016-06-09 18:58 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-11-24 19:39 - 2016-06-09 18:58 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-11-24 19:39 - 2016-06-09 18:58 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-11-24 10:49 - 2016-06-12 19:11 - 00000000 ____D C:\Windows\system32\MRT
2016-11-24 10:47 - 2016-06-12 19:11 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-23 12:58 - 2016-06-09 18:58 - 07538847 _____ C:\Windows\system32\nvcoproc.bin
2016-11-22 20:18 - 2016-07-01 10:24 - 00000000 ____D C:\Users\Miguel\AppData\Roaming\TeamViewer
2016-11-21 20:52 - 2016-06-09 19:54 - 00000000 ____D C:\Program Files\SteelSeries
2016-11-21 00:54 - 2016-10-01 19:29 - 00001888 _____ C:\Users\Miguel\Desktop\awaken.txt
2016-11-21 00:05 - 2016-06-28 11:01 - 00000600 _____ C:\Users\Miguel\AppData\Local\PUTTY.RND

==================== Files in the root of some directories =======

2016-06-20 16:11 - 2016-06-20 16:11 - 6867968 _____ () C:\Users\Miguel\AppData\Roaming\agent.dat
2016-06-20 16:11 - 2016-06-20 16:11 - 0128512 _____ () C:\Users\Miguel\AppData\Roaming\Installer.dat
2016-06-20 16:11 - 2016-06-20 16:11 - 0018432 _____ () C:\Users\Miguel\AppData\Roaming\Main.dat
2016-06-28 11:01 - 2016-11-21 00:05 - 0000600 _____ () C:\Users\Miguel\AppData\Local\PUTTY.RND
2016-08-24 11:47 - 2016-08-24 11:47 - 0000017 _____ () C:\Users\Miguel\AppData\Local\resmon.resmoncfg
2016-06-09 18:50 - 2016-06-09 18:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Miguel\AppData\Local\Temp\ChangeIcon.exe
C:\Users\Miguel\AppData\Local\Temp\CheckLang.dll
C:\Users\Miguel\AppData\Local\Temp\CtRunApp.dll
C:\Users\Miguel\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\Miguel\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Miguel\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Miguel\AppData\Local\Temp\nvStInst.exe
C:\Users\Miguel\AppData\Local\Temp\utils.dll
C:\Users\Miguel\AppData\Local\Temp\x2blapi.dll
C:\Users\Miguel\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe
[2016-06-16 15:34] - [2011-01-16 00:01] - 0389632 ____A (Microsoft Corporation) 81257415084B84F3C0D95C381A8D4C8F

C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2016-09-14 11:35] - [2011-01-16 00:01] - 1008640 ____A (Microsoft Corporation) 0B864E15A0BADFF0E7BB8B59009FDDCF

C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-07 01:57

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016
Ran by Miguel (21-12-2016 23:15:22)
Running from C:\Users\Miguel\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2016-06-09 18:39:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1752991229-1062164544-2561520819-500 - Administrator - Disabled)
Convidado (S-1-5-21-1752991229-1062164544-2561520819-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1752991229-1062164544-2561520819-1002 - Limited - Enabled)
Miguel (S-1-5-21-1752991229-1062164544-2561520819-1000 - Administrator - Enabled) => C:\Users\Miguel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1752991229-1062164544-2561520819-1000\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.)
Actualizações da NVIDIA 2.13.0.21 (Version: 2.13.0.21 - NVIDIA Corporation) Hidden
Ansel (Version: 376.09 - NVIDIA Corporation) Hidden
AnyTrans 4.4.1 (HKLM-x32\...\{E580ED1F-AAF8-4F7E-B174-54BFA2B94E0B}}_is1) (Version: 4.4.1 - iMobie Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Axxa's World of Warcraft Logo Creator v1.2 (HKLM-x32\...\Axxa's World of Warcraft Logo Creator v1.2) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Chivalry: Medieval Warfare (HKLM\...\Steam App 219640) (Version: - Torn Banner Studios)
Creative WebCam Vista/Live! Cam Chat (VF0330) Driver (1.12.01.00) (HKLM\...\Creative VF0330) (Version: - )
Curse (HKLM-x32\...\{75B8ADD1-7E4D-4A31-B201-54776BCCC486}) (Version: 6.0.0.0 - Curse)
CutePDF Writer 3.1 (HKLM\...\CutePDF Writer Installation) (Version: 3.1 - Acro Software Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DiRT 3 Complete Edition (HKLM\...\Steam App 321040) (Version: - Codemasters Racing Studio)
Discord (HKU\S-1-5-21-1752991229-1062164544-2561520819-1000\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
DriverPack Notifier (HKLM-x32\...\DriverPack Notifier) (Version: 2.0.3 - DriverPack Solution)
ESEA Client (HKU\S-1-5-21-1752991229-1062164544-2561520819-1000\...\ESEA) (Version: 5.0.0.0 - E-Sports Entertainment LLC)
ESL Wire 1.19.0 (HKLM\...\ESL Wire_is1) (Version: - Turtle Entertainment GmbH)
FileZilla Client 3.22.2.2 (HKLM-x32\...\FileZilla Client) (Version: 3.22.2.2 - Tim Kosse)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.6.321 - Foxit Software Inc.)
Galeria de Fotografias (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Gyazo 3.2.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
iCloud (HKLM\...\{724A887F-2B55-4306-B6F9-8F0E7A04B1B5}) (Version: 5.2.2.87 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
InputMapper (HKLM-x32\...\{1A44056A-C7D8-4561-BC43-A0AA7D7AAA64}) (Version: 1.5.31.0 - DSDCS)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 21.0 - Intel)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Português) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2070) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1752991229-1062164544-2561520819-1000\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 49.0.1 (x86 pt-PT) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 pt-PT)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1 - Mozilla)
MySQL Connector Net 6.9.8 (HKLM-x32\...\{D01DF7C8-6F2D-46BC-923B-418233EB1D14}) (Version: 6.9.8 - Oracle)
MySQL Workbench 6.3 CE (HKLM\...\{0D901124-B910-4985-9D4F-AC5C2FEF7493}) (Version: 6.3.7 - Oracle Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA Controlador 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Controlador gráfico 376.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA O controlador de 3D Vision 376.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.09 - NVIDIA Corporation)
NVIDIA O controlador de HD Audio 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA O software do sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.12.1.43352 - Electronic Arts, Inc.)
Painel de controlo da NVIDIA 376.09 (Version: 376.09 - NVIDIA Corporation) Hidden
PrivateTunnel (HKLM-x32\...\PrivateTunnel) (Version: 2.7.0.10 - OpenVPN Technologies)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7878 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1752991229-1062164544-2561520819-1000\...\Spotify) (Version: 1.0.33.106.g60b5d1f0 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.9.6 (HKLM\...\SteelSeries Engine 3) (Version: 3.9.6 - SteelSeries ApS)
Stremio (HKU\S-1-5-21-1752991229-1062164544-2561520819-1000\...\Stremio) (Version: 3.6.5 - Smart Code Ltd.)
Suporte para Aplicações Apple (32-bits) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Suporte para Aplicações Apple (64-bits) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-1752991229-1062164544-2561520819-1000\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
Uplay (HKLM-x32\...\Uplay) (Version: 22.2 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows Driver Package - Microsoft (xusb21) XnaComposite (08/13/2009 2.1.0.1349) (HKLM\...\0AEBEF6F936CFE16E003F7E141631FAB754D9816) (Version: 08/13/2009 2.1.0.1349 - Microsoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.24-1 - Bitnami)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1752991229-1062164544-2561520819-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Miguel\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08C2459B-CDC3-4512-84D4-6F9B0A7E5BB2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-09] (Google Inc.)
Task: {1B9928FC-DF52-4872-A0A8-AC8330FF713A} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS\AutoKMS.exe [2016-06-21] ()
Task: {20E43959-2405-4935-8460-9625CBB6098B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {3388C5CC-572C-4719-AB41-EC3F0D8E25FD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-11-17] (NVIDIA Corporation)
Task: {377B1666-9F2C-483E-8821-81A6DD1A89AA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {3FB3ADB1-C72B-44A5-8E7F-7162FC360BB7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {4682F581-30BE-4048-B7D4-403371D73D6E} - System32\Tasks\DriverPack Notifier => C:\Program Files (x86)\DriverPack Notifier\DriverPackNotifier.exe [2015-12-18] ()
Task: {4F220CC3-D217-45B2-837A-9516A6EEC63B} - System32\Tasks\CMEClient => C:\Program Files (x86)\ChallengeMe.GG Client\ChallengeMeClient.exe
Task: {531DD981-E891-4ED8-BD38-031214049CC4} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-06-02] ()
Task: {5692483F-99A7-4F0C-9CF0-15033023E91D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-11-17] (NVIDIA Corporation)
Task: {81F15B9E-0CFE-4E12-8542-E774FDC90E99} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {8B432B26-2923-45A3-B743-FE3A8C693E52} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {A114BCD3-5DEF-455A-857F-2F752B22B9AB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-09] (Google Inc.)
Task: {B9D769AE-E42C-4A8D-A3AE-D49AA0135266} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2016-06-21] ()
Task: {BCBF305A-5E77-4CA6-9B86-E63DB554BED2} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {C5EF1CDC-9966-4C94-9BE4-8C4CCFBB9AAF} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\WatTask => C:\Windows Activation Technologies\wat.exe [2006-04-21] ()
Task: {C9EEF9EE-0915-40B3-8CD5-AD586A4CAD98} - System32\Tasks\Jatosydinodom Launcher => C:\Program Files (x86)\Jatosydinodom\JtsLnctes.exe
Task: {D722730F-B0B4-458B-A3CB-C794FDF1DA49} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-06-02] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS\AutoKMS.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Miguel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->
ShortcutWithArgument: C:\Users\Miguel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->

==================== Loaded Modules (Whitelisted) ==============

2016-06-09 19:22 - 2016-01-22 15:57 - 00089008 _____ () C:\Windows\System32\cpwmon64.dll
2016-07-05 14:23 - 2016-07-05 14:23 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 14:23 - 2016-07-05 14:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-06-17 11:58 - 2016-04-12 13:39 - 00663056 _____ () C:\Program Files\EslWire\service\WireHelperSvc.exe
2016-06-17 11:58 - 2016-04-14 09:38 - 00214016 _____ () C:\Program Files\EslWire\service\NocIPC64.dll
2016-09-15 18:55 - 2016-11-17 13:45 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-15 18:55 - 2016-11-17 13:45 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-15 18:55 - 2016-11-17 13:45 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-08-29 17:31 - 2016-08-29 17:31 - 00949480 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe
2016-06-09 18:58 - 2016-11-24 19:39 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-16 23:24 - 2016-10-16 23:24 - 00959168 _____ () C:\Users\Miguel\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-11-01 18:10 - 2016-11-01 18:10 - 00052400 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2016-04-25 13:12 - 2016-07-28 11:17 - 00174872 _____ () F:\Teamspeak3\quazip.dll
2016-04-25 13:12 - 2016-07-28 11:17 - 00103192 _____ () F:\Teamspeak3\soundbackends\directsound_win64.dll
2016-04-25 13:12 - 2016-07-28 11:17 - 00107800 _____ () F:\Teamspeak3\soundbackends\windowsaudiosession_win64.dll
2016-09-20 20:11 - 2016-09-20 20:10 - 00263680 _____ () F:\Teamspeak3\plugins\ClownfishForTeamspeak_win64.dll
2016-04-25 13:13 - 2016-07-28 11:17 - 00312088 _____ () F:\Teamspeak3\plugins\clientquery_plugin.dll
2016-04-25 13:13 - 2016-07-28 11:17 - 00485656 _____ () F:\Teamspeak3\plugins\teamspeak_control_plugin.dll
2016-09-15 18:55 - 2016-11-17 13:45 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-15 18:55 - 2016-11-17 13:45 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-15 18:55 - 2016-11-17 13:45 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-15 18:55 - 2016-11-17 10:20 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-15 18:55 - 2016-11-17 10:20 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-15 18:55 - 2016-11-17 10:20 - 02809912 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-15 18:55 - 2016-11-17 10:20 - 00245184 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-15 18:55 - 2016-11-17 10:20 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-15 18:55 - 2016-11-17 10:20 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-15 18:55 - 2016-11-17 10:20 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-07-05 14:23 - 2016-07-05 14:23 - 01041208 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-07-05 14:24 - 2016-07-05 14:24 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 14:23 - 2016-07-05 14:23 - 00244536 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-10-16 23:24 - 2016-10-16 23:24 - 00679624 _____ () C:\Users\Miguel\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-09-15 18:55 - 2016-11-17 13:44 - 60817344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-06-09 18:49 - 2016-12-08 15:13 - 00656160 _____ () C:\Program Files\Steam\SDL2.dll
2016-06-09 18:49 - 2016-09-01 01:02 - 04969248 _____ () C:\Program Files\Steam\v8.dll
2016-06-09 18:49 - 2016-09-01 01:02 - 01563936 _____ () C:\Program Files\Steam\icui18n.dll
2016-06-09 18:49 - 2016-09-01 01:02 - 01195296 _____ () C:\Program Files\Steam\icuuc.dll
2016-06-09 18:49 - 2016-12-20 02:25 - 02322720 _____ () C:\Program Files\Steam\video.dll
2016-06-09 18:49 - 2016-01-27 07:49 - 02549760 _____ () C:\Program Files\Steam\libavcodec-56.dll
2016-06-09 18:49 - 2016-01-27 07:49 - 00442880 _____ () C:\Program Files\Steam\libavutil-54.dll
2016-06-09 18:49 - 2016-01-27 07:49 - 00491008 _____ () C:\Program Files\Steam\libavformat-56.dll
2016-06-09 18:49 - 2016-01-27 07:49 - 00332800 _____ () C:\Program Files\Steam\libavresample-2.dll
2016-06-09 18:49 - 2016-01-27 07:49 - 00485888 _____ () C:\Program Files\Steam\libswscale-3.dll
2016-06-09 18:49 - 2016-12-20 02:25 - 00838944 _____ () C:\Program Files\Steam\bin\chromehtml.DLL
2016-06-09 18:49 - 2016-07-04 22:17 - 00266560 _____ () C:\Program Files\Steam\openvr_api.dll
2016-12-13 10:53 - 2016-12-05 16:21 - 67304736 _____ () C:\Program Files\Steam\bin\cef\cef.win7\libcef.dll
2016-06-09 18:49 - 2015-09-24 23:52 - 00119208 _____ () C:\Program Files\Steam\winh264.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:34 - 2016-06-20 16:12 - 00001006 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1752991229-1062164544-2561520819-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Miguel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: ADSkipSvc => 2
MSCONFIG\Services: backlh => 2
MSCONFIG\Services: CloudPrinter => 2
MSCONFIG\Services: cofutyjizbt => 2
MSCONFIG\Services: dowidoly => 2
MSCONFIG\Services: JtsLncs => 2
MSCONFIG\Services: ProntSpooler => 2
MSCONFIG\Services: rijufoze => 2
MSCONFIG\Services: zigipyro => 2
MSCONFIG\startupfolder: C:^Users^Miguel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => C:\Windows\pss\Curse.lnk.Startup
MSCONFIG\startupreg: apphide => C:\Program Files (x86)\badu\uc.exe
MSCONFIG\startupreg: apphide2 => C:\Program Files (x86)\badu\uc.exe
MSCONFIG\startupreg: Discord => C:\Users\Miguel\AppData\Local\Discord\app-0.0.296\Discord.exe
MSCONFIG\startupreg: gplyra => C:\Users\Miguel\AppData\Roaming\gplyra\gplyra\start.cmd
MSCONFIG\startupreg: iTunesHelper => "F:\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: msiql => C:\Users\Miguel\AppData\Roaming\UPUpdata\msiql.exe /RUNNING
MSCONFIG\startupreg: QGuan10in1 => C:\Users\Miguel\AppData\Roaming\UPUpdata\service72564.exe /autorun
MSCONFIG\startupreg: QGuan10in12 => C:\Users\Miguel\AppData\Roaming\UPUpdata\service90132.exe /autorun
MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Miguel\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Miguel\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\steam.exe" -silent
MSCONFIG\startupreg: svchost0 => C:\Program Files (x86)\UCBrowser\Application\UUC0789.exe
MSCONFIG\startupreg: WINCOMU76 => "C:\Program Files (x86)\mpck\wincom_U76.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{210588CC-FC46-438A-BB60-7E8D7C6D77D1}] => E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{195958C6-4BE8-4273-B804-9D6B80DD19BD}] => E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{33739146-7E13-48AC-A683-5164466AFF97}] => E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{42016376-C5AB-4BDA-AE38-803DE4D1C96A}] => E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A805B68B-66F2-4CFA-9AD2-7B20E8E8F74F}] => C:\Program Files\Steam\Steam.exe
FirewallRules: [{358E8B43-EB38-4A64-88D1-7F9D247680C4}] => C:\Program Files\Steam\Steam.exe
FirewallRules: [{7320D306-DC12-41B9-8E1E-D6BDC686B65D}] => C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{27FCF53D-32DE-4F13-AEC4-7025D90AC35D}] => C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{D3D5422D-621C-495B-A1B4-CF5A894FFFD2}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{CA5FC064-4667-4B37-8C7C-465E214CFF93}E:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => E:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{29383BEC-8C77-4CE6-83EA-04C1AC21DED1}E:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => E:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{6CDE6303-7839-4DED-8FD2-0E046E61B7B1}F:\jogos\thenewz\thenewz.exe] => F:\jogos\thenewz\thenewz.exe
FirewallRules: [UDP Query User{55A67FA4-372B-4C4A-8D67-B779ED7FE178}F:\jogos\thenewz\thenewz.exe] => F:\jogos\thenewz\thenewz.exe
FirewallRules: [TCP Query User{7ED2A093-4845-4787-819F-9DA405B61795}C:\users\miguel\appdata\roaming\spotify\spotify.exe] => C:\users\miguel\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{010D5639-0795-41AA-88B2-3C7B1AEA30AD}C:\users\miguel\appdata\roaming\spotify\spotify.exe] => C:\users\miguel\appdata\roaming\spotify\spotify.exe
FirewallRules: [{B0379AAC-556F-4387-A6DE-A02FC5BD6D16}] => E:\Program Files (x86)\Steam\SteamApps\common\EasyAntiCheat\EasyAntiCheat.exe
FirewallRules: [{9ED91B31-29A8-4B9D-8CCE-0AFACB7CCC86}] => E:\Program Files (x86)\Steam\SteamApps\common\EasyAntiCheat\EasyAntiCheat.exe
FirewallRules: [TCP Query User{39745E36-3AB0-47E0-BBA2-F00F6CA0D84D}H:\miguel\pap\usbwebserver v8_en\mysql\bin\mysqld_usbwv8.exe] => H:\miguel\pap\usbwebserver v8_en\mysql\bin\mysqld_usbwv8.exe
FirewallRules: [UDP Query User{F506C96C-F9FE-4CD4-BF94-D4347A167020}H:\miguel\pap\usbwebserver v8_en\mysql\bin\mysqld_usbwv8.exe] => H:\miguel\pap\usbwebserver v8_en\mysql\bin\mysqld_usbwv8.exe
FirewallRules: [TCP Query User{F694CDC6-64BE-4D2F-A450-62321E8088A0}H:\miguel\pap\usbwebserver v8_en\apache\bin\httpd_usbwv8.exe] => H:\miguel\pap\usbwebserver v8_en\apache\bin\httpd_usbwv8.exe
FirewallRules: [UDP Query User{CB27932D-1047-4548-904C-711AC6F43F21}H:\miguel\pap\usbwebserver v8_en\apache\bin\httpd_usbwv8.exe] => H:\miguel\pap\usbwebserver v8_en\apache\bin\httpd_usbwv8.exe
FirewallRules: [{9F9077EF-23A0-4AED-9818-32A6A19A56EE}] => C:\Program Files\EslWire\wire.exe
FirewallRules: [{65B4FE45-DF85-480B-A0C3-9700C0BA9247}] => C:\Program Files\EslWire\wire.exe
FirewallRules: [{BAE2D30B-71CC-4A42-BB93-507B4A1541F0}] => C:\Users\Miguel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C123FFAA-AFEE-4CEF-A30A-57B22EFEFA31}] => C:\Users\Miguel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1188F2F0-E754-472B-A335-152BE74A4465}] => C:\Users\Miguel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E17EF95D-C8F1-488A-9936-1966915DD536}] => C:\Users\Miguel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{186B4C0A-6572-4B00-B088-5763CBCBDDDE}] => C:\Users\Miguel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{48A0D32D-85D3-4DB9-B1BE-CA83FBA85015}] => C:\Users\Miguel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3335D011-9EA2-450A-86B7-2823F974E385}] => C:\Program Files (x86)\ADSKIP\ADSkip.exe
FirewallRules: [{F2FC2C98-7007-43AD-A069-36F99B08DAD5}] => C:\Program Files (x86)\ADSKIP\ADSkipSvc.exe
FirewallRules: [{600A9A33-2E72-40FE-B426-BD49BCC314C6}] => C:\Program Files (x86)\ADSKIP\ADSkip.exe
FirewallRules: [{E2AB25EC-40D2-4DCC-9058-50A188816A73}] => C:\Program Files (x86)\ADSKIP\ADSkipSvc.exe
FirewallRules: [TCP Query User{15603C46-DBDB-4941-AF56-2D6E4D199494}C:\windows\kmsemulator.exe] => C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{4E236750-7CFD-40CD-81C3-5DB46E989CF1}C:\windows\kmsemulator.exe] => C:\windows\kmsemulator.exe
FirewallRules: [{7C945B66-EE88-4C42-9DE1-06E5B6866A47}] => E:\Rockstar\GTA5.exe
FirewallRules: [{423CE8EF-95A2-4B5B-9A66-927F1DD5C002}] => E:\Rockstar\GTA5.exe
FirewallRules: [TCP Query User{56286FDD-372B-49FA-BA35-CAAB8D8B5AB7}E:\program files (x86)\filezilla ftp client\filezilla.exe] => E:\program files (x86)\filezilla ftp client\filezilla.exe
FirewallRules: [UDP Query User{24730DEF-0D6D-4469-9CDD-35EF5F83CAD7}E:\program files (x86)\filezilla ftp client\filezilla.exe] => E:\program files (x86)\filezilla ftp client\filezilla.exe
FirewallRules: [{07852102-A267-4E6F-8F3A-9BCB47D4401D}] => C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{EBE06984-18D4-40C2-8005-DB48B326C4A3}] => C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [TCP Query User{8E18BE70-0432-4B86-9BDF-00ED76647EC4}C:\users\miguel\appdata\local\programs\lnv\stremio\stremio.exe] => C:\users\miguel\appdata\local\programs\lnv\stremio\stremio.exe
FirewallRules: [UDP Query User{C75C6EDC-6DA4-4955-92F9-6E92F24E0942}C:\users\miguel\appdata\local\programs\lnv\stremio\stremio.exe] => C:\users\miguel\appdata\local\programs\lnv\stremio\stremio.exe
FirewallRules: [{99225733-C16D-4F3C-97D9-8FC33F23E43A}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C246AF2F-D7B6-4FD3-8FA5-1A8BBA536324}] => LPort=2869
FirewallRules: [{33690B44-AE54-48AE-99DF-6DC17FCC8685}] => LPort=1900
FirewallRules: [{819139E1-EE5E-404C-B351-8EA242A61241}] => E:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{B341286E-6DDB-4D6D-81F6-563CD27A8A85}] => E:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{D515646A-CB73-4A15-B05D-E516936C25C1}] => E:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{E969A711-35E1-4136-8052-5018687CE34F}] => E:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{B7A16C24-9AA1-4F2B-BE56-74EB3077402C}] => E:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{D8782C8E-FBF6-4D64-B620-04F57822425D}] => E:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{6E2C1BE8-527D-4F6A-9362-E938244585B0}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5FF69402-3877-41C6-9B07-99226AD30782}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5B233F56-1047-4DC8-B898-79D3CBC06351}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{86EE2CBC-303A-4B95-9E94-6A65647C10C7}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C21D724E-95E9-4F69-B4C4-2C0B8FD4FBD8}] => F:\iTunes\iTunes.exe
FirewallRules: [TCP Query User{9E9A0040-2F9F-4A26-A93F-86C590DFBA7E}C:\users\miguel\downloads\zerobundle-win\zerobundle\python\python.exe] => C:\users\miguel\downloads\zerobundle-win\zerobundle\python\python.exe
FirewallRules: [UDP Query User{21D95FEA-416A-4CAF-8A1B-EB72BEEFAF6F}C:\users\miguel\downloads\zerobundle-win\zerobundle\python\python.exe] => C:\users\miguel\downloads\zerobundle-win\zerobundle\python\python.exe
FirewallRules: [TCP Query User{25283D58-1F7D-438E-A6B2-29398E752CCB}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{D9C5A3A6-B0BB-4072-80E3-752320A8DC3E}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [{D23C3A2D-AFF1-4F23-8BD7-9128E9539512}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{BE7F3BD2-870D-44B4-8EAC-60F73E2E9404}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F4CCC328-14EB-4758-A79C-C6B22690DACB}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{14326A67-7414-4700-B933-3C1C21955A80}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{AFF724E3-46CA-4828-A658-2190CE9FD3EF}E:\pen backup\usbwebserver v8_en\mysql\bin\mysqld_usbwv8.exe] => E:\pen backup\usbwebserver v8_en\mysql\bin\mysqld_usbwv8.exe
FirewallRules: [UDP Query User{8ECF5EBF-0AB0-4D4D-B086-25F5CEF1E875}E:\pen backup\usbwebserver v8_en\mysql\bin\mysqld_usbwv8.exe] => E:\pen backup\usbwebserver v8_en\mysql\bin\mysqld_usbwv8.exe
FirewallRules: [TCP Query User{E8DB0147-C3C6-49CF-995A-435640A95B46}E:\pen backup\usbwebserver v8_en\apache\bin\httpd_usbwv8.exe] => E:\pen backup\usbwebserver v8_en\apache\bin\httpd_usbwv8.exe
FirewallRules: [UDP Query User{CFAA1115-84CE-4862-817F-6CA9727BAAC3}E:\pen backup\usbwebserver v8_en\apache\bin\httpd_usbwv8.exe] => E:\pen backup\usbwebserver v8_en\apache\bin\httpd_usbwv8.exe
FirewallRules: [TCP Query User{4062751C-BA1A-416C-8E28-D0361B8C9231}F:\xampp\apache\bin\httpd.exe] => F:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{77635322-35CA-478E-BBB4-7EC9F2572B6B}F:\xampp\apache\bin\httpd.exe] => F:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{5ACA0219-EA48-40CC-A612-B7A35EED6399}F:\xampp\mysql\bin\mysqld.exe] => F:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{C59D8865-023A-4B29-9792-951E240FE7F5}F:\xampp\mysql\bin\mysqld.exe] => F:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{CF277555-6672-4BCE-8B05-8721B467723B}F:\xampp\filezillaftp\filezillaserver.exe] => F:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{67CFE3AA-BD19-4EA5-83D6-BC291673BED4}F:\xampp\filezillaftp\filezillaserver.exe] => F:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{F75E337A-5391-4447-8269-C8167C0CC865}F:\xampp\mercurymail\mercury.exe] => F:\xampp\mercurymail\mercury.exe
FirewallRules: [UDP Query User{1143B78A-E3B7-4DB7-92EE-2B47CAFCBF53}F:\xampp\mercurymail\mercury.exe] => F:\xampp\mercurymail\mercury.exe
FirewallRules: [TCP Query User{547913CA-D02F-464C-9247-12C62169D745}C:\program files\java\jre1.8.0_101\bin\java.exe] => C:\program files\java\jre1.8.0_101\bin\java.exe
FirewallRules: [UDP Query User{ECC826EA-D73A-4954-B191-91BF5F024851}C:\program files\java\jre1.8.0_101\bin\java.exe] => C:\program files\java\jre1.8.0_101\bin\java.exe
FirewallRules: [TCP Query User{217646F8-049E-4DC5-A058-855F8697402D}E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{36FB9695-6F8B-4174-92AF-EB16236C3712}E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [{8B677634-A09C-439C-840C-337282310EDA}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8DC61635-33BE-4EA1-8BDB-BD9681DB418D}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{449DB7B7-3FA7-416C-A138-A0598021839C}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{8A52A5F4-03FC-477A-B0FB-943D679F57E8}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{0264D11B-83E6-43DB-AAD1-275C2B994069}E:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe] => E:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe
FirewallRules: [UDP Query User{50D25A69-5DCF-480E-9552-6926C9FC133B}E:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe] => E:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe
FirewallRules: [{EEEFD3F6-A969-4C92-BF87-CDF7040B5CA8}] => F:\jogos\TheNewZ\TheNewZ.exe
FirewallRules: [{9563CB27-978A-4C1C-B862-2AFFDDCD3C7D}] => E:\Program Files (x86)\Steam\SteamApps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{A9E8A68B-E6A5-4800-A208-1C555214E2F1}] => E:\Program Files (x86)\Steam\SteamApps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [TCP Query User{6EBCC9F0-863A-4467-8168-133617544689}E:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => E:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{14FC9CCA-CDD8-4EA6-806D-25DAE7FD4F8D}E:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => E:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{168365C1-55D4-4C48-AB21-7D704B825BEA}] => E:\Program Files (x86)\Steam\SteamApps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{00488786-BA20-40AE-882D-6D2FB368FED2}] => E:\Program Files (x86)\Steam\SteamApps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{98563681-9D14-4A47-BE2E-65FCF70B41AE}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F9E4A9AC-B668-4E13-BF27-F72E3C77DBFB}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{37560F21-EF6D-4A49-B811-962DA9C6B2A1}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{41E1C967-8EC0-4DAC-9C51-337A6C5D1658}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6A93A08A-BB19-4E38-8FE7-0FB56E4E33D7}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [TCP Query User{133953F9-208F-42C9-A47E-72553EF92CDB}F:\sinusbot\sinusbot.exe] => F:\sinusbot\sinusbot.exe
FirewallRules: [UDP Query User{841A59B4-4929-4159-A370-DFA9CD78E200}F:\sinusbot\sinusbot.exe] => F:\sinusbot\sinusbot.exe
FirewallRules: [{0FAE8BA3-14F1-400F-82F7-25A095A76347}] => F:\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{68B155EF-567C-4269-B7B6-096A638D47EA}] => F:\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{528DE619-14E4-4A91-913A-C042E7F73839}] => C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{3B37B227-EF10-4178-8387-812B7E9ED55B}] => C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CD96A0A6-E72A-4E43-A585-665F60D43FA9}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{29032B04-0F1F-425B-8D28-60FDFC7C7B9C}] => E:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5B4ADCFB-05CF-416A-9EF2-56759A3B1A81}] => E:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe

==================== Restore Points =========================

11-12-2016 19:21:58 Windows Update
21-12-2016 20:56:44 Windows Update
21-12-2016 20:57:23 Installed DirectX
21-12-2016 20:59:59 Removed Microsoft Office Professional Plus 2010

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/20/2016 12:21:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Steam.exe versão 3.73.50.89 deixou de interagir com o Windows e foi fechado. Para verificar se existem mais informações disponíveis sobre o problema, consulte o histórico de problemas no painel de controlo do Centro de Acção.

ID do Processo: 6c8

Hora de Início: 01d259edb16831ce

Hora de Fim: 7

Caminho da Aplicação: C:\Program Files\Steam\Steam.exe

ID do Relatório: 3ee59b99-c64a-11e6-86ee-f80f4112023d

Error: (12/13/2016 06:27:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 17 1.0.0.127.in-addr.arpa. PTR Miguel-PC.local.

Error: (12/13/2016 06:27:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 127.0.0.1:5353 19 1.0.0.127.in-addr.arpa. PTR Miguel-PC-2.local.

Error: (12/13/2016 12:37:46 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha ao gerar o contexto de activação para "c:\program files (x86)\microsoft office\root\Office16\lync.exe.Manifest". Erro no ficheiro de manifesto ou de política "c:\program files (x86)\microsoft office\root\Office16\UccApi.DLL" na linha 1.
A identidade do componente existente no manifesto não corresponde à identidade do componente necessário.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Utilize sxstrace.exe para obter um diagnóstico detalhado.

Error: (12/08/2016 05:00:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: steamwebhelper.exe, versão: 3.65.13.80, carimbo de data/hora: 0x57fed9f2
Nome do módulo com falha: steamwebhelper.exe, versão: 3.65.13.80, carimbo de data/hora: 0x57fed9f2
Código de excepção: 0xc0000005
Desvio de falha: 0x00037b59
ID do processo com falha: 0x1cc4
Data/hora de início da aplicação com falha: 0x01d251707a8912d3
Caminho da aplicação com falha: C:\Program Files\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Caminho do módulo com falha: C:\Program Files\Steam\bin\cef\cef.winxp\steamwebhelper.exe
ID do Relatório: e167125e-bd67-11e6-b161-f80f4112023d

Error: (12/08/2016 04:31:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: steamwebhelper.exe, versão: 3.65.13.80, carimbo de data/hora: 0x57fed9f2
Nome do módulo com falha: steamwebhelper.exe, versão: 3.65.13.80, carimbo de data/hora: 0x57fed9f2
Código de excepção: 0xc0000005
Desvio de falha: 0x00037b59
ID do processo com falha: 0x1618
Data/hora de início da aplicação com falha: 0x01d2516d659f99f2
Caminho da aplicação com falha: C:\Program Files\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Caminho do módulo com falha: C:\Program Files\Steam\bin\cef\cef.winxp\steamwebhelper.exe
ID do Relatório: b7a37d58-bd63-11e6-b161-f80f4112023d

Error: (12/08/2016 04:09:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: steamwebhelper.exe, versão: 3.65.13.80, carimbo de data/hora: 0x57fed9f2
Nome do módulo com falha: steamwebhelper.exe, versão: 3.65.13.80, carimbo de data/hora: 0x57fed9f2
Código de excepção: 0xc0000005
Desvio de falha: 0x00037b59
ID do processo com falha: 0x1970
Data/hora de início da aplicação com falha: 0x01d2516632788b7d
Caminho da aplicação com falha: C:\Program Files\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Caminho do módulo com falha: C:\Program Files\Steam\bin\cef\cef.winxp\steamwebhelper.exe
ID do Relatório: a2807d0f-bd60-11e6-b161-f80f4112023d

Error: (12/08/2016 03:11:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Discord.exe versão 0.0.40.0 deixou de interagir com o Windows e foi fechado. Para verificar se existem mais informações disponíveis sobre o problema, consulte o histórico de problemas no painel de controlo do Centro de Acção.

ID do Processo: 10b0

Hora de Início: 01d2515195d6070f

Hora de Fim: 3

Caminho da Aplicação: C:\Users\Miguel\AppData\Local\Discord\app-0.0.296\Discord.exe

ID do Relatório: a3a8b9d6-bd58-11e6-b161-f80f4112023d

Error: (12/08/2016 12:51:49 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha ao gerar o contexto de activação para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Erro no ficheiro de manifesto ou de política "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" na linha 1.
A identidade do componente existente no manifesto não corresponde à identidade do componente necessário.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Utilize sxstrace.exe para obter um diagnóstico detalhado.

Error: (12/08/2016 12:51:49 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha ao gerar o contexto de activação para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Erro no ficheiro de manifesto ou de política "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" na linha 1.
A identidade do componente existente no manifesto não corresponde à identidade do componente necessário.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Utilize sxstrace.exe para obter um diagnóstico detalhado.


System errors:
=============
Error: (12/21/2016 11:15:01 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Foi recebido o seguinte alerta fatal: 40.

Error: (12/21/2016 11:15:01 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Foi recebido o seguinte alerta fatal: 40.

Error: (12/21/2016 11:14:06 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Foi recebido o seguinte alerta fatal: 40.

Error: (12/21/2016 11:14:06 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Foi recebido o seguinte alerta fatal: 40.

Error: (12/21/2016 11:03:10 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Foi recebido o seguinte alerta fatal: 40.

Error: (12/21/2016 11:03:10 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Foi recebido o seguinte alerta fatal: 40.

Error: (12/21/2016 09:59:09 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Foi recebido o seguinte alerta fatal: 40.

Error: (12/21/2016 09:59:09 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Foi recebido o seguinte alerta fatal: 40.

Error: (12/21/2016 09:27:08 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Foi recebido o seguinte alerta fatal: 40.

Error: (12/21/2016 09:27:08 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Foi recebido o seguinte alerta fatal: 40.


CodeIntegrity:
===================================
Date: 2016-12-21 23:13:54.654
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-21 20:55:30.691
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-19 11:43:07.721
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-18 19:44:41.551
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-16 18:33:56.800
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-15 18:25:07.785
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-14 19:28:47.426
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-13 10:52:03.023
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-13 10:35:26.159
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-12 20:22:53.299
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 38%
Total physical RAM: 8174.04 MB
Available physical RAM: 5011.71 MB
Total Virtual: 16346.25 MB
Available Virtual: 13005.4 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:30.62 GB) NTFS
Drive d: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Packard Bell) (Fixed) (Total:456.71 GB) (Free:58.98 GB) NTFS
Drive f: (DATA) (Fixed) (Total:456.71 GB) (Free:55.34 GB) NTFS
Drive g: (HBCD 15.2) (CDROM) (Total:0.58 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 6C44167A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5FE8ED01)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=456.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=456.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Attached Files


Edited by Oh My!, 21 December 2016 - 08:33 PM.


#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,005 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:02 PM

Posted 21 December 2016 - 08:32 PM

Greetings.

Shall I assume your name is Miguel?

Thank you for the information about Office. Please feel free to reinstall it.

Please consider and do this. If you could copy and paste the contents of reports in your reply, unless instructed to attach the file, that would help greatly.

===================================================

Peer to Peer (P2P) Warning

--------------------

Going over your logs I noticed that you have Peer 2 Peer (torrent) program(s) installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
I would recommend that you uninstall Peer 2 Peer programs, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about CryptoLocker Ransomware, a type of Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities.

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it as fixlist.txt in the same location/folder as FRST.exe (<<<Important)
CreateRestorePoint:
CloseProcesses:
CHR Profile: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-06-20] <==== ATTENTION
S4 JtsLncs; "C:\Program Files (x86)\Jatosydinodom\JtsLncs.xhtm5" {79740E79-A383-47A7-B513-3DF6563D007F} {8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} [X]
S3 blNetFilter; \??\C:\Windows\system32\drivers\blNetFilter.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2016-12-18 19:44 - 2016-12-18 19:44 - 00000000 _____ C:\Windows\cd_127
2016-12-18 19:45 - 2016-06-21 20:54 - 00002756 _____ C:\Windows\System32\Tasks\AutoKMSDaily
2016-12-18 19:45 - 2016-06-21 20:54 - 00000218 _____ C:\Windows\Tasks\AutoKMSDaily.job
2016-12-18 19:45 - 2016-06-21 20:54 - 00000218 _____ C:\Windows\Tasks\AutoKMS.job
2016-12-18 19:44 - 2016-06-21 20:54 - 00077824 _____ C:\Windows\KMSEmulator.exe
2016-12-08 04:52 - 2016-06-21 20:54 - 00000000 ____D C:\Windows\AutoKMS
Task: {1B9928FC-DF52-4872-A0A8-AC8330FF713A} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS\AutoKMS.exe [2016-06-21] ()
Task: {B9D769AE-E42C-4A8D-A3AE-D49AA0135266} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2016-06-21] ()
Task: {C9EEF9EE-0915-40B3-8CD5-AD586A4CAD98} - System32\Tasks\Jatosydinodom Launcher => C:\Program Files (x86)\Jatosydinodom\JtsLnctes.exe
C:\Program Files (x86)\Jatosydinodom
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS\AutoKMS.exe
FirewallRules: [{3335D011-9EA2-450A-86B7-2823F974E385}] => C:\Program Files (x86)\ADSKIP\ADSkip.exe
FirewallRules: [{F2FC2C98-7007-43AD-A069-36F99B08DAD5}] => C:\Program Files (x86)\ADSKIP\ADSkipSvc.exe
FirewallRules: [{600A9A33-2E72-40FE-B426-BD49BCC314C6}] => C:\Program Files (x86)\ADSKIP\ADSkip.exe
FirewallRules: [{E2AB25EC-40D2-4DCC-9058-50A188816A73}] => C:\Program Files (x86)\ADSKIP\ADSkipSvc.exe
FirewallRules: [TCP Query User{15603C46-DBDB-4941-AF56-2D6E4D199494}C:\windows\kmsemulator.exe] => C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{4E236750-7CFD-40CD-81C3-5DB46E989CF1}C:\windows\kmsemulator.exe] => C:\windows\kmsemulator.exe
C:\Program Files (x86)\ADSKIP
C:\windows\kmsemulator.exe
cmd: regedit /e "%userprofile%\desktop\look.txt" "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig"
  • Right click on FRST.exe, select Run as administrator then press the Fix button
  • When completed he tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
  • A look.txt document will also be placed on your Desktop. Please copy and paste the contents in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog.txt
  • Look.txt
  • System Summary Information
  • Update on computer behavior

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 Papadocks

Papadocks
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:02 AM

Posted 22 December 2016 - 01:29 PM

Hello,

 

Yes my name is Miguel.

 

My problem is still here. :S

 

Here's the logs!

 

Windows Registry Editor Version 5.00
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\ADSkipSvc]
"ADSkipSvc"=dword:00000002
"YEAR"=dword:000007e0
"MONTH"=dword:00000006
"DAY"=dword:00000014
"HOUR"=dword:00000011
"MINUTE"=dword:00000013
"SECOND"=dword:00000030
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\backlh]
"backlh"=dword:00000002
"YEAR"=dword:000007e0
"MONTH"=dword:00000006
"DAY"=dword:00000014
"HOUR"=dword:00000011
"MINUTE"=dword:00000013
"SECOND"=dword:0000002c
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\CloudPrinter]
"CloudPrinter"=dword:00000002
"YEAR"=dword:000007e0
"MONTH"=dword:00000006
"DAY"=dword:00000014
"HOUR"=dword:00000011
"MINUTE"=dword:00000013
"SECOND"=dword:0000002c
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\cofutyjizbt]
"cofutyjizbt"=dword:00000002
"YEAR"=dword:000007e0
"MONTH"=dword:00000006
"DAY"=dword:00000014
"HOUR"=dword:00000011
"MINUTE"=dword:00000013
"SECOND"=dword:0000002c
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\dowidoly]
"dowidoly"=dword:00000002
"YEAR"=dword:000007e0
"MONTH"=dword:00000006
"DAY"=dword:00000014
"HOUR"=dword:00000011
"MINUTE"=dword:00000013
"SECOND"=dword:0000002c
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\JtsLncs]
"JtsLncs"=dword:00000002
"YEAR"=dword:000007e0
"MONTH"=dword:00000006
"DAY"=dword:00000014
"HOUR"=dword:00000011
"MINUTE"=dword:00000013
"SECOND"=dword:0000002c
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\ProntSpooler]
"ProntSpooler"=dword:00000002
"YEAR"=dword:000007e0
"MONTH"=dword:00000006
"DAY"=dword:00000014
"HOUR"=dword:00000011
"MINUTE"=dword:00000013
"SECOND"=dword:0000002c
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\rijufoze]
"rijufoze"=dword:00000002
"YEAR"=dword:000007e0
"MONTH"=dword:00000006
"DAY"=dword:00000014
"HOUR"=dword:00000011
"MINUTE"=dword:00000013
"SECOND"=dword:0000002c
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\zigipyro]
"zigipyro"=dword:00000002
"YEAR"=dword:000007e0
"MONTH"=dword:00000006
"DAY"=dword:00000014
"HOUR"=dword:00000011
"MINUTE"=dword:00000013
"SECOND"=dword:0000002c
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Miguel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk]
"path"="C:\\Users\\Miguel\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Curse.lnk"
"backup"="C:\\Windows\\pss\\Curse.lnk.Startup"
"location"="C:\\Users\\Miguel\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\Miguel\\AppData\\Roaming\\CURSEC~1\\Bin\\Curse.exe /startup"
"item"="Curse"
"YEAR"=dword:000007e0
"MONTH"=dword:0000000c
"DAY"=dword:0000000e
"HOUR"=dword:00000013
"MINUTE"=dword:00000020
"SECOND"=dword:00000021
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\apphide]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="apphide"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\badu\\uc.exe"
"inimapping"="0"
"YEAR"=dword:000007e0
"MONTH"=dword:00000006
"DAY"=dword:00000014
"HOUR"=dword:00000011
"MINUTE"=dword:0000001d
"SECOND"=dword:00000004
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\apphide2]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="apphide2"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\badu\\uc.exe"
"inimapping"="0"
"YEAR"=dword:000007e0
"MONTH"=dword:00000006
"DAY"=dword:00000014
"HOUR"=dword:00000011
"MINUTE"=dword:0000001d
"SECOND"=dword:00000004
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Discord]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Discord"
"hkey"="HKCU"
"command"="C:\\Users\\Miguel\\AppData\\Local\\Discord\\app-0.0.296\\Discord.exe"
"inimapping"="0"
"YEAR"=dword:000007e0
"MONTH"=dword:0000000c
"DAY"=dword:0000000e
"HOUR"=dword:00000013
"MINUTE"=dword:00000020
"SECOND"=dword:00000021
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\gplyra]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="gplyra"
"hkey"="HKLM"
"command"="C:\\Users\\Miguel\\AppData\\Roaming\\gplyra\\gplyra\\start.cmd"
"inimapping"="0"
"YEAR"=dword:000007e0
"MONTH"=dword:00000006
"DAY"=dword:00000014
"HOUR"=dword:00000011
"MINUTE"=dword:0000001d
"SECOND"=dword:00000004
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"F:\\iTunes\\iTunesHelper.exe\""
"inimapping"="0"
"YEAR"=dword:000007e0
"MONTH"=dword:00000008
"DAY"=dword:0000001a
"HOUR"=dword:0000000e
"MINUTE"=dword:00000013
"SECOND"=dword:0000002b
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msiql]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msiql"
"hkey"="HKCU"
"command"="C:\\Users\\Miguel\\AppData\\Roaming\\UPUpdata\\msiql.exe /RUNNING"
"inimapping"="0"
"YEAR"=dword:000007e0
"MONTH"=dword:00000006
"DAY"=dword:00000014
"HOUR"=dword:00000011
"MINUTE"=dword:0000001d
"SECOND"=dword:00000004
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QGuan10in1]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QGuan10in1"
"hkey"="HKCU"
"command"="C:\\Users\\Miguel\\AppData\\Roaming\\UPUpdata\\service72564.exe /autorun"
"inimapping"="0"
"YEAR"=dword:000007e0
"MONTH"=dword:00000006
"DAY"=dword:00000014
"HOUR"=dword:00000011
"MINUTE"=dword:0000001d
"SECOND"=dword:00000004
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QGuan10in12]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QGuan10in12"
"hkey"="HKCU"
"command"="C:\\Users\\Miguel\\AppData\\Roaming\\UPUpdata\\service90132.exe /autorun"
"inimapping"="0"
"YEAR"=dword:000007e0
"MONTH"=dword:00000006
"DAY"=dword:00000014
"HOUR"=dword:00000011
"MINUTE"=dword:0000001d
"SECOND"=dword:00000004
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ShadowPlay]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ShadowPlay"
"hkey"="HKLM"
"command"="\"C:\\Windows\\system32\\rundll32.exe\" C:\\Windows\\system32\\nvspcap64.dll,ShadowPlayOnSystemStart"
"inimapping"="0"
"YEAR"=dword:000007e0
"MONTH"=dword:0000000a
"DAY"=dword:00000019
"HOUR"=dword:00000013
"MINUTE"=dword:0000003a
"SECOND"=dword:0000002e
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"
"inimapping"="0"
"YEAR"=dword:000007e0
"MONTH"=dword:00000006
"DAY"=dword:00000009
"HOUR"=dword:00000014
"MINUTE"=dword:00000037
"SECOND"=dword:00000017
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify"
"hkey"="HKCU"
"command"="\"C:\\Users\\Miguel\\AppData\\Roaming\\Spotify\\Spotify.exe\" -autostart -minimized"
"inimapping"="0"
"YEAR"=dword:000007e0
"MONTH"=dword:00000006
"DAY"=dword:00000009
"HOUR"=dword:00000014
"MINUTE"=dword:00000037
"SECOND"=dword:00000017
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify Web Helper"
"hkey"="HKCU"
"command"="\"C:\\Users\\Miguel\\AppData\\Roaming\\Spotify\\SpotifyWebHelper.exe\""
"inimapping"="0"
"YEAR"=dword:000007e0
"MONTH"=dword:00000006
"DAY"=dword:00000009
"HOUR"=dword:00000014
"MINUTE"=dword:00000037
"SECOND"=dword:00000017
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Steam"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Steam\\steam.exe\" -silent"
"inimapping"="0"
"YEAR"=dword:000007e0
"MONTH"=dword:00000006
"DAY"=dword:00000009
"HOUR"=dword:00000014
"MINUTE"=dword:00000037
"SECOND"=dword:00000017
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\svchost0]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="svchost0"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\UCBrowser\\Application\\UUC0789.exe"
"inimapping"="0"
"YEAR"=dword:000007e0
"MONTH"=dword:00000006
"DAY"=dword:00000014
"HOUR"=dword:00000011
"MINUTE"=dword:0000001d
"SECOND"=dword:00000004
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WINCOMU76]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WINCOMU76"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\mpck\\wincom_U76.exe\""
"inimapping"="0"
"YEAR"=dword:000007e0
"MONTH"=dword:00000006
"DAY"=dword:00000014
"HOUR"=dword:00000011
"MINUTE"=dword:0000001d
"SECOND"=dword:00000004
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state]
"startup"=dword:00000002
"services"=dword:00000002
 
Fix result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016
Ran by Miguel (22-12-2016 18:21:29) Run:1
Running from C:\Users\Miguel\Downloads
Loaded Profiles: Miguel (Available Profiles: Miguel)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
CHR Profile: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-06-20] <==== ATTENTION
S4 JtsLncs; "C:\Program Files (x86)\Jatosydinodom\JtsLncs.xhtm5" {79740E79-A383-47A7-B513-3DF6563D007F} {8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} [X]
S3 blNetFilter; \??\C:\Windows\system32\drivers\blNetFilter.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2016-12-18 19:44 - 2016-12-18 19:44 - 00000000 _____ C:\Windows\cd_127
2016-12-18 19:45 - 2016-06-21 20:54 - 00002756 _____ C:\Windows\System32\Tasks\AutoKMSDaily
2016-12-18 19:45 - 2016-06-21 20:54 - 00000218 _____ C:\Windows\Tasks\AutoKMSDaily.job
2016-12-18 19:45 - 2016-06-21 20:54 - 00000218 _____ C:\Windows\Tasks\AutoKMS.job
2016-12-18 19:44 - 2016-06-21 20:54 - 00077824 _____ C:\Windows\KMSEmulator.exe
2016-12-08 04:52 - 2016-06-21 20:54 - 00000000 ____D C:\Windows\AutoKMS
Task: {1B9928FC-DF52-4872-A0A8-AC8330FF713A} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS\AutoKMS.exe [2016-06-21] ()
Task: {B9D769AE-E42C-4A8D-A3AE-D49AA0135266} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2016-06-21] ()
Task: {C9EEF9EE-0915-40B3-8CD5-AD586A4CAD98} - System32\Tasks\Jatosydinodom Launcher => C:\Program Files (x86)\Jatosydinodom\JtsLnctes.exe
C:\Program Files (x86)\Jatosydinodom
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS\AutoKMS.exe
FirewallRules: [{3335D011-9EA2-450A-86B7-2823F974E385}] => C:\Program Files (x86)\ADSKIP\ADSkip.exe
FirewallRules: [{F2FC2C98-7007-43AD-A069-36F99B08DAD5}] => C:\Program Files (x86)\ADSKIP\ADSkipSvc.exe
FirewallRules: [{600A9A33-2E72-40FE-B426-BD49BCC314C6}] => C:\Program Files (x86)\ADSKIP\ADSkip.exe
FirewallRules: [{E2AB25EC-40D2-4DCC-9058-50A188816A73}] => C:\Program Files (x86)\ADSKIP\ADSkipSvc.exe
FirewallRules: [TCP Query User{15603C46-DBDB-4941-AF56-2D6E4D199494}C:\windows\kmsemulator.exe] => C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{4E236750-7CFD-40CD-81C3-5DB46E989CF1}C:\windows\kmsemulator.exe] => C:\windows\kmsemulator.exe
C:\Program Files (x86)\ADSKIP
C:\windows\kmsemulator.exe
cmd: regedit /e "%userprofile%\desktop\look.txt" "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig"
*****************
 
Restore point was successfully created.
Processes closed successfully.
C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => moved successfully
JtsLncs => service removed successfully
blNetFilter => service removed successfully
Synth3dVsc => service removed successfully
tsusbhub => service removed successfully
VGPU => service removed successfully
C:\Windows\cd_127 => moved successfully
C:\Windows\System32\Tasks\AutoKMSDaily => moved successfully
C:\Windows\Tasks\AutoKMSDaily.job => moved successfully
C:\Windows\Tasks\AutoKMS.job => moved successfully
C:\Windows\KMSEmulator.exe => moved successfully
C:\Windows\AutoKMS => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1B9928FC-DF52-4872-A0A8-AC8330FF713A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B9928FC-DF52-4872-A0A8-AC8330FF713A}" => key removed successfully
C:\Windows\System32\Tasks\AutoKMSDaily => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMSDaily" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{B9D769AE-E42C-4A8D-A3AE-D49AA0135266}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9D769AE-E42C-4A8D-A3AE-D49AA0135266}" => key removed successfully
C:\Windows\System32\Tasks\AutoKMS => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C9EEF9EE-0915-40B3-8CD5-AD586A4CAD98}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9EEF9EE-0915-40B3-8CD5-AD586A4CAD98}" => key removed successfully
C:\Windows\System32\Tasks\Jatosydinodom Launcher => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Jatosydinodom Launcher" => key removed successfully
"C:\Program Files (x86)\Jatosydinodom" => not found.
C:\Windows\Tasks\AutoKMS.job => not found.
C:\Windows\Tasks\AutoKMSDaily.job => not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3335D011-9EA2-450A-86B7-2823F974E385} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F2FC2C98-7007-43AD-A069-36F99B08DAD5} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{600A9A33-2E72-40FE-B426-BD49BCC314C6} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E2AB25EC-40D2-4DCC-9058-50A188816A73} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{15603C46-DBDB-4941-AF56-2D6E4D199494}C:\windows\kmsemulator.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4E236750-7CFD-40CD-81C3-5DB46E989CF1}C:\windows\kmsemulator.exe => value removed successfully
"C:\Program Files (x86)\ADSKIP" => not found.
"C:\windows\kmsemulator.exe" => not found.
 
========= regedit /e "%userprofile%\desktop\look.txt" "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig" =========
 
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 18:21:35 ====
 
 
It wont let me upload the RAR file...
 
 
Thank you for all your help!
 
 
Best Regards,
 


#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,005 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:02 PM

Posted 22 December 2016 - 02:12 PM

Thank you, please do this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it as fixlist.txt in the same location/folder as FRST.exe (<<<Important)
CreateRestorePoint:
CloseProcesses:
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\ADSkipSvc
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\backlh
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\cofutyjizbt
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\dowidoly
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\JtsLncs
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\ProntSpooler
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\rijufoze
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\zigipyro
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\apphide
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\apphide2
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\gplyra
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QGuan10in1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QGuan10in12
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\svchost0
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WINCOMU76
C:\Program Files (x86)\mpck
C:\Program Files (x86)\UCBrowser
C:\Users\Miguel\AppData\Roaming\UPUpdata
C:\Users\Miguel\AppData\Roaming\gplyra
C:\Program Files (x86)\badu
emptytemp:
  • Right click on FRST.exe, select Run as administrator then press the Fix button
  • When completed he tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • System Summary report
  • Update on computer performance

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 Papadocks

Papadocks
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:02 AM

Posted 24 December 2016 - 12:04 PM

Hello,

 

The mouse keeps on doing the same thing...

 

Here's the logs:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016
Ran by Miguel (24-12-2016 16:56:42) Run:2
Running from C:\Users\Miguel\Downloads
Loaded Profiles: Miguel (Available Profiles: Miguel)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\ADSkipSvc
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\backlh
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\cofutyjizbt
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\dowidoly
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\JtsLncs
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\ProntSpooler
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\rijufoze
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\zigipyro
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\apphide
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\apphide2
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\gplyra
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QGuan10in1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QGuan10in12
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\svchost0
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WINCOMU76
C:\Program Files (x86)\mpck
C:\Program Files (x86)\UCBrowser
C:\Users\Miguel\AppData\Roaming\UPUpdata
C:\Users\Miguel\AppData\Roaming\gplyra
C:\Program Files (x86)\badu
emptytemp:
*****************
 
Restore point was successfully created.
Processes closed successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\ADSkipSvc => key removed successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\backlh => key removed successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\cofutyjizbt => key removed successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\dowidoly => key removed successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\JtsLncs => key removed successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\ProntSpooler => key removed successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\rijufoze => key removed successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\zigipyro => key removed successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\apphide => key removed successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\apphide2 => key removed successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\gplyra => key removed successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QGuan10in1 => key removed successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QGuan10in12 => key removed successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\svchost0 => key removed successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WINCOMU76 => key removed successfully
"C:\Program Files (x86)\mpck" => not found.
"C:\Program Files (x86)\UCBrowser" => not found.
"C:\Users\Miguel\AppData\Roaming\UPUpdata" => not found.
"C:\Users\Miguel\AppData\Roaming\gplyra" => not found.
"C:\Program Files (x86)\badu" => not found.
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 116410452 B
Java, Flash, Steam htmlcache => 112989251 B
Windows/system/drivers => 33468536 B
Edge => 0 B
Chrome => 498548505 B
Firefox => 24523073 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 58558406 B
systemprofile32 => 66356 B
LocalService => 66228 B
NetworkService => 54279710 B
Miguel => 4862159679 B
 
RecycleBin => 203275 B
EmptyTemp: => 5.4 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 16:56:59 ====
 
Thank you for all your help mate!
 
As I said on the last post, I'm not permitted to upload "Summary.rar" here's the print of the error: https://gyazo.com/fdc12174be66eaae2b87d055a60ed3a2
 
Someone told me this might be a driver conflict, do you think this is possible?
 
 
Best Regards,


#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,005 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:02 PM

Posted 24 December 2016 - 02:53 PM

I think it is because of the file extension (.rar)

Upload the file here.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 Papadocks

Papadocks
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:02 AM

Posted 26 December 2016 - 12:54 PM

Hello,

 

I've already submited the file!

 

Best Regards,



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,005 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:02 PM

Posted 26 December 2016 - 04:00 PM

Thank you for the information.

Please do this.

===================================================

Uninstalling Programs Using Revo Uninstaller Free

--------------------

I recommend uninstalling the below listed program(s) from your computer.

Revo Uninstaller is more thorough in deleting programs on your computer than using the Add/Remove option in Windows. Since it is a more powerful tool, please be sure to follow the instructions carefully.

Please note there is a chance when you look for this program to uninstall through Revo it might not be listed because of a previous uninstall. If that is the case simply stop and let me know.
  • Please download and install Revo Uninstaller Free and save it to your Desktop (download screen will appear automatically)
  • Double click the Revo Uninstaller icon
  • From the list of programs double click on the listed program(s), or anything similar, to remove it (if it exists)
SteelSeries Engine 3.9.4
  • If presented with the program uninstall option click Uninstall
  • If asked to reboot select Reboot later
  • Under Scanning Modes select Advanced then select Scan
  • On the Found leftover Registry items window check the items in bold only then click Delete. You may have to expand some folders by clicking the "+" mark.
  • When prompted click on Next then Yes
  • On the Found leftover files and folders window click on Select all, click Finish, then click Yes
  • Reboot your computer and reinstall SteelSeries Engine 3.9.4
  • Check your mouse behavior
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Results?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,005 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:02 PM

Posted 30 December 2016 - 05:23 PM

Greetings,

===================================================

Do You Still Need Help?

It has been 3 days since my last post.
  • Do you still need help with this?
  • If you have not replied within 48 hours I will assume you have abandoned the Topic and it will be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,005 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:02 PM

Posted 03 January 2017 - 10:35 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users