Hi. After formating the OS I didn't install uTorrent nor any software downloaded from any torrent before getting the malware again. Here are the logs.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Adrian (administrator) on DALLEGRAVE-PC on 16-06-2015 17:29:21
Running from C:\Users\Adrian\Desktop\frst
Loaded Profiles: Adrian (Available Profiles: Adrian)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKU\S-1-5-21-3400116732-2033998285-2783747925-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-3400116732-2033998285-2783747925-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-3400116732-2033998285-2783747925-1001\...\MountPoints2: {f0fd195e-1240-11e5-8253-74d435e68c45} - "G:\autorun.exe"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft
Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01]
(Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-12] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-12]
CHR Extension: (YouTube) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-12]
CHR Extension: (Adblock Plus) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-14]
CHR Extension: (Google Search) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-12]
CHR Extension: (Bubble Shooter) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcdlnbbnjknldpikkllanljjbnegnnei [2015-06-12]
CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2015-06-
12]
CHR Extension: (Planetarium) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp [2015-06-12]
CHR Extension: (MagicScroll eBook Reader) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble [2015-06-12]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-12]
CHR Extension: (Google Maps) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-06-12]
CHR Extension: (Google Wallet) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-12]
CHR Extension: (Gmail) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-12]
CHR Extension: (Writer) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnengefjfhgcceajaepbjhanoojifmog [2015-06-12]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-28] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-05-29] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-28] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2015-06-14] (DT Soft Ltd)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-16] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-28] (NVIDIA Corporation)
S3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2015-05-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-05-28] (NVIDIA Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-16 12:10 - 2015-06-16 12:10 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2015-06-16 12:05 - 2015-06-16 12:05 - 00000000 ____D C:\Users\Adrian\Documents\KONAMI
2015-06-16 11:46 - 2015-06-16 11:46 - 00000000 ____D C:\ProgramData\KONAMI
2015-06-16 11:46 - 2015-06-16 11:46 - 00000000 ____D C:\Program Files (x86)\KONAMI
2015-06-16 09:25 - 2015-06-16 09:25 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\WinRAR
2015-06-16 09:25 - 2015-06-16 09:25 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-06-16 09:25 - 2015-06-16 09:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-06-16 09:25 - 2015-06-16 09:25 - 00000000 ____D C:\Program Files\WinRAR
2015-06-15 19:38 - 2015-06-16 11:47 - 00000090 _____ C:\Users\Adrian\Desktop\pes 2013 serials.txt
2015-06-15 19:14 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2015-06-15 19:13 - 2015-06-15 19:13 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-06-15 19:13 - 2015-06-15 19:13 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-06-15 19:12 - 2015-06-15 19:12 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\NVIDIA
2015-06-15 19:12 - 2015-06-15 19:12 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-06-15 19:12 - 2015-06-15 19:12 - 00000000 ____D C:\Program Files\MSBuild
2015-06-15 19:12 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2015-06-15 19:12 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2015-06-15 19:12 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2015-06-15 19:12 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2015-06-15 19:12 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2015-06-15 19:12 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2015-06-15 19:12 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2015-06-15 19:12 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2015-06-15 19:12 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2015-06-15 19:12 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2015-06-15 19:12 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2015-06-15 19:12 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2015-06-15 19:12 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2015-06-15 19:12 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2015-06-15 19:12 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2015-06-15 19:12 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2015-06-15 19:12 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2015-06-15 19:12 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2015-06-15 19:12 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2015-06-15 19:12 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2015-06-15 19:12 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2015-06-15 19:12 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2015-06-15 19:12 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2015-06-15 19:12 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2015-06-15 19:12 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2015-06-15 19:12 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2015-06-15 19:12 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2015-06-15 19:12 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2015-06-15 19:12 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2015-06-15 19:12 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2015-06-15 19:12 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2015-06-15 19:12 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2015-06-15 19:12 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2015-06-15 19:12 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2015-06-15 19:12 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2015-06-15 19:12 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2015-06-15 19:12 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2015-06-15 19:12 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2015-06-15 19:12 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2015-06-15 19:12 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2015-06-15 19:12 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2015-06-15 19:12 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2015-06-15 19:12 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2015-06-15 19:12 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2015-06-15 19:12 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2015-06-15 19:12 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2015-06-15 19:12 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2015-06-15 19:12 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2015-06-15 19:12 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2015-06-15 19:12 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2015-06-15 19:12 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2015-06-15 19:11 - 2013-08-03 01:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-06-15 19:11 - 2013-08-03 01:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-15 19:11 - 2013-08-03 01:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-06-15 19:11 - 2013-08-03 01:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-06-15 19:11 - 2013-08-03 01:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-06-15 19:11 - 2013-08-03 01:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-06-15 19:09 - 2015-06-15 19:14 - 00046301 _____ C:\WINDOWS\DirectX.log
2015-06-15 19:09 - 2015-06-15 19:09 - 00000175 _____ C:\WINDOWS\DXError.log
2015-06-15 19:09 - 2015-06-15 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2015-06-15 19:09 - 2015-06-15 19:09 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2015-06-14 15:39 - 2015-06-16 17:25 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-06-14 15:38 - 2015-06-14 15:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-14 15:38 - 2015-06-14 15:38 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-14 15:38 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-06-14 15:38 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-06-14 15:38 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-06-14 13:25 - 2015-06-14 13:25 - 00001175 _____ C:\Users\Adrian\Desktop\Enforcer Police Crime Action.lnk
2015-06-14 13:25 - 2015-06-14 13:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enforcer Police Crime Action
2015-06-14 13:24 - 2015-06-14 13:24 - 00283200 _____ (DT Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2015-06-14 13:24 - 2015-06-14 13:24 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\DAEMON Tools Lite
2015-06-14 13:24 - 2015-06-14 13:24 - 00000000 ____D C:\Program Files (x86)\Enforcer Police Crime Action
2015-06-14 13:24 - 2015-06-14 13:24 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2015-06-14 13:23 - 2015-06-14 13:24 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-06-12 18:31 - 2015-06-16 17:29 - 00000000 ____D C:\Users\Adrian\Desktop\frst
2015-06-12 18:31 - 2015-06-16 17:29 - 00000000 ____D C:\FRST
2015-06-12 09:47 - 2015-06-12 09:47 - 00000000 __SHD C:\Recovery
2015-06-12 09:33 - 2015-06-12 09:33 - 00000118 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-06-12 08:47 - 2015-06-16 07:59 - 00003900 _____ C:\WINDOWS\PFRO.log
2015-06-12 08:47 - 2015-06-12 08:47 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-06-12 08:47 - 2015-06-12 00:51 - 00000000 ____D C:\WINDOWS\Panther
2015-06-12 04:40 - 2015-06-12 04:40 - 00007597 _____ C:\Users\Adrian\AppData\Local\Resmon.ResmonCfg
2015-06-12 04:15 - 2015-06-12 04:15 - 00002709 _____ C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\msinfo32.lnk
2015-06-12 03:28 - 2015-06-15 19:16 - 00000000 ____D C:\Users\Adrian\Documents\The Witcher 3
2015-06-12 03:24 - 2015-06-12 03:24 - 00000000 ____D C:\Users\Adrian\Documents\Game of Thrones
2015-06-12 03:19 - 2015-06-12 03:19 - 00000000 ____D C:\Users\Adrian\AppData\Local\Steam
2015-06-12 03:17 - 2015-06-16 12:11 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-12 03:17 - 2015-06-12 03:17 - 00000979 _____ C:\Users\Public\Desktop\Steam.lnk
2015-06-12 03:17 - 2015-06-12 03:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-06-12 01:41 - 2015-06-16 17:26 - 00003758 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2015-06-12 01:41 - 2015-06-14 23:48 - 00176411 _____ C:\Users\Adrian\Desktop\calendário inter certo.xlsx.xlsm
2015-06-12 01:41 - 2015-06-12 09:33 - 00000000 ____D C:\WINDOWS\AutoKMS
2015-06-12 01:40 - 2015-06-12 01:40 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2015-06-12 01:40 - 2013-08-22 09:40 - 00040664 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys
2015-06-12 01:34 - 2015-06-12 01:34 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-06-12 01:34 - 2015-06-12 01:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-06-12 01:34 - 2015-06-12 01:34 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-06-12 01:34 - 2015-06-12 01:34 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-06-12 01:34 - 2015-06-12 01:34 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-06-12 01:32 - 2015-06-12 01:35 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-12 01:32 - 2015-06-12 01:34 - 00000000 ____D C:\Program Files\Microsoft Office
2015-06-12 01:32 - 2015-06-12 01:32 - 00000000 ____D C:\Users\Adrian\AppData\Local\Microsoft Help
2015-06-12 01:32 - 2015-06-12 01:32 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2015-06-12 01:32 - 2015-06-12 01:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-06-12 01:32 - 2015-06-12 01:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2015-06-12 01:31 - 2015-06-12 01:31 - 00000000 __RHD C:\MSOCache
2015-06-12 01:19 - 2015-06-12 01:19 - 00000686 _____ C:\Users\Adrian\Desktop\downloads.lnk
2015-06-12 01:19 - 2015-06-12 01:19 - 00000657 _____ C:\Users\Adrian\Desktop\adrian.lnk
2015-06-12 01:04 - 2015-06-16 17:25 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-12 01:04 - 2015-06-16 12:09 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-12 01:04 - 2015-06-12 01:04 - 00004068 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-06-12 01:04 - 2015-06-12 01:04 - 00003832 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-06-12 01:04 - 2015-06-12 01:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-12 01:04 - 2015-06-12 01:04 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-12 01:03 - 2015-06-12 01:04 - 00000000 ____D C:\Users\Adrian\AppData\Local\Google
2015-06-12 01:03 - 2015-06-12 01:03 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Macromedia
2015-06-12 00:58 - 2015-06-12 00:58 - 00019634 _____ C:\WINDOWS\system32\results.xml
2015-06-12 00:58 - 2015-06-12 00:58 - 00000401 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-06-12 00:57 - 2015-06-15 20:51 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3400116732-2033998285-2783747925-1001
2015-06-12 00:57 - 2015-06-15 19:12 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-12 00:57 - 2015-06-12 00:57 - 00000728 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk
2015-06-12 00:57 - 2015-06-12 00:57 - 00000000 ____D C:\Program Files (x86)\Intel
2015-06-12 00:56 - 2015-06-12 00:58 - 00000000 ____D C:\Intel
2015-06-12 00:56 - 2015-06-12 00:57 - 00000000 ____D C:\Program Files\Intel
2015-06-12 00:55 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2015-06-12 00:55 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2015-06-12 00:55 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2015-06-12 00:55 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2015-06-12 00:55 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2015-06-12 00:55 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2015-06-12 00:54 - 2015-06-16 17:25 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-12 00:54 - 2015-06-16 09:23 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-12 00:54 - 2015-06-12 00:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-12 00:54 - 2015-06-12 00:54 - 00000000 ____D C:\Users\Adrian\AppData\Local\NVIDIA Corporation
2015-06-12 00:54 - 2015-06-12 00:54 - 00000000 ____D C:\Users\Adrian\AppData\Local\NVIDIA
2015-06-12 00:54 - 2015-06-12 00:54 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-06-12 00:54 - 2015-05-29 15:49 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-06-12 00:54 - 2015-05-29 15:49 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-06-12 00:54 - 2015-05-28 04:04 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-06-12 00:54 - 2015-05-28 04:04 - 01571696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-06-12 00:54 - 2015-05-28 04:04 - 01320304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-06-12 00:54 - 2015-05-28 04:04 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-06-12 00:54 - 2015-05-28 01:15 - 06872904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-06-12 00:54 - 2015-05-28 01:15 - 03491984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-06-12 00:54 - 2015-05-28 01:15 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-06-12 00:54 - 2015-05-28 01:15 - 00937288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-06-12 00:54 - 2015-05-28 01:15 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-06-12 00:54 - 2015-05-28 01:15 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-06-12 00:54 - 2015-05-28 00:52 - 00571024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-06-12 00:54 - 2015-05-27 07:48 - 04408727 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-06-12 00:53 - 2015-06-12 00:54 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-12 00:53 - 2015-06-12 00:54 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-12 00:53 - 2015-06-12 00:53 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-12 00:53 - 2015-06-12 00:53 - 00000000 ____D C:\NVIDIA
2015-06-12 00:53 - 2015-05-28 04:04 - 42719888 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 37741712 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 30480528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 22946960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 17486856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 16185352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 15864064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 14987528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 14495448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 13304280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 12852152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 11830512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 10995528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-06-12 00:53 - 2015-05-28 04:04 - 03379680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 02986392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 02932368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 02599056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 01898312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435306.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 01558848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 01557832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcvadgenco64.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 01557832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435306.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 01099808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 01050440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00982856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00974480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00939080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00878816 _____ C:\WINDOWS\system32\nvmcumd.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00503408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00408208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00407112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00364176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00195912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-06-12 00:53 - 2015-05-28 04:04 - 00175880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00154256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00150648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00117576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcaparm.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00052880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00048784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00039056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvadarm.sys
2015-06-12 00:53 - 2015-05-28 04:04 - 00038032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-06-12 00:53 - 2015-05-28 04:04 - 00031552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-06-12 00:53 - 2015-05-28 04:04 - 00030966 _____ C:\WINDOWS\system32\nvinfo.pb
2015-06-12 00:52 - 2015-06-16 17:25 - 00000000 ___RD C:\Users\Adrian\SkyDrive
2015-06-12 00:51 - 2015-06-16 17:28 - 00569264 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-12 00:51 - 2015-06-14 16:27 - 00000000 ____D C:\Users\Adrian\AppData\Local\Packages
2015-06-12 00:51 - 2015-06-14 13:27 - 00000000 ____D C:\Users\Adrian\AppData\Local\VirtualStore
2015-06-12 00:51 - 2015-06-12 00:51 - 00001446 _____ C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-12 00:51 - 2015-06-12 00:51 - 00000000 ____D C:\WINDOWS\CSC
2015-06-12 00:51 - 2015-06-12 00:51 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Adobe
2015-06-12 00:51 - 2013-08-22 02:17 - 02407936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-06-12 00:50 - 2015-06-12 00:58 - 00000000 ____D C:\Users\Adrian
2015-06-12 00:50 - 2015-06-12 00:50 - 00000020 ___SH C:\Users\Adrian\ntuser.ini
2015-06-12 00:50 - 2013-08-22 12:36 - 00000000 ___RD C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-12 00:50 - 2013-08-22 12:36 - 00000000 ___RD C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-12 00:50 - 2013-08-22 12:36 - 00000000 ___RD C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-06-12 00:50 - 2013-08-22 12:36 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-29 15:49 - 2015-05-29 15:49 - 24846712 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 24048456 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 17804608 _____ C:\WINDOWS\system32\igd11dxva64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 17329224 _____ C:\WINDOWS\SysWOW64\igd11dxva32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 15981056 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 10851840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 09528320 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 09422928 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 08631888 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 07500800 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 06725162 _____ C:\WINDOWS\system32\igdclbif.bin
2015-05-29 15:49 - 2015-05-29 15:49 - 06160424 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 04892088 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-05-29 15:49 - 2015-05-29 15:49 - 04851848 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 03584512 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 03318272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 02944648 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 02813952 _____ C:\WINDOWS\system32\iglhxa64.cpa
2015-05-29 15:49 - 2015-05-29 15:49 - 02776408 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 02039296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 01540904 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 01513304 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 01402336 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 01399240 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 01371136 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 01196336 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 01131008 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 01063936 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 01036392 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 01032808 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 01014368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00698880 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00671328 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00641530 _____ C:\WINDOWS\system32\FilmModeDetection.wmv
2015-05-29 15:49 - 2015-05-29 15:49 - 00623616 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00616280 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00472168 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 00460048 _____ (Intel® Corporation) C:\WINDOWS\system32\Drivers\IntcDAud.sys
2015-05-29 15:49 - 2015-05-29 15:49 - 00448104 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 00424960 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00403671 _____ C:\WINDOWS\system32\ImageStabilization.wmv
2015-05-29 15:49 - 2015-05-29 15:49 - 00392296 _____ C:\WINDOWS\system32\igfxTray.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 00385024 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00375173 _____ C:\WINDOWS\system32\ColorImageEnhancement.wmv
2015-05-29 15:49 - 2015-05-29 15:49 - 00373760 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00372224 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00354136 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00344168 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 00338536 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 00338024 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 00313448 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 00304128 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00286208 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00282696 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00279144 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 00274776 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00263120 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00256000 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-05-29 15:49 - 2015-05-29 15:49 - 00248424 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 00229888 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00220432 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00218728 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 00213504 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00213192 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00196704 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00192000 _____ C:\WINDOWS\system32\igdde64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00184352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00183296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4222.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00179200 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00178672 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00169984 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00156264 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-05-29 15:49 - 2015-05-29 15:49 - 00153088 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00152064 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00135000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00127320 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00094208 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00086528 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00073728 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00060416 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00044025 _____ C:\WINDOWS\system32\iglhxo64.vp
2015-05-29 15:49 - 2015-05-29 15:49 - 00043816 _____ C:\WINDOWS\system32\iglhxc64_dev.vp
2015-05-29 15:49 - 2015-05-29 15:49 - 00043494 _____ C:\WINDOWS\system32\iglhxc64.vp
2015-05-29 15:49 - 2015-05-29 15:49 - 00043298 _____ C:\WINDOWS\system32\iglhxg64_dev.vp
2015-05-29 15:49 - 2015-05-29 15:49 - 00043256 _____ C:\WINDOWS\system32\iglhxg64.vp
2015-05-29 15:49 - 2015-05-29 15:49 - 00042079 _____ C:\WINDOWS\system32\iglhxo64_dev.vp
2015-05-29 15:49 - 2015-05-29 15:49 - 00036616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00035328 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-05-29 15:49 - 2015-05-29 15:49 - 00004008 _____ C:\WINDOWS\system32\iglhxs64.vp
2015-05-29 15:49 - 2015-05-29 15:49 - 00001125 _____ C:\WINDOWS\system32\iglhxa64.vp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-16 17:25 - 2013-08-22 11:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-16 12:00 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-16 09:05 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-15 19:13 - 2013-08-22 12:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-15 02:15 - 2013-08-22 10:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-14 16:31 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-14 15:44 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\Vss
2015-06-12 09:47 - 2013-08-22 12:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2015-06-12 09:47 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-06-12 09:33 - 2013-08-22 11:44 - 00409848 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-12 08:47 - 2013-08-22 12:37 - 00001720 _____ C:\WINDOWS\DtcInstall.log
2015-06-12 04:41 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\Registration
2015-06-12 01:34 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-06-12 01:32 - 2013-08-22 16:11 - 00000000 ____D C:\WINDOWS\ShellNew
2015-06-12 00:57 - 2013-08-22 11:46 - 00016135 _____ C:\WINDOWS\setupact.log
2015-06-12 00:54 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\restore
2015-06-12 00:54 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\Help
2015-06-12 00:51 - 2013-08-22 12:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-06-12 00:51 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\WinStore
2015-06-12 00:51 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\FileManager
2015-06-12 00:51 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\Camera
==================== Files in the root of some directories =======
2015-06-12 04:40 - 2015-06-12 04:40 - 0007597 _____ () C:\Users\Adrian\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-12 08:47
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Adrian at 2015-06-16 17:29:33
Running from C:\Users\Adrian\Desktop\frst
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3400116732-2033998285-2783747925-500 - Administrator - Disabled)
Adrian (S-1-5-21-3400116732-2033998285-2783747925-1001 - Administrator - Enabled) => C:\Users\Adrian
Guest (S-1-5-21-3400116732-2033998285-2783747925-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version: - Ubisoft Montreal)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0315 - DT Soft Ltd)
Enforcer Police Crime Action (HKLM-x32\...\Enforcer Police Crime Action_is1) (Version: - )
Game of Thrones (HKLM-x32\...\Steam App 208730) (Version: - Cyanide Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Intel® Chipset Device Software (x32 Version: 10.0.27 - Intel® Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4222 - Intel Corporation)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
METAL GEAR SOLID V: GROUND ZEROES (HKLM-x32\...\Steam App 311340) (Version: - Kojima Productions)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.06 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Pro Evolution Soccer 2013 (HKLM-x32\...\{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}) (Version: 1.00.0000 - KONAMI)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version: - CD PROJEKT RED)
Two Worlds II (HKLM-x32\...\Steam App 7520) (Version: - Reality Pump Studios)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3400116732-2033998285-2783747925-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel
Corporation)
==================== Restore Points =========================
12-06-2015 00:54:59 Installed DirectX
15-06-2015 19:09:16 Installed DirectX
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 10:25 - 2013-08-22 10:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03EAB7A5-E243-4773-A3B9-5880A094505B} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2013-08-22] (Microsoft Corporation)
Task: {1CA8609E-58D1-42BB-8F58-6D70C08BE3C9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-
01] (Microsoft Corporation)
Task: {48D573F6-1290-4B13-91E8-8B1380996D02} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-12] (Google Inc.)
Task: {4ADBD9D3-EC2E-443D-A027-82E5FC877451} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared
\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {5688CAED-C607-4B5D-BCC2-2E7AB6C7ACA6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-12] (Google Inc.)
Task: {9DC87FD1-B248-4B56-9D91-4C858EB8A909} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2015-06-12] ()
Task: {FE202C94-B1E8-4624-B8D8-09FB0ABF0916} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01]
(Microsoft Corporation)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-06-12 00:54 - 2015-05-28 01:15 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-10-01 20:37 - 2012-10-01 20:37 - 06522480 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-06-12 00:54 - 2015-05-28 04:04 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-06-12 01:04 - 2015-06-05 15:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-12 01:04 - 2015-06-05 15:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
2015-06-12 01:04 - 2015-06-05 15:22 - 15003464 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Adrian\SkyDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3400116732-2033998285-2783747925-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 89.248.171.33 - 8.8.8.8
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKU\S-1-5-21-3400116732-2033998285-2783747925-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3400116732-2033998285-2783747925-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{77F72464-78B3-48B0-B0F2-0F363AC17787}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{89BD8F87-F23E-4E7E-88A8-BDE83A4C9B3F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7FF0D0F4-4780-44A1-A184-1CE2ED4353A0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{06D7F422-37F6-4E90-B842-2F1B122118AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0CAE9F5F-481F-4AB6-BD29-B26780178D2B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D4957CD0-8D70-46CE-B393-3731B5F88E73}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{01313BE6-25B0-4663-A2C9-106CB08069BB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{04591195-6F56-4242-98B6-E62B69732F72}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{565DBDBA-97A1-4889-96F1-8FB6B6DC8EEA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{75351BB4-B052-4BDF-9291-C29B4519BC50}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{510360FF-CAEF-432A-8481-E90AA338A25D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8CF9B0CD-4C61-4C72-9281-E1487FBDEE3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{3D70B7CD-E352-4AE0-8A2F-0DD657757C63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{A7E21DAD-CD27-4504-B96E-108810533BD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game of Thrones\Binaries\Win32\ShippingPC-AGOTGame.exe
FirewallRules: [{DB4EA62F-7C4A-4033-99EC-FE9F5114271B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game of Thrones\Binaries\Win32\ShippingPC-AGOTGame.exe
FirewallRules: [{21AF6423-DA38-406B-A279-34A3D6C32A3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{D343044C-7D4A-43A5-A562-2AD6E062F643}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{D75A6A9C-2306-44D4-9D91-74E350F525B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Two Worlds II\TwoWorlds2.exe
FirewallRules: [{B08123F4-3B1D-49AD-8AFA-8DB86C8F96E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Two Worlds II\TwoWorlds2.exe
FirewallRules: [{9F8778C7-F077-4691-AF46-B1FBD3223452}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Two Worlds II\TwoWorlds2_DX10.exe
FirewallRules: [{3610E05C-5ED6-4E26-B2A3-1CEEDD234349}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Two Worlds II\TwoWorlds2_DX10.exe
FirewallRules: [{2B197FA2-29A3-4BBB-9DD6-7B241CEA48F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{46D94CB5-A327-4714-9F06-A37554696CFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
==================== Faulty Device Manager Devices =============
Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/16/2015 00:10:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: PES2013.exe, version: 1.3.0.0, time stamp: 0x50b536fe
Faulting module name: kload.DLL, version: 13.3.3.1, time stamp: 0x514c37f9
Exception code: 0xc0000417
Fault offset: 0x0000d2c1
Faulting process id: 0x948
Faulting application start time: 0xPES2013.exe0
Faulting application path: PES2013.exe1
Faulting module path: PES2013.exe2
Report Id: PES2013.exe3
Faulting package full name: PES2013.exe4
Faulting package-relative application ID: PES2013.exe5
Error: (06/16/2015 00:09:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Para Jogar CLIQUE AQUI.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is
available, check the problem history in the Action Center control panel.
Process ID: 1604
Start Time: 01d0a846734d1e54
Termination Time: 1
Application Path: C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\Para Jogar CLIQUE AQUI.exe
Report Id: ba31d5a2-1439-11e5-8258-74d435e68c45
Faulting package full name:
Faulting package-relative application ID:
Error: (06/16/2015 00:09:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: pes2013.exe, version: 1.3.0.0, time stamp: 0x50b536fe
Faulting module name: kload.DLL, version: 13.3.3.1, time stamp: 0x514c37f9
Exception code: 0xc0000417
Fault offset: 0x0000d2c1
Faulting process id: 0xec8
Faulting application start time: 0xpes2013.exe0
Faulting application path: pes2013.exe1
Faulting module path: pes2013.exe2
Report Id: pes2013.exe3
Faulting package full name: pes2013.exe4
Faulting package-relative application ID: pes2013.exe5
Error: (06/16/2015 00:09:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: pes2013.exe, version: 1.3.0.0, time stamp: 0x50b536fe
Faulting module name: kload.DLL, version: 13.3.3.1, time stamp: 0x514c37f9
Exception code: 0xc0000417
Fault offset: 0x0000d2c1
Faulting process id: 0x740
Faulting application start time: 0xpes2013.exe0
Faulting application path: pes2013.exe1
Faulting module path: pes2013.exe2
Report Id: pes2013.exe3
Faulting package full name: pes2013.exe4
Faulting package-relative application ID: pes2013.exe5
Error: (06/15/2015 08:10:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program s5753.exe version 3.1.40.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the
problem history in the Action Center control panel.
Process ID: 960
Start Time: 01d0a7c031a72c24
Termination Time: 4294967295
Application Path: C:\Users\Adrian\AppData\Local\Temp\n5753\s5753.exe
Report Id: a935f85d-13b3-11e5-8257-74d435e68c45
Faulting package full name:
Faulting package-relative application ID:
Error: (06/12/2015 00:59:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.3.9600.16384, time stamp: 0x5215d379
Faulting module name: Windows.UI.Xaml.dll, version: 6.3.9600.16384, time stamp: 0x5215e763
Exception code: 0xc000027b
Fault offset: 0x0000000000a44362
Faulting process id: 0xae4
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
Faulting package full name: Explorer.EXE4
Faulting package-relative application ID: Explorer.EXE5
Error: (06/12/2015 00:59:36 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x8898008d)
System errors:
=============
Error: (06/15/2015 02:15:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
%%1062
Error: (06/14/2015 11:48:41 PM) (Source: DCOM) (EventID: 10010) (User: DALLEGRAVE-PC)
Description: {03E64E17-B220-4052-9B9B-155F9CB8E016}
Error: (06/14/2015 11:48:41 PM) (Source: DCOM) (EventID: 10010) (User: DALLEGRAVE-PC)
Description: {03E64E17-B220-4052-9B9B-155F9CB8E016}
Error: (06/14/2015 11:48:41 PM) (Source: DCOM) (EventID: 10010) (User: DALLEGRAVE-PC)
Description: {03E64E17-B220-4052-9B9B-155F9CB8E016}
Error: (06/14/2015 11:48:41 PM) (Source: DCOM) (EventID: 10010) (User: DALLEGRAVE-PC)
Description: {03E64E17-B220-4052-9B9B-155F9CB8E016}
Error: (06/14/2015 11:48:41 PM) (Source: DCOM) (EventID: 10010) (User: DALLEGRAVE-PC)
Description: {03E64E17-B220-4052-9B9B-155F9CB8E016}
Error: (06/14/2015 11:48:41 PM) (Source: DCOM) (EventID: 10010) (User: DALLEGRAVE-PC)
Description: {03E64E17-B220-4052-9B9B-155F9CB8E016}
Error: (06/14/2015 04:23:00 PM) (Source: DCOM) (EventID: 10016) (User: DALLEGRAVE-PC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Dallegrave-PCAdrianS-1-5-21-3400116732-2033998285-
2783747925-1001LocalHost (Using LRPC)59091GameDesignStudio.45694AB2C8281_1.0.1.3_neutral__hke3ffja2n6hyS-1-15-2-3070179306-3960559548-736485165-2308287623-1807694844-
436309081-694375964
Error: (06/13/2015 01:58:24 AM) (Source: DCOM) (EventID: 10010) (User: DALLEGRAVE-PC)
Description: {03E64E17-B220-4052-9B9B-155F9CB8E016}
Error: (06/13/2015 01:58:24 AM) (Source: DCOM) (EventID: 10010) (User: DALLEGRAVE-PC)
Description: {03E64E17-B220-4052-9B9B-155F9CB8E016}
Microsoft Office:
=========================
Error: (06/16/2015 00:10:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PES2013.exe1.3.0.050b536fekload.DLL13.3.3.1514c37f9c00004170000d2c194801d0a846a6b67963C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\PES2013.exeC:
\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\Patch Bmpes\kload.DLLe465ae47-1439-11e5-8258-74d435e68c45
Error: (06/16/2015 00:09:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Para Jogar CLIQUE AQUI.exe1.0.0.0160401d0a846734d1e541C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\Para Jogar CLIQUE AQUI.exeba31d5a2-1439-11e5-8258-
74d435e68c45
Error: (06/16/2015 00:09:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: pes2013.exe1.3.0.050b536fekload.DLL13.3.3.1514c37f9c00004170000d2c1ec801d0a84678e8fe70C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exeC:
\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\Patch Bmpes\kload.DLLb6972a6b-1439-11e5-8258-74d435e68c45
Error: (06/16/2015 00:09:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: pes2013.exe1.3.0.050b536fekload.DLL13.3.3.1514c37f9c00004170000d2c174001d0a8467193f29dC:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exeC:
\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\Patch Bmpes\kload.DLLaf4baea7-1439-11e5-8258-74d435e68c45
Error: (06/15/2015 08:10:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: s5753.exe3.1.40.096001d0a7c031a72c244294967295C:\Users\Adrian\AppData\Local\Temp\n5753\s5753.exea935f85d-13b3-11e5-8257-74d435e68c45
Error: (06/12/2015 00:59:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.163845215d379Windows.UI.Xaml.dll6.3.9600.163845215e763c000027b0000000000a44362ae401d0a4c40d7b4da7C:\WINDOWS\Explorer.EXEC:\Windows
\System32\Windows.UI.Xaml.dll7068009f-10b7-11e5-8250-74d435e68c45
Error: (06/12/2015 00:59:36 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d
==================== Memory info ===========================
Processor: Intel® Core i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 27%
Total physical RAM: 8076.95 MB
Available physical RAM: 5874.03 MB
Total Pagefile: 9996.95 MB
Available Pagefile: 7404.69 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:223.48 GB) (Free:84.29 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:931.51 GB) (Free:745.78 GB) NTFS
Drive e: (SAMSUNG) (Fixed) (Total:931.51 GB) (Free:635.34 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 7CCB641F)
Partition 1: (Active) - (Size=223.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1C31C86A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 66F970B1)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of log ============================