Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-08-2016 01
Ran by Micalu (administrator) on MICALU-PC (09-08-2016 19:42:18)
Running from C:\Users\Micalu\Desktop
Loaded Profiles: Micalu (Available Profiles: Micalu)
Platform: Microsoft Windows 7 Home Premium (X86) Language: Português (Portugal)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\S-1-5-21-1261551153-2078032241-974631634-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [2852128 2016-08-02] (Valve Corporation)
HKU\S-1-5-21-1261551153-2078032241-974631634-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [4556048 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-1261551153-2078032241-974631634-1000\...\MountPoints2: {8c28ad9b-3d8a-11e6-924e-806e6f6e6963} - E:\Startme.exe
HKU\S-1-5-21-1261551153-2078032241-974631634-1000\...\MountPoints2: {8d860360-26ab-11e6-ba5c-00235a797910} - F:\SETUP.EXE
HKU\S-1-5-21-1261551153-2078032241-974631634-1000\...\MountPoints2: {99475801-5e6b-11e6-993f-00235a797910} - E:\autoplay.exe
HKU\S-1-5-21-1261551153-2078032241-974631634-1000\...\MountPoints2: {99475823-5e6b-11e6-993f-00235a797910} - G:\autoplay.exe
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [MyOverlayIcon] -> {B41B3408-923F-4B8B-85F2-146C509FA18C} => C:\Program Files\Lwosyzaseing\Thaberied\Terhoingprejsp.dll [2016-08-09] ()
Startup: C:\Users\Micalu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-06-09]
ShortcutTarget: Curse.lnk -> C:\Users\Micalu\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2F81E830-6D8E-4F75-BD4E-A632A99EFD3F}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C3ACD154-E70D-4769-9984-979D4BC63DED}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_32¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0D0EtB0B0Fzy0Ezy0C0FtAtC0EzztN0D0Tzu0StCyCzztBtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyCyBtDzzyEtD0AtGyDtD0C0AtG0FyCtA0FtGyE0EyCtAtGyE0DtD0EtC0CtByEtA0DyE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EtBtAtB0EtBtBtGyEyBtA0FtGyE0DyC0FtGzytB0BtCtG0EtB0CyE0FtD0F0F0CtB0FtB2QtN0A0LzuyE%26cr%3D537102424%26a%3Dwncy_dmontlsfs_16_32%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
HKU\S-1-5-21-1261551153-2078032241-974631634-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_32¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0D0EtB0B0Fzy0Ezy0C0FtAtC0EzztN0D0Tzu0StCyCzztBtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyCyBtDzzyEtD0AtGyDtD0C0AtG0FyCtA0FtGyE0EyCtAtGyE0DtD0EtC0CtByEtA0DyE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EtBtAtB0EtBtBtGyEyBtA0FtGyE0DyC0FtGzytB0BtCtG0EtB0CyE0FtD0F0F0CtB0FtB2QtN0A0LzuyE%26cr%3D537102424%26a%3Dwncy_dmontlsfs_16_32%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_32¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0D0EtB0B0Fzy0Ezy0C0FtAtC0EzztN0D0Tzu0StCyCzztBtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyCyBtDzzyEtD0AtGyDtD0C0AtG0FyCtA0FtGyE0EyCtAtGyE0DtD0EtC0CtByEtA0DyE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EtBtAtB0EtBtBtGyEyBtA0FtGyE0DyC0FtGzytB0BtCtG0EtB0CyE0FtD0F0F0CtB0FtB2QtN0A0LzuyE%26cr%3D537102424%26a%3Dwncy_dmontlsfs_16_32%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_32¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0D0EtB0B0Fzy0Ezy0C0FtAtC0EzztN0D0Tzu0StCyCzztBtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyCyBtDzzyEtD0AtGyDtD0C0AtG0FyCtA0FtGyE0EyCtAtGyE0DtD0EtC0CtByEtA0DyE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EtBtAtB0EtBtBtGyEyBtA0FtGyE0DyC0FtGzytB0BtCtG0EtB0CyE0FtD0F0F0CtB0FtB2QtN0A0LzuyE%26cr%3D537102424%26a%3Dwncy_dmontlsfs_16_32%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1261551153-2078032241-974631634-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_32¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0D0EtB0B0Fzy0Ezy0C0FtAtC0EzztN0D0Tzu0StCyCzztBtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyCyBtDzzyEtD0AtGyDtD0C0AtG0FyCtA0FtGyE0EyCtAtGyE0DtD0EtC0CtByEtA0DyE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EtBtAtB0EtBtBtGyEyBtA0FtGyE0DyC0FtGzytB0BtCtG0EtB0CyE0FtD0F0F0CtB0FtB2QtN0A0LzuyE%26cr%3D537102424%26a%3Dwncy_dmontlsfs_16_32%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1261551153-2078032241-974631634-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_32¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0D0EtB0B0Fzy0Ezy0C0FtAtC0EzztN0D0Tzu0StCyCzztBtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyCyBtDzzyEtD0AtGyDtD0C0AtG0FyCtA0FtGyE0EyCtAtGyE0DtD0EtC0CtByEtA0DyE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EtBtAtB0EtBtBtGyEyBtA0FtGyE0DyC0FtGzytB0BtCtG0EtB0CyE0FtD0F0F0CtB0FtB2QtN0A0LzuyE%26cr%3D537102424%26a%3Dwncy_dmontlsfs_16_32%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-30]
CHR Extension: (Google Docs) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-30]
CHR Extension: (Google Drive) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-30]
CHR Extension: (YouTube) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-30]
CHR Extension: (Planilhas do Google) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-30]
CHR Extension: (Documentos Google off-line) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-30]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-05-30]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-30]
CHR Extension: (Search Manager) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej [2016-08-09]
CHR Extension: (Gmail) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-30]
CHR Extension: (Chrome Media Router) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-05]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1261551153-2078032241-974631634-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1261551153-2078032241-974631634-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1030928 2015-02-27] (Disc Soft Ltd)
S3 Thaberied Configuration; C:\Program Files\Lwosyzaseing\Thaberied\thaberiedconfigurationptt.exe [291520 2016-08-09] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [25104 2016-08-09] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2016-05-30] (Disc Soft Ltd)
S3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [26168 2016-08-09] (Disc Soft Ltd)
R3 L1C; C:\Windows\System32\DRIVERS\L1C60x86.sys [67696 2011-01-25] (Atheros Communications, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-09 19:42 - 2016-08-09 19:42 - 00013332 _____ C:\Users\Micalu\Desktop\FRST.txt
2016-08-09 19:42 - 2016-08-09 19:42 - 00000000 ____D C:\FRST
2016-08-09 19:41 - 2016-08-09 19:41 - 01743872 _____ (Farbar) C:\Users\Micalu\Desktop\FRST.exe
2016-08-09 19:38 - 2016-08-09 19:38 - 00007168 _____ (Microsoft Corporation) C:\Users\Micalu\Desktop\api-ms-win-crt-convert-l1-1-0.dll
2016-08-09 18:52 - 2016-08-09 19:32 - 00000273 _____ C:\Users\Micalu\Desktop\Config.ini
2016-08-09 18:52 - 2016-03-15 20:28 - 00000000 ____D C:\Users\Micalu\Desktop\wvs
2016-08-09 18:52 - 2009-03-21 15:58 - 00000056 _____ C:\Users\Micalu\Desktop\DotA Utilities Dota Maps, Dota News, Dota AI Maps, Garena Updates, Videos, Tools and More.URL
2016-08-09 18:52 - 2009-03-21 15:57 - 00000259 _____ C:\Users\Micalu\Desktop\Readme.txt
2016-08-09 18:52 - 2004-01-21 22:55 - 01135616 _____ C:\Users\Micalu\Desktop\wvs.exe
2016-08-09 18:51 - 2016-08-09 18:52 - 71054296 _____ C:\Users\Micalu\Desktop\WVS 1.27 (BY_DIOGO_D2).zip
2016-08-09 18:49 - 2016-08-09 18:50 - 23509547 _____ C:\Users\Micalu\Desktop\eurobattle Client installer_v6 (BY_DIOGO_D2).zip
2016-08-09 18:34 - 2016-08-09 18:34 - 00884002 _____ C:\Users\Micalu\Desktop\ucrt_x86.zip
2016-08-09 18:30 - 2016-08-09 18:31 - 13767776 _____ (Microsoft Corporation) C:\Users\Micalu\Desktop\vc_redist.x86.exe
2016-08-09 18:25 - 2016-04-23 23:18 - 25165312 _____ (Eurobattle.net) C:\Users\Micalu\Desktop\installer.exe
2016-08-09 18:20 - 2016-08-09 18:22 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-09 18:07 - 2016-08-09 18:08 - 23509547 _____ C:\Users\Micalu\Desktop\installer_v6.zip
2016-08-09 17:29 - 2016-08-09 17:30 - 33615005 _____ C:\Users\Micalu\Desktop\TFT Version 1.26a.zip
2016-08-09 17:14 - 2016-08-09 19:32 - 00000000 ____D C:\Users\Micalu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-08-09 17:13 - 2016-08-09 17:13 - 00001902 _____ C:\Users\Micalu\Desktop\Frozen Throne.lnk
2016-08-09 17:13 - 2016-08-09 17:13 - 00000040 _____ C:\Users\Micalu\AppData\Roaming\WB.CFG
2016-08-09 17:07 - 2016-08-09 17:07 - 00001895 _____ C:\Users\Micalu\Desktop\Warcraft III.lnk
2016-08-09 17:06 - 2016-08-09 17:13 - 00139264 _____ (Blizzard Entertainment) C:\Windows\War3Unin.exe
2016-08-09 17:06 - 2016-08-09 17:13 - 00055406 _____ C:\Windows\War3Unin.dat
2016-08-09 17:06 - 2016-08-09 17:13 - 00002829 _____ C:\Windows\War3Unin.pif
2016-08-09 17:06 - 2016-08-09 17:13 - 00000000 ____D C:\Users\Micalu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft III
2016-08-09 17:06 - 2016-08-09 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
2016-08-09 17:03 - 2016-08-09 19:33 - 00000000 ____D C:\Program Files\Warcraft III
2016-08-09 16:52 - 2016-08-09 19:41 - 00000000 ____D C:\Users\Micalu\AppData\Local\Niwoleknity
2016-08-09 16:52 - 2016-08-09 16:58 - 00000000 ____D C:\Program Files\Lwosyzaseing
2016-08-09 16:51 - 2016-08-09 16:53 - 00025104 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2016-08-09 16:51 - 2016-08-09 16:52 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2016-08-09 16:51 - 2016-08-09 16:51 - 00001896 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-08-09 16:51 - 2016-08-09 16:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-08-09 16:45 - 2016-08-09 16:46 - 13146016 _____ (Disc Soft Ltd) C:\Users\Micalu\Desktop\daemon-tools-5-0-1-multi-win.exe
2016-08-09 16:40 - 2016-08-09 16:40 - 00072571 _____ C:\Users\Micalu\Downloads\Baixaki_iso-creator [1].exe
2016-08-09 16:13 - 2016-08-09 19:13 - 00000980 _____ C:\Windows\Tasks\Yahoo! Powered tenof.job
2016-08-09 16:13 - 2016-08-09 19:13 - 00000278 _____ C:\Windows\Tasks\{03F02CB1-B890-1AF7-7E91-034D01A71D2E}.job
2016-08-09 16:13 - 2016-08-09 19:13 - 00000000 ____D C:\ProgramData\{0600C363-8C42-49A5-0A84-D7E790C65C29}
2016-08-09 16:13 - 2016-08-09 17:13 - 00000000 ____D C:\Users\Micalu\AppData\Roaming\{6F1F59A4-4A4D-34D2-217B-1300FDA9EE3E}
2016-08-09 16:13 - 2016-08-09 16:14 - 00000000 ____D C:\Users\Micalu\AppData\Local\{6F42591E-4BEA-35A6-2672-104E021AECD6}
2016-08-09 16:13 - 2016-08-09 16:13 - 00002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2016-08-09 16:13 - 2016-08-09 16:13 - 00000282 __RSH C:\ProgramData\ntuser.pol
2016-08-09 16:12 - 2016-08-09 16:16 - 00026168 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtultrascsibus.sys
2016-08-09 16:12 - 2016-08-09 16:12 - 00000000 ____D C:\Users\Micalu\AppData\Roaming\DAEMON Tools Ultra
2016-08-09 16:12 - 2016-08-09 16:12 - 00000000 ____D C:\ProgramData\DAEMON Tools Ultra
2016-08-09 16:11 - 2016-08-09 16:11 - 03938632 _____ C:\Users\Micalu\Desktop\Game2e.com 1.26a - game.dll.zip
2016-08-09 15:46 - 2016-08-09 15:46 - 00000000 ____D C:\Users\Micalu\AppData\LocalLow\uTorrent
2016-08-09 15:22 - 2016-08-09 15:35 - 00000000 ____D C:\Users\Micalu\Downloads\Warcraft III Reign of Chaos, The Frozen Throne, DoTa + Update Patch War3TFT_121b_English and map pack + CD Key
2016-08-08 15:01 - 2016-08-08 15:01 - 00000000 ____D C:\Users\Micalu\Documents\Modelos Personalizados do Office
2016-08-07 14:16 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-08-07 14:16 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-08-07 14:16 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-08-07 14:16 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-08-07 14:16 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-08-07 14:16 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-08-07 14:16 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-08-07 14:16 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-08-07 14:16 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-08-07 14:16 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-08-07 14:16 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-08-07 14:16 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-08-07 14:16 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-08-07 14:16 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-08-07 14:16 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-08-07 14:16 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-08-07 14:16 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-08-07 14:16 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-08-07 14:16 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-08-07 14:16 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-08-07 14:16 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-08-07 14:16 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-08-07 14:16 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-08-07 14:16 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-08-07 14:16 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-08-07 14:16 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-08-07 14:16 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-08-07 14:16 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-08-07 14:16 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-08-07 14:16 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-08-07 14:16 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-08-07 14:16 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-08-07 14:16 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-08-07 14:16 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-08-07 14:16 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-08-07 14:16 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-08-07 14:16 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-08-07 14:16 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-08-07 14:16 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-08-07 14:16 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-08-07 14:16 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-08-07 14:16 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-08-07 14:16 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-08-07 14:16 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-08-07 14:16 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-08-07 14:16 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-08-07 14:16 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-08-07 14:16 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-08-07 14:16 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-08-07 14:16 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-08-07 14:16 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-08-07 14:16 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-08-07 14:16 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-08-07 14:16 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-08-07 14:16 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-08-07 14:16 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-08-07 14:16 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-08-07 14:16 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-08-07 14:16 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-08-07 14:16 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-08-07 14:16 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-08-07 14:16 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-08-07 14:16 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-08-07 14:16 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-08-07 14:16 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-08-07 14:16 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-08-07 14:16 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-08-07 14:16 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-08-07 14:16 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-08-07 14:16 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-08-07 14:16 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-08-07 14:16 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-08-07 14:16 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-08-07 14:16 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-08-07 14:16 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-08-07 14:16 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-08-07 14:16 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-08-07 14:16 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-08-07 14:16 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-08-07 14:16 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-08-07 14:16 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-08-07 14:16 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-08-07 14:16 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-08-07 14:16 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-08-07 14:16 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-08-07 14:16 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-08-07 14:16 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-08-07 14:16 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-08-07 14:16 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-08-07 14:16 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-08-07 14:16 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-08-07 03:25 - 2016-08-07 03:25 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-08-05 08:05 - 2016-08-05 08:05 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-08-05 08:05 - 2016-08-05 08:05 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-08-04 12:41 - 2011-04-09 02:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-08-04 12:29 - 2016-06-25 12:43 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2016-08-04 12:29 - 2015-03-18 23:57 - 03963320 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-08-04 12:29 - 2015-03-18 23:57 - 03908024 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-08-04 12:29 - 2014-09-14 21:42 - 02377216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-08-04 12:29 - 2013-03-19 01:54 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-08-04 12:29 - 2013-03-18 23:50 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-08-04 12:29 - 2010-12-18 02:29 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-08-04 11:39 - 2012-06-02 19:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-08-04 11:39 - 2012-06-02 19:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-08-04 11:39 - 2012-06-02 19:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-08-04 11:39 - 2012-06-02 19:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-08-04 11:38 - 2012-06-02 19:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-08-04 11:38 - 2012-06-02 19:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-08-04 11:38 - 2012-06-02 19:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-08-04 11:38 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-08-04 11:38 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-08-04 09:23 - 2016-08-04 09:23 - 00000000 ____D C:\Users\Micalu\AppData\Local\Windows Live
2016-08-04 09:22 - 2016-08-04 09:22 - 00000000 ____D C:\Program Files\Common Files\Windows Live
2016-07-26 18:05 - 2016-07-26 18:05 - 00001082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2016-07-26 18:05 - 2016-07-26 18:05 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-09 18:46 - 2016-05-30 16:27 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-09 18:46 - 2016-05-30 16:27 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-09 17:46 - 2016-05-30 15:58 - 00000000 ____D C:\Users\Micalu\AppData\Local\VirtualStore
2016-08-09 17:24 - 2016-06-09 09:22 - 00000000 ____D C:\Users\Micalu\AppData\Roaming\Curse Client
2016-08-09 17:23 - 2009-07-14 01:34 - 00019312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-09 17:23 - 2009-07-14 01:34 - 00019312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-09 17:16 - 2016-06-06 13:13 - 00000000 ____D C:\Program Files\Steam
2016-08-09 17:15 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-09 16:59 - 2016-05-30 16:26 - 00087608 _____ C:\Users\Micalu\AppData\Local\GDIPFONTCACHEV1.DAT
2016-08-09 16:59 - 2009-07-14 01:33 - 00360032 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-09 16:58 - 2016-05-31 07:23 - 00000000 ____D C:\ProgramData\GAS Tecnologia
2016-08-09 16:57 - 2016-05-30 18:21 - 00000000 ____D C:\Users\Micalu\AppData\Roaming\uTorrent
2016-08-09 16:53 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf
2016-08-09 16:13 - 2009-07-13 23:37 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-08-08 15:02 - 2016-05-30 19:02 - 00000000 ____D C:\Users\Micalu\AppData\Local\Microsoft Help
2016-08-07 03:31 - 2016-05-30 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-08-07 03:30 - 2009-07-13 23:04 - 00000478 _____ C:\Windows\win.ini
2016-08-06 04:26 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\rescache
2016-08-06 03:18 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-06 03:08 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\System
2016-08-05 16:40 - 2016-06-06 13:13 - 00000000 ____D C:\Program Files\Common Files\Steam
2016-08-04 18:48 - 2016-06-14 20:41 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-04 17:52 - 2016-05-30 16:28 - 00002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-26 14:24 - 2016-05-30 16:21 - 00406184 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-22 15:59 - 2016-05-30 16:03 - 01653922 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-22 15:59 - 2009-07-14 05:31 - 00720406 _____ C:\Windows\system32\prfh0816.dat
2016-07-22 15:59 - 2009-07-14 05:31 - 00152358 _____ C:\Windows\system32\prfc0816.dat
==================== Files in the root of some directories =======
2016-08-09 17:13 - 2016-08-09 17:13 - 0000040 _____ () C:\Users\Micalu\AppData\Roaming\WB.CFG
Files to move or delete:
====================
C:\Windows\Tasks\{03F02CB1-B890-1AF7-7E91-034D01A71D2E}.job
Some files in TEMP:
====================
C:\Users\Micalu\AppData\Local\Temp\amd-catalyst-15.7.1-without-dotnet45-win7-32bit.exe
C:\Users\Micalu\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\Micalu\AppData\Local\Temp\SIntf16.dll
C:\Users\Micalu\AppData\Local\Temp\SIntf32.dll
C:\Users\Micalu\AppData\Local\Temp\SIntfNT.dll
C:\Users\Micalu\AppData\Local\Temp\war3_Install.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-08-06 00:44
==================== End of FRST.txt ============================
Ran by Micalu (administrator) on MICALU-PC (09-08-2016 19:42:18)
Running from C:\Users\Micalu\Desktop
Loaded Profiles: Micalu (Available Profiles: Micalu)
Platform: Microsoft Windows 7 Home Premium (X86) Language: Português (Portugal)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\S-1-5-21-1261551153-2078032241-974631634-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [2852128 2016-08-02] (Valve Corporation)
HKU\S-1-5-21-1261551153-2078032241-974631634-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [4556048 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-1261551153-2078032241-974631634-1000\...\MountPoints2: {8c28ad9b-3d8a-11e6-924e-806e6f6e6963} - E:\Startme.exe
HKU\S-1-5-21-1261551153-2078032241-974631634-1000\...\MountPoints2: {8d860360-26ab-11e6-ba5c-00235a797910} - F:\SETUP.EXE
HKU\S-1-5-21-1261551153-2078032241-974631634-1000\...\MountPoints2: {99475801-5e6b-11e6-993f-00235a797910} - E:\autoplay.exe
HKU\S-1-5-21-1261551153-2078032241-974631634-1000\...\MountPoints2: {99475823-5e6b-11e6-993f-00235a797910} - G:\autoplay.exe
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [MyOverlayIcon] -> {B41B3408-923F-4B8B-85F2-146C509FA18C} => C:\Program Files\Lwosyzaseing\Thaberied\Terhoingprejsp.dll [2016-08-09] ()
Startup: C:\Users\Micalu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-06-09]
ShortcutTarget: Curse.lnk -> C:\Users\Micalu\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2F81E830-6D8E-4F75-BD4E-A632A99EFD3F}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C3ACD154-E70D-4769-9984-979D4BC63DED}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_32¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0D0EtB0B0Fzy0Ezy0C0FtAtC0EzztN0D0Tzu0StCyCzztBtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyCyBtDzzyEtD0AtGyDtD0C0AtG0FyCtA0FtGyE0EyCtAtGyE0DtD0EtC0CtByEtA0DyE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EtBtAtB0EtBtBtGyEyBtA0FtGyE0DyC0FtGzytB0BtCtG0EtB0CyE0FtD0F0F0CtB0FtB2QtN0A0LzuyE%26cr%3D537102424%26a%3Dwncy_dmontlsfs_16_32%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
HKU\S-1-5-21-1261551153-2078032241-974631634-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_32¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0D0EtB0B0Fzy0Ezy0C0FtAtC0EzztN0D0Tzu0StCyCzztBtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyCyBtDzzyEtD0AtGyDtD0C0AtG0FyCtA0FtGyE0EyCtAtGyE0DtD0EtC0CtByEtA0DyE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EtBtAtB0EtBtBtGyEyBtA0FtGyE0DyC0FtGzytB0BtCtG0EtB0CyE0FtD0F0F0CtB0FtB2QtN0A0LzuyE%26cr%3D537102424%26a%3Dwncy_dmontlsfs_16_32%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_32¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0D0EtB0B0Fzy0Ezy0C0FtAtC0EzztN0D0Tzu0StCyCzztBtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyCyBtDzzyEtD0AtGyDtD0C0AtG0FyCtA0FtGyE0EyCtAtGyE0DtD0EtC0CtByEtA0DyE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EtBtAtB0EtBtBtGyEyBtA0FtGyE0DyC0FtGzytB0BtCtG0EtB0CyE0FtD0F0F0CtB0FtB2QtN0A0LzuyE%26cr%3D537102424%26a%3Dwncy_dmontlsfs_16_32%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_32¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0D0EtB0B0Fzy0Ezy0C0FtAtC0EzztN0D0Tzu0StCyCzztBtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyCyBtDzzyEtD0AtGyDtD0C0AtG0FyCtA0FtGyE0EyCtAtGyE0DtD0EtC0CtByEtA0DyE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EtBtAtB0EtBtBtGyEyBtA0FtGyE0DyC0FtGzytB0BtCtG0EtB0CyE0FtD0F0F0CtB0FtB2QtN0A0LzuyE%26cr%3D537102424%26a%3Dwncy_dmontlsfs_16_32%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1261551153-2078032241-974631634-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_32¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0D0EtB0B0Fzy0Ezy0C0FtAtC0EzztN0D0Tzu0StCyCzztBtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyCyBtDzzyEtD0AtGyDtD0C0AtG0FyCtA0FtGyE0EyCtAtGyE0DtD0EtC0CtByEtA0DyE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EtBtAtB0EtBtBtGyEyBtA0FtGyE0DyC0FtGzytB0BtCtG0EtB0CyE0FtD0F0F0CtB0FtB2QtN0A0LzuyE%26cr%3D537102424%26a%3Dwncy_dmontlsfs_16_32%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1261551153-2078032241-974631634-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_32¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0D0EtB0B0Fzy0Ezy0C0FtAtC0EzztN0D0Tzu0StCyCzztBtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyCyBtDzzyEtD0AtGyDtD0C0AtG0FyCtA0FtGyE0EyCtAtGyE0DtD0EtC0CtByEtA0DyE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EtBtAtB0EtBtBtGyEyBtA0FtGyE0DyC0FtGzytB0BtCtG0EtB0CyE0FtD0F0F0CtB0FtB2QtN0A0LzuyE%26cr%3D537102424%26a%3Dwncy_dmontlsfs_16_32%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-30]
CHR Extension: (Google Docs) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-30]
CHR Extension: (Google Drive) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-30]
CHR Extension: (YouTube) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-30]
CHR Extension: (Planilhas do Google) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-30]
CHR Extension: (Documentos Google off-line) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-30]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-05-30]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-30]
CHR Extension: (Search Manager) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej [2016-08-09]
CHR Extension: (Gmail) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-30]
CHR Extension: (Chrome Media Router) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-05]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1261551153-2078032241-974631634-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1261551153-2078032241-974631634-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1030928 2015-02-27] (Disc Soft Ltd)
S3 Thaberied Configuration; C:\Program Files\Lwosyzaseing\Thaberied\thaberiedconfigurationptt.exe [291520 2016-08-09] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [25104 2016-08-09] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2016-05-30] (Disc Soft Ltd)
S3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [26168 2016-08-09] (Disc Soft Ltd)
R3 L1C; C:\Windows\System32\DRIVERS\L1C60x86.sys [67696 2011-01-25] (Atheros Communications, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-09 19:42 - 2016-08-09 19:42 - 00013332 _____ C:\Users\Micalu\Desktop\FRST.txt
2016-08-09 19:42 - 2016-08-09 19:42 - 00000000 ____D C:\FRST
2016-08-09 19:41 - 2016-08-09 19:41 - 01743872 _____ (Farbar) C:\Users\Micalu\Desktop\FRST.exe
2016-08-09 19:38 - 2016-08-09 19:38 - 00007168 _____ (Microsoft Corporation) C:\Users\Micalu\Desktop\api-ms-win-crt-convert-l1-1-0.dll
2016-08-09 18:52 - 2016-08-09 19:32 - 00000273 _____ C:\Users\Micalu\Desktop\Config.ini
2016-08-09 18:52 - 2016-03-15 20:28 - 00000000 ____D C:\Users\Micalu\Desktop\wvs
2016-08-09 18:52 - 2009-03-21 15:58 - 00000056 _____ C:\Users\Micalu\Desktop\DotA Utilities Dota Maps, Dota News, Dota AI Maps, Garena Updates, Videos, Tools and More.URL
2016-08-09 18:52 - 2009-03-21 15:57 - 00000259 _____ C:\Users\Micalu\Desktop\Readme.txt
2016-08-09 18:52 - 2004-01-21 22:55 - 01135616 _____ C:\Users\Micalu\Desktop\wvs.exe
2016-08-09 18:51 - 2016-08-09 18:52 - 71054296 _____ C:\Users\Micalu\Desktop\WVS 1.27 (BY_DIOGO_D2).zip
2016-08-09 18:49 - 2016-08-09 18:50 - 23509547 _____ C:\Users\Micalu\Desktop\eurobattle Client installer_v6 (BY_DIOGO_D2).zip
2016-08-09 18:34 - 2016-08-09 18:34 - 00884002 _____ C:\Users\Micalu\Desktop\ucrt_x86.zip
2016-08-09 18:30 - 2016-08-09 18:31 - 13767776 _____ (Microsoft Corporation) C:\Users\Micalu\Desktop\vc_redist.x86.exe
2016-08-09 18:25 - 2016-04-23 23:18 - 25165312 _____ (Eurobattle.net) C:\Users\Micalu\Desktop\installer.exe
2016-08-09 18:20 - 2016-08-09 18:22 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-09 18:07 - 2016-08-09 18:08 - 23509547 _____ C:\Users\Micalu\Desktop\installer_v6.zip
2016-08-09 17:29 - 2016-08-09 17:30 - 33615005 _____ C:\Users\Micalu\Desktop\TFT Version 1.26a.zip
2016-08-09 17:14 - 2016-08-09 19:32 - 00000000 ____D C:\Users\Micalu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-08-09 17:13 - 2016-08-09 17:13 - 00001902 _____ C:\Users\Micalu\Desktop\Frozen Throne.lnk
2016-08-09 17:13 - 2016-08-09 17:13 - 00000040 _____ C:\Users\Micalu\AppData\Roaming\WB.CFG
2016-08-09 17:07 - 2016-08-09 17:07 - 00001895 _____ C:\Users\Micalu\Desktop\Warcraft III.lnk
2016-08-09 17:06 - 2016-08-09 17:13 - 00139264 _____ (Blizzard Entertainment) C:\Windows\War3Unin.exe
2016-08-09 17:06 - 2016-08-09 17:13 - 00055406 _____ C:\Windows\War3Unin.dat
2016-08-09 17:06 - 2016-08-09 17:13 - 00002829 _____ C:\Windows\War3Unin.pif
2016-08-09 17:06 - 2016-08-09 17:13 - 00000000 ____D C:\Users\Micalu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft III
2016-08-09 17:06 - 2016-08-09 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
2016-08-09 17:03 - 2016-08-09 19:33 - 00000000 ____D C:\Program Files\Warcraft III
2016-08-09 16:52 - 2016-08-09 19:41 - 00000000 ____D C:\Users\Micalu\AppData\Local\Niwoleknity
2016-08-09 16:52 - 2016-08-09 16:58 - 00000000 ____D C:\Program Files\Lwosyzaseing
2016-08-09 16:51 - 2016-08-09 16:53 - 00025104 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2016-08-09 16:51 - 2016-08-09 16:52 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2016-08-09 16:51 - 2016-08-09 16:51 - 00001896 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-08-09 16:51 - 2016-08-09 16:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-08-09 16:45 - 2016-08-09 16:46 - 13146016 _____ (Disc Soft Ltd) C:\Users\Micalu\Desktop\daemon-tools-5-0-1-multi-win.exe
2016-08-09 16:40 - 2016-08-09 16:40 - 00072571 _____ C:\Users\Micalu\Downloads\Baixaki_iso-creator [1].exe
2016-08-09 16:13 - 2016-08-09 19:13 - 00000980 _____ C:\Windows\Tasks\Yahoo! Powered tenof.job
2016-08-09 16:13 - 2016-08-09 19:13 - 00000278 _____ C:\Windows\Tasks\{03F02CB1-B890-1AF7-7E91-034D01A71D2E}.job
2016-08-09 16:13 - 2016-08-09 19:13 - 00000000 ____D C:\ProgramData\{0600C363-8C42-49A5-0A84-D7E790C65C29}
2016-08-09 16:13 - 2016-08-09 17:13 - 00000000 ____D C:\Users\Micalu\AppData\Roaming\{6F1F59A4-4A4D-34D2-217B-1300FDA9EE3E}
2016-08-09 16:13 - 2016-08-09 16:14 - 00000000 ____D C:\Users\Micalu\AppData\Local\{6F42591E-4BEA-35A6-2672-104E021AECD6}
2016-08-09 16:13 - 2016-08-09 16:13 - 00002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2016-08-09 16:13 - 2016-08-09 16:13 - 00000282 __RSH C:\ProgramData\ntuser.pol
2016-08-09 16:12 - 2016-08-09 16:16 - 00026168 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtultrascsibus.sys
2016-08-09 16:12 - 2016-08-09 16:12 - 00000000 ____D C:\Users\Micalu\AppData\Roaming\DAEMON Tools Ultra
2016-08-09 16:12 - 2016-08-09 16:12 - 00000000 ____D C:\ProgramData\DAEMON Tools Ultra
2016-08-09 16:11 - 2016-08-09 16:11 - 03938632 _____ C:\Users\Micalu\Desktop\Game2e.com 1.26a - game.dll.zip
2016-08-09 15:46 - 2016-08-09 15:46 - 00000000 ____D C:\Users\Micalu\AppData\LocalLow\uTorrent
2016-08-09 15:22 - 2016-08-09 15:35 - 00000000 ____D C:\Users\Micalu\Downloads\Warcraft III Reign of Chaos, The Frozen Throne, DoTa + Update Patch War3TFT_121b_English and map pack + CD Key
2016-08-08 15:01 - 2016-08-08 15:01 - 00000000 ____D C:\Users\Micalu\Documents\Modelos Personalizados do Office
2016-08-07 14:16 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-08-07 14:16 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-08-07 14:16 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-08-07 14:16 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-08-07 14:16 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-08-07 14:16 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-08-07 14:16 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-08-07 14:16 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-08-07 14:16 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-08-07 14:16 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-08-07 14:16 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-08-07 14:16 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-08-07 14:16 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-08-07 14:16 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-08-07 14:16 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-08-07 14:16 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-08-07 14:16 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-08-07 14:16 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-08-07 14:16 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-08-07 14:16 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-08-07 14:16 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-08-07 14:16 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-08-07 14:16 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-08-07 14:16 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-08-07 14:16 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-08-07 14:16 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-08-07 14:16 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-08-07 14:16 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-08-07 14:16 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-08-07 14:16 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-08-07 14:16 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-08-07 14:16 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-08-07 14:16 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-08-07 14:16 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-08-07 14:16 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-08-07 14:16 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-08-07 14:16 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-08-07 14:16 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-08-07 14:16 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-08-07 14:16 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-08-07 14:16 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-08-07 14:16 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-08-07 14:16 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-08-07 14:16 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-08-07 14:16 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-08-07 14:16 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-08-07 14:16 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-08-07 14:16 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-08-07 14:16 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-08-07 14:16 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-08-07 14:16 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-08-07 14:16 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-08-07 14:16 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-08-07 14:16 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-08-07 14:16 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-08-07 14:16 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-08-07 14:16 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-08-07 14:16 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-08-07 14:16 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-08-07 14:16 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-08-07 14:16 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-08-07 14:16 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-08-07 14:16 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-08-07 14:16 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-08-07 14:16 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-08-07 14:16 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-08-07 14:16 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-08-07 14:16 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-08-07 14:16 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-08-07 14:16 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-08-07 14:16 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-08-07 14:16 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-08-07 14:16 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-08-07 14:16 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-08-07 14:16 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-08-07 14:16 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-08-07 14:16 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-08-07 14:16 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-08-07 14:16 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-08-07 14:16 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-08-07 14:16 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-08-07 14:16 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-08-07 14:16 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-08-07 14:16 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-08-07 14:16 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-08-07 14:16 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-08-07 14:16 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-08-07 14:16 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-08-07 14:16 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-08-07 14:16 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-08-07 14:16 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-08-07 03:25 - 2016-08-07 03:25 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-08-05 08:05 - 2016-08-05 08:05 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-08-05 08:05 - 2016-08-05 08:05 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-08-04 12:41 - 2011-04-09 02:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-08-04 12:29 - 2016-06-25 12:43 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2016-08-04 12:29 - 2015-03-18 23:57 - 03963320 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-08-04 12:29 - 2015-03-18 23:57 - 03908024 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-08-04 12:29 - 2014-09-14 21:42 - 02377216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-08-04 12:29 - 2013-03-19 01:54 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-08-04 12:29 - 2013-03-18 23:50 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-08-04 12:29 - 2010-12-18 02:29 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-08-04 11:39 - 2012-06-02 19:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-08-04 11:39 - 2012-06-02 19:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-08-04 11:39 - 2012-06-02 19:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-08-04 11:39 - 2012-06-02 19:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-08-04 11:38 - 2012-06-02 19:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-08-04 11:38 - 2012-06-02 19:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-08-04 11:38 - 2012-06-02 19:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-08-04 11:38 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-08-04 11:38 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-08-04 09:23 - 2016-08-04 09:23 - 00000000 ____D C:\Users\Micalu\AppData\Local\Windows Live
2016-08-04 09:22 - 2016-08-04 09:22 - 00000000 ____D C:\Program Files\Common Files\Windows Live
2016-07-26 18:05 - 2016-07-26 18:05 - 00001082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2016-07-26 18:05 - 2016-07-26 18:05 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-09 18:46 - 2016-05-30 16:27 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-09 18:46 - 2016-05-30 16:27 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-09 17:46 - 2016-05-30 15:58 - 00000000 ____D C:\Users\Micalu\AppData\Local\VirtualStore
2016-08-09 17:24 - 2016-06-09 09:22 - 00000000 ____D C:\Users\Micalu\AppData\Roaming\Curse Client
2016-08-09 17:23 - 2009-07-14 01:34 - 00019312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-09 17:23 - 2009-07-14 01:34 - 00019312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-09 17:16 - 2016-06-06 13:13 - 00000000 ____D C:\Program Files\Steam
2016-08-09 17:15 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-09 16:59 - 2016-05-30 16:26 - 00087608 _____ C:\Users\Micalu\AppData\Local\GDIPFONTCACHEV1.DAT
2016-08-09 16:59 - 2009-07-14 01:33 - 00360032 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-09 16:58 - 2016-05-31 07:23 - 00000000 ____D C:\ProgramData\GAS Tecnologia
2016-08-09 16:57 - 2016-05-30 18:21 - 00000000 ____D C:\Users\Micalu\AppData\Roaming\uTorrent
2016-08-09 16:53 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf
2016-08-09 16:13 - 2009-07-13 23:37 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-08-08 15:02 - 2016-05-30 19:02 - 00000000 ____D C:\Users\Micalu\AppData\Local\Microsoft Help
2016-08-07 03:31 - 2016-05-30 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-08-07 03:30 - 2009-07-13 23:04 - 00000478 _____ C:\Windows\win.ini
2016-08-06 04:26 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\rescache
2016-08-06 03:18 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-06 03:08 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\System
2016-08-05 16:40 - 2016-06-06 13:13 - 00000000 ____D C:\Program Files\Common Files\Steam
2016-08-04 18:48 - 2016-06-14 20:41 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-04 17:52 - 2016-05-30 16:28 - 00002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-26 14:24 - 2016-05-30 16:21 - 00406184 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-22 15:59 - 2016-05-30 16:03 - 01653922 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-22 15:59 - 2009-07-14 05:31 - 00720406 _____ C:\Windows\system32\prfh0816.dat
2016-07-22 15:59 - 2009-07-14 05:31 - 00152358 _____ C:\Windows\system32\prfc0816.dat
==================== Files in the root of some directories =======
2016-08-09 17:13 - 2016-08-09 17:13 - 0000040 _____ () C:\Users\Micalu\AppData\Roaming\WB.CFG
Files to move or delete:
====================
C:\Windows\Tasks\{03F02CB1-B890-1AF7-7E91-034D01A71D2E}.job
Some files in TEMP:
====================
C:\Users\Micalu\AppData\Local\Temp\amd-catalyst-15.7.1-without-dotnet45-win7-32bit.exe
C:\Users\Micalu\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\Micalu\AppData\Local\Temp\SIntf16.dll
C:\Users\Micalu\AppData\Local\Temp\SIntf32.dll
C:\Users\Micalu\AppData\Local\Temp\SIntfNT.dll
C:\Users\Micalu\AppData\Local\Temp\war3_Install.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-08-06 00:44
==================== End of FRST.txt ============================