Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016
Ran by karl0 (28-12-2016 20:23:20)
Running from C:\Users\karl0\Downloads
Windows 10 Pro Version 1511 (X64) (2016-12-17 21:23:26)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4267311671-3594425200-2600288286-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4267311671-3594425200-2600288286-503 - Limited - Disabled)
Guest (S-1-5-21-4267311671-3594425200-2600288286-501 - Limited - Disabled)
karl0 (S-1-5-21-4267311671-3594425200-2600288286-1001 - Administrator - Enabled) => C:\Users\karl0
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-4267311671-3594425200-2600288286-1001\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
AMD OverDrive (HKLM-x32\...\{EEB605FD-C5F5-4946-90F3-D65C604A9187}) (Version: 4.3.1.0698 - Nome de sua empresa:)
Ansel (Version: 376.33 - NVIDIA Corporation) Hidden
Atualizações da NVIDIA 23.1.0.0 (Version: 23.1.0.0 - NVIDIA Corporation) Hidden
Burnout Paradise: The Ultimate Box (HKLM\...\Steam App 24740) (Version: - Criterion Games)
Discord (HKU\S-1-5-21-4267311671-3594425200-2600288286-1001\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Photos Backup (HKU\S-1-5-21-4267311671-3594425200-2600288286-1001\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version: - Rockstar North)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Max Payne 3 (HKLM\...\Steam App 204100) (Version: - Rockstar Studios)
Microsoft OneDrive (HKU\S-1-5-21-4267311671-3594425200-2600288286-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MorphVOX Junior (HKLM-x32\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.33 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.2.0.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.0.96 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.0.0.0 - NVIDIA Corporation) Hidden
OpenIV (HKU\S-1-5-21-4267311671-3594425200-2600288286-1001\...\OpenIV) (Version: 2.8.703 - .black/OpenIV Team)
Paladins (HKLM\...\Steam App 444090) (Version: - Hi-Rez Studios)
Platform (x32 Version: 1.43 - VIA Technologies, Inc.) Hidden
Rayman Origins (HKLM-x32\...\Uplay Install 80) (Version: - Ubisoft)
RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games)
SHIELD Streaming (Version: 7.1.0350 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-4267311671-3594425200-2600288286-1001\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft)
VIA Gerenciador de dispositivo de plataforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.43 - VIA Technologies, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4267311671-3594425200-2600288286-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\karl0\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4267311671-3594425200-2600288286-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\karl0\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0B7CCA2E-94B3-4E26-A020-19C691FFBD6A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4267311671-3594425200-2600288286-1001UA => C:\Users\karl0\AppData\Local\Google\Update\GoogleUpdate.exe [2016-12-28] (Google Inc.)
Task: {1923B387-6903-4847-A0DE-9391C739BBE3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-17] (Google Inc.)
Task: {19651012-0309-4206-8249-F81BFBFACA9F} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-12] (NVIDIA Corporation)
Task: {1A9719D3-677E-468D-B053-503C249F4338} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-12-12] (NVIDIA Corporation)
Task: {2CABDD59-67EA-4028-9A2B-C20195C1B5BA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4267311671-3594425200-2600288286-1001Core => C:\Users\karl0\AppData\Local\Google\Update\GoogleUpdate.exe [2016-12-28] (Google Inc.)
Task: {34D6A7E6-2FC7-4FB5-B076-9042CF9B5CF5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-12] (NVIDIA Corporation)
Task: {6A8E98DE-4C7C-4554-8FBA-936E8F986935} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-12] (NVIDIA Corporation)
Task: {99FA3CE4-05AF-41AE-91AC-BA73A58C33C3} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic [Argument = path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate]
Task: {9E36EDC0-145B-435E-80C0-B407BB8FC543} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-12-12] (NVIDIA Corporation)
Task: {D4FF254F-4C13-4919-87D1-AF5C0F627EFF} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-12] (NVIDIA Corporation)
Task: {D7C71ADA-26A7-416E-B0E6-74934F8D5D4B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-12] (NVIDIA Corporation)
Task: {EAE5A126-8EE9-4A4D-BA32-195C1922A2F8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-17] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2014-09-19 02:35 - 2014-09-19 02:35 - 00137584 _____ () C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
2016-12-17 19:23 - 2016-12-17 19:23 - 00026112 _____ () C:\Windows\KMS-R@1n.exe
2016-12-17 19:58 - 2016-12-12 21:36 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-17 19:58 - 2016-12-12 21:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-10-30 05:18 - 2015-10-30 05:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-12-17 19:57 - 2016-12-11 16:47 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-12 20:22 - 2016-07-12 20:22 - 02656408 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-07-12 20:22 - 2016-07-12 20:22 - 02656408 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-12-17 19:34 - 2016-12-17 19:34 - 01678560 _____ () C:\Users\karl0\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2016-07-12 20:12 - 2016-07-12 20:12 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-12 20:22 - 2016-07-12 20:22 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-12 20:22 - 2016-07-12 20:22 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2016-12-17 19:52 - 2016-12-17 19:51 - 00078456 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2016-12-17 19:52 - 2016-12-17 19:51 - 00386168 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2015-10-30 07:09 - 2015-10-30 07:09 - 00044032 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-07-12 20:22 - 2016-07-12 20:22 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-12 20:22 - 2016-07-12 20:22 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-12 20:22 - 2016-07-12 20:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-12 20:22 - 2016-07-12 20:22 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-12-17 19:40 - 2016-12-08 06:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-17 19:40 - 2016-12-08 06:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2014-09-19 02:35 - 2014-09-19 02:35 - 00625000 _____ () C:\Program Files (x86)\AMD\OverDrive\Device.dll
2014-09-19 02:35 - 2014-09-19 02:35 - 03860848 _____ () C:\Program Files (x86)\AMD\OverDrive\Platform.dll
2014-09-19 02:35 - 2014-09-19 02:35 - 01587560 _____ () C:\Program Files (x86)\AMD\OverDrive\QtCore4.dll
2014-09-19 02:35 - 2014-09-19 02:35 - 06441320 _____ () C:\Program Files (x86)\AMD\OverDrive\QtGui4.dll
2014-09-19 02:35 - 2014-09-19 02:35 - 00362856 _____ () C:\Program Files (x86)\AMD\OverDrive\QtXml4.dll
2016-12-17 19:58 - 2016-12-12 21:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-12-17 19:58 - 2016-12-12 21:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-17 19:58 - 2016-12-12 21:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-17 19:34 - 2016-12-17 19:34 - 01244376 _____ () C:\Users\karl0\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
2016-12-17 21:14 - 2016-12-08 13:13 - 00656160 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-12-17 21:14 - 2016-08-31 23:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-12-17 21:14 - 2016-12-20 00:25 - 02322720 _____ () C:\Program Files (x86)\Steam\video.dll
2016-12-17 21:13 - 2016-01-27 05:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-12-17 21:13 - 2016-01-27 05:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-12-17 21:13 - 2016-01-27 05:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-12-17 21:13 - 2016-01-27 05:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-12-17 21:13 - 2016-01-27 05:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-12-17 21:13 - 2016-08-31 23:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-12-17 21:13 - 2016-08-31 23:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-12-17 21:14 - 2016-12-20 00:25 - 00838944 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-12-17 21:13 - 2016-07-04 20:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-12-17 21:56 - 2016-08-24 18:49 - 01950392 _____ () C:\Users\karl0\AppData\Local\Discord\app-0.0.296\ffmpeg.dll
2016-12-17 21:56 - 2016-12-17 21:56 - 01058816 _____ () \\?\C:\Users\karl0\AppData\Roaming\discord\0.0.296\modules\discord_voice\discord_voice.node
2016-12-17 21:56 - 2016-12-17 21:56 - 03801088 _____ () \\?\C:\Users\karl0\AppData\Roaming\discord\0.0.296\modules\discord_voice\libdiscord.dll
2016-12-17 21:56 - 2016-12-17 21:56 - 00894136 _____ () \\?\C:\Users\karl0\AppData\Roaming\discord\0.0.296\modules\discord_utils\discord_utils.node
2016-12-17 21:56 - 2016-12-17 21:56 - 01119416 _____ () \\?\C:\Users\karl0\AppData\Roaming\discord\0.0.296\modules\discord_toaster\discord_toaster.node
2016-12-17 19:58 - 2016-12-12 21:33 - 64245184 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-12-17 21:56 - 2016-08-24 18:49 - 02230456 _____ () C:\Users\karl0\AppData\Local\Discord\app-0.0.296\libglesv2.dll
2016-12-17 21:56 - 2016-08-24 18:49 - 00088760 _____ () C:\Users\karl0\AppData\Local\Discord\app-0.0.296\libegl.dll
2016-12-28 14:50 - 2016-12-28 14:50 - 00170496 _____ () \\?\C:\Users\karl0\AppData\Local\Temp\4216.tmp.node
2016-12-17 21:56 - 2016-12-17 21:56 - 02658304 _____ () \\?\C:\Users\karl0\AppData\Roaming\discord\0.0.296\modules\discord_rpc\discord_rpc.node
2016-12-17 22:51 - 2016-12-17 22:51 - 02147328 _____ () \\?\C:\Users\karl0\AppData\Roaming\discord\0.0.296\modules\discord_contact_import\discord_contact_import.node
2016-12-17 21:16 - 2016-12-05 14:21 - 67304736 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2016-12-17 21:14 - 2016-12-20 00:25 - 00388384 _____ () C:\Program Files (x86)\Steam\steam.dll
2016-12-17 21:13 - 2015-09-24 21:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2016-12-17 19:58 - 2016-12-12 12:36 - 00525760 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-12-17 19:58 - 2016-12-12 12:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-12-17 19:58 - 2016-12-12 12:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-12-17 19:58 - 2016-12-12 12:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-12-17 19:58 - 2016-12-12 12:36 - 00447424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-12-17 19:58 - 2016-12-12 12:36 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-12-17 19:58 - 2016-12-12 12:36 - 01003456 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-12-17 20:19 - 2016-12-12 12:36 - 00956472 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
2015-10-30 07:09 - 2015-10-30 07:09 - 00151040 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2015-10-30 07:09 - 2015-10-30 07:09 - 18818048 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-04-08 20:35 - 2016-04-08 20:35 - 03481600 _____ () C:\Users\karl0\AppData\Local\Programs\Google\Google Photos Backup\gpuploader_i18n.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 05:24 - 2015-10-30 05:21 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4267311671-3594425200-2600288286-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\karl0\Pictures\14492356_1395894403772427_4648941484058830365_n.jpg
DNS Servers: 201.82.0.68 - 201.82.0.63
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{9FE3B6BB-4672-418D-8A1C-7002F698E722}] => C:\Windows\KMS-R@1n.exe
FirewallRules: [{6BDBA921-82EE-45D1-8592-D8ADC616D0CE}] => C:\Windows\KMS-R@1n.exe
FirewallRules: [{234B685E-24D8-4252-8FE4-EF45008CE0C1}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7BB62401-90AF-4A4E-98ED-218D6F362800}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{D26309A6-9C2F-4319-9232-355066588F51}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{2667D62F-639F-44B0-B799-26DC34E6C76D}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{2155C6B1-D268-499C-BF0D-D2C43430BA2A}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CDCB88AB-F750-4BF0-B96D-614EEE756A6F}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{5488EBEE-38FE-4E08-9FC6-7DA3E5DBEE60}C:\users\karl0\appdata\roaming\spotify\spotify.exe] => C:\users\karl0\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{1361FAB5-94E6-4C66-BE89-19B6E3BF970C}C:\users\karl0\appdata\roaming\spotify\spotify.exe] => C:\users\karl0\appdata\roaming\spotify\spotify.exe
FirewallRules: [{874F553E-3414-4F61-9144-B4765E8BC28A}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F1A00AE1-3A5F-47DA-823F-BD15B8B96AF0}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F2C8E2D7-F1CE-4D8F-AD33-D11304617BE1}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1A7EA2B9-6F5E-4BB8-A48D-E2FE78522A58}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{9DEFCAF5-495D-40D2-992E-FC7CB9C4D233}] => C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{CE3036AB-B245-4CB7-9217-6F8FF97843A6}] => C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [TCP Query User{8AF12004-7CEF-48DE-90EF-AD7CAFB9958F}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{5F2C8113-CF9D-4AD3-B401-E0747CA12AF9}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [TCP Query User{45AE1D8B-63C8-4573-A623-A96002F777F9}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{C3729611-733B-4349-8970-6F23FB00D44B}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{7C873E45-8DD0-4BB6-9FA5-E93D5DADF83A}] => C:\Users\karl0\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3E99DD69-714F-42EB-B98D-6106B2D7CEC4}] => C:\Users\karl0\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E516A876-AE7C-45A3-9787-FBB624555A3D}] => C:\Users\karl0\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{66E1906B-D6DD-438B-BE5D-B867716B7E64}] => C:\Users\karl0\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F032D16C-C3B9-47C8-BB86-AD0FE789D6C5}] => C:\Users\karl0\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7EA6214E-9C34-493C-B3B1-D5FEB818F827}] => C:\Users\karl0\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{776A52C3-40E0-49D4-BE8E-618709FAC761}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{5D9FFCF9-FEB3-445D-B912-7CB833D2B3EB}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{6CD9C147-F32C-48E3-9064-96B6BF9B30D9}] => C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{5BEC36CD-249C-4555-93C3-832459FC5D07}] => C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{5EFE5681-E537-4474-9F55-04EF5BBCBD73}] => C:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{D37F1F8B-3490-448D-A926-ED701697098B}] => C:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{706AFE52-E419-4F87-8A4F-54CB81B575B6}] => C:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{D34D410E-98DC-46C5-92B0-7061E3103799}] => C:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe
==================== Restore Points =========================
17-12-2016 19:22:31 Windows Modules Installer
20-12-2016 23:56:16 Language Pack Removal
26-12-2016 18:16:51 DirectX instalado
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/28/2016 07:32:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: GTA5.exe, versão: 1.0.944.2, carimbo de data/hora: 0x5847f2c1
Nome do módulo com falha: GTA5.exe, versão: 1.0.944.2, carimbo de data/hora: 0x5847f2c1
Código de exceção: 0x80000003
Deslocamento da falha: 0x00000000011e7c6f
ID do processo com falha: 0x2e28
Hora de início do aplicativo com falha: 0x01d261518e5b378c
Caminho do aplicativo com falha: C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTA5.exe
Caminho do módulo com falha: C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTA5.exe
ID do Relatório: de528807-61bd-473f-999a-d863c9d5e2a1
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (12/28/2016 04:49:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-VNF5IBM)
Description: O pacote Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe+App foi terminado porque levou muito tempo para ser suspenso.
System errors:
=============
Error: (12/28/2016 08:08:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: As configurações de permissão application-specific não concedem permissão Local Activation para o aplicativo de Servidor COM com CLSID
{3185A766-B338-11E4-A71E-12E3F512A338}
e APPID
{7006698D-2974-4091-A424-85DD0B909E23}
ao usuário NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) do endereço LocalHost (Using LRPC) que está sendo executado no contêiner de aplicativos Unavailable SID (Unavailable). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/28/2016 08:08:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: As configurações de permissão application-specific não concedem permissão Local Activation para o aplicativo de Servidor COM com CLSID
{3185A766-B338-11E4-A71E-12E3F512A338}
e APPID
{7006698D-2974-4091-A424-85DD0B909E23}
ao usuário NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) do endereço LocalHost (Using LRPC) que está sendo executado no contêiner de aplicativos Unavailable SID (Unavailable). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/28/2016 07:35:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: As configurações de permissão application-specific não concedem permissão Local Activation para o aplicativo de Servidor COM com CLSID
{3185A766-B338-11E4-A71E-12E3F512A338}
e APPID
{7006698D-2974-4091-A424-85DD0B909E23}
ao usuário NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) do endereço LocalHost (Using LRPC) que está sendo executado no contêiner de aplicativos Unavailable SID (Unavailable). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/28/2016 02:11:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço User Data Access_4209a foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Restart the service.
Error: (12/28/2016 02:11:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço User Data Storage_4209a foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Restart the service.
Error: (12/28/2016 02:11:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Contact Data_4209a foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Restart the service.
Error: (12/28/2016 02:11:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Sync Host_4209a foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Restart the service.
Error: (12/28/2016 02:11:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: As configurações de permissão application-specific não concedem permissão Local Activation para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário NT AUTHORITY\SYSTEM SID (S-1-5-18) do endereço LocalHost (Using LRPC) que está sendo executado no contêiner de aplicativos Unavailable SID (Unavailable). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/28/2016 01:08:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: As configurações de permissão application-specific não concedem permissão Local Activation para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário NT AUTHORITY\SYSTEM SID (S-1-5-18) do endereço LocalHost (Using LRPC) que está sendo executado no contêiner de aplicativos Unavailable SID (Unavailable). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/27/2016 09:38:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: As configurações de permissão application-specific não concedem permissão Local Activation para o aplicativo de Servidor COM com CLSID
{3185A766-B338-11E4-A71E-12E3F512A338}
e APPID
{7006698D-2974-4091-A424-85DD0B909E23}
ao usuário NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) do endereço LocalHost (Using LRPC) que está sendo executado no contêiner de aplicativos Unavailable SID (Unavailable). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
CodeIntegrity:
===================================
Date: 2016-12-19 15:33:37.856
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-12-19 15:33:37.840
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-12-17 21:03:18.326
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-17 20:26:21.099
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-12-17 20:14:26.024
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-12-17 20:13:01.159
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-17 20:12:14.815
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-17 19:50:03.312
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-17 19:44:01.180
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-17 19:43:02.970
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD FX(tm)-8320 Eight-Core Processor
Percentage of memory in use: 28%
Total physical RAM: 12269.55 MB
Available physical RAM: 8746.82 MB
Total Virtual: 14125.55 MB
Available Virtual: 9351.25 MB
==================== Drives ================================
Drive c: (Zeus) (Fixed) (Total:931.51 GB) (Free:552.1 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.13 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:931.51 GB) (Free:34.39 GB) NTFS
Drive f: () (Fixed) (Total:931.02 GB) (Free:715.27 GB) NTFS
Drive g: (CARLOS SSG) (Removable) (Total:7.6 GB) (Free:0.47 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 70BE3B22)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E10ABBF2)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: FE8D1050)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 7.6 GB) (Disk ID: 04DD5721)
Partition 1: (Not Active) - (Size=7.6 GB) - (Type=0C)
==================== End of Addition.txt ============================
Ran by karl0 (28-12-2016 20:23:20)
Running from C:\Users\karl0\Downloads
Windows 10 Pro Version 1511 (X64) (2016-12-17 21:23:26)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4267311671-3594425200-2600288286-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4267311671-3594425200-2600288286-503 - Limited - Disabled)
Guest (S-1-5-21-4267311671-3594425200-2600288286-501 - Limited - Disabled)
karl0 (S-1-5-21-4267311671-3594425200-2600288286-1001 - Administrator - Enabled) => C:\Users\karl0
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-4267311671-3594425200-2600288286-1001\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
AMD OverDrive (HKLM-x32\...\{EEB605FD-C5F5-4946-90F3-D65C604A9187}) (Version: 4.3.1.0698 - Nome de sua empresa:)
Ansel (Version: 376.33 - NVIDIA Corporation) Hidden
Atualizações da NVIDIA 23.1.0.0 (Version: 23.1.0.0 - NVIDIA Corporation) Hidden
Burnout Paradise: The Ultimate Box (HKLM\...\Steam App 24740) (Version: - Criterion Games)
Discord (HKU\S-1-5-21-4267311671-3594425200-2600288286-1001\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Photos Backup (HKU\S-1-5-21-4267311671-3594425200-2600288286-1001\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version: - Rockstar North)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Max Payne 3 (HKLM\...\Steam App 204100) (Version: - Rockstar Studios)
Microsoft OneDrive (HKU\S-1-5-21-4267311671-3594425200-2600288286-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MorphVOX Junior (HKLM-x32\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.33 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.2.0.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.0.96 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.0.0.0 - NVIDIA Corporation) Hidden
OpenIV (HKU\S-1-5-21-4267311671-3594425200-2600288286-1001\...\OpenIV) (Version: 2.8.703 - .black/OpenIV Team)
Paladins (HKLM\...\Steam App 444090) (Version: - Hi-Rez Studios)
Platform (x32 Version: 1.43 - VIA Technologies, Inc.) Hidden
Rayman Origins (HKLM-x32\...\Uplay Install 80) (Version: - Ubisoft)
RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games)
SHIELD Streaming (Version: 7.1.0350 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-4267311671-3594425200-2600288286-1001\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft)
VIA Gerenciador de dispositivo de plataforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.43 - VIA Technologies, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4267311671-3594425200-2600288286-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\karl0\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4267311671-3594425200-2600288286-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\karl0\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0B7CCA2E-94B3-4E26-A020-19C691FFBD6A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4267311671-3594425200-2600288286-1001UA => C:\Users\karl0\AppData\Local\Google\Update\GoogleUpdate.exe [2016-12-28] (Google Inc.)
Task: {1923B387-6903-4847-A0DE-9391C739BBE3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-17] (Google Inc.)
Task: {19651012-0309-4206-8249-F81BFBFACA9F} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-12] (NVIDIA Corporation)
Task: {1A9719D3-677E-468D-B053-503C249F4338} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-12-12] (NVIDIA Corporation)
Task: {2CABDD59-67EA-4028-9A2B-C20195C1B5BA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4267311671-3594425200-2600288286-1001Core => C:\Users\karl0\AppData\Local\Google\Update\GoogleUpdate.exe [2016-12-28] (Google Inc.)
Task: {34D6A7E6-2FC7-4FB5-B076-9042CF9B5CF5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-12] (NVIDIA Corporation)
Task: {6A8E98DE-4C7C-4554-8FBA-936E8F986935} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-12] (NVIDIA Corporation)
Task: {99FA3CE4-05AF-41AE-91AC-BA73A58C33C3} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic [Argument = path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate]
Task: {9E36EDC0-145B-435E-80C0-B407BB8FC543} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-12-12] (NVIDIA Corporation)
Task: {D4FF254F-4C13-4919-87D1-AF5C0F627EFF} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-12] (NVIDIA Corporation)
Task: {D7C71ADA-26A7-416E-B0E6-74934F8D5D4B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-12] (NVIDIA Corporation)
Task: {EAE5A126-8EE9-4A4D-BA32-195C1922A2F8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-17] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2014-09-19 02:35 - 2014-09-19 02:35 - 00137584 _____ () C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
2016-12-17 19:23 - 2016-12-17 19:23 - 00026112 _____ () C:\Windows\KMS-R@1n.exe
2016-12-17 19:58 - 2016-12-12 21:36 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-17 19:58 - 2016-12-12 21:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-10-30 05:18 - 2015-10-30 05:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-12-17 19:57 - 2016-12-11 16:47 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-12 20:22 - 2016-07-12 20:22 - 02656408 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-07-12 20:22 - 2016-07-12 20:22 - 02656408 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-12-17 19:34 - 2016-12-17 19:34 - 01678560 _____ () C:\Users\karl0\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2016-07-12 20:12 - 2016-07-12 20:12 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-12 20:22 - 2016-07-12 20:22 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-12 20:22 - 2016-07-12 20:22 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2016-12-17 19:52 - 2016-12-17 19:51 - 00078456 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2016-12-17 19:52 - 2016-12-17 19:51 - 00386168 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2015-10-30 07:09 - 2015-10-30 07:09 - 00044032 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-07-12 20:22 - 2016-07-12 20:22 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-12 20:22 - 2016-07-12 20:22 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-12 20:22 - 2016-07-12 20:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-12 20:22 - 2016-07-12 20:22 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-12-17 19:40 - 2016-12-08 06:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-17 19:40 - 2016-12-08 06:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2014-09-19 02:35 - 2014-09-19 02:35 - 00625000 _____ () C:\Program Files (x86)\AMD\OverDrive\Device.dll
2014-09-19 02:35 - 2014-09-19 02:35 - 03860848 _____ () C:\Program Files (x86)\AMD\OverDrive\Platform.dll
2014-09-19 02:35 - 2014-09-19 02:35 - 01587560 _____ () C:\Program Files (x86)\AMD\OverDrive\QtCore4.dll
2014-09-19 02:35 - 2014-09-19 02:35 - 06441320 _____ () C:\Program Files (x86)\AMD\OverDrive\QtGui4.dll
2014-09-19 02:35 - 2014-09-19 02:35 - 00362856 _____ () C:\Program Files (x86)\AMD\OverDrive\QtXml4.dll
2016-12-17 19:58 - 2016-12-12 21:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-12-17 19:58 - 2016-12-12 21:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-17 19:58 - 2016-12-12 21:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-17 19:34 - 2016-12-17 19:34 - 01244376 _____ () C:\Users\karl0\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
2016-12-17 21:14 - 2016-12-08 13:13 - 00656160 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-12-17 21:14 - 2016-08-31 23:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-12-17 21:14 - 2016-12-20 00:25 - 02322720 _____ () C:\Program Files (x86)\Steam\video.dll
2016-12-17 21:13 - 2016-01-27 05:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-12-17 21:13 - 2016-01-27 05:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-12-17 21:13 - 2016-01-27 05:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-12-17 21:13 - 2016-01-27 05:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-12-17 21:13 - 2016-01-27 05:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-12-17 21:13 - 2016-08-31 23:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-12-17 21:13 - 2016-08-31 23:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-12-17 21:14 - 2016-12-20 00:25 - 00838944 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-12-17 21:13 - 2016-07-04 20:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-12-17 21:56 - 2016-08-24 18:49 - 01950392 _____ () C:\Users\karl0\AppData\Local\Discord\app-0.0.296\ffmpeg.dll
2016-12-17 21:56 - 2016-12-17 21:56 - 01058816 _____ () \\?\C:\Users\karl0\AppData\Roaming\discord\0.0.296\modules\discord_voice\discord_voice.node
2016-12-17 21:56 - 2016-12-17 21:56 - 03801088 _____ () \\?\C:\Users\karl0\AppData\Roaming\discord\0.0.296\modules\discord_voice\libdiscord.dll
2016-12-17 21:56 - 2016-12-17 21:56 - 00894136 _____ () \\?\C:\Users\karl0\AppData\Roaming\discord\0.0.296\modules\discord_utils\discord_utils.node
2016-12-17 21:56 - 2016-12-17 21:56 - 01119416 _____ () \\?\C:\Users\karl0\AppData\Roaming\discord\0.0.296\modules\discord_toaster\discord_toaster.node
2016-12-17 19:58 - 2016-12-12 21:33 - 64245184 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-12-17 21:56 - 2016-08-24 18:49 - 02230456 _____ () C:\Users\karl0\AppData\Local\Discord\app-0.0.296\libglesv2.dll
2016-12-17 21:56 - 2016-08-24 18:49 - 00088760 _____ () C:\Users\karl0\AppData\Local\Discord\app-0.0.296\libegl.dll
2016-12-28 14:50 - 2016-12-28 14:50 - 00170496 _____ () \\?\C:\Users\karl0\AppData\Local\Temp\4216.tmp.node
2016-12-17 21:56 - 2016-12-17 21:56 - 02658304 _____ () \\?\C:\Users\karl0\AppData\Roaming\discord\0.0.296\modules\discord_rpc\discord_rpc.node
2016-12-17 22:51 - 2016-12-17 22:51 - 02147328 _____ () \\?\C:\Users\karl0\AppData\Roaming\discord\0.0.296\modules\discord_contact_import\discord_contact_import.node
2016-12-17 21:16 - 2016-12-05 14:21 - 67304736 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2016-12-17 21:14 - 2016-12-20 00:25 - 00388384 _____ () C:\Program Files (x86)\Steam\steam.dll
2016-12-17 21:13 - 2015-09-24 21:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2016-12-17 19:58 - 2016-12-12 12:36 - 00525760 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-12-17 19:58 - 2016-12-12 12:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-12-17 19:58 - 2016-12-12 12:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-12-17 19:58 - 2016-12-12 12:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-12-17 19:58 - 2016-12-12 12:36 - 00447424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-12-17 19:58 - 2016-12-12 12:36 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-12-17 19:58 - 2016-12-12 12:36 - 01003456 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-12-17 20:19 - 2016-12-12 12:36 - 00956472 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
2015-10-30 07:09 - 2015-10-30 07:09 - 00151040 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2015-10-30 07:09 - 2015-10-30 07:09 - 18818048 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-04-08 20:35 - 2016-04-08 20:35 - 03481600 _____ () C:\Users\karl0\AppData\Local\Programs\Google\Google Photos Backup\gpuploader_i18n.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 05:24 - 2015-10-30 05:21 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4267311671-3594425200-2600288286-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\karl0\Pictures\14492356_1395894403772427_4648941484058830365_n.jpg
DNS Servers: 201.82.0.68 - 201.82.0.63
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{9FE3B6BB-4672-418D-8A1C-7002F698E722}] => C:\Windows\KMS-R@1n.exe
FirewallRules: [{6BDBA921-82EE-45D1-8592-D8ADC616D0CE}] => C:\Windows\KMS-R@1n.exe
FirewallRules: [{234B685E-24D8-4252-8FE4-EF45008CE0C1}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7BB62401-90AF-4A4E-98ED-218D6F362800}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{D26309A6-9C2F-4319-9232-355066588F51}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{2667D62F-639F-44B0-B799-26DC34E6C76D}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{2155C6B1-D268-499C-BF0D-D2C43430BA2A}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CDCB88AB-F750-4BF0-B96D-614EEE756A6F}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{5488EBEE-38FE-4E08-9FC6-7DA3E5DBEE60}C:\users\karl0\appdata\roaming\spotify\spotify.exe] => C:\users\karl0\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{1361FAB5-94E6-4C66-BE89-19B6E3BF970C}C:\users\karl0\appdata\roaming\spotify\spotify.exe] => C:\users\karl0\appdata\roaming\spotify\spotify.exe
FirewallRules: [{874F553E-3414-4F61-9144-B4765E8BC28A}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F1A00AE1-3A5F-47DA-823F-BD15B8B96AF0}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F2C8E2D7-F1CE-4D8F-AD33-D11304617BE1}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1A7EA2B9-6F5E-4BB8-A48D-E2FE78522A58}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{9DEFCAF5-495D-40D2-992E-FC7CB9C4D233}] => C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{CE3036AB-B245-4CB7-9217-6F8FF97843A6}] => C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [TCP Query User{8AF12004-7CEF-48DE-90EF-AD7CAFB9958F}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{5F2C8113-CF9D-4AD3-B401-E0747CA12AF9}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [TCP Query User{45AE1D8B-63C8-4573-A623-A96002F777F9}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{C3729611-733B-4349-8970-6F23FB00D44B}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{7C873E45-8DD0-4BB6-9FA5-E93D5DADF83A}] => C:\Users\karl0\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3E99DD69-714F-42EB-B98D-6106B2D7CEC4}] => C:\Users\karl0\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E516A876-AE7C-45A3-9787-FBB624555A3D}] => C:\Users\karl0\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{66E1906B-D6DD-438B-BE5D-B867716B7E64}] => C:\Users\karl0\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F032D16C-C3B9-47C8-BB86-AD0FE789D6C5}] => C:\Users\karl0\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7EA6214E-9C34-493C-B3B1-D5FEB818F827}] => C:\Users\karl0\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{776A52C3-40E0-49D4-BE8E-618709FAC761}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{5D9FFCF9-FEB3-445D-B912-7CB833D2B3EB}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{6CD9C147-F32C-48E3-9064-96B6BF9B30D9}] => C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{5BEC36CD-249C-4555-93C3-832459FC5D07}] => C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{5EFE5681-E537-4474-9F55-04EF5BBCBD73}] => C:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{D37F1F8B-3490-448D-A926-ED701697098B}] => C:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{706AFE52-E419-4F87-8A4F-54CB81B575B6}] => C:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{D34D410E-98DC-46C5-92B0-7061E3103799}] => C:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe
==================== Restore Points =========================
17-12-2016 19:22:31 Windows Modules Installer
20-12-2016 23:56:16 Language Pack Removal
26-12-2016 18:16:51 DirectX instalado
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/28/2016 07:32:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: GTA5.exe, versão: 1.0.944.2, carimbo de data/hora: 0x5847f2c1
Nome do módulo com falha: GTA5.exe, versão: 1.0.944.2, carimbo de data/hora: 0x5847f2c1
Código de exceção: 0x80000003
Deslocamento da falha: 0x00000000011e7c6f
ID do processo com falha: 0x2e28
Hora de início do aplicativo com falha: 0x01d261518e5b378c
Caminho do aplicativo com falha: C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTA5.exe
Caminho do módulo com falha: C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTA5.exe
ID do Relatório: de528807-61bd-473f-999a-d863c9d5e2a1
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (12/28/2016 04:49:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-VNF5IBM)
Description: O pacote Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe+App foi terminado porque levou muito tempo para ser suspenso.
System errors:
=============
Error: (12/28/2016 08:08:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: As configurações de permissão application-specific não concedem permissão Local Activation para o aplicativo de Servidor COM com CLSID
{3185A766-B338-11E4-A71E-12E3F512A338}
e APPID
{7006698D-2974-4091-A424-85DD0B909E23}
ao usuário NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) do endereço LocalHost (Using LRPC) que está sendo executado no contêiner de aplicativos Unavailable SID (Unavailable). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/28/2016 08:08:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: As configurações de permissão application-specific não concedem permissão Local Activation para o aplicativo de Servidor COM com CLSID
{3185A766-B338-11E4-A71E-12E3F512A338}
e APPID
{7006698D-2974-4091-A424-85DD0B909E23}
ao usuário NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) do endereço LocalHost (Using LRPC) que está sendo executado no contêiner de aplicativos Unavailable SID (Unavailable). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/28/2016 07:35:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: As configurações de permissão application-specific não concedem permissão Local Activation para o aplicativo de Servidor COM com CLSID
{3185A766-B338-11E4-A71E-12E3F512A338}
e APPID
{7006698D-2974-4091-A424-85DD0B909E23}
ao usuário NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) do endereço LocalHost (Using LRPC) que está sendo executado no contêiner de aplicativos Unavailable SID (Unavailable). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/28/2016 02:11:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço User Data Access_4209a foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Restart the service.
Error: (12/28/2016 02:11:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço User Data Storage_4209a foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Restart the service.
Error: (12/28/2016 02:11:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Contact Data_4209a foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Restart the service.
Error: (12/28/2016 02:11:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Sync Host_4209a foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Restart the service.
Error: (12/28/2016 02:11:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: As configurações de permissão application-specific não concedem permissão Local Activation para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário NT AUTHORITY\SYSTEM SID (S-1-5-18) do endereço LocalHost (Using LRPC) que está sendo executado no contêiner de aplicativos Unavailable SID (Unavailable). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/28/2016 01:08:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: As configurações de permissão application-specific não concedem permissão Local Activation para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário NT AUTHORITY\SYSTEM SID (S-1-5-18) do endereço LocalHost (Using LRPC) que está sendo executado no contêiner de aplicativos Unavailable SID (Unavailable). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/27/2016 09:38:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: As configurações de permissão application-specific não concedem permissão Local Activation para o aplicativo de Servidor COM com CLSID
{3185A766-B338-11E4-A71E-12E3F512A338}
e APPID
{7006698D-2974-4091-A424-85DD0B909E23}
ao usuário NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) do endereço LocalHost (Using LRPC) que está sendo executado no contêiner de aplicativos Unavailable SID (Unavailable). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
CodeIntegrity:
===================================
Date: 2016-12-19 15:33:37.856
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-12-19 15:33:37.840
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-12-17 21:03:18.326
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-17 20:26:21.099
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-12-17 20:14:26.024
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-12-17 20:13:01.159
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-17 20:12:14.815
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-17 19:50:03.312
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-17 19:44:01.180
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-17 19:43:02.970
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD FX(tm)-8320 Eight-Core Processor
Percentage of memory in use: 28%
Total physical RAM: 12269.55 MB
Available physical RAM: 8746.82 MB
Total Virtual: 14125.55 MB
Available Virtual: 9351.25 MB
==================== Drives ================================
Drive c: (Zeus) (Fixed) (Total:931.51 GB) (Free:552.1 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.13 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:931.51 GB) (Free:34.39 GB) NTFS
Drive f: () (Fixed) (Total:931.02 GB) (Free:715.27 GB) NTFS
Drive g: (CARLOS SSG) (Removable) (Total:7.6 GB) (Free:0.47 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 70BE3B22)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E10ABBF2)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: FE8D1050)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 7.6 GB) (Disk ID: 04DD5721)
Partition 1: (Not Active) - (Size=7.6 GB) - (Type=0C)
==================== End of Addition.txt ============================