Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-01-2017
Ran by Cloud (administrator) on CLOUD-PC (09-01-2017 04:02:22)
Running from C:\Users\Cloud\Downloads
Loaded Profiles: Cloud (Available Profiles: Cloud)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Inglês (Estados Unidos)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(VIA Technologies, Inc.) C:\Windows\System32\KaraokeSer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Locktime Software) C:\Program Files\NetLimiter 3\nlsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(KYE) C:\Program Files (x86)\Genius\Manticore\MTHid.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(PC Partner Co.Ltd) C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msdt.exe
(Microsoft Corporation) C:\Windows\System32\sdiagnhost.exe
(Microsoft Corporation) C:\Windows\System32\sdiagnhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-12-03] (AVAST Software)
HKLM-x32\...\Run: [Manticore] => C:\Program Files (x86)\Genius\Manticore\MThid.exe [293376 2013-10-29] (KYE)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24278016 2015-03-11] (PC Partner Co.Ltd)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
HKU\S-1-5-21-3076387224-3557301491-2673967665-1000\...\Winlogon: [Shell] C:\Windows\expstart.exe [925184 2017-01-09] () <==== ATTENTION
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-12-03] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.108
Tcpip\..\Interfaces\{B343CE60-D611-4E96-A419-B4E45632B2F2}: [DhcpNameServer] 192.168.0.108
Internet Explorer:
==================
HKU\S-1-5-21-3076387224-3557301491-2673967665-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-10] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-12-03] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-10] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-10] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-12-03] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-10] (Oracle Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: owvr8taw.default
FF ProfilePath: C:\Users\Cloud\AppData\Roaming\Mozilla\Firefox\Profiles\owvr8taw.default [2017-01-08]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-12-03]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-12-03]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-10] (Oracle Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-10] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default [2017-01-09]
CHR Extension: (Google Apresentações) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-03]
CHR Extension: (Google Docs) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-03]
CHR Extension: (Google Drive) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-03]
CHR Extension: (YouTube) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-03]
CHR Extension: (Avast SafePrice) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-12-03]
CHR Extension: (Planilhas do Google) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-03]
CHR Extension: (Documentos Google off-line) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-03]
CHR Extension: (Avast Online Security) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-16]
CHR Extension: (Banrisul Internet Banking) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgapcljibnhkigclmbmdhgehflhljbdd [2016-12-10]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-03]
CHR Extension: (Gmail) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-03]
CHR Extension: (Chrome Media Router) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-03]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-12-03] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1447944 2016-12-12] ()
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-12-09] (Hi-Rez Studios) [File not signed]
R2 KaraokeService; C:\Windows\system32\KaraokeSer.exe [88696 2016-12-03] (VIA Technologies, Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
R2 nlsvc; C:\Program Files\NetLimiter 3\nlsvc.exe [1851008 2013-10-10] (Locktime Software)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-12] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-12] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-11] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-12-12] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2016-12-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2017-01-05] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180624 2017-01-05] (Electronic Arts)
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [18432 2016-06-25] () [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2016-12-03] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [635672 2014-05-21] (Wacom Technology, Corp.)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [82936 2016-12-14] (AVAST Software)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-12-03] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-12-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-12-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-12-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-12-03] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-12-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-12-03] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-12-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-12-03] (AVAST Software)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-12-03] (REALiX(tm))
R1 nltdi; C:\Program Files\NetLimiter 3\nltdi.sys [87472 2013-06-12] (Locktime Software)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-12-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-12-12] (NVIDIA Corporation)
R3 VLAN; C:\Windows\System32\DRIVERS\RtVLAN620.sys [32400 2016-12-03] (Realtek Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-09 04:02 - 2017-01-09 04:03 - 00018340 _____ C:\Users\Cloud\Downloads\FRST.txt
2017-01-09 04:02 - 2017-01-09 04:02 - 00000000 ____D C:\FRST
2017-01-09 04:01 - 2017-01-09 04:01 - 02419200 _____ (Farbar) C:\Users\Cloud\Downloads\FRST64.exe
2017-01-09 04:00 - 2017-01-09 04:01 - 00000000 ____D C:\a38430f190f01524eb752c09
2017-01-09 04:00 - 2017-01-09 04:00 - 00313366 _____ C:\Users\Cloud\Downloads\WindowsUpdateDiagnostic.diagcab
2017-01-09 04:00 - 2017-01-09 04:00 - 00000000 ____D C:\Windows\system32\EventProviders
2017-01-09 03:57 - 2017-01-09 04:00 - 947070088 _____ (Microsoft Corporation) C:\Users\Cloud\Downloads\windows6.1-KB976932-X64.exe
2017-01-09 03:41 - 2017-01-09 03:57 - 00002886 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Cloud)
2017-01-09 03:25 - 2016-01-11 17:05 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-01-09 03:25 - 2016-01-11 17:05 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-01-09 03:25 - 2016-01-11 17:05 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-01-09 03:25 - 2016-01-11 16:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-01-09 03:25 - 2016-01-11 16:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-01-09 03:25 - 2016-01-11 16:26 - 02610176 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-01-09 03:25 - 2016-01-11 16:24 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-01-09 03:25 - 2016-01-11 16:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-01-09 03:25 - 2016-01-11 16:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-01-09 03:25 - 2016-01-11 16:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-01-09 03:25 - 2016-01-11 16:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-01-09 03:25 - 2016-01-11 16:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-01-09 03:25 - 2016-01-11 16:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-01-09 03:25 - 2016-01-11 16:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-01-09 03:25 - 2016-01-11 16:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-01-09 03:25 - 2016-01-11 16:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-01-09 03:24 - 2017-01-09 03:24 - 00000000 ____D C:\030b52706f54be8704478c7c
2017-01-09 03:22 - 2017-01-09 03:22 - 00000000 ____D C:\a8b18568b26c1d2254
2017-01-09 03:18 - 2017-01-09 03:18 - 18191228 _____ C:\Users\Cloud\Downloads\WU Fix.zip
2017-01-09 03:15 - 2017-01-09 03:15 - 11840839 _____ C:\Users\Cloud\Downloads\Windows6.1-KB2670838-x64.msu
2017-01-09 03:15 - 2017-01-09 03:15 - 00000000 ____D C:\be3d8b70993dda2882d237f292bf1a
2017-01-09 03:12 - 2017-01-09 03:13 - 00000000 ____D C:\Users\Cloud\AppData\LocalLow\Daybreak Game Company
2017-01-09 03:12 - 2017-01-09 03:12 - 00000000 ____D C:\Users\Cloud\AppData\Local\SCE
2017-01-09 03:11 - 2017-01-09 03:11 - 00000000 ____D C:\Users\Cloud\AppData\Local\Daybreak Game Company
2017-01-09 02:31 - 2017-01-09 02:31 - 00000222 _____ C:\Users\Cloud\Desktop\H1Z1 King of the Kill.url
2017-01-07 23:55 - 2017-01-09 03:39 - 00000000 ____D C:\Users\Cloud\AppData\Local\LogMeIn Hamachi
2017-01-07 23:53 - 2017-01-07 23:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2017-01-07 23:53 - 2017-01-07 23:53 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2017-01-07 23:18 - 2017-01-08 00:11 - 00000000 ____D C:\Users\Cloud\Desktop\Nova pasta (3)
2017-01-07 20:48 - 2017-01-07 20:52 - 331602574 _____ C:\Users\Cloud\Downloads\FiveNightsAtFreddys2_1.rar
2017-01-05 19:03 - 2017-01-05 19:03 - 00000000 ____D C:\Program Files (x86)\Origin Games
2017-01-05 18:57 - 2017-01-06 13:30 - 00000000 ____D C:\Users\Cloud\AppData\Roaming\Origin
2017-01-05 18:56 - 2017-01-05 18:56 - 00000997 _____ C:\Users\Public\Desktop\Origin.lnk
2017-01-05 18:56 - 2017-01-05 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2017-01-05 18:56 - 2017-01-05 18:56 - 00000000 ____D C:\Program Files (x86)\Origin
2017-01-05 18:42 - 2017-01-06 13:35 - 00000000 ____D C:\ProgramData\Origin
2017-01-05 18:42 - 2017-01-05 19:03 - 00000000 ____D C:\Users\Cloud\AppData\Local\Origin
2017-01-05 18:42 - 2017-01-05 18:42 - 00000000 ____D C:\Users\Cloud\.QtWebEngineProcess
2017-01-05 18:42 - 2017-01-05 18:42 - 00000000 ____D C:\Users\Cloud\.Origin
2017-01-05 18:41 - 2017-01-05 18:41 - 55364064 _____ (Electronic Arts) C:\Users\Cloud\Downloads\OriginThinSetup.exe
2017-01-05 06:05 - 2017-01-05 06:05 - 00638401 _____ C:\Users\Cloud\Downloads\Mammoth MKIII.vciso
2017-01-04 18:41 - 2017-01-04 18:41 - 00000000 ____D C:\Windows\pss
2017-01-04 05:49 - 2017-01-04 05:49 - 00734815 _____ (Remote Mouse ) C:\Users\Cloud\Downloads\RemoteMouse.exe
2017-01-04 05:49 - 2017-01-04 05:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Mouse
2017-01-04 05:49 - 2017-01-04 05:49 - 00000000 ____D C:\Program Files (x86)\Remote Mouse
2017-01-04 05:05 - 2017-01-04 05:05 - 00299029 _____ C:\Users\Cloud\Downloads\Max.Steel.rar
2017-01-04 04:57 - 2017-01-04 05:36 - 00000000 ____D C:\Users\Cloud\Downloads\Max Steel 2016 720p WEBRip Legendado - TPF
2017-01-04 04:32 - 2017-01-04 04:32 - 00015135 _____ C:\Users\Cloud\Downloads\Max.Steel.torrent
2017-01-04 02:21 - 2017-01-04 02:21 - 00078800 _____ C:\Users\Cloud\Downloads\WhatsApp Image 2017-01-04 at 02.02.20.jpeg
2017-01-03 19:09 - 2017-01-03 19:09 - 00000000 ____D C:\ProgramData\FLEXnet
2017-01-03 19:08 - 2017-01-03 19:09 - 00000000 ____D C:\Users\Cloud\AppData\Local\Autodesk
2017-01-03 19:08 - 2017-01-03 19:08 - 00000000 ____D C:\Users\Cloud\Documents\Autodesk Application Manager
2017-01-03 19:07 - 2017-01-03 19:07 - 00001888 _____ C:\Users\Public\Desktop\SketchBook Pro 2016.lnk
2017-01-03 19:07 - 2017-01-03 19:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2017-01-03 19:07 - 2017-01-03 19:07 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2017-01-03 19:07 - 2017-01-03 19:07 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2017-01-03 19:07 - 2017-01-03 19:07 - 00000000 ____D C:\Program Files\Autodesk
2017-01-03 19:04 - 2017-01-03 19:09 - 00000000 ____D C:\Users\Cloud\AppData\Roaming\Autodesk
2017-01-03 19:04 - 2017-01-03 19:09 - 00000000 ____D C:\ProgramData\Autodesk
2017-01-03 19:03 - 2017-01-03 19:03 - 00000000 ____D C:\Autodesk
2017-01-03 18:55 - 2017-01-03 18:55 - 00000000 ____D C:\Users\Cloud\.android
2017-01-03 18:54 - 2017-01-03 18:55 - 00000000 ____D C:\Users\Cloud\AppData\Roaming\WTablet
2017-01-03 18:51 - 2017-01-03 18:51 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mesa Gráfica Wacom
2017-01-03 18:51 - 2017-01-03 18:51 - 00000000 ____D C:\Program Files\TabletPlugins
2017-01-03 18:51 - 2017-01-03 18:51 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2017-01-03 18:50 - 2017-01-03 18:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_wacomrouterfilter_01009.Wdf
2017-01-03 18:50 - 2017-01-03 18:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_wachidrouter_01009.Wdf
2017-01-03 18:50 - 2014-03-17 14:13 - 00095032 _____ (Wacom Technology) C:\Windows\system32\Drivers\wachidrouter.sys
2017-01-03 18:50 - 2014-03-17 14:13 - 00015160 _____ (Wacom Technology) C:\Windows\system32\Drivers\wacomrouterfilter.sys
2017-01-03 18:50 - 2014-03-17 14:13 - 00014136 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\hidkmdf.sys
2017-01-03 18:50 - 2012-12-11 20:12 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01009.dll
2017-01-03 18:50 - 2012-12-11 20:12 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wdfcoinstaller01009.dll
2017-01-03 18:49 - 2014-05-21 14:14 - 01946904 ____N (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2017-01-03 18:49 - 2014-05-21 14:14 - 01929496 ____N (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.dll
2017-01-03 18:49 - 2014-05-21 14:14 - 01922328 ____N (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Touch_Tablet.dll
2017-01-03 18:49 - 2014-05-21 14:14 - 01796888 ____N (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2017-01-03 18:49 - 2014-05-21 14:14 - 01563416 ____N (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Tablet.dll
2017-01-03 18:49 - 2014-05-21 14:14 - 01560344 ____N (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
2017-01-03 18:49 - 2014-05-21 14:14 - 01556760 ____N (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll
2017-01-03 18:49 - 2014-05-21 14:14 - 01443096 ____N (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2017-01-03 18:48 - 2017-01-03 18:50 - 00000000 ____D C:\Program Files\Tablet
2017-01-03 18:28 - 2011-02-19 23:03 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2017-01-03 18:28 - 2010-03-18 15:27 - 00827744 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2017-01-03 18:28 - 2010-03-18 14:16 - 00771424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2017-01-03 18:28 - 2010-03-18 10:36 - 05522768 _____ (Microsoft Corporation) C:\Windows\system32\mfc100u.dll
2017-01-03 18:28 - 2010-03-18 10:36 - 05493576 _____ (Microsoft Corporation) C:\Windows\system32\mfc100.dll
2017-01-03 18:28 - 2007-04-04 19:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2017-01-03 18:26 - 2017-01-03 18:26 - 05511751 _____ C:\Users\Cloud\Downloads\common_dlls_for_games.rar
2017-01-03 18:24 - 2016-08-10 13:01 - 00023232 _____ (Microsoft Corporation) C:\Windows\system\api-ms-win-crt-runtime-l1-1-0.dll
2017-01-03 18:23 - 2017-01-03 18:23 - 00013193 _____ C:\Users\Cloud\Downloads\api-ms-win-crt-runtime-l1-1-0.zip
2017-01-03 18:17 - 2017-01-03 18:17 - 00016224 _____ (Microsoft Corporation) C:\Users\Cloud\Downloads\api-ms-win-crt-runtime-l1-1-0.dll
2017-01-03 18:09 - 2017-01-03 18:09 - 15301888 _____ (Microsoft Corporation) C:\Users\Cloud\Downloads\vc_redist.x64 (1).exe
2017-01-03 18:04 - 2017-01-03 18:04 - 14749120 _____ (Microsoft Corporation) C:\Users\Cloud\Downloads\vc_redist.x64.exe
2017-01-03 18:01 - 2017-01-03 18:01 - 00000000 ____D C:\e6a5d140b056b77906f813b7d675ed
2017-01-03 17:55 - 2017-01-03 17:55 - 01034556 _____ C:\Users\Cloud\Downloads\Windows6.1-KB2999226-x64.msu
2017-01-03 17:55 - 2017-01-03 17:55 - 00000000 ____D C:\3a0aa8b2c444785eeca217
2017-01-03 17:46 - 2017-01-04 04:29 - 00000000 ____D C:\Users\Cloud\Downloads\AUTODESK_SKETCHBOOK_PRO_FOR_ENTERPRISE_MULTI_2016_WIN64-XFORCE
2017-01-03 17:44 - 2017-01-03 17:44 - 02965934 _____ C:\Users\Cloud\Downloads\Cr_AutDesk_2016.rar
2017-01-03 17:44 - 2017-01-03 17:44 - 00036967 _____ C:\Users\Cloud\Downloads\Torr_SketBokProx64 2016.rar
2017-01-02 21:21 - 2017-01-02 21:21 - 00001188 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2017-01-02 21:20 - 2017-01-02 21:22 - 00000000 ____D C:\Users\Cloud\AppData\Local\paint.net
2017-01-02 21:20 - 2017-01-02 21:21 - 00000000 ____D C:\Program Files\paint.net
2017-01-02 21:15 - 2017-01-02 21:15 - 07055677 _____ C:\Users\Cloud\Downloads\paint.net.4.0.13.install.zip
2016-12-30 16:54 - 2016-12-30 16:54 - 00115605 _____ C:\Users\Cloud\Downloads\Arrow.S05E09.SUBS.rar
2016-12-30 16:52 - 2017-01-04 04:29 - 00000000 ____D C:\Users\Cloud\AppData\LocalLow\uTorrent
2016-12-29 01:56 - 2016-12-29 01:56 - 00352080 _____ C:\Users\Cloud\Downloads\SIRIUS_V8.5_Modmenu1.37_by_WildGamerSK.zip
2016-12-28 15:32 - 2016-12-28 15:32 - 00150258 _____ C:\Users\Cloud\Downloads\WhatsApp Image 2016-12-28 at 15.32.29.jpeg
2016-12-27 17:36 - 2017-01-07 23:02 - 00000000 ____D C:\Users\Cloud\AppData\Local\Warframe
2016-12-25 18:16 - 2016-12-25 18:16 - 00000000 ____D C:\Users\Cloud\AppData\LocalLow\Unity
2016-12-25 18:12 - 2016-12-25 18:34 - 00000000 ____D C:\Users\Cloud\Documents\PlanetExplorers
2016-12-25 17:37 - 2016-12-25 17:37 - 00000000 ____D C:\Users\Cloud\AppData\LocalLow\Almighty Games
2016-12-25 17:36 - 2016-12-25 17:36 - 00000222 _____ C:\Users\Cloud\Desktop\Save Jesus.url
2016-12-25 16:48 - 2016-11-11 13:47 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-12-25 16:12 - 2016-12-25 16:12 - 00025569 _____ C:\Users\Cloud\Downloads\WhatsApp Image 2016-12-25 at 16.02.58.jpeg
2016-12-25 16:09 - 2016-12-25 20:13 - 00000000 ____D C:\Users\Cloud\AppData\Roaming\.minecraft
2016-12-25 16:00 - 2016-12-25 16:00 - 00000000 ____D C:\Users\Cloud\AppData\Local\lptmp
2016-12-25 15:58 - 2016-12-25 15:59 - 21874200 _____ (LastPass) C:\Windows\SysWOW64\lastpass_1337.exe
2016-12-25 15:58 - 2016-12-25 15:58 - 00702464 _____ C:\Windows\SysWOW64\lastpass_downloader.exe
2016-12-25 15:58 - 2016-12-25 15:58 - 00000000 ____D C:\Users\Cloud\AppData\Local\LogMeIn
2016-12-25 15:58 - 2016-12-25 15:58 - 00000000 ____D C:\ProgramData\LogMeIn
2016-12-25 15:56 - 2016-12-25 15:57 - 08417280 _____ C:\Users\Cloud\Downloads\hamachi (1).msi
2016-12-25 15:52 - 2016-12-25 15:53 - 08417280 _____ C:\Users\Cloud\Downloads\hamachi.msi
2016-12-25 14:10 - 2016-12-25 14:10 - 00000222 _____ C:\Users\Cloud\Desktop\Planet Explorers.url
2016-12-24 18:36 - 2016-12-24 18:36 - 00081640 _____ C:\Users\Cloud\Downloads\DC_s_Legends_of_Tomorrow_span_HDTV_720p_1080p_span_span_S02E08_span_.zip
2016-12-24 18:36 - 2016-12-24 18:36 - 00075318 _____ C:\Users\Cloud\Downloads\DCs.Legends.of.Tomorrow.S02E06.rar
2016-12-24 18:35 - 2016-12-24 18:35 - 00124605 _____ C:\Users\Cloud\Downloads\DCs.Legends.of.Tomorrow.S02E05.rar
2016-12-24 18:35 - 2016-12-24 18:35 - 00108231 _____ C:\Users\Cloud\Downloads\DCs.Legends.of.Tomorrow.S02E04..rar
2016-12-23 17:49 - 2016-12-23 17:49 - 00000000 ____D C:\Users\Cloud\AppData\Roaming\Publish Providers
2016-12-23 17:48 - 2016-12-23 17:48 - 00002580 _____ C:\Users\Cloud\Documents\Register Vegas Pro.htm
2016-12-23 17:42 - 2016-12-23 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-12-23 17:41 - 2016-12-23 17:52 - 00000000 ____D C:\Users\Cloud\AppData\Roaming\Sony
2016-12-23 17:41 - 2016-12-23 17:44 - 00000000 ____D C:\Users\Cloud\AppData\Local\Sony
2016-12-23 17:41 - 2016-12-23 17:41 - 00000000 ____D C:\ProgramData\Sony
2016-12-23 17:41 - 2016-12-23 17:41 - 00000000 ____D C:\Program Files\Sony
2016-12-23 17:41 - 2016-12-23 17:41 - 00000000 ____D C:\Program Files (x86)\Sony
2016-12-23 17:16 - 2017-01-09 03:37 - 00002938 _____ C:\ProgramData\NvTelemetryContainer.log
2016-12-23 17:16 - 2017-01-09 03:34 - 00005110 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2016-12-23 17:16 - 2016-12-23 17:16 - 00004240 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-23 17:15 - 2016-12-12 21:36 - 00156096 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-12-23 17:15 - 2016-12-12 21:36 - 00123840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-12-23 17:15 - 2016-12-12 21:36 - 00046016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-12-23 17:15 - 2016-12-12 12:36 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2016-12-22 23:41 - 2016-12-22 23:41 - 00119963 _____ C:\Users\Cloud\Downloads\InSUBs_52c2443ee09a095eb3d26a363dfb6e61.rar
2016-12-22 22:51 - 2016-12-22 22:51 - 00059230 _____ C:\Users\Cloud\Downloads\The.Flash.2014.S03E09.720p.HDTV.X264-DIMENSION[rartv]-[rarbg.com].torrent
2016-12-14 23:27 - 2016-12-03 05:53 - 00000222 _____ C:\Users\Cloud\Desktop\Rocket League - Cópia.url
2016-12-14 23:27 - 2016-12-03 05:51 - 00000882 _____ C:\Users\Cloud\Desktop\Overwatch.lnk
2016-12-14 21:18 - 2016-12-14 16:49 - 00082936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2016-12-14 21:12 - 2016-12-14 21:12 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-14 21:12 - 2016-12-11 16:23 - 00134712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-12-14 21:12 - 2016-09-09 16:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-12-14 21:12 - 2016-09-09 16:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll
2016-12-14 21:12 - 2016-09-09 16:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-12-14 21:12 - 2016-09-09 16:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe
2016-12-14 21:08 - 2016-12-12 00:37 - 40125496 _____ C:\Windows\system32\nvcompiler.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 35222976 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 34703416 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 28138432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 17376896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 14073400 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-12-14 21:08 - 2016-12-12 00:37 - 10912744 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 10795312 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 10345696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 09151216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 08913328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 08753832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 03640376 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 03206080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 01953336 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437633.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437633.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 01036224 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00975416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00944184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00896056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00683640 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00572888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00521096 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00438208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00435904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00407248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00388544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00170688 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00131536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-12-13 03:35 - 2016-12-13 03:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetLimiter 3
2016-12-13 03:34 - 2016-12-13 03:34 - 00000000 ____D C:\ProgramData\Locktime
2016-12-13 03:34 - 2016-12-13 03:34 - 00000000 ____D C:\Program Files\NetLimiter 3
2016-12-13 00:57 - 2016-12-13 00:57 - 00000000 ____D C:\Users\Cloud\AppData\Local\Locktime
2016-12-13 00:17 - 2016-12-13 03:36 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2016-12-13 00:13 - 2016-12-13 00:14 - 10190344 _____ (Locktime Software) C:\Users\Cloud\Downloads\netlimiter-3.0.0.11-x64.exe
2016-12-13 00:08 - 2016-12-13 00:08 - 00000000 ____D C:\Users\Cloud\AppData\Roaming\Locktime Software
2016-12-13 00:07 - 2016-12-13 00:07 - 08457200 _____ (Locktime Software) C:\Users\Cloud\Downloads\netlimiter-4.0.25.0.exe
2016-12-12 18:52 - 2016-12-12 18:52 - 00000000 ____D C:\Users\Cloud\AppData\Local\Chromium
2016-12-10 11:43 - 2016-12-10 11:43 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-12-10 11:43 - 2016-12-10 11:43 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-12-10 11:42 - 2016-12-10 11:48 - 00000000 ____D C:\Users\Cloud\AppData\Local\ShatteredSkies
2016-12-10 11:37 - 2016-12-10 11:37 - 51707296 _____ (Free Reign Entertainment ) C:\Users\Cloud\Downloads\ROTB_WebSetupNew2.exe
2016-12-10 11:35 - 2017-01-08 21:11 - 00000000 ____D C:\Users\Cloud\AppData\LocalLow\Mozilla
2016-12-10 11:35 - 2016-12-10 11:41 - 00000000 ____D C:\Users\Cloud\AppData\Local\Mozilla
2016-12-10 11:35 - 2016-12-10 11:35 - 00000000 ____D C:\Users\Cloud\AppData\Roaming\Mozilla
2016-12-10 11:34 - 2017-01-03 18:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-10 11:34 - 2017-01-03 18:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-10 11:34 - 2016-12-10 11:34 - 00243696 _____ C:\Users\Cloud\Downloads\Firefox Setup Stub 50.0.2.exe
2016-12-10 11:34 - 2016-12-10 11:34 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-10 11:32 - 2016-12-10 11:31 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-12-10 11:32 - 2016-12-10 11:23 - 00110144 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2016-12-10 11:31 - 2016-12-10 11:31 - 00000000 ____D C:\Program Files (x86)\Java
2016-12-10 11:30 - 2016-12-10 11:30 - 56134208 _____ (Oracle Corporation) C:\Users\Cloud\Downloads\jre-8u111-windows-i586.exe
2016-12-10 11:23 - 2016-12-10 11:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-12-10 11:23 - 2016-12-10 11:23 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-12-10 11:23 - 2016-12-10 11:23 - 00000000 ____D C:\Program Files\Java
2016-12-10 11:22 - 2016-12-10 11:22 - 63235648 _____ (Oracle Corporation) C:\Users\Cloud\Downloads\jre-8u111-windows-x64 (1).exe
2016-12-10 11:20 - 2016-12-10 11:21 - 08251904 _____ C:\Users\Cloud\Downloads\ComplementoChromeBanrisul_vrs001.msi
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-09 04:01 - 2016-12-03 05:34 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-09 03:57 - 2016-12-03 14:27 - 00000000 ____D C:\Users\Cloud\AppData\Roaming\Skype
2017-01-09 03:47 - 2016-12-03 04:59 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-09 03:46 - 2009-07-14 02:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-09 03:46 - 2009-07-14 02:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-09 03:44 - 2016-12-03 04:53 - 00925184 _____ C:\Windows\expstart.exe
2017-01-09 03:44 - 2016-12-03 04:52 - 00000000 ____D C:\Windows\W7SOC
2017-01-09 03:41 - 2016-12-03 03:59 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-09 03:36 - 2016-12-03 15:12 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-01-09 03:35 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-09 03:34 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-01-09 03:30 - 2016-12-03 05:01 - 00000000 ____D C:\Users\Cloud\AppData\Local\Battle.net
2017-01-09 03:11 - 2016-12-03 05:06 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-08 20:08 - 2016-12-03 05:01 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-01-07 21:42 - 2016-12-03 03:54 - 00000000 ____D C:\Users\Cloud\Desktop\UC4
2017-01-07 21:24 - 2016-12-03 05:02 - 00000000 ____D C:\Program Files (x86)\Overwatch
2017-01-07 03:53 - 2016-12-04 04:11 - 00000000 ____D C:\Users\Cloud\AppData\Local\CrashDumps
2017-01-05 18:42 - 2016-12-03 03:51 - 00000000 ____D C:\Users\Cloud
2017-01-04 07:23 - 2016-12-03 04:57 - 00000000 ____D C:\Users\Cloud\AppData\Roaming\uTorrent
2017-01-04 05:10 - 2016-12-08 13:22 - 00000000 ___SD C:\Users\Cloud\AppData\LocalLow\Temp
2017-01-03 18:53 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\inf
2017-01-03 18:24 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system
2017-01-02 22:54 - 2016-12-03 04:27 - 00000000 ____D C:\Users\Cloud\Documents\Letras
2016-12-30 01:03 - 2009-07-14 01:18 - 00000000 __SHD C:\$Recycle.Bin
2016-12-27 17:37 - 2016-12-03 14:49 - 00028248 _____ C:\Windows\DirectX.log
2016-12-26 14:50 - 2009-07-14 01:20 - 00000000 ___SD C:\ProgramData\Microsoft
2016-12-25 20:11 - 2016-12-03 03:54 - 00000000 ____D C:\Users\Cloud\Desktop\Windows
2016-12-25 17:04 - 2009-07-14 01:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-12-24 19:01 - 2016-12-03 05:00 - 00000000 ____D C:\Users\Cloud\AppData\Roaming\Battle.net
2016-12-23 20:06 - 2016-12-03 03:51 - 00000000 ___SD C:\Users\Cloud\AppData\Roaming\Microsoft
2016-12-23 17:49 - 2016-12-03 05:22 - 00000000 ____D C:\Users\Cloud\AppData\Roaming\NVIDIA
2016-12-23 17:43 - 2016-12-03 04:34 - 00000000 ____D C:\Users\Cloud\Downloads\Sony Vegas Pro 13.0 Build 453x64 Latest + Working KeyGen
2016-12-23 17:16 - 2016-12-03 05:07 - 00003836 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-23 17:16 - 2016-12-03 05:07 - 00001416 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-12-23 17:16 - 2016-12-03 03:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-12-23 17:16 - 2016-12-03 03:57 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-12-23 17:15 - 2016-12-03 05:07 - 00000000 ____D C:\Users\Cloud\AppData\Local\NVIDIA Corporation
2016-12-23 17:15 - 2016-12-03 05:06 - 00003832 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-23 17:15 - 2016-12-03 05:06 - 00003832 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-23 17:15 - 2016-12-03 05:06 - 00003824 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-23 17:15 - 2016-12-03 05:06 - 00003648 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-23 17:15 - 2016-12-03 05:06 - 00003588 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-23 17:15 - 2016-12-03 03:58 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-23 14:07 - 2016-12-03 05:03 - 00000000 ____D C:\Users\Cloud\Documents\Heroes of the Storm
2016-12-23 14:06 - 2016-12-03 05:01 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-12-22 22:09 - 2009-07-14 02:54 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{016888b9-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
2016-12-20 22:17 - 2016-12-06 15:00 - 00000000 ____D C:\Users\Cloud\AppData\Roaming\Audacity
2016-12-20 21:57 - 2016-12-03 04:45 - 00705070 _____ C:\Windows\system32\prfh0416.dat
2016-12-20 21:57 - 2016-12-03 04:45 - 00146910 _____ C:\Windows\system32\prfc0416.dat
2016-12-20 21:57 - 2009-07-14 03:13 - 01633534 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-20 21:57 - 2009-07-14 00:36 - 00653526 _____ C:\Windows\system32\perfh009.dat
2016-12-20 21:57 - 2009-07-14 00:36 - 00121398 _____ C:\Windows\system32\perfc009.dat
2016-12-16 22:10 - 2016-12-03 03:59 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-16 22:10 - 2016-12-03 03:59 - 00003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-16 22:10 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\Tasks
2016-12-14 23:09 - 2016-12-03 04:00 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-14 23:09 - 2016-12-03 04:00 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-14 21:13 - 2016-12-03 04:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-12-14 21:09 - 2016-12-03 03:51 - 00000282 ___SH C:\Users\Cloud\Desktop\desktop.ini
2016-12-14 21:09 - 2009-07-14 02:54 - 00000174 ___SH C:\Users\Public\Desktop\desktop.ini
2016-12-13 13:15 - 2016-12-03 19:25 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-12-13 13:14 - 2016-12-03 19:24 - 00000000 ____D C:\Program Files\Rockstar Games
2016-12-13 13:02 - 2010-11-21 05:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-12-12 21:37 - 2016-12-03 05:07 - 01853376 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-12-12 21:37 - 2016-12-03 05:07 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-12-12 21:37 - 2016-12-03 05:07 - 01452480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-12-12 21:37 - 2016-12-03 05:07 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-12-12 21:37 - 2016-12-03 05:07 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-12-12 18:53 - 2016-12-03 05:28 - 00000000 ____D C:\Users\Cloud\AppData\Local\Steam
2016-12-12 12:37 - 2016-12-03 05:06 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2016-12-12 00:37 - 2016-12-03 05:15 - 17436808 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-12-12 00:37 - 2016-12-03 05:15 - 00491536 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-12-12 00:37 - 2016-12-03 03:58 - 19947472 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-12-12 00:37 - 2016-12-03 03:58 - 14410472 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-12-12 00:37 - 2016-12-03 03:58 - 00041334 _____ C:\Windows\system32\nvinfo.pb
2016-12-12 00:37 - 2016-12-03 03:57 - 03941536 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-12-12 00:37 - 2016-12-03 03:57 - 03479744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-12-11 16:47 - 2016-12-03 05:17 - 00548408 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-12-11 16:47 - 2016-12-03 05:17 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-12-11 16:47 - 2016-12-03 03:58 - 06384576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-12-11 16:47 - 2016-12-03 03:58 - 02475968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-12-11 16:47 - 2016-12-03 03:58 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-12-11 16:47 - 2016-12-03 03:58 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-12-11 16:47 - 2016-12-03 03:58 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-12-11 09:23 - 2016-12-03 04:00 - 00000000 ____D C:\Program Files (x86)\ZotacFireStorm
2016-12-10 11:48 - 2016-12-03 03:51 - 00000000 ___RD C:\Users\Cloud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-10 11:43 - 2016-12-03 05:17 - 00000000 ____D C:\temp
2016-12-10 11:32 - 2016-12-08 13:16 - 00000000 ____D C:\ProgramData\Oracle
==================== Files in the root of some directories =======
2016-12-23 17:16 - 2017-01-09 03:37 - 0002938 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-23 17:16 - 2017-01-09 03:34 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
Some files in TEMP:
====================
C:\Users\Cloud\AppData\Local\Temp\AcDeltree.exe
C:\Users\Cloud\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\Cloud\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\Cloud\AppData\Local\Temp\mpa02284.exe
C:\Users\Cloud\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Cloud\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Cloud\AppData\Local\Temp\nvStInst.exe
C:\Users\Cloud\AppData\Local\Temp\NvTelemetry.dll
C:\Users\Cloud\AppData\Local\Temp\NvTelemetryAPI32.dll
C:\Users\Cloud\AppData\Local\Temp\NvTelemetryAPI64.dll
C:\Users\Cloud\AppData\Local\Temp\Setup-Wacom.exe
C:\Users\Cloud\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-12-03 03:41
==================== End of FRST.txt ============================
Ran by Cloud (administrator) on CLOUD-PC (09-01-2017 04:02:22)
Running from C:\Users\Cloud\Downloads
Loaded Profiles: Cloud (Available Profiles: Cloud)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Inglês (Estados Unidos)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(VIA Technologies, Inc.) C:\Windows\System32\KaraokeSer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Locktime Software) C:\Program Files\NetLimiter 3\nlsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(KYE) C:\Program Files (x86)\Genius\Manticore\MTHid.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(PC Partner Co.Ltd) C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msdt.exe
(Microsoft Corporation) C:\Windows\System32\sdiagnhost.exe
(Microsoft Corporation) C:\Windows\System32\sdiagnhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-12-03] (AVAST Software)
HKLM-x32\...\Run: [Manticore] => C:\Program Files (x86)\Genius\Manticore\MThid.exe [293376 2013-10-29] (KYE)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24278016 2015-03-11] (PC Partner Co.Ltd)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
HKU\S-1-5-21-3076387224-3557301491-2673967665-1000\...\Winlogon: [Shell] C:\Windows\expstart.exe [925184 2017-01-09] () <==== ATTENTION
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-12-03] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.108
Tcpip\..\Interfaces\{B343CE60-D611-4E96-A419-B4E45632B2F2}: [DhcpNameServer] 192.168.0.108
Internet Explorer:
==================
HKU\S-1-5-21-3076387224-3557301491-2673967665-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-10] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-12-03] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-10] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-10] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-12-03] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-10] (Oracle Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: owvr8taw.default
FF ProfilePath: C:\Users\Cloud\AppData\Roaming\Mozilla\Firefox\Profiles\owvr8taw.default [2017-01-08]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-12-03]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-12-03]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-10] (Oracle Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-10] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default [2017-01-09]
CHR Extension: (Google Apresentações) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-03]
CHR Extension: (Google Docs) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-03]
CHR Extension: (Google Drive) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-03]
CHR Extension: (YouTube) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-03]
CHR Extension: (Avast SafePrice) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-12-03]
CHR Extension: (Planilhas do Google) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-03]
CHR Extension: (Documentos Google off-line) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-03]
CHR Extension: (Avast Online Security) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-16]
CHR Extension: (Banrisul Internet Banking) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgapcljibnhkigclmbmdhgehflhljbdd [2016-12-10]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-03]
CHR Extension: (Gmail) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-03]
CHR Extension: (Chrome Media Router) - C:\Users\Cloud\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-03]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-12-03] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1447944 2016-12-12] ()
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-12-09] (Hi-Rez Studios) [File not signed]
R2 KaraokeService; C:\Windows\system32\KaraokeSer.exe [88696 2016-12-03] (VIA Technologies, Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
R2 nlsvc; C:\Program Files\NetLimiter 3\nlsvc.exe [1851008 2013-10-10] (Locktime Software)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-12] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-12] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-11] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-12-12] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2016-12-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2017-01-05] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180624 2017-01-05] (Electronic Arts)
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [18432 2016-06-25] () [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2016-12-03] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [635672 2014-05-21] (Wacom Technology, Corp.)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [82936 2016-12-14] (AVAST Software)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-12-03] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-12-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-12-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-12-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-12-03] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-12-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-12-03] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-12-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-12-03] (AVAST Software)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-12-03] (REALiX(tm))
R1 nltdi; C:\Program Files\NetLimiter 3\nltdi.sys [87472 2013-06-12] (Locktime Software)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-12-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-12-12] (NVIDIA Corporation)
R3 VLAN; C:\Windows\System32\DRIVERS\RtVLAN620.sys [32400 2016-12-03] (Realtek Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-09 04:02 - 2017-01-09 04:03 - 00018340 _____ C:\Users\Cloud\Downloads\FRST.txt
2017-01-09 04:02 - 2017-01-09 04:02 - 00000000 ____D C:\FRST
2017-01-09 04:01 - 2017-01-09 04:01 - 02419200 _____ (Farbar) C:\Users\Cloud\Downloads\FRST64.exe
2017-01-09 04:00 - 2017-01-09 04:01 - 00000000 ____D C:\a38430f190f01524eb752c09
2017-01-09 04:00 - 2017-01-09 04:00 - 00313366 _____ C:\Users\Cloud\Downloads\WindowsUpdateDiagnostic.diagcab
2017-01-09 04:00 - 2017-01-09 04:00 - 00000000 ____D C:\Windows\system32\EventProviders
2017-01-09 03:57 - 2017-01-09 04:00 - 947070088 _____ (Microsoft Corporation) C:\Users\Cloud\Downloads\windows6.1-KB976932-X64.exe
2017-01-09 03:41 - 2017-01-09 03:57 - 00002886 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Cloud)
2017-01-09 03:25 - 2016-01-11 17:05 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-01-09 03:25 - 2016-01-11 17:05 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-01-09 03:25 - 2016-01-11 17:05 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-01-09 03:25 - 2016-01-11 16:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-01-09 03:25 - 2016-01-11 16:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-01-09 03:25 - 2016-01-11 16:26 - 02610176 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-01-09 03:25 - 2016-01-11 16:24 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-01-09 03:25 - 2016-01-11 16:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-01-09 03:25 - 2016-01-11 16:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-01-09 03:25 - 2016-01-11 16:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-01-09 03:25 - 2016-01-11 16:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-01-09 03:25 - 2016-01-11 16:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-01-09 03:25 - 2016-01-11 16:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-01-09 03:25 - 2016-01-11 16:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-01-09 03:25 - 2016-01-11 16:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-01-09 03:25 - 2016-01-11 16:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-01-09 03:24 - 2017-01-09 03:24 - 00000000 ____D C:\030b52706f54be8704478c7c
2017-01-09 03:22 - 2017-01-09 03:22 - 00000000 ____D C:\a8b18568b26c1d2254
2017-01-09 03:18 - 2017-01-09 03:18 - 18191228 _____ C:\Users\Cloud\Downloads\WU Fix.zip
2017-01-09 03:15 - 2017-01-09 03:15 - 11840839 _____ C:\Users\Cloud\Downloads\Windows6.1-KB2670838-x64.msu
2017-01-09 03:15 - 2017-01-09 03:15 - 00000000 ____D C:\be3d8b70993dda2882d237f292bf1a
2017-01-09 03:12 - 2017-01-09 03:13 - 00000000 ____D C:\Users\Cloud\AppData\LocalLow\Daybreak Game Company
2017-01-09 03:12 - 2017-01-09 03:12 - 00000000 ____D C:\Users\Cloud\AppData\Local\SCE
2017-01-09 03:11 - 2017-01-09 03:11 - 00000000 ____D C:\Users\Cloud\AppData\Local\Daybreak Game Company
2017-01-09 02:31 - 2017-01-09 02:31 - 00000222 _____ C:\Users\Cloud\Desktop\H1Z1 King of the Kill.url
2017-01-07 23:55 - 2017-01-09 03:39 - 00000000 ____D C:\Users\Cloud\AppData\Local\LogMeIn Hamachi
2017-01-07 23:53 - 2017-01-07 23:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2017-01-07 23:53 - 2017-01-07 23:53 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2017-01-07 23:18 - 2017-01-08 00:11 - 00000000 ____D C:\Users\Cloud\Desktop\Nova pasta (3)
2017-01-07 20:48 - 2017-01-07 20:52 - 331602574 _____ C:\Users\Cloud\Downloads\FiveNightsAtFreddys2_1.rar
2017-01-05 19:03 - 2017-01-05 19:03 - 00000000 ____D C:\Program Files (x86)\Origin Games
2017-01-05 18:57 - 2017-01-06 13:30 - 00000000 ____D C:\Users\Cloud\AppData\Roaming\Origin
2017-01-05 18:56 - 2017-01-05 18:56 - 00000997 _____ C:\Users\Public\Desktop\Origin.lnk
2017-01-05 18:56 - 2017-01-05 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2017-01-05 18:56 - 2017-01-05 18:56 - 00000000 ____D C:\Program Files (x86)\Origin
2017-01-05 18:42 - 2017-01-06 13:35 - 00000000 ____D C:\ProgramData\Origin
2017-01-05 18:42 - 2017-01-05 19:03 - 00000000 ____D C:\Users\Cloud\AppData\Local\Origin
2017-01-05 18:42 - 2017-01-05 18:42 - 00000000 ____D C:\Users\Cloud\.QtWebEngineProcess
2017-01-05 18:42 - 2017-01-05 18:42 - 00000000 ____D C:\Users\Cloud\.Origin
2017-01-05 18:41 - 2017-01-05 18:41 - 55364064 _____ (Electronic Arts) C:\Users\Cloud\Downloads\OriginThinSetup.exe
2017-01-05 06:05 - 2017-01-05 06:05 - 00638401 _____ C:\Users\Cloud\Downloads\Mammoth MKIII.vciso
2017-01-04 18:41 - 2017-01-04 18:41 - 00000000 ____D C:\Windows\pss
2017-01-04 05:49 - 2017-01-04 05:49 - 00734815 _____ (Remote Mouse ) C:\Users\Cloud\Downloads\RemoteMouse.exe
2017-01-04 05:49 - 2017-01-04 05:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Mouse
2017-01-04 05:49 - 2017-01-04 05:49 - 00000000 ____D C:\Program Files (x86)\Remote Mouse
2017-01-04 05:05 - 2017-01-04 05:05 - 00299029 _____ C:\Users\Cloud\Downloads\Max.Steel.rar
2017-01-04 04:57 - 2017-01-04 05:36 - 00000000 ____D C:\Users\Cloud\Downloads\Max Steel 2016 720p WEBRip Legendado - TPF
2017-01-04 04:32 - 2017-01-04 04:32 - 00015135 _____ C:\Users\Cloud\Downloads\Max.Steel.torrent
2017-01-04 02:21 - 2017-01-04 02:21 - 00078800 _____ C:\Users\Cloud\Downloads\WhatsApp Image 2017-01-04 at 02.02.20.jpeg
2017-01-03 19:09 - 2017-01-03 19:09 - 00000000 ____D C:\ProgramData\FLEXnet
2017-01-03 19:08 - 2017-01-03 19:09 - 00000000 ____D C:\Users\Cloud\AppData\Local\Autodesk
2017-01-03 19:08 - 2017-01-03 19:08 - 00000000 ____D C:\Users\Cloud\Documents\Autodesk Application Manager
2017-01-03 19:07 - 2017-01-03 19:07 - 00001888 _____ C:\Users\Public\Desktop\SketchBook Pro 2016.lnk
2017-01-03 19:07 - 2017-01-03 19:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2017-01-03 19:07 - 2017-01-03 19:07 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2017-01-03 19:07 - 2017-01-03 19:07 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2017-01-03 19:07 - 2017-01-03 19:07 - 00000000 ____D C:\Program Files\Autodesk
2017-01-03 19:04 - 2017-01-03 19:09 - 00000000 ____D C:\Users\Cloud\AppData\Roaming\Autodesk
2017-01-03 19:04 - 2017-01-03 19:09 - 00000000 ____D C:\ProgramData\Autodesk
2017-01-03 19:03 - 2017-01-03 19:03 - 00000000 ____D C:\Autodesk
2017-01-03 18:55 - 2017-01-03 18:55 - 00000000 ____D C:\Users\Cloud\.android
2017-01-03 18:54 - 2017-01-03 18:55 - 00000000 ____D C:\Users\Cloud\AppData\Roaming\WTablet
2017-01-03 18:51 - 2017-01-03 18:51 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mesa Gráfica Wacom
2017-01-03 18:51 - 2017-01-03 18:51 - 00000000 ____D C:\Program Files\TabletPlugins
2017-01-03 18:51 - 2017-01-03 18:51 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2017-01-03 18:50 - 2017-01-03 18:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_wacomrouterfilter_01009.Wdf
2017-01-03 18:50 - 2017-01-03 18:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_wachidrouter_01009.Wdf
2017-01-03 18:50 - 2014-03-17 14:13 - 00095032 _____ (Wacom Technology) C:\Windows\system32\Drivers\wachidrouter.sys
2017-01-03 18:50 - 2014-03-17 14:13 - 00015160 _____ (Wacom Technology) C:\Windows\system32\Drivers\wacomrouterfilter.sys
2017-01-03 18:50 - 2014-03-17 14:13 - 00014136 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\hidkmdf.sys
2017-01-03 18:50 - 2012-12-11 20:12 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01009.dll
2017-01-03 18:50 - 2012-12-11 20:12 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wdfcoinstaller01009.dll
2017-01-03 18:49 - 2014-05-21 14:14 - 01946904 ____N (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2017-01-03 18:49 - 2014-05-21 14:14 - 01929496 ____N (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.dll
2017-01-03 18:49 - 2014-05-21 14:14 - 01922328 ____N (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Touch_Tablet.dll
2017-01-03 18:49 - 2014-05-21 14:14 - 01796888 ____N (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2017-01-03 18:49 - 2014-05-21 14:14 - 01563416 ____N (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Tablet.dll
2017-01-03 18:49 - 2014-05-21 14:14 - 01560344 ____N (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
2017-01-03 18:49 - 2014-05-21 14:14 - 01556760 ____N (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll
2017-01-03 18:49 - 2014-05-21 14:14 - 01443096 ____N (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2017-01-03 18:48 - 2017-01-03 18:50 - 00000000 ____D C:\Program Files\Tablet
2017-01-03 18:28 - 2011-02-19 23:03 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2017-01-03 18:28 - 2010-03-18 15:27 - 00827744 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2017-01-03 18:28 - 2010-03-18 14:16 - 00771424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2017-01-03 18:28 - 2010-03-18 10:36 - 05522768 _____ (Microsoft Corporation) C:\Windows\system32\mfc100u.dll
2017-01-03 18:28 - 2010-03-18 10:36 - 05493576 _____ (Microsoft Corporation) C:\Windows\system32\mfc100.dll
2017-01-03 18:28 - 2007-04-04 19:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2017-01-03 18:26 - 2017-01-03 18:26 - 05511751 _____ C:\Users\Cloud\Downloads\common_dlls_for_games.rar
2017-01-03 18:24 - 2016-08-10 13:01 - 00023232 _____ (Microsoft Corporation) C:\Windows\system\api-ms-win-crt-runtime-l1-1-0.dll
2017-01-03 18:23 - 2017-01-03 18:23 - 00013193 _____ C:\Users\Cloud\Downloads\api-ms-win-crt-runtime-l1-1-0.zip
2017-01-03 18:17 - 2017-01-03 18:17 - 00016224 _____ (Microsoft Corporation) C:\Users\Cloud\Downloads\api-ms-win-crt-runtime-l1-1-0.dll
2017-01-03 18:09 - 2017-01-03 18:09 - 15301888 _____ (Microsoft Corporation) C:\Users\Cloud\Downloads\vc_redist.x64 (1).exe
2017-01-03 18:04 - 2017-01-03 18:04 - 14749120 _____ (Microsoft Corporation) C:\Users\Cloud\Downloads\vc_redist.x64.exe
2017-01-03 18:01 - 2017-01-03 18:01 - 00000000 ____D C:\e6a5d140b056b77906f813b7d675ed
2017-01-03 17:55 - 2017-01-03 17:55 - 01034556 _____ C:\Users\Cloud\Downloads\Windows6.1-KB2999226-x64.msu
2017-01-03 17:55 - 2017-01-03 17:55 - 00000000 ____D C:\3a0aa8b2c444785eeca217
2017-01-03 17:46 - 2017-01-04 04:29 - 00000000 ____D C:\Users\Cloud\Downloads\AUTODESK_SKETCHBOOK_PRO_FOR_ENTERPRISE_MULTI_2016_WIN64-XFORCE
2017-01-03 17:44 - 2017-01-03 17:44 - 02965934 _____ C:\Users\Cloud\Downloads\Cr_AutDesk_2016.rar
2017-01-03 17:44 - 2017-01-03 17:44 - 00036967 _____ C:\Users\Cloud\Downloads\Torr_SketBokProx64 2016.rar
2017-01-02 21:21 - 2017-01-02 21:21 - 00001188 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2017-01-02 21:20 - 2017-01-02 21:22 - 00000000 ____D C:\Users\Cloud\AppData\Local\paint.net
2017-01-02 21:20 - 2017-01-02 21:21 - 00000000 ____D C:\Program Files\paint.net
2017-01-02 21:15 - 2017-01-02 21:15 - 07055677 _____ C:\Users\Cloud\Downloads\paint.net.4.0.13.install.zip
2016-12-30 16:54 - 2016-12-30 16:54 - 00115605 _____ C:\Users\Cloud\Downloads\Arrow.S05E09.SUBS.rar
2016-12-30 16:52 - 2017-01-04 04:29 - 00000000 ____D C:\Users\Cloud\AppData\LocalLow\uTorrent
2016-12-29 01:56 - 2016-12-29 01:56 - 00352080 _____ C:\Users\Cloud\Downloads\SIRIUS_V8.5_Modmenu1.37_by_WildGamerSK.zip
2016-12-28 15:32 - 2016-12-28 15:32 - 00150258 _____ C:\Users\Cloud\Downloads\WhatsApp Image 2016-12-28 at 15.32.29.jpeg
2016-12-27 17:36 - 2017-01-07 23:02 - 00000000 ____D C:\Users\Cloud\AppData\Local\Warframe
2016-12-25 18:16 - 2016-12-25 18:16 - 00000000 ____D C:\Users\Cloud\AppData\LocalLow\Unity
2016-12-25 18:12 - 2016-12-25 18:34 - 00000000 ____D C:\Users\Cloud\Documents\PlanetExplorers
2016-12-25 17:37 - 2016-12-25 17:37 - 00000000 ____D C:\Users\Cloud\AppData\LocalLow\Almighty Games
2016-12-25 17:36 - 2016-12-25 17:36 - 00000222 _____ C:\Users\Cloud\Desktop\Save Jesus.url
2016-12-25 16:48 - 2016-11-11 13:47 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-12-25 16:12 - 2016-12-25 16:12 - 00025569 _____ C:\Users\Cloud\Downloads\WhatsApp Image 2016-12-25 at 16.02.58.jpeg
2016-12-25 16:09 - 2016-12-25 20:13 - 00000000 ____D C:\Users\Cloud\AppData\Roaming\.minecraft
2016-12-25 16:00 - 2016-12-25 16:00 - 00000000 ____D C:\Users\Cloud\AppData\Local\lptmp
2016-12-25 15:58 - 2016-12-25 15:59 - 21874200 _____ (LastPass) C:\Windows\SysWOW64\lastpass_1337.exe
2016-12-25 15:58 - 2016-12-25 15:58 - 00702464 _____ C:\Windows\SysWOW64\lastpass_downloader.exe
2016-12-25 15:58 - 2016-12-25 15:58 - 00000000 ____D C:\Users\Cloud\AppData\Local\LogMeIn
2016-12-25 15:58 - 2016-12-25 15:58 - 00000000 ____D C:\ProgramData\LogMeIn
2016-12-25 15:56 - 2016-12-25 15:57 - 08417280 _____ C:\Users\Cloud\Downloads\hamachi (1).msi
2016-12-25 15:52 - 2016-12-25 15:53 - 08417280 _____ C:\Users\Cloud\Downloads\hamachi.msi
2016-12-25 14:10 - 2016-12-25 14:10 - 00000222 _____ C:\Users\Cloud\Desktop\Planet Explorers.url
2016-12-24 18:36 - 2016-12-24 18:36 - 00081640 _____ C:\Users\Cloud\Downloads\DC_s_Legends_of_Tomorrow_span_HDTV_720p_1080p_span_span_S02E08_span_.zip
2016-12-24 18:36 - 2016-12-24 18:36 - 00075318 _____ C:\Users\Cloud\Downloads\DCs.Legends.of.Tomorrow.S02E06.rar
2016-12-24 18:35 - 2016-12-24 18:35 - 00124605 _____ C:\Users\Cloud\Downloads\DCs.Legends.of.Tomorrow.S02E05.rar
2016-12-24 18:35 - 2016-12-24 18:35 - 00108231 _____ C:\Users\Cloud\Downloads\DCs.Legends.of.Tomorrow.S02E04..rar
2016-12-23 17:49 - 2016-12-23 17:49 - 00000000 ____D C:\Users\Cloud\AppData\Roaming\Publish Providers
2016-12-23 17:48 - 2016-12-23 17:48 - 00002580 _____ C:\Users\Cloud\Documents\Register Vegas Pro.htm
2016-12-23 17:42 - 2016-12-23 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-12-23 17:41 - 2016-12-23 17:52 - 00000000 ____D C:\Users\Cloud\AppData\Roaming\Sony
2016-12-23 17:41 - 2016-12-23 17:44 - 00000000 ____D C:\Users\Cloud\AppData\Local\Sony
2016-12-23 17:41 - 2016-12-23 17:41 - 00000000 ____D C:\ProgramData\Sony
2016-12-23 17:41 - 2016-12-23 17:41 - 00000000 ____D C:\Program Files\Sony
2016-12-23 17:41 - 2016-12-23 17:41 - 00000000 ____D C:\Program Files (x86)\Sony
2016-12-23 17:16 - 2017-01-09 03:37 - 00002938 _____ C:\ProgramData\NvTelemetryContainer.log
2016-12-23 17:16 - 2017-01-09 03:34 - 00005110 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2016-12-23 17:16 - 2016-12-23 17:16 - 00004240 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-23 17:15 - 2016-12-12 21:36 - 00156096 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-12-23 17:15 - 2016-12-12 21:36 - 00123840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-12-23 17:15 - 2016-12-12 21:36 - 00046016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-12-23 17:15 - 2016-12-12 12:36 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2016-12-22 23:41 - 2016-12-22 23:41 - 00119963 _____ C:\Users\Cloud\Downloads\InSUBs_52c2443ee09a095eb3d26a363dfb6e61.rar
2016-12-22 22:51 - 2016-12-22 22:51 - 00059230 _____ C:\Users\Cloud\Downloads\The.Flash.2014.S03E09.720p.HDTV.X264-DIMENSION[rartv]-[rarbg.com].torrent
2016-12-14 23:27 - 2016-12-03 05:53 - 00000222 _____ C:\Users\Cloud\Desktop\Rocket League - Cópia.url
2016-12-14 23:27 - 2016-12-03 05:51 - 00000882 _____ C:\Users\Cloud\Desktop\Overwatch.lnk
2016-12-14 21:18 - 2016-12-14 16:49 - 00082936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2016-12-14 21:12 - 2016-12-14 21:12 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-14 21:12 - 2016-12-11 16:23 - 00134712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-12-14 21:12 - 2016-09-09 16:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-12-14 21:12 - 2016-09-09 16:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll
2016-12-14 21:12 - 2016-09-09 16:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-12-14 21:12 - 2016-09-09 16:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe
2016-12-14 21:08 - 2016-12-12 00:37 - 40125496 _____ C:\Windows\system32\nvcompiler.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 35222976 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 34703416 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 28138432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 17376896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 14073400 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-12-14 21:08 - 2016-12-12 00:37 - 10912744 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 10795312 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 10345696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 09151216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 08913328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 08753832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 03640376 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 03206080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 01953336 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437633.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437633.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 01036224 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00975416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00944184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00896056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00683640 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00572888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00521096 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00438208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00435904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00407248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00388544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00170688 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-12-14 21:08 - 2016-12-12 00:37 - 00131536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-12-13 03:35 - 2016-12-13 03:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetLimiter 3
2016-12-13 03:34 - 2016-12-13 03:34 - 00000000 ____D C:\ProgramData\Locktime
2016-12-13 03:34 - 2016-12-13 03:34 - 00000000 ____D C:\Program Files\NetLimiter 3
2016-12-13 00:57 - 2016-12-13 00:57 - 00000000 ____D C:\Users\Cloud\AppData\Local\Locktime
2016-12-13 00:17 - 2016-12-13 03:36 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2016-12-13 00:13 - 2016-12-13 00:14 - 10190344 _____ (Locktime Software) C:\Users\Cloud\Downloads\netlimiter-3.0.0.11-x64.exe
2016-12-13 00:08 - 2016-12-13 00:08 - 00000000 ____D C:\Users\Cloud\AppData\Roaming\Locktime Software
2016-12-13 00:07 - 2016-12-13 00:07 - 08457200 _____ (Locktime Software) C:\Users\Cloud\Downloads\netlimiter-4.0.25.0.exe
2016-12-12 18:52 - 2016-12-12 18:52 - 00000000 ____D C:\Users\Cloud\AppData\Local\Chromium
2016-12-10 11:43 - 2016-12-10 11:43 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-12-10 11:43 - 2016-12-10 11:43 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-12-10 11:42 - 2016-12-10 11:48 - 00000000 ____D C:\Users\Cloud\AppData\Local\ShatteredSkies
2016-12-10 11:37 - 2016-12-10 11:37 - 51707296 _____ (Free Reign Entertainment ) C:\Users\Cloud\Downloads\ROTB_WebSetupNew2.exe
2016-12-10 11:35 - 2017-01-08 21:11 - 00000000 ____D C:\Users\Cloud\AppData\LocalLow\Mozilla
2016-12-10 11:35 - 2016-12-10 11:41 - 00000000 ____D C:\Users\Cloud\AppData\Local\Mozilla
2016-12-10 11:35 - 2016-12-10 11:35 - 00000000 ____D C:\Users\Cloud\AppData\Roaming\Mozilla
2016-12-10 11:34 - 2017-01-03 18:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-10 11:34 - 2017-01-03 18:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-10 11:34 - 2016-12-10 11:34 - 00243696 _____ C:\Users\Cloud\Downloads\Firefox Setup Stub 50.0.2.exe
2016-12-10 11:34 - 2016-12-10 11:34 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-10 11:32 - 2016-12-10 11:31 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-12-10 11:32 - 2016-12-10 11:23 - 00110144 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2016-12-10 11:31 - 2016-12-10 11:31 - 00000000 ____D C:\Program Files (x86)\Java
2016-12-10 11:30 - 2016-12-10 11:30 - 56134208 _____ (Oracle Corporation) C:\Users\Cloud\Downloads\jre-8u111-windows-i586.exe
2016-12-10 11:23 - 2016-12-10 11:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-12-10 11:23 - 2016-12-10 11:23 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-12-10 11:23 - 2016-12-10 11:23 - 00000000 ____D C:\Program Files\Java
2016-12-10 11:22 - 2016-12-10 11:22 - 63235648 _____ (Oracle Corporation) C:\Users\Cloud\Downloads\jre-8u111-windows-x64 (1).exe
2016-12-10 11:20 - 2016-12-10 11:21 - 08251904 _____ C:\Users\Cloud\Downloads\ComplementoChromeBanrisul_vrs001.msi
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-09 04:01 - 2016-12-03 05:34 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-09 03:57 - 2016-12-03 14:27 - 00000000 ____D C:\Users\Cloud\AppData\Roaming\Skype
2017-01-09 03:47 - 2016-12-03 04:59 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-09 03:46 - 2009-07-14 02:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-09 03:46 - 2009-07-14 02:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-09 03:44 - 2016-12-03 04:53 - 00925184 _____ C:\Windows\expstart.exe
2017-01-09 03:44 - 2016-12-03 04:52 - 00000000 ____D C:\Windows\W7SOC
2017-01-09 03:41 - 2016-12-03 03:59 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-09 03:36 - 2016-12-03 15:12 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-01-09 03:35 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-09 03:34 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-01-09 03:30 - 2016-12-03 05:01 - 00000000 ____D C:\Users\Cloud\AppData\Local\Battle.net
2017-01-09 03:11 - 2016-12-03 05:06 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-08 20:08 - 2016-12-03 05:01 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-01-07 21:42 - 2016-12-03 03:54 - 00000000 ____D C:\Users\Cloud\Desktop\UC4
2017-01-07 21:24 - 2016-12-03 05:02 - 00000000 ____D C:\Program Files (x86)\Overwatch
2017-01-07 03:53 - 2016-12-04 04:11 - 00000000 ____D C:\Users\Cloud\AppData\Local\CrashDumps
2017-01-05 18:42 - 2016-12-03 03:51 - 00000000 ____D C:\Users\Cloud
2017-01-04 07:23 - 2016-12-03 04:57 - 00000000 ____D C:\Users\Cloud\AppData\Roaming\uTorrent
2017-01-04 05:10 - 2016-12-08 13:22 - 00000000 ___SD C:\Users\Cloud\AppData\LocalLow\Temp
2017-01-03 18:53 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\inf
2017-01-03 18:24 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system
2017-01-02 22:54 - 2016-12-03 04:27 - 00000000 ____D C:\Users\Cloud\Documents\Letras
2016-12-30 01:03 - 2009-07-14 01:18 - 00000000 __SHD C:\$Recycle.Bin
2016-12-27 17:37 - 2016-12-03 14:49 - 00028248 _____ C:\Windows\DirectX.log
2016-12-26 14:50 - 2009-07-14 01:20 - 00000000 ___SD C:\ProgramData\Microsoft
2016-12-25 20:11 - 2016-12-03 03:54 - 00000000 ____D C:\Users\Cloud\Desktop\Windows
2016-12-25 17:04 - 2009-07-14 01:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-12-24 19:01 - 2016-12-03 05:00 - 00000000 ____D C:\Users\Cloud\AppData\Roaming\Battle.net
2016-12-23 20:06 - 2016-12-03 03:51 - 00000000 ___SD C:\Users\Cloud\AppData\Roaming\Microsoft
2016-12-23 17:49 - 2016-12-03 05:22 - 00000000 ____D C:\Users\Cloud\AppData\Roaming\NVIDIA
2016-12-23 17:43 - 2016-12-03 04:34 - 00000000 ____D C:\Users\Cloud\Downloads\Sony Vegas Pro 13.0 Build 453x64 Latest + Working KeyGen
2016-12-23 17:16 - 2016-12-03 05:07 - 00003836 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-23 17:16 - 2016-12-03 05:07 - 00001416 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-12-23 17:16 - 2016-12-03 03:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-12-23 17:16 - 2016-12-03 03:57 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-12-23 17:15 - 2016-12-03 05:07 - 00000000 ____D C:\Users\Cloud\AppData\Local\NVIDIA Corporation
2016-12-23 17:15 - 2016-12-03 05:06 - 00003832 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-23 17:15 - 2016-12-03 05:06 - 00003832 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-23 17:15 - 2016-12-03 05:06 - 00003824 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-23 17:15 - 2016-12-03 05:06 - 00003648 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-23 17:15 - 2016-12-03 05:06 - 00003588 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-23 17:15 - 2016-12-03 03:58 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-23 14:07 - 2016-12-03 05:03 - 00000000 ____D C:\Users\Cloud\Documents\Heroes of the Storm
2016-12-23 14:06 - 2016-12-03 05:01 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-12-22 22:09 - 2009-07-14 02:54 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{016888b9-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
2016-12-20 22:17 - 2016-12-06 15:00 - 00000000 ____D C:\Users\Cloud\AppData\Roaming\Audacity
2016-12-20 21:57 - 2016-12-03 04:45 - 00705070 _____ C:\Windows\system32\prfh0416.dat
2016-12-20 21:57 - 2016-12-03 04:45 - 00146910 _____ C:\Windows\system32\prfc0416.dat
2016-12-20 21:57 - 2009-07-14 03:13 - 01633534 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-20 21:57 - 2009-07-14 00:36 - 00653526 _____ C:\Windows\system32\perfh009.dat
2016-12-20 21:57 - 2009-07-14 00:36 - 00121398 _____ C:\Windows\system32\perfc009.dat
2016-12-16 22:10 - 2016-12-03 03:59 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-16 22:10 - 2016-12-03 03:59 - 00003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-16 22:10 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\Tasks
2016-12-14 23:09 - 2016-12-03 04:00 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-14 23:09 - 2016-12-03 04:00 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-14 21:13 - 2016-12-03 04:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-12-14 21:09 - 2016-12-03 03:51 - 00000282 ___SH C:\Users\Cloud\Desktop\desktop.ini
2016-12-14 21:09 - 2009-07-14 02:54 - 00000174 ___SH C:\Users\Public\Desktop\desktop.ini
2016-12-13 13:15 - 2016-12-03 19:25 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-12-13 13:14 - 2016-12-03 19:24 - 00000000 ____D C:\Program Files\Rockstar Games
2016-12-13 13:02 - 2010-11-21 05:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-12-12 21:37 - 2016-12-03 05:07 - 01853376 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-12-12 21:37 - 2016-12-03 05:07 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-12-12 21:37 - 2016-12-03 05:07 - 01452480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-12-12 21:37 - 2016-12-03 05:07 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-12-12 21:37 - 2016-12-03 05:07 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-12-12 18:53 - 2016-12-03 05:28 - 00000000 ____D C:\Users\Cloud\AppData\Local\Steam
2016-12-12 12:37 - 2016-12-03 05:06 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2016-12-12 00:37 - 2016-12-03 05:15 - 17436808 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-12-12 00:37 - 2016-12-03 05:15 - 00491536 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-12-12 00:37 - 2016-12-03 03:58 - 19947472 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-12-12 00:37 - 2016-12-03 03:58 - 14410472 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-12-12 00:37 - 2016-12-03 03:58 - 00041334 _____ C:\Windows\system32\nvinfo.pb
2016-12-12 00:37 - 2016-12-03 03:57 - 03941536 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-12-12 00:37 - 2016-12-03 03:57 - 03479744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-12-11 16:47 - 2016-12-03 05:17 - 00548408 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-12-11 16:47 - 2016-12-03 05:17 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-12-11 16:47 - 2016-12-03 03:58 - 06384576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-12-11 16:47 - 2016-12-03 03:58 - 02475968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-12-11 16:47 - 2016-12-03 03:58 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-12-11 16:47 - 2016-12-03 03:58 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-12-11 16:47 - 2016-12-03 03:58 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-12-11 09:23 - 2016-12-03 04:00 - 00000000 ____D C:\Program Files (x86)\ZotacFireStorm
2016-12-10 11:48 - 2016-12-03 03:51 - 00000000 ___RD C:\Users\Cloud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-10 11:43 - 2016-12-03 05:17 - 00000000 ____D C:\temp
2016-12-10 11:32 - 2016-12-08 13:16 - 00000000 ____D C:\ProgramData\Oracle
==================== Files in the root of some directories =======
2016-12-23 17:16 - 2017-01-09 03:37 - 0002938 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-23 17:16 - 2017-01-09 03:34 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
Some files in TEMP:
====================
C:\Users\Cloud\AppData\Local\Temp\AcDeltree.exe
C:\Users\Cloud\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\Cloud\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\Cloud\AppData\Local\Temp\mpa02284.exe
C:\Users\Cloud\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Cloud\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Cloud\AppData\Local\Temp\nvStInst.exe
C:\Users\Cloud\AppData\Local\Temp\NvTelemetry.dll
C:\Users\Cloud\AppData\Local\Temp\NvTelemetryAPI32.dll
C:\Users\Cloud\AppData\Local\Temp\NvTelemetryAPI64.dll
C:\Users\Cloud\AppData\Local\Temp\Setup-Wacom.exe
C:\Users\Cloud\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-12-03 03:41
==================== End of FRST.txt ============================