Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-08-2016 01 Ran by Micalu (administrator) on MICALU-PC (09-08-2016 19:42:18) Running from C:\Users\Micalu\Desktop Loaded Profiles: Micalu (Available Profiles: Micalu) Platform: Microsoft Windows 7 Home Premium (X86) Language: Português (Portugal) Internet Explorer Version 8 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Valve Corporation) C:\Program Files\Steam\Steam.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKU\S-1-5-21-1261551153-2078032241-974631634-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [2852128 2016-08-02] (Valve Corporation) HKU\S-1-5-21-1261551153-2078032241-974631634-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [4556048 2015-02-27] (Disc Soft Ltd) HKU\S-1-5-21-1261551153-2078032241-974631634-1000\...\MountPoints2: {8c28ad9b-3d8a-11e6-924e-806e6f6e6963} - E:\Startme.exe HKU\S-1-5-21-1261551153-2078032241-974631634-1000\...\MountPoints2: {8d860360-26ab-11e6-ba5c-00235a797910} - F:\SETUP.EXE HKU\S-1-5-21-1261551153-2078032241-974631634-1000\...\MountPoints2: {99475801-5e6b-11e6-993f-00235a797910} - E:\autoplay.exe HKU\S-1-5-21-1261551153-2078032241-974631634-1000\...\MountPoints2: {99475823-5e6b-11e6-993f-00235a797910} - G:\autoplay.exe ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google) ShellIconOverlayIdentifiers: [MyOverlayIcon] -> {B41B3408-923F-4B8B-85F2-146C509FA18C} => C:\Program Files\Lwosyzaseing\Thaberied\Terhoingprejsp.dll [2016-08-09] () Startup: C:\Users\Micalu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-06-09] ShortcutTarget: Curse.lnk -> C:\Users\Micalu\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{2F81E830-6D8E-4F75-BD4E-A632A99EFD3F}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{C3ACD154-E70D-4769-9984-979D4BC63DED}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_32¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0D0EtB0B0Fzy0Ezy0C0FtAtC0EzztN0D0Tzu0StCyCzztBtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyCyBtDzzyEtD0AtGyDtD0C0AtG0FyCtA0FtGyE0EyCtAtGyE0DtD0EtC0CtByEtA0DyE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EtBtAtB0EtBtBtGyEyBtA0FtGyE0DyC0FtGzytB0BtCtG0EtB0CyE0FtD0F0F0CtB0FtB2QtN0A0LzuyE%26cr%3D537102424%26a%3Dwncy_dmontlsfs_16_32%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium HKU\S-1-5-21-1261551153-2078032241-974631634-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_32¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0D0EtB0B0Fzy0Ezy0C0FtAtC0EzztN0D0Tzu0StCyCzztBtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyCyBtDzzyEtD0AtGyDtD0C0AtG0FyCtA0FtGyE0EyCtAtGyE0DtD0EtC0CtByEtA0DyE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EtBtAtB0EtBtBtGyEyBtA0FtGyE0DyC0FtGzytB0BtCtG0EtB0CyE0FtD0F0F0CtB0FtB2QtN0A0LzuyE%26cr%3D537102424%26a%3Dwncy_dmontlsfs_16_32%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_32¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0D0EtB0B0Fzy0Ezy0C0FtAtC0EzztN0D0Tzu0StCyCzztBtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyCyBtDzzyEtD0AtGyDtD0C0AtG0FyCtA0FtGyE0EyCtAtGyE0DtD0EtC0CtByEtA0DyE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EtBtAtB0EtBtBtGyEyBtA0FtGyE0DyC0FtGzytB0BtCtG0EtB0CyE0FtD0F0F0CtB0FtB2QtN0A0LzuyE%26cr%3D537102424%26a%3Dwncy_dmontlsfs_16_32%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_32¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0D0EtB0B0Fzy0Ezy0C0FtAtC0EzztN0D0Tzu0StCyCzztBtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyCyBtDzzyEtD0AtGyDtD0C0AtG0FyCtA0FtGyE0EyCtAtGyE0DtD0EtC0CtByEtA0DyE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EtBtAtB0EtBtBtGyEyBtA0FtGyE0DyC0FtGzytB0BtCtG0EtB0CyE0FtD0F0F0CtB0FtB2QtN0A0LzuyE%26cr%3D537102424%26a%3Dwncy_dmontlsfs_16_32%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} SearchScopes: HKU\S-1-5-21-1261551153-2078032241-974631634-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_32¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0D0EtB0B0Fzy0Ezy0C0FtAtC0EzztN0D0Tzu0StCyCzztBtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyCyBtDzzyEtD0AtGyDtD0C0AtG0FyCtA0FtGyE0EyCtAtGyE0DtD0EtC0CtByEtA0DyE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EtBtAtB0EtBtBtGyEyBtA0FtGyE0DyC0FtGzytB0BtCtG0EtB0CyE0FtD0F0F0CtB0FtB2QtN0A0LzuyE%26cr%3D537102424%26a%3Dwncy_dmontlsfs_16_32%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} SearchScopes: HKU\S-1-5-21-1261551153-2078032241-974631634-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_32¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0D0EtB0B0Fzy0Ezy0C0FtAtC0EzztN0D0Tzu0StCyCzztBtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyCyBtDzzyEtD0AtGyDtD0C0AtG0FyCtA0FtGyE0EyCtAtGyE0DtD0EtC0CtByEtA0DyE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0EtBtAtB0EtBtBtGyEyBtA0FtGyE0DyC0FtGzytB0BtCtG0EtB0CyE0FtD0F0F0CtB0FtB2QtN0A0LzuyE%26cr%3D537102424%26a%3Dwncy_dmontlsfs_16_32%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation) Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxps://www.google.com/" CHR Profile: C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Apresentações) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-30] CHR Extension: (Google Docs) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-30] CHR Extension: (Google Drive) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-30] CHR Extension: (YouTube) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-30] CHR Extension: (Planilhas do Google) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-30] CHR Extension: (Documentos Google off-line) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-30] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-05-30] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-30] CHR Extension: (Search Manager) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej [2016-08-09] CHR Extension: (Gmail) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-30] CHR Extension: (Chrome Media Router) - C:\Users\Micalu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-05] CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1261551153-2078032241-974631634-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1261551153-2078032241-974631634-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1030928 2015-02-27] (Disc Soft Ltd) S3 Thaberied Configuration; C:\Program Files\Lwosyzaseing\Thaberied\thaberiedconfigurationptt.exe [291520 2016-08-09] () R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [25104 2016-08-09] (Disc Soft Ltd) S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2016-05-30] (Disc Soft Ltd) S3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [26168 2016-08-09] (Disc Soft Ltd) R3 L1C; C:\Windows\System32\DRIVERS\L1C60x86.sys [67696 2011-01-25] (Atheros Communications, Inc.) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-08-09 19:42 - 2016-08-09 19:42 - 00013332 _____ C:\Users\Micalu\Desktop\FRST.txt 2016-08-09 19:42 - 2016-08-09 19:42 - 00000000 ____D C:\FRST 2016-08-09 19:41 - 2016-08-09 19:41 - 01743872 _____ (Farbar) C:\Users\Micalu\Desktop\FRST.exe 2016-08-09 19:38 - 2016-08-09 19:38 - 00007168 _____ (Microsoft Corporation) C:\Users\Micalu\Desktop\api-ms-win-crt-convert-l1-1-0.dll 2016-08-09 18:52 - 2016-08-09 19:32 - 00000273 _____ C:\Users\Micalu\Desktop\Config.ini 2016-08-09 18:52 - 2016-03-15 20:28 - 00000000 ____D C:\Users\Micalu\Desktop\wvs 2016-08-09 18:52 - 2009-03-21 15:58 - 00000056 _____ C:\Users\Micalu\Desktop\DotA Utilities Dota Maps, Dota News, Dota AI Maps, Garena Updates, Videos, Tools and More.URL 2016-08-09 18:52 - 2009-03-21 15:57 - 00000259 _____ C:\Users\Micalu\Desktop\Readme.txt 2016-08-09 18:52 - 2004-01-21 22:55 - 01135616 _____ C:\Users\Micalu\Desktop\wvs.exe 2016-08-09 18:51 - 2016-08-09 18:52 - 71054296 _____ C:\Users\Micalu\Desktop\WVS 1.27 (BY_DIOGO_D2).zip 2016-08-09 18:49 - 2016-08-09 18:50 - 23509547 _____ C:\Users\Micalu\Desktop\eurobattle Client installer_v6 (BY_DIOGO_D2).zip 2016-08-09 18:34 - 2016-08-09 18:34 - 00884002 _____ C:\Users\Micalu\Desktop\ucrt_x86.zip 2016-08-09 18:30 - 2016-08-09 18:31 - 13767776 _____ (Microsoft Corporation) C:\Users\Micalu\Desktop\vc_redist.x86.exe 2016-08-09 18:25 - 2016-04-23 23:18 - 25165312 _____ (Eurobattle.net) C:\Users\Micalu\Desktop\installer.exe 2016-08-09 18:20 - 2016-08-09 18:22 - 00000000 ____D C:\ProgramData\Package Cache 2016-08-09 18:07 - 2016-08-09 18:08 - 23509547 _____ C:\Users\Micalu\Desktop\installer_v6.zip 2016-08-09 17:29 - 2016-08-09 17:30 - 33615005 _____ C:\Users\Micalu\Desktop\TFT Version 1.26a.zip 2016-08-09 17:14 - 2016-08-09 19:32 - 00000000 ____D C:\Users\Micalu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2016-08-09 17:13 - 2016-08-09 17:13 - 00001902 _____ C:\Users\Micalu\Desktop\Frozen Throne.lnk 2016-08-09 17:13 - 2016-08-09 17:13 - 00000040 _____ C:\Users\Micalu\AppData\Roaming\WB.CFG 2016-08-09 17:07 - 2016-08-09 17:07 - 00001895 _____ C:\Users\Micalu\Desktop\Warcraft III.lnk 2016-08-09 17:06 - 2016-08-09 17:13 - 00139264 _____ (Blizzard Entertainment) C:\Windows\War3Unin.exe 2016-08-09 17:06 - 2016-08-09 17:13 - 00055406 _____ C:\Windows\War3Unin.dat 2016-08-09 17:06 - 2016-08-09 17:13 - 00002829 _____ C:\Windows\War3Unin.pif 2016-08-09 17:06 - 2016-08-09 17:13 - 00000000 ____D C:\Users\Micalu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft III 2016-08-09 17:06 - 2016-08-09 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III 2016-08-09 17:03 - 2016-08-09 19:33 - 00000000 ____D C:\Program Files\Warcraft III 2016-08-09 16:52 - 2016-08-09 19:41 - 00000000 ____D C:\Users\Micalu\AppData\Local\Niwoleknity 2016-08-09 16:52 - 2016-08-09 16:58 - 00000000 ____D C:\Program Files\Lwosyzaseing 2016-08-09 16:51 - 2016-08-09 16:53 - 00025104 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys 2016-08-09 16:51 - 2016-08-09 16:52 - 00000000 ____D C:\Program Files\DAEMON Tools Lite 2016-08-09 16:51 - 2016-08-09 16:51 - 00001896 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2016-08-09 16:51 - 2016-08-09 16:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2016-08-09 16:45 - 2016-08-09 16:46 - 13146016 _____ (Disc Soft Ltd) C:\Users\Micalu\Desktop\daemon-tools-5-0-1-multi-win.exe 2016-08-09 16:40 - 2016-08-09 16:40 - 00072571 _____ C:\Users\Micalu\Downloads\Baixaki_iso-creator [1].exe 2016-08-09 16:13 - 2016-08-09 19:13 - 00000980 _____ C:\Windows\Tasks\Yahoo! Powered tenof.job 2016-08-09 16:13 - 2016-08-09 19:13 - 00000278 _____ C:\Windows\Tasks\{03F02CB1-B890-1AF7-7E91-034D01A71D2E}.job 2016-08-09 16:13 - 2016-08-09 19:13 - 00000000 ____D C:\ProgramData\{0600C363-8C42-49A5-0A84-D7E790C65C29} 2016-08-09 16:13 - 2016-08-09 17:13 - 00000000 ____D C:\Users\Micalu\AppData\Roaming\{6F1F59A4-4A4D-34D2-217B-1300FDA9EE3E} 2016-08-09 16:13 - 2016-08-09 16:14 - 00000000 ____D C:\Users\Micalu\AppData\Local\{6F42591E-4BEA-35A6-2672-104E021AECD6} 2016-08-09 16:13 - 2016-08-09 16:13 - 00002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk 2016-08-09 16:13 - 2016-08-09 16:13 - 00000282 __RSH C:\ProgramData\ntuser.pol 2016-08-09 16:12 - 2016-08-09 16:16 - 00026168 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtultrascsibus.sys 2016-08-09 16:12 - 2016-08-09 16:12 - 00000000 ____D C:\Users\Micalu\AppData\Roaming\DAEMON Tools Ultra 2016-08-09 16:12 - 2016-08-09 16:12 - 00000000 ____D C:\ProgramData\DAEMON Tools Ultra 2016-08-09 16:11 - 2016-08-09 16:11 - 03938632 _____ C:\Users\Micalu\Desktop\Game2e.com 1.26a - game.dll.zip 2016-08-09 15:46 - 2016-08-09 15:46 - 00000000 ____D C:\Users\Micalu\AppData\LocalLow\uTorrent 2016-08-09 15:22 - 2016-08-09 15:35 - 00000000 ____D C:\Users\Micalu\Downloads\Warcraft III Reign of Chaos, The Frozen Throne, DoTa + Update Patch War3TFT_121b_English and map pack + CD Key 2016-08-08 15:01 - 2016-08-08 15:01 - 00000000 ____D C:\Users\Micalu\Documents\Modelos Personalizados do Office 2016-08-07 14:16 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2016-08-07 14:16 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2016-08-07 14:16 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2016-08-07 14:16 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2016-08-07 14:16 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2016-08-07 14:16 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2016-08-07 14:16 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2016-08-07 14:16 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2016-08-07 14:16 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2016-08-07 14:16 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2016-08-07 14:16 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2016-08-07 14:16 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2016-08-07 14:16 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2016-08-07 14:16 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll 2016-08-07 14:16 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2016-08-07 14:16 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll 2016-08-07 14:16 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll 2016-08-07 14:16 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll 2016-08-07 14:16 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll 2016-08-07 14:16 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll 2016-08-07 14:16 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll 2016-08-07 14:16 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll 2016-08-07 14:16 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll 2016-08-07 14:16 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll 2016-08-07 14:16 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll 2016-08-07 14:16 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll 2016-08-07 14:16 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll 2016-08-07 14:16 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll 2016-08-07 14:16 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll 2016-08-07 14:16 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll 2016-08-07 14:16 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2016-08-07 14:16 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2016-08-07 14:16 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2016-08-07 14:16 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll 2016-08-07 14:16 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll 2016-08-07 14:16 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll 2016-08-07 14:16 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll 2016-08-07 14:16 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll 2016-08-07 14:16 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll 2016-08-07 14:16 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll 2016-08-07 14:16 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll 2016-08-07 14:16 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll 2016-08-07 14:16 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll 2016-08-07 14:16 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll 2016-08-07 14:16 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll 2016-08-07 14:16 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll 2016-08-07 14:16 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll 2016-08-07 14:16 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll 2016-08-07 14:16 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll 2016-08-07 14:16 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll 2016-08-07 14:16 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll 2016-08-07 14:16 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll 2016-08-07 14:16 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll 2016-08-07 14:16 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll 2016-08-07 14:16 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll 2016-08-07 14:16 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll 2016-08-07 14:16 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll 2016-08-07 14:16 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll 2016-08-07 14:16 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll 2016-08-07 14:16 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll 2016-08-07 14:16 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll 2016-08-07 14:16 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll 2016-08-07 14:16 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll 2016-08-07 14:16 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll 2016-08-07 14:16 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll 2016-08-07 14:16 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll 2016-08-07 14:16 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll 2016-08-07 14:16 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll 2016-08-07 14:16 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll 2016-08-07 14:16 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll 2016-08-07 14:16 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll 2016-08-07 14:16 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll 2016-08-07 14:16 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll 2016-08-07 14:16 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll 2016-08-07 14:16 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll 2016-08-07 14:16 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2016-08-07 14:16 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll 2016-08-07 14:16 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll 2016-08-07 14:16 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll 2016-08-07 14:16 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll 2016-08-07 14:16 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2016-08-07 14:16 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2016-08-07 14:16 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2016-08-07 14:16 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2016-08-07 14:16 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2016-08-07 14:16 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2016-08-07 14:16 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2016-08-07 14:16 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2016-08-07 14:16 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2016-08-07 14:16 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2016-08-07 14:16 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2016-08-07 03:25 - 2016-08-07 03:25 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-08-05 08:05 - 2016-08-05 08:05 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help 2016-08-05 08:05 - 2016-08-05 08:05 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help 2016-08-04 12:41 - 2011-04-09 02:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2016-08-04 12:29 - 2016-06-25 12:43 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe 2016-08-04 12:29 - 2015-03-18 23:57 - 03963320 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2016-08-04 12:29 - 2015-03-18 23:57 - 03908024 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-08-04 12:29 - 2014-09-14 21:42 - 02377216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-08-04 12:29 - 2013-03-19 01:54 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-08-04 12:29 - 2013-03-18 23:50 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-08-04 12:29 - 2010-12-18 02:29 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-08-04 11:39 - 2012-06-02 19:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-08-04 11:39 - 2012-06-02 19:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-08-04 11:39 - 2012-06-02 19:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2016-08-04 11:39 - 2012-06-02 19:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2016-08-04 11:38 - 2012-06-02 19:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2016-08-04 11:38 - 2012-06-02 19:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2016-08-04 11:38 - 2012-06-02 19:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2016-08-04 11:38 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2016-08-04 11:38 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2016-08-04 09:23 - 2016-08-04 09:23 - 00000000 ____D C:\Users\Micalu\AppData\Local\Windows Live 2016-08-04 09:22 - 2016-08-04 09:22 - 00000000 ____D C:\Program Files\Common Files\Windows Live 2016-07-26 18:05 - 2016-07-26 18:05 - 00001082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk 2016-07-26 18:05 - 2016-07-26 18:05 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-08-09 18:46 - 2016-05-30 16:27 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-08-09 18:46 - 2016-05-30 16:27 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-08-09 17:46 - 2016-05-30 15:58 - 00000000 ____D C:\Users\Micalu\AppData\Local\VirtualStore 2016-08-09 17:24 - 2016-06-09 09:22 - 00000000 ____D C:\Users\Micalu\AppData\Roaming\Curse Client 2016-08-09 17:23 - 2009-07-14 01:34 - 00019312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-08-09 17:23 - 2009-07-14 01:34 - 00019312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-08-09 17:16 - 2016-06-06 13:13 - 00000000 ____D C:\Program Files\Steam 2016-08-09 17:15 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-08-09 16:59 - 2016-05-30 16:26 - 00087608 _____ C:\Users\Micalu\AppData\Local\GDIPFONTCACHEV1.DAT 2016-08-09 16:59 - 2009-07-14 01:33 - 00360032 _____ C:\Windows\system32\FNTCACHE.DAT 2016-08-09 16:58 - 2016-05-31 07:23 - 00000000 ____D C:\ProgramData\GAS Tecnologia 2016-08-09 16:57 - 2016-05-30 18:21 - 00000000 ____D C:\Users\Micalu\AppData\Roaming\uTorrent 2016-08-09 16:53 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf 2016-08-09 16:13 - 2009-07-13 23:37 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2016-08-08 15:02 - 2016-05-30 19:02 - 00000000 ____D C:\Users\Micalu\AppData\Local\Microsoft Help 2016-08-07 03:31 - 2016-05-30 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2016-08-07 03:30 - 2009-07-13 23:04 - 00000478 _____ C:\Windows\win.ini 2016-08-06 04:26 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\rescache 2016-08-06 03:18 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-08-06 03:08 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\System 2016-08-05 16:40 - 2016-06-06 13:13 - 00000000 ____D C:\Program Files\Common Files\Steam 2016-08-04 18:48 - 2016-06-14 20:41 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-08-04 17:52 - 2016-05-30 16:28 - 00002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-07-26 14:24 - 2016-05-30 16:21 - 00406184 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-07-22 15:59 - 2016-05-30 16:03 - 01653922 _____ C:\Windows\system32\PerfStringBackup.INI 2016-07-22 15:59 - 2009-07-14 05:31 - 00720406 _____ C:\Windows\system32\prfh0816.dat 2016-07-22 15:59 - 2009-07-14 05:31 - 00152358 _____ C:\Windows\system32\prfc0816.dat ==================== Files in the root of some directories ======= 2016-08-09 17:13 - 2016-08-09 17:13 - 0000040 _____ () C:\Users\Micalu\AppData\Roaming\WB.CFG Files to move or delete: ==================== C:\Windows\Tasks\{03F02CB1-B890-1AF7-7E91-034D01A71D2E}.job Some files in TEMP: ==================== C:\Users\Micalu\AppData\Local\Temp\amd-catalyst-15.7.1-without-dotnet45-win7-32bit.exe C:\Users\Micalu\AppData\Local\Temp\CmdLineExt02.dll C:\Users\Micalu\AppData\Local\Temp\SIntf16.dll C:\Users\Micalu\AppData\Local\Temp\SIntf32.dll C:\Users\Micalu\AppData\Local\Temp\SIntfNT.dll C:\Users\Micalu\AppData\Local\Temp\war3_Install.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-08-06 00:44 ==================== End of FRST.txt ============================