Jump to content

Cannot for the life of me activate my premium license


Recommended Posts

Hey all!

I know from google reseach that this has happened to pretty much anybody who ever tried installing this, but still... my date is fine, and I have only the basic windows defender firewall, which I have enabled all 6 exe files that Malwarebytes has.

Still, no go.

Would really appreciate some help!

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016
Ran by Raul (administrator) on RAUL_ROG (24-04-2016 18:20:56)
Running from C:\Users\Raul\Downloads
Loaded Profiles: Raul (Available Profiles: Raul)
Platform: Windows 10 Home (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Enigma Software Group USA, LLC.) C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Video DSP\DriverMFTService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe
() C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\WINDOWS\SysWOW64\UMonit64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3348712 2016-04-12] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [ROGNB] => C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [463872 2013-05-15] ()
HKLM-x32\...\Run: [ASUS ROG MacroKey] => C:\Program Files (x86)\ASUS\ASUS ROG MacroKey\Hid.exe [2036224 2014-07-30] (ASUS)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [pcmgr] => C:\Program Files (x86)\badu\Uninst.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKU\S-1-5-21-4140088784-1597281522-2247420290-1001\...\Run: [Steam] => D:\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-4140088784-1597281522-2247420290-1001\...\Run: [Spotify Web Helper] => C:\Users\Raul\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-23] (Spotify Ltd)
HKU\S-1-5-21-4140088784-1597281522-2247420290-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-4140088784-1597281522-2247420290-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-4140088784-1597281522-2247420290-1001\...\Run: [AdobeBridge] => [X]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 80.202.2.2 217.13.0.2
Tcpip\..\Interfaces\{2c14edde-d1aa-40c8-af46-4ffe29ef497a}: [DhcpNameServer] 80.202.2.2 217.13.0.2
ManualProxies: 

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-4140088784-1597281522-2247420290-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-4140088784-1597281522-2247420290-1001 -> DefaultScope {3D599E1E-DDE1-48CE-BBB0-23A5D985D36E} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-4140088784-1597281522-2247420290-1001 -> {3D599E1E-DDE1-48CE-BBB0-23A5D985D36E} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-21] (Oracle Corporation)

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-21] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-22] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [No File]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found

Chrome: 
=======
CHR HomePage: Default -> hxxp://google.no/
CHR StartupUrls: Default -> "hxxp://google.no/"
CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?s=G47zftptn095001AJ,21195a9b-39b4-47b4-9b17-b166671993fa,&prd=smw&q={searchTerms}
CHR DefaultSearchKeyword: Default -> www-searching.com
CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
CHR Profile: C:\Users\Raul\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Raul\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Raul\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-01]
CHR Extension: (Adblock Plus) - C:\Users\Raul\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-10]
CHR Extension: (Google Search) - C:\Users\Raul\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Raul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-07]
CHR Extension: (Gmail) - C:\Users\Raul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-01]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
R2 AsusGameFirstService; C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe [356664 2015-02-02] (ASUSTeK)
R2 DriverMFTService; C:\Program Files (x86)\Asus\ASUS Video DSP\DriverMFTService.exe [9728 2014-10-29] (ASUSTek Computer Inc.) [File not signed]
S3 GalaxyClientService; D:\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-21] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6952504 2015-10-21] (GOG.com)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-30] (NVIDIA Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121288 2014-05-09] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-30] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-30] (NVIDIA Corporation)
R2 SpyHunter 4 Service; C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe [327064 2010-05-18] (Enigma Software Group USA, LLC.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 ThunderboltService; C:\Program Files\Intel\Thunderbolt Software\tbtsvc.exe [1179944 2014-05-13] (Intel Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 esgiguard; C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [5248 2010-01-27] () [File not signed]
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-04-07] ()
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [107208 2014-01-17] (GenesysLogic)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-07-14] (Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [77992 2014-08-04] (Intel Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-24] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-06-18] (Intel Corporation)
R1 NFC_Driver; C:\Windows\System32\drivers\NFC_Driver.sys [53440 2015-01-05] (Titan ARC Corp.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek                                            )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 XtuAcpiDriver; C:\Windows\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-24 18:20 - 2016-04-24 18:21 - 00018703 _____ C:\Users\Raul\Downloads\FRST.txt
2016-04-24 18:20 - 2016-04-24 18:20 - 02375680 _____ (Farbar) C:\Users\Raul\Downloads\FRST64.exe
2016-04-24 18:20 - 2016-04-24 18:20 - 00000000 ____D C:\FRST
2016-04-24 17:57 - 2016-04-24 17:57 - 00016148 _____ C:\Windows\system32\RAUL_ROG_Raul_HistoryPrediction.bin
2016-04-24 17:39 - 2016-04-24 18:11 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-24 17:38 - 2016-04-24 17:38 - 00001177 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-24 17:38 - 2016-04-24 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-24 17:38 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-04-24 17:38 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-24 17:38 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-04-24 17:35 - 2016-04-24 17:35 - 22851472 _____ (Malwarebytes ) C:\Users\Raul\Downloads\mbam-setup-web.NT-2.2.1.1043.exe
2016-04-24 12:55 - 2016-04-24 12:55 - 00016518 _____ C:\Users\Raul\Downloads\UFC.197.PPV.Jones.vs.Saint.Preux.720p.HDTV.x264-Ebi.mp4.torrent
2016-04-24 12:13 - 2016-04-24 12:13 - 00020533 _____ C:\Users\Raul\Downloads\UFC.197.PPV.Jones.vs.Saint.Preux.HDTV.x264-Ebi.mp4.torrent
2016-04-24 12:11 - 2016-04-24 12:11 - 00028991 _____ C:\Users\Raul\Downloads\[kat.cr]the.boss.2016.hc.hdrip.xvid.ac3.etrg.torrent
2016-04-23 19:54 - 2016-04-23 19:54 - 00068751 _____ C:\Users\Raul\Downloads\the-intern-2015_HI_english-1254073.zip
2016-04-23 18:17 - 2016-04-23 18:17 - 00411688 _____ C:\Windows\Minidump\042316-9656-01.dmp
2016-04-22 07:21 - 2016-04-22 07:21 - 00110706 _____ C:\Users\Raul\Downloads\Lucha.Underground.S02E13.720p.WEB.h264-HatchetGear.torrent
2016-04-22 06:59 - 2016-04-22 06:59 - 00043849 _____ C:\Users\Raul\Downloads\WWE.Smackdown.2016.04.21.HDTV.1080i.TS-SkY.ts.torrent
2016-04-22 06:58 - 2016-04-22 06:58 - 00031909 _____ C:\Users\Raul\Downloads\[kat.cr]the.big.bang.theory.s09e21.720p.hdtv.x264.dimension.rartv.torrent
2016-04-22 06:58 - 2016-04-22 06:58 - 00013262 _____ C:\Users\Raul\Downloads\[kat.cr]vikings.s04e10.720p.hdtv.x264.killers.ettv.torrent
2016-04-21 05:25 - 2016-04-21 05:25 - 00016308 _____ C:\Users\Raul\Downloads\[kat.cr]survivor.s32e10.720p.hdtv.x264.bajskorv.ettv.torrent
2016-04-20 17:08 - 2016-04-20 17:08 - 00062101 _____ C:\Users\Raul\Downloads\[kat.cr]wwe.total.divas.s05e14.hdtv.2016.04.19.720p.avchd.sc.sdh.torrent
2016-04-20 16:20 - 2016-04-20 16:20 - 00029530 _____ C:\Users\Raul\Downloads\[kat.cr]ink.master.s07e08.breathing.fire.webrip.mp4.x264.state.torrent
2016-04-20 07:53 - 2016-04-20 07:53 - 00103870 _____ C:\Users\Raul\Downloads\[kat.cr]outsiders.2016.s01e13.720p.hdtv.x264.avs.rartv.torrent
2016-04-19 06:53 - 2016-04-19 06:53 - 00020851 _____ C:\Users\Raul\Downloads\WWE.Raw.04.18.16.720p.HDTV.H264-XWT.torrent
2016-04-19 06:52 - 2016-04-19 06:52 - 00071976 _____ C:\Users\Raul\Downloads\[kat.cr]better.call.saul.s02e10.720p.hdtv.x264.avs.rartv.torrent
2016-04-18 16:53 - 2016-04-18 16:53 - 00002651 _____ C:\Users\Raul\Downloads\[kat.cr]the.last.man.on.earth.s02e15.web.dl.xvid.fum.ettv.torrent
2016-04-18 16:52 - 2016-04-18 16:52 - 00026427 _____ C:\Users\Raul\Downloads\[kat.cr]family.guy.s14e17.720p.hdtv.x264.avs.rartv (1).torrent
2016-04-18 08:41 - 2016-04-18 08:41 - 00019421 _____ C:\Users\Raul\Downloads\[kat.cr]deadpool.2016.720p.hc.hdrip.x264.aac.etrg.torrent
2016-04-18 08:38 - 2016-04-18 08:38 - 00000000 _____ C:\Users\Raul\Downloads\[kat.cr]the.last.man.on.earth.s02e15.720p.hdtv.x264.avs.rartv.torrent
2016-04-18 08:37 - 2016-04-18 08:37 - 00000000 _____ C:\Users\Raul\Downloads\[kat.cr]family.guy.s14e17.720p.hdtv.x265.hevc.sammy.torrent
2016-04-18 08:37 - 2016-04-18 08:37 - 00000000 _____ C:\Users\Raul\Downloads\[kat.cr]family.guy.s14e17.720p.hdtv.x264.avs.rartv.torrent
2016-04-17 07:56 - 2016-04-17 07:56 - 00012857 _____ C:\Users\Raul\Downloads\UFC.on.Fox.19.Teixeira.vs.Evans.720p.HDTV.x264-Ebi.mp4.torrent
2016-04-16 21:33 - 2016-04-16 21:33 - 00066713 _____ C:\Users\Raul\Downloads\the-intern-2015_HI_english-1253654.zip
2016-04-16 21:16 - 2016-04-16 21:16 - 00019818 _____ C:\Users\Raul\Downloads\[kat.cr]the.intern.2015.720p.brrip.x264.aac.etrg.torrent
2016-04-16 14:11 - 2016-04-16 14:11 - 00029662 _____ C:\Users\Raul\Downloads\[kat.cr]banshee.season.1.s01.1080p.bluray.hevc.x265.n0m1.torrent
2016-04-16 10:22 - 2016-04-16 10:22 - 00021724 _____ C:\Users\Raul\Downloads\[kat.cr]banshee.season.2.s02.1080p.web.x265.hevc.aac.5.1.joy.utr.torrent
2016-04-16 07:12 - 2016-04-16 07:12 - 13843184 _____ C:\Users\Raul\Downloads\attachments.zip
2016-04-15 14:59 - 2016-04-15 14:59 - 00119651 _____ C:\Users\Raul\Downloads\[kat.cr]hardcore.henry.2016.hdts.x264.ac3.exclusive.cpg.torrent
2016-04-15 07:23 - 2016-04-15 07:23 - 00077304 _____ C:\Users\Raul\Downloads\[kat.cr]vikings.s04e09.720p.hdtv.x264.killers.rartv.torrent
2016-04-14 15:15 - 2016-04-14 15:15 - 00041028 _____ C:\Users\Raul\Downloads\[kat.cr]ink.master.redemption.s02e05.stained.glass.from.the.past.web.dl.h264.nogrp.sparrow.torrent
2016-04-14 15:15 - 2016-04-14 15:15 - 00032874 _____ C:\Users\Raul\Downloads\[kat.cr]ink.master.redemption.s02e07.two.heads.are.better.webrip.x264.state.torrent
2016-04-14 15:15 - 2016-04-14 15:15 - 00032874 _____ C:\Users\Raul\Downloads\[kat.cr]ink.master.redemption.s02e07.two.heads.are.better.webrip.x264.state (1).torrent
2016-04-14 15:15 - 2016-04-14 15:15 - 00031718 _____ C:\Users\Raul\Downloads\[kat.cr]ink.master.redemption.s02e06.the.witch.is.back.webrip.x264.state.torrent
2016-04-14 15:14 - 2016-04-14 15:14 - 00028344 _____ C:\Users\Raul\Downloads\[kat.cr]ink.master.redemption.s02e03.behind.every.inked.man.web.dl.x264.jive.sparrow.torrent
2016-04-14 15:14 - 2016-04-14 15:14 - 00023092 _____ C:\Users\Raul\Downloads\[kat.cr]ink.master.redemption.s02e04.cheetah.print.pain.hdtv.x264.trial.torrent
2016-04-14 15:14 - 2016-04-14 15:14 - 00020554 _____ C:\Users\Raul\Downloads\[kat.cr]ink.master.redemption.s02e02.two.right.feet.hdtv.x264.trial.torrent
2016-04-14 06:05 - 2016-04-14 06:05 - 00048686 _____ C:\Users\Raul\Downloads\[kat.cr]modern.family.s07e19.720p.hdtv.x264.avs.rartv.torrent
2016-04-14 06:04 - 2016-04-14 06:04 - 00109804 _____ C:\Users\Raul\Downloads\[kat.cr]survivor.s32e09.720p.hdtv.x264.crooks.rartv.torrent
2016-04-14 06:04 - 2016-04-14 06:04 - 00012593 _____ C:\Users\Raul\Downloads\WWE.Smackdown.2016.04.14.720p.WEB.HD.x264.DX-TV.mkv.torrent
2016-04-14 05:19 - 2016-04-14 05:19 - 00030662 _____ C:\Users\Raul\Downloads\[kat.cr]ink.master.s07e07.webrip.x264.state.torrent
2016-04-13 20:03 - 2016-04-13 20:03 - 00013793 _____ C:\Users\Raul\Downloads\[kat.cr]total.divas.5x13.c.est.la.diva.part.1.torrent
2016-04-13 20:02 - 2016-04-13 20:02 - 00042515 _____ C:\Users\Raul\Downloads\[kat.cr]ink.master.redemption.s01e06.mind.over.master.720p.hdtv.x264.dhd.torrent
2016-04-13 20:02 - 2016-04-13 20:02 - 00021035 _____ C:\Users\Raul\Downloads\[kat.cr]ink.master.redemption.s02e01.triple.threat.hdtv.x264.trial.torrent
2016-04-13 17:12 - 2016-04-13 17:12 - 00014493 _____ C:\Users\Raul\Downloads\[kat.cr]ink.master.redemption.s01e03.walk.outs.hdtv.x264.daview.torrent
2016-04-13 17:12 - 2016-04-13 17:12 - 00006189 _____ C:\Users\Raul\Downloads\[kat.cr]ink.master.redemption.s01e04.fool.me.twice.720p.hdtv.x264.dhd.ethd.torrent
2016-04-13 17:12 - 2016-04-13 17:12 - 00006077 _____ C:\Users\Raul\Downloads\[kat.cr]ink.master.redemption.s01e02.mystical.mistakes.720p.hdtv.x264.dhd.ethd.torrent
2016-04-13 16:45 - 2016-04-13 16:45 - 00013090 _____ C:\Users\Raul\Downloads\[kat.cr]ink.master.redemption.s01e01.hula.girls.and.garter.belts.hdtv.x264.daview.torrent
2016-04-13 07:12 - 2016-04-13 07:12 - 00014473 _____ C:\Users\Raul\Downloads\[kat.cr]outsiders.s01e12.720p.hdtv.x264.dimension.ettv.torrent
2016-04-12 21:33 - 2016-03-25 09:38 - 24593408 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-12 21:33 - 2016-03-16 06:56 - 03467784 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2016-04-12 21:33 - 2016-03-16 06:47 - 22610328 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-04-12 21:33 - 2016-03-16 06:45 - 00140536 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2016-04-12 21:33 - 2016-03-16 06:00 - 21859840 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-04-12 21:32 - 2016-03-29 08:40 - 03587584 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-04-12 21:32 - 2016-03-29 08:40 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-04-12 21:32 - 2016-03-25 09:25 - 12505600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-12 21:32 - 2016-03-25 09:14 - 07525376 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-04-12 21:32 - 2016-03-25 09:13 - 19325440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-12 21:32 - 2016-03-25 08:55 - 11263488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-12 21:32 - 2016-03-25 08:54 - 05457408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-04-12 21:32 - 2016-03-16 06:56 - 01022664 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-12 21:32 - 2016-03-16 06:56 - 00861512 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-04-12 21:32 - 2016-03-16 06:55 - 02495768 _____ C:\Windows\system32\CoreUIComponents.dll
2016-04-12 21:32 - 2016-03-16 06:55 - 01951872 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-12 21:32 - 2016-03-16 06:55 - 01299032 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-12 21:32 - 2016-03-16 06:55 - 01127024 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-04-12 21:32 - 2016-03-16 06:55 - 00601344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-04-12 21:32 - 2016-03-16 06:54 - 00595016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2016-04-12 21:32 - 2016-03-16 06:47 - 03622272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-12 21:32 - 2016-03-16 06:47 - 00801632 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-04-12 21:32 - 2016-03-16 06:46 - 00658568 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2016-04-12 21:32 - 2016-03-16 06:41 - 00607416 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-04-12 21:32 - 2016-03-16 06:41 - 00208736 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2016-04-12 21:32 - 2016-03-16 06:39 - 00983904 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2016-04-12 21:32 - 2016-03-16 06:37 - 01010016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-04-12 21:32 - 2016-03-16 06:21 - 01767000 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2016-04-12 21:32 - 2016-03-16 06:21 - 01531888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-12 21:32 - 2016-03-16 06:11 - 21088728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-04-12 21:32 - 2016-03-16 06:11 - 02879024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-12 21:32 - 2016-03-16 06:11 - 00700256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2016-04-12 21:32 - 2016-03-16 06:08 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-04-12 21:32 - 2016-03-16 06:06 - 00181088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2016-04-12 21:32 - 2016-03-16 06:05 - 00539728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-04-12 21:32 - 2016-03-16 06:03 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2016-04-12 21:32 - 2016-03-16 06:03 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2016-04-12 21:32 - 2016-03-16 05:56 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\PhoneCallHistoryApis.dll
2016-04-12 21:32 - 2016-03-16 05:56 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModelShim.dll
2016-04-12 21:32 - 2016-03-16 05:55 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\UserDataAccountApis.dll
2016-04-12 21:32 - 2016-03-16 05:55 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2016-04-12 21:32 - 2016-03-16 05:55 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\fwbase.dll
2016-04-12 21:32 - 2016-03-16 05:55 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\ExtrasXmlParser.dll
2016-04-12 21:32 - 2016-03-16 05:51 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-04-12 21:32 - 2016-03-16 05:51 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-04-12 21:32 - 2016-03-16 05:49 - 01416192 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-12 21:32 - 2016-03-16 05:49 - 00850432 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-12 21:32 - 2016-03-16 05:47 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2016-04-12 21:32 - 2016-03-16 05:47 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2016-04-12 21:32 - 2016-03-16 05:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2016-04-12 21:32 - 2016-03-16 05:46 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll
2016-04-12 21:32 - 2016-03-16 05:45 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthLEEnum.sys
2016-04-12 21:32 - 2016-03-16 05:44 - 01016832 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2016-04-12 21:32 - 2016-03-16 05:43 - 00573952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.Desktop.dll
2016-04-12 21:32 - 2016-03-16 05:43 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-12 21:32 - 2016-03-16 05:42 - 02180608 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-04-12 21:32 - 2016-03-16 05:42 - 01290240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-04-12 21:32 - 2016-03-16 05:42 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll
2016-04-12 21:32 - 2016-03-16 05:41 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-04-12 21:32 - 2016-03-16 05:40 - 00931840 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2016-04-12 21:32 - 2016-03-16 05:40 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2016-04-12 21:32 - 2016-03-16 05:40 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\vaultsvc.dll
2016-04-12 21:32 - 2016-03-16 05:40 - 00280576 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll
2016-04-12 21:32 - 2016-03-16 05:40 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2016-04-12 21:32 - 2016-03-16 05:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2016-04-12 21:32 - 2016-03-16 05:40 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
2016-04-12 21:32 - 2016-03-16 05:40 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-12 21:32 - 2016-03-16 05:39 - 03363328 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-04-12 21:32 - 2016-03-16 05:39 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2016-04-12 21:32 - 2016-03-16 05:39 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2016-04-12 21:32 - 2016-03-16 05:38 - 01423872 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
2016-04-12 21:32 - 2016-03-16 05:37 - 01521664 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2016-04-12 21:32 - 2016-03-16 05:37 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\ContactApis.dll
2016-04-12 21:32 - 2016-03-16 05:37 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll
2016-04-12 21:32 - 2016-03-16 05:37 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentApis.dll
2016-04-12 21:32 - 2016-03-16 05:37 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll
2016-04-12 21:32 - 2016-03-16 05:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\FontProvider.dll
2016-04-12 21:32 - 2016-03-16 05:36 - 01205248 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2016-04-12 21:32 - 2016-03-16 05:36 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2016-04-12 21:32 - 2016-03-16 05:36 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\ExSMime.dll
2016-04-12 21:32 - 2016-03-16 05:36 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2016-04-12 21:32 - 2016-03-16 05:36 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\cemapi.dll
2016-04-12 21:32 - 2016-03-16 05:36 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\VCardParser.dll
2016-04-12 21:32 - 2016-03-16 05:36 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\CallHistoryClient.dll
2016-04-12 21:32 - 2016-03-16 05:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2016-04-12 21:32 - 2016-03-16 05:36 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll
2016-04-12 21:32 - 2016-03-16 05:36 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\POSyncServices.dll
2016-04-12 21:32 - 2016-03-16 05:36 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenanceClient.dll
2016-04-12 21:32 - 2016-03-16 05:36 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\UserDataPlatformHelperUtil.dll
2016-04-12 21:32 - 2016-03-16 05:36 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTypeHelperUtil.dll
2016-04-12 21:32 - 2016-03-16 05:36 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\UserDataLanguageUtil.dll
2016-04-12 21:32 - 2016-03-16 05:35 - 01794560 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-04-12 21:32 - 2016-03-16 05:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\AppxApplicabilityEngine.dll
2016-04-12 21:32 - 2016-03-16 05:35 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\PackageStateRoaming.dll
2016-04-12 21:32 - 2016-03-16 05:35 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2016-04-12 21:32 - 2016-03-16 05:35 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2016-04-12 21:32 - 2016-03-16 05:34 - 01871872 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-12 21:32 - 2016-03-16 05:33 - 00670208 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2016-04-12 21:32 - 2016-03-16 05:32 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-04-12 21:32 - 2016-03-16 05:31 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2016-04-12 21:32 - 2016-03-16 05:31 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhoneCallHistoryApis.dll
2016-04-12 21:32 - 2016-03-16 05:31 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExtrasXmlParser.dll
2016-04-12 21:32 - 2016-03-16 05:28 - 00163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwbase.dll
2016-04-12 21:32 - 2016-03-16 05:27 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-12 21:32 - 2016-03-16 05:24 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2016-04-12 21:32 - 2016-03-16 05:24 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll
2016-04-12 21:32 - 2016-03-16 05:24 - 00019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2016-04-12 21:32 - 2016-03-16 05:21 - 18796544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-04-12 21:32 - 2016-03-16 05:20 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-12 21:32 - 2016-03-16 05:18 - 00768000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-04-12 21:32 - 2016-03-16 05:18 - 00104960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll
2016-04-12 21:32 - 2016-03-16 05:17 - 03680256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-04-12 21:32 - 2016-03-16 05:17 - 00842240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2016-04-12 21:32 - 2016-03-16 05:17 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vaultcli.dll
2016-04-12 21:32 - 2016-03-16 05:17 - 00168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2016-04-12 21:32 - 2016-03-16 05:17 - 00133120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2016-04-12 21:32 - 2016-03-16 05:17 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-12 21:32 - 2016-03-16 05:16 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2016-04-12 21:32 - 2016-03-16 05:14 - 00625152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactApis.dll
2016-04-12 21:32 - 2016-03-16 05:14 - 00579584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentApis.dll
2016-04-12 21:32 - 2016-03-16 05:14 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll
2016-04-12 21:32 - 2016-03-16 05:13 - 00928256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2016-04-12 21:32 - 2016-03-16 05:13 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2016-04-12 21:32 - 2016-03-16 05:13 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2016-04-12 21:32 - 2016-03-16 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2016-04-12 21:32 - 2016-03-16 05:13 - 00201216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cemapi.dll
2016-04-12 21:32 - 2016-03-16 05:13 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VCardParser.dll
2016-04-12 21:32 - 2016-03-16 05:13 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CallHistoryClient.dll
2016-04-12 21:32 - 2016-03-16 05:13 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2016-04-12 21:32 - 2016-03-16 05:13 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\POSyncServices.dll
2016-04-12 21:32 - 2016-03-16 05:13 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataPlatformHelperUtil.dll
2016-04-12 21:32 - 2016-03-16 05:13 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PimIndexMaintenanceClient.dll
2016-04-12 21:32 - 2016-03-16 05:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTypeHelperUtil.dll
2016-04-12 21:32 - 2016-03-16 05:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataLanguageUtil.dll
2016-04-12 21:32 - 2016-03-16 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll
2016-04-12 21:32 - 2016-03-16 05:11 - 01594368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-12 21:32 - 2016-03-16 05:10 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2016-04-12 21:27 - 2016-04-12 21:27 - 00000000 ____D C:\Program Files\Elantech
2016-04-12 07:47 - 2016-04-12 07:47 - 00080236 _____ C:\Users\Raul\Downloads\[kat.cr]better.call.saul.s02e09.720p.hdtv.x264.avs.rartv.torrent
2016-04-12 07:47 - 2016-04-12 07:47 - 00022211 _____ C:\Users\Raul\Downloads\WWE.Raw.04.11.16.720p.HDTV.H264-XWT.torrent
2016-04-12 06:12 - 2016-04-12 06:14 - 00000000 ____D C:\Users\Raul\AppData\Roaming\DarkSoulsIII
2016-04-11 20:34 - 2016-04-11 20:34 - 08775276 _____ C:\Users\Raul\Downloads\video-1460369332.mp4
2016-04-11 07:45 - 2016-04-11 07:45 - 00000202 _____ C:\Users\Raul\Desktop\DARK SOULS III.url
2016-04-11 07:29 - 2016-04-11 07:29 - 00049581 _____ C:\Users\Raul\Downloads\[kat.cr]the.last.man.on.earth.s02e14.720p.hdtv.x264.killers.rartv.torrent
2016-04-10 14:05 - 2016-04-10 14:05 - 00023120 _____ C:\Users\Raul\Downloads\[kat.cr]batman.v.superman.dawn.of.justice.2016.new.hd.ts.x264.exclusive.cpg.torrent
2016-04-10 09:52 - 2016-04-10 09:52 - 00052074 _____ C:\Users\Raul\Downloads\[kat.cr]vikings.s04e08.portage.1080p.web.dl.dd5.1.hevc.x265.lgc.mkv.torrent
2016-04-10 09:34 - 2016-04-10 09:34 - 00015337 _____ C:\Users\Raul\Downloads\[kat.cr]malwarebytes.anti.malware.premium.v2.2.1.1043.setup.lifetime.crack.core.x.torrent
2016-04-10 09:16 - 2016-04-10 09:16 - 00007978 _____ C:\Users\Raul\Downloads\[kat.cr]malwarebytes.anti.malware.premium.2.2.0.1024.final.multilingual.incl.keygen.team.os.torrent
2016-04-10 09:06 - 2016-04-10 09:42 - 00000000 ____D C:\Program Files\GridinSoft Anti-Malware
2016-04-10 09:06 - 2016-04-10 09:06 - 00003308 _____ C:\Windows\System32\Tasks\GridinSoft Anti-Malware
2016-04-10 09:03 - 2016-04-10 09:42 - 00000000 ____D C:\Program Files\GridinSoft Trojan Killer
2016-04-10 09:03 - 2016-04-10 09:06 - 00000000 ____D C:\ProgramData\GridinSoft
2016-04-10 09:00 - 2016-04-10 09:00 - 00012024 _____ C:\Users\Raul\Downloads\[kat.cr]trojan.killer.2.2.8.0.crack.s0ft4pc.torrent
2016-04-10 08:49 - 2016-04-10 08:49 - 00004132 _____ C:\Windows\system32\.crusader
2016-04-10 08:44 - 2016-04-10 08:49 - 00000000 ____D C:\ProgramData\HitmanPro
2016-04-10 08:44 - 2016-04-10 08:44 - 11441744 _____ (SurfRight B.V.) C:\Users\Raul\Downloads\hitmanpro_x64.exe
2016-04-10 08:44 - 2016-04-10 08:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2016-04-10 08:44 - 2016-04-10 08:44 - 00000000 ____D C:\Program Files\HitmanPro
2016-04-10 07:57 - 2016-02-10 16:38 - 02544872 _____ (ELAN Microelectronics Corp.) C:\Windows\ETDUninst.dll
2016-04-10 07:54 - 2016-04-24 17:38 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-10 07:54 - 2016-04-10 07:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-10 07:53 - 2016-04-10 07:53 - 22851472 _____ (Malwarebytes ) C:\Users\Raul\Downloads\mbam-setup-2.2.1.1043.exe
2016-04-10 07:41 - 2016-04-10 07:41 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Raul\Downloads\SpyHunter-Installer (1).exe
2016-04-07 18:41 - 2016-04-07 18:41 - 00000000 ____D C:\Windows\system32\%LOCALAPPDATA%
2016-04-07 18:33 - 2016-04-07 18:33 - 00231972 _____ C:\Windows\ntbtlog.txt
2016-04-07 17:35 - 2016-04-10 07:37 - 00007767 _____ C:\spyhunter.fix
2016-04-07 17:23 - 2016-04-07 17:23 - 00000000 ____D C:\Users\Raul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2016-04-07 17:23 - 2016-04-07 17:23 - 00000000 ____D C:\sh4ldr
2016-04-07 17:23 - 2016-04-07 17:23 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2016-04-07 17:22 - 2016-04-24 17:37 - 00000000 ____D C:\Users\Raul\AppData\LocalLow\uTorrent
2016-04-07 17:22 - 2016-04-07 17:23 - 00000000 ____D C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2016-04-07 16:57 - 2016-04-07 16:57 - 00000000 _____ C:\autoexec.bat
2016-04-07 16:56 - 2016-04-07 16:56 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Raul\Downloads\SpyHunter-Installer.exe
2016-04-07 16:56 - 2016-04-07 16:56 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-04-07 16:49 - 2016-04-07 16:49 - 00015229 _____ C:\ProgramData\webad.xml
2016-04-07 16:48 - 2016-04-10 07:58 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-04-07 16:48 - 2016-04-07 17:35 - 00000000 ____D C:\Users\Raul\AppData\Local\app
2016-04-07 16:48 - 2016-04-07 16:48 - 00000000 ____D C:\ProgramData\Windows Update
2016-04-07 16:47 - 2016-04-10 08:49 - 00000000 ____D C:\Program Files (x86)\badu
2016-04-07 16:47 - 2016-04-08 06:50 - 00187904 _____ C:\Windows\rsrcs.dll
2016-04-07 16:47 - 2016-04-07 16:48 - 00000000 ____D C:\Users\Public\Thunder Network
2016-04-07 16:47 - 2016-04-07 16:47 - 00003304 _____ C:\Windows\System32\Tasks\runTask
2016-04-07 16:47 - 2016-04-07 16:47 - 00000002 _____ C:\END
2016-04-07 16:47 - 2016-04-07 16:47 - 00000000 ____D C:\ProgramData\Thunder Network
2016-04-07 16:37 - 2016-04-07 16:36 - 00001006 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-04-07 16:35 - 2016-04-07 16:35 - 00000258 __RSH C:\ProgramData\ntuser.pol
2016-04-07 16:35 - 2016-04-07 16:35 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-04-07 16:35 - 2016-04-07 16:35 - 00000000 ____D C:\Program Files (x86)\DivX
2016-04-07 16:34 - 2016-04-07 16:34 - 00000000 ____D C:\ProgramData\DivX
2016-04-07 15:01 - 2016-04-07 15:01 - 00083125 _____ C:\Users\Raul\Downloads\[kat.cr]ink.master.s07e06.under.pressure.720p.spik.webrip.aac2.0.h264.btw.rartv.torrent
2016-04-07 06:25 - 2016-04-07 06:25 - 00014990 _____ C:\Users\Raul\Downloads\[kat.cr]how.to.plan.an.orgy.in.a.small.town.2015.dvdrip.xvid.etrg.torrent
2016-04-06 20:15 - 2016-04-06 20:15 - 00006397 _____ C:\Users\Raul\Downloads\ink master s07e07 the devils in the details hdtv x264 trial.txt
2016-04-05 07:45 - 2016-04-05 07:45 - 00022691 _____ C:\Users\Raul\Downloads\WWE.Raw.04.04.16.720p.HDTV.H264-XWT (1).torrent
2016-04-05 06:35 - 2016-04-05 06:35 - 00022691 _____ C:\Users\Raul\Downloads\WWE.Raw.04.04.16.720p.HDTV.H264-XWT.torrent
2016-04-02 18:18 - 2016-04-02 18:18 - 00018030 _____ C:\Users\Raul\Downloads\[kat.cr]the.intern.2015.1080p.web.dl.x264.ac3.jyk.torrent
2016-04-01 16:09 - 2016-04-01 16:09 - 00230679 _____ C:\Users\Raul\Downloads\WWE_Thursday_Night_Smackdown_HDTV_2016-03-31_720p_AVCHD-SC-SDH.torrent
2016-04-01 07:32 - 2016-04-01 07:32 - 00098624 _____ C:\Users\Raul\Downloads\[kat.cr]vikings.s04e07.720p.hdtv.x264.killers.rartv.torrent
2016-04-01 07:31 - 2016-04-01 07:31 - 00040530 _____ C:\Users\Raul\Downloads\[kat.cr]the.big.bang.theory.s09e19.720p.hdtv.x264.dimension.rartv.torrent
2016-03-31 06:33 - 2016-03-31 06:33 - 00119404 _____ C:\Users\Raul\Downloads\[kat.cr]survivor.s32e07.720p.hdtv.x264.crooks.rartv.torrent
2016-03-30 20:54 - 2016-03-21 22:01 - 00109632 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-03-30 20:54 - 2016-03-21 22:01 - 00100416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-03-30 17:03 - 2016-03-30 17:03 - 00061068 _____ C:\Users\Raul\Downloads\[kat.cr]wwe.total.divas.s05e11.hdtv.2016.03.29.720p.avchd.sc.sdh.torrent
2016-03-30 08:28 - 2016-03-30 08:28 - 00103436 _____ C:\Users\Raul\Downloads\[kat.cr]outsiders.s01e10.720p.hdtv.x264.sva.rartv.torrent
2016-03-29 06:54 - 2016-03-29 06:54 - 00067415 _____ C:\Users\Raul\Downloads\[kat.cr]better.call.saul.s02e07.720p.hdtv.x264.avs.rartv.torrent
2016-03-29 06:53 - 2016-03-29 06:53 - 00020451 _____ C:\Users\Raul\Downloads\WWE.Raw.03.29.16.720p.HDTV.H264-XWT.torrent
2016-03-29 06:27 - 2016-03-22 03:57 - 00110528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-03-29 06:26 - 2016-04-10 07:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan
2016-03-29 06:25 - 2016-03-22 06:08 - 42923576 _____ C:\Windows\system32\nvcompiler.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 37567424 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 31594432 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 25350080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 21364536 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 20906168 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 17755928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 17369448 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 17349776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 10550552 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 08659472 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 02614208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 02260024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 01922496 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436472.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436472.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 00960056 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 00889400 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 00786872 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 00784824 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 00751552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 00695864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 00678520 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 00632336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 00630776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 00601936 _____ C:\Windows\system32\nvmcumd.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 00572096 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 00385080 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 00379448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 00379296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 00348216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 00317656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-03-29 06:25 - 2016-03-22 06:08 - 00000139 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-03-29 06:25 - 2016-03-22 06:08 - 00000139 _____ C:\Windows\system32\nv-vk64.json
2016-03-28 08:09 - 2016-03-28 08:09 - 00151737 _____ C:\Users\Raul\Downloads\[kat.cr]the.walking.dead.s06e15.720p.hdtv.x264.avs.rartv.torrent
2016-03-27 21:24 - 2016-03-27 21:24 - 00000000 ____D C:\Users\Raul\AppData\Roaming\PDAppFlex
2016-03-27 13:28 - 2016-04-24 14:15 - 00000000 ____D C:\Users\Raul\Desktop\Untitled Export
2016-03-27 12:25 - 2016-04-22 17:04 - 00001075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2016-03-27 12:24 - 2016-04-22 17:04 - 00001621 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-03-27 10:33 - 2016-03-27 10:33 - 00021680 _____ C:\Users\Raul\Downloads\[kat.cr]adobe.photoshop.lightroom.cc.6.2.multilingual.patch.appzdam.torrent
2016-03-25 11:21 - 2016-03-25 11:21 - 00242486 _____ C:\Users\Raul\Downloads\WWE.Thursday.Night.Smackdown.HDTV.2016-03-24.720p.AVCHD-SC-SDH.torrent
2016-03-25 08:41 - 2016-03-25 08:41 - 00080097 _____ C:\Users\Raul\Downloads\[kat.cr]vikings.s04e06.720p.hdtv.x264.killers.rartv.torrent

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-24 18:04 - 2015-10-01 16:34 - 00875126 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-24 18:04 - 2015-07-31 00:40 - 00000000 ____D C:\Windows\INF
2016-04-24 17:57 - 2015-10-01 16:53 - 00000000 ____D C:\Users\Raul\AppData\Roaming\uTorrent
2016-04-24 17:57 - 2015-10-01 16:32 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-24 17:57 - 2015-10-01 16:23 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-24 17:57 - 2015-10-01 12:27 - 00000093 _____ C:\Users\Raul\AppData\Roaming\sp_data.sys
2016-04-24 17:57 - 2015-07-30 23:52 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-24 17:57 - 2015-07-10 11:05 - 00524288 ___SH C:\Windows\system32\config\BBI
2016-04-24 17:47 - 2015-10-01 16:32 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-24 17:37 - 2015-10-04 18:11 - 00000000 ____D C:\Users\Raul\AppData\Local\Spotify
2016-04-24 17:37 - 2015-10-04 18:10 - 00000000 ____D C:\Users\Raul\AppData\Roaming\Spotify
2016-04-24 17:36 - 2015-10-01 16:24 - 00000000 ____D C:\Users\Raul
2016-04-24 17:25 - 2015-10-01 17:45 - 00000000 ____D C:\Users\Raul\AppData\Roaming\vlc
2016-04-24 15:30 - 2015-10-01 20:36 - 00004152 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D35096DC-A37D-44B6-BD5A-51403D68E242}
2016-04-24 03:11 - 2015-07-31 00:42 - 00000000 ____D C:\Windows\AppReadiness
2016-04-23 18:17 - 2015-10-03 16:47 - 00000000 ____D C:\Windows\Minidump
2016-04-23 18:16 - 2016-02-19 09:38 - 919751025 _____ C:\Windows\MEMORY.DMP
2016-04-23 17:23 - 2015-10-01 20:43 - 00000000 ____D C:\Users\Raul\AppData\Roaming\Skype
2016-04-23 09:18 - 2016-01-08 16:54 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-23 09:18 - 2014-11-01 05:43 - 00000000 ____D C:\ProgramData\Skype
2016-04-22 17:04 - 2016-03-05 19:37 - 00001602 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2016-04-22 17:04 - 2016-03-05 19:37 - 00001432 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2016-04-22 17:04 - 2016-03-05 19:37 - 00001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2016-04-22 17:04 - 2016-03-05 19:37 - 00001128 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2016-04-22 17:04 - 2015-11-18 18:19 - 00001449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-04-22 17:04 - 2015-11-18 18:19 - 00001380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-04-22 17:04 - 2015-10-04 18:11 - 00001833 _____ C:\Users\Raul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-04-22 17:04 - 2015-10-01 17:03 - 00002639 _____ C:\Users\Raul\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-04-22 17:04 - 2015-10-01 16:33 - 00002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-22 17:04 - 2015-10-01 16:32 - 00002337 _____ C:\Users\Raul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-22 17:04 - 2015-10-01 16:26 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-22 17:04 - 2015-07-29 02:49 - 00001238 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
2016-04-22 17:04 - 2014-11-01 05:44 - 00002528 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - asus.lnk
2016-04-22 17:04 - 2014-11-01 05:37 - 00002002 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2016-04-22 17:02 - 2015-07-31 00:25 - 00000000 ____D C:\Windows\CbsTemp
2016-04-22 09:57 - 2015-10-01 19:42 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-21 17:56 - 2015-10-01 20:41 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-04-21 17:56 - 2015-10-01 20:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-21 17:56 - 2015-10-01 20:34 - 00000000 ____D C:\Program Files (x86)\Java
2016-04-21 17:56 - 2015-10-01 19:37 - 00000000 ____D C:\Users\Raul\.oracle_jre_usage
2016-04-21 17:56 - 2015-10-01 19:37 - 00000000 ____D C:\ProgramData\Oracle
2016-04-21 09:44 - 2015-07-31 00:42 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-16 09:03 - 2015-07-31 00:42 - 00000000 ____D C:\Windows\system32\NDF
2016-04-15 21:51 - 2015-07-31 00:42 - 00000000 ____D C:\Windows\rescache
2016-04-15 20:40 - 2015-12-29 22:34 - 00000000 ____D C:\Users\Raul\AppData\Local\CrashDumps
2016-04-13 06:17 - 2015-10-01 12:27 - 00000000 ____D C:\Users\Raul\AppData\Local\Packages
2016-04-13 06:12 - 2015-09-10 07:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-04-13 03:15 - 2015-07-31 00:42 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2016-04-13 03:15 - 2015-07-31 00:42 - 00000000 ____D C:\Windows\system32\en-GB
2016-04-13 03:15 - 2015-07-10 11:47 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-04-12 21:34 - 2015-10-01 23:31 - 00000000 ____D C:\Windows\system32\MRT
2016-04-12 21:33 - 2015-10-01 23:31 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-11 07:45 - 2015-10-01 20:05 - 00000000 ____D C:\Users\Raul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-04-10 08:00 - 2015-07-31 00:42 - 00000000 ____D C:\Windows\PLA
2016-04-10 07:57 - 2016-03-10 20:30 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-04-08 06:49 - 2015-07-30 23:49 - 04830760 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-07 16:53 - 2015-10-01 16:23 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-04-07 16:35 - 2015-07-31 00:42 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-04-07 16:35 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-04-06 20:32 - 2015-07-31 00:43 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-06 20:32 - 2015-07-31 00:43 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-30 03:06 - 2015-07-29 02:44 - 01373680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-03-30 03:06 - 2015-07-29 02:44 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-03-30 03:05 - 2015-11-20 07:23 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-03-30 03:05 - 2015-07-29 02:44 - 01767248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-03-30 03:05 - 2015-07-29 02:44 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-03-29 06:26 - 2015-10-01 16:23 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-03-28 17:21 - 2015-10-01 12:27 - 00000000 ____D C:\Users\Raul\AppData\Roaming\Adobe
2016-03-27 21:26 - 2015-11-18 22:28 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-03-27 12:31 - 2015-11-18 22:24 - 00000000 ____D C:\ProgramData\Adobe
2016-03-27 12:31 - 2015-10-01 20:29 - 00000000 ____D C:\Users\Raul\AppData\Local\Adobe
2016-03-27 12:29 - 2016-03-05 19:37 - 00000000 ____D C:\Program Files\Adobe
2016-03-25 03:23 - 2015-07-13 20:45 - 12659136 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

==================== Files in the root of some directories =======

2015-10-01 12:27 - 2016-04-24 17:57 - 0000093 _____ () C:\Users\Raul\AppData\Roaming\sp_data.sys
2015-10-01 16:23 - 2015-10-01 16:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-11-01 05:42 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-11-01 05:42 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-11-01 05:42 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
2016-04-07 16:49 - 2016-04-07 16:49 - 0015229 _____ () C:\ProgramData\webad.xml

Some files in TEMP:
====================
C:\Users\Raul\AppData\Local\Temp\Browser_V5.6.10551.6_r_4726_(Build1602291105).exe
C:\Users\Raul\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\Raul\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Raul\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Raul\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Raul\AppData\Local\Temp\nvStInst.exe
C:\Users\Raul\AppData\Local\Temp\vcredist_x86.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-04-23 18:32

==================== End of FRST.txt ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-04-2016
Ran by Raul (2016-04-24 18:21:16)
Running from C:\Users\Raul\Downloads
Windows 10 Home (X64) (2015-10-01 14:30:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4140088784-1597281522-2247420290-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4140088784-1597281522-2247420290-503 - Limited - Disabled)
Guest (S-1-5-21-4140088784-1597281522-2247420290-501 - Limited - Disabled)
Raul (S-1-5-21-4140088784-1597281522-2247420290-1001 - Administrator - Enabled) => C:\Users\Raul

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4140088784-1597281522-2247420290-1001\...\uTorrent) (Version: 3.4.6.42094 - BitTorrent Inc.)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.2 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.9 - ASUS)
ASUS ROG Gaming Mouse (HKLM-x32\...\{3B9E171F-A955-4834-B877-447C0A437260}) (Version: 2.00.026 - ASUS)
ASUS ROG MacroKey (HKLM-x32\...\{348022C5-F497-4333-AFEE-208F22F169F2}_is1) (Version: 1.0.0.28 - G-spy Co., Ltd)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.1.0 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.02.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.29 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0038 - ASUS)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DARK SOULS III (HKLM\...\Steam App 374320) (Version:  - FromSoftware, Inc.)
DARK SOULS™ II: Scholar of the First Sin (HKLM-x32\...\Steam App 335300) (Version:  - FromSoftware, Inc)
Decrap my Computer (HKLM-x32\...\Decrap my Computer) (Version:  - Macecraft Software)
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Devilian Beta-US (HKLM-x32\...\Glyph Devilian Beta-US) (Version:  - Trion Worlds, Inc.)
Diablo II (HKLM-x32\...\Diablo II) (Version:  - Blizzard Entertainment)
Dying Light (HKLM-x32\...\Steam App 239140) (Version:  - Techland)
ELAN Touchpad 11.5.20.3_X64_WHQL (HKLM\...\Elantech) (Version: 11.5.20.3 - ELAN Microelectronic Corp.)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Far Cry 4 (HKLM-x32\...\Steam App 298110) (Version:  - Ubisoft Montreal, Red Storm, Shanghai, Toronto, Kiev)
Fotogalleri (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.1.1 - Genesys Logic)
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.13.258 - SurfRight B.V.)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1016 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1419.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Maxx Audio Installer (x64) (Version: 1.6.5073.106 - Waves Audio Ltd.) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.3004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version:  - Monolith Productions, Inc.)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NBA 2K16 (HKLM-x32\...\Steam App 370240) (Version:  - Visual Concepts)
NVIDIA 3D Vision Driver 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.72 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.2.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.55 - NVIDIA Corporation)
NVIDIA Graphics Driver 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.72 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 348.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 348.01 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PixelMaster Video HDR (HKLM\...\{65302154-AAF6-4020-A070-76CAA9CEC8D3}) (Version: 1.1.23 - ASUS)
PlugY, The Survival Kit (HKLM-x32\...\PlugY, The Survival Kit) (Version: 10.00 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.34.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7432 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.5 - Rockstar Games)
ROG Game First III (HKLM-x32\...\{0C6E32E1-31D9-49F1-B67F-2941994002D5}) (Version: 1.00.27 - ASUSTeK Computer Inc.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.2.55 - NVIDIA Corporation) Hidden
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Skyrim Script Extender (SKSE) (HKLM-x32\...\Steam App 365720) (Version:  - The SKSE Team)
Spotify (HKU\S-1-5-21-4140088784-1597281522-2247420290-1001\...\Spotify) (Version: 1.0.27.75.gdc223232 - Spotify AB)
SpyHunter (HKLM-x32\...\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}) (Version: 4.1.11 - Enigma Software Group USA, LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.11.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.0.10.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.0.10.0 - GOG.com)
Thunderbolt(TM) Software (HKLM\...\{BED2816F-D47A-41DA-AFCF-44E1B257C368}) (Version: 2.0.4.250 - Intel(R) Corporation)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.30 beta 5 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.5 - win.rar GmbH)
XSplit Gamecaster (HKLM-x32\...\{4EDB1851-7427-4324-AAAA-9E3852C73DAE}) (Version: 2.2.1502.1741 - SplitmediaLabs)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0333EFD7-1878-4119-B38F-9BAF0B486C23} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2014-02-26] ()
Task: {10DA6810-32F4-4158-BBA4-D51EF7EBD295} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2014-04-11] ()
Task: {180A7C90-1CE5-46CE-9359-E36503A3C8D7} - System32\Tasks\Gaming Center => C:\Program Files (x86)\ASUS\ASUS Gaming Center\vivokey.exe
Task: {1D0D5F10-4932-4851-BE4E-1869C090E65E} - System32\Tasks\runTask => C:\Users\Raul\AppData\Local\Temp/Updater.exe
Task: {1E0BB9FE-665F-46B7-B4EC-211C01F3053E} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-01-23] (Realtek Semiconductor)
Task: {1FD27887-646E-4A15-B5DB-1FA89E17F33E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {26FB846C-2E7B-4A18-A5FE-CA2F5EC7D8BA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-01] (Google Inc.)
Task: {343D10ED-B298-46E5-A67C-65813E77914A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {34FEE0BC-6708-49D9-BE06-536B44CC8802} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => Thunderbolt.exe
Task: {43CFBFDD-C922-401A-A0FA-6383491658E9} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86) [2016-04-10] ()
Task: {476DA7ED-C212-43CD-91E3-72BC68613858} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-09-01] (McAfee, Inc.)
Task: {4A5E60AD-67A0-4353-9FAB-0826DA66B873} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe [2015-03-25] (SplitmediaLabs)
Task: {6A86C669-AE3F-4DF4-96AE-5515C45A9667} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {70593CF4-591E-49B2-BD8E-6849AEB1B630} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.)
Task: {7BA26FB6-9181-4CB6-AC63-3833F1E8B4F8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {84D70F86-EEE5-41C9-B248-1DCA82A1567C} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {8BB6EAF1-7675-4189-8974-6443E51177F5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {8C2FB096-802D-45DF-A1ED-09853D393837} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe
Task: {8E584CCE-AD19-4CCA-90D0-2767CB8FFED5} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe
Task: {93CA5489-AB3C-48DD-8FFC-3F01108ED366} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => Thunderbolt.exe
Task: {94DD48A8-DACA-4E5E-91DB-10C94D9303B9} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86) [2016-04-10] ()
Task: {A6A559DF-7A70-48BD-8309-76F28D62D31B} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => start ThunderboltService
Task: {A8BF0B07-8CE2-4CC7-B1FD-79A4B5CAD555} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-12] (Microsoft Corporation)
Task: {BA44E3C2-476B-41E9-8BB1-C98877FF6956} - \updateTask -> No File <==== ATTENTION
Task: {C1FA7E55-F167-411D-914B-69A076C3FE11} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {E5DC9341-E521-4C17-B70E-5E4C31F11037} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-01-23] (Realtek Semiconductor)
Task: {E83FCC8D-F84D-43B1-B327-B87A99540D32} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E89BECAA-BD34-4E7F-8BD1-76CC55267F0E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-01] (Google Inc.)
Task: {F29ABEFC-6667-40F9-9A4D-5443AA4041F5} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-06-03] (ASUS)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-09-10 07:12 - 2015-09-10 07:12 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2015-10-01 16:23 - 2016-03-22 04:37 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-09-10 07:12 - 2015-09-10 07:12 - 00404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll
2016-03-01 19:23 - 2016-03-30 03:21 - 00366528 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-03-30 20:54 - 2016-03-30 03:21 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2015-12-19 16:54 - 2016-03-30 03:21 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-03-01 19:23 - 2016-03-30 03:22 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-03-30 20:54 - 2016-03-30 03:21 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-03-30 20:54 - 2016-03-30 03:21 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-03-30 20:54 - 2016-03-30 03:22 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-01-27 18:30 - 2016-03-30 03:22 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-04-12 21:32 - 2016-03-16 06:55 - 02495768 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-03-30 20:54 - 2016-03-30 03:20 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-03-30 20:54 - 2016-03-30 03:20 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-04-12 21:32 - 2016-03-16 06:55 - 02495768 _____ () C:\Windows\System32\CoreUIComponents.dll
2015-10-01 18:18 - 2015-10-01 18:18 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 05:13 - 2015-07-10 05:13 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-12-09 07:48 - 2015-11-25 06:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-09 07:47 - 2015-11-25 06:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-09 07:47 - 2015-11-25 06:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 18:18 - 2015-10-01 18:18 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 05:13 - 2015-09-10 07:12 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-07-29 02:53 - 2013-05-15 15:39 - 00463872 _____ () C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
2015-07-29 02:51 - 2014-02-26 05:13 - 00053248 _____ () C:\Windows\SysWOW64\UMonit64.exe
2014-06-03 21:01 - 2014-06-03 21:01 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-06-03 21:01 - 2014-06-03 21:01 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-06-03 21:01 - 2014-06-03 21:01 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-06-03 21:01 - 2014-06-03 21:01 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
2015-07-29 02:44 - 2016-03-30 03:28 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-04-10 07:48 - 2016-04-06 12:04 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-10 07:48 - 2016-04-06 12:04 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
2015-07-29 02:49 - 2013-10-23 14:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdwfp => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2016-04-10 09:37 - 00001149 ___RA C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com
127.0.0.1       union.baidu2019.com
127.0.0.1                   keystone.mwbsys.com
127.0.0.1                   sirius.mwbsys.com
127.0.0.1                   bactem.mwbsys.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4140088784-1597281522-2247420290-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Raul\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{b6de8119-dedc-4874-8ddb-aeab283ef83f}.jpg
DNS Servers: 80.202.2.2 - 217.13.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "IDSCCOM8VF"
HKLM\...\StartupApproved\Run: => "SpaceSoundPro"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "pcmgr"
HKU\S-1-5-21-4140088784-1597281522-2247420290-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4140088784-1597281522-2247420290-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4140088784-1597281522-2247420290-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-4140088784-1597281522-2247420290-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8A0AD527-2D7D-4EA6-9B47-4518FC77F242}] => (Allow) C:\Windows\SysWOW64\ftp.exe
FirewallRules: [{804C3492-E0DF-4DF3-95D4-356F8331A867}] => (Allow) C:\Windows\SysWOW64\ftp.exe
FirewallRules: [{DC30D8BD-95C2-4B43-9193-796AA49A11A2}] => (Allow) C:\Windows\system32\ftp.exe
FirewallRules: [{7BC106CD-68AE-4445-9AF9-BE8D338FDED8}] => (Allow) C:\Windows\system32\ftp.exe
FirewallRules: [{108B0370-DACB-4F8E-BA03-8984BB9ED797}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4D7653AB-B5EE-4084-BD94-51FCD90499A7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AD895CB6-04C0-4E7B-A1AA-E9B7093FB398}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{679CA6B0-B749-4E15-BCDF-C89A8283713A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FC434DBE-3323-42DB-A7D3-7653C093367B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{640569A5-F159-4BDD-8F2C-C42C12DE1BDF}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{3D8831CB-E164-4DD0-9C57-9B681C656F79}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{0B09B8B8-6C8A-429C-849E-470C1CDE6047}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{63B64AD5-2AF3-4F57-86E9-C455899EF9F5}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{D7ED9A3B-B69B-4E83-A34E-0943E3753B01}] => (Allow) C:\Users\Raul\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2505FFE5-A202-47E9-9E19-CE7730D6A9F0}] => (Allow) C:\Users\Raul\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D077B941-1A9C-4D14-8AB2-7E1F2C0FC479}] => (Allow) C:\Users\Raul\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7A3D5EA8-A4AD-4CBC-BBDB-A7142BE87191}] => (Allow) C:\Users\Raul\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5C748169-428A-4B78-ABDD-FDAC6200EF7D}] => (Allow) C:\Users\Raul\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C383A449-5C17-4080-8113-5CA9AA84DB45}] => (Allow) C:\Users\Raul\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E172727A-D19C-427C-B4DD-3B9FFF92DDAB}] => (Allow) D:\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{7010380E-9ECB-4AC0-8B1E-40D01FF50B41}] => (Allow) D:\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{BE2D6F4A-D662-4E45-B762-337F92CDB3C5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{05F7E196-6318-4E30-8AEC-B67D1B104901}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{320EFAE9-7C8D-4D29-A940-13183A86825A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{9B1AF197-6B52-43E5-A347-89472C082AEA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{29350036-6DFF-4F45-BFBB-1E195A9389AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1A2D9682-A09B-4A9A-886F-0EC81287CB59}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{83E289A8-7768-4D97-B788-7B6E07037661}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{57B7B2DD-55B3-4B07-852C-5832DA13CD04}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{B875FC13-7077-4BED-BD75-33EEABFC943F}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{0825D4BF-FE30-4D55-96FE-BFCACBB52F1D}] => (Allow) D:\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{DD9C0B43-DFEF-4CED-9768-0C1E413A95C7}] => (Allow) D:\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{0F670EFE-DB41-42C8-9ABC-A9D308790A42}] => (Allow) D:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{2924B1E4-A4CB-4773-889A-C0494911170D}] => (Allow) D:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [TCP Query User{F52F69A7-85D7-4CE8-B639-CA3846E2795F}C:\users\raul\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\raul\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{02E72CA3-5EAF-475F-8932-6DA30958D66D}C:\users\raul\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\raul\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{4F7885E9-C7BF-4FF1-BCBF-94A814B42A64}D:\diablo iii\diablo iii.exe] => (Allow) D:\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{418112C8-D42B-4702-90C8-3C2239B1C82F}D:\diablo iii\diablo iii.exe] => (Allow) D:\diablo iii\diablo iii.exe
FirewallRules: [{94B918FF-DE4B-4D82-A087-85C6D41FF1BA}] => (Allow) D:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{7A8C6AB9-9587-4C32-BADB-30C0331F49A2}] => (Allow) D:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{C223C792-7DAF-430A-8627-798D676F908D}] => (Allow) D:\Steam\steamapps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{083D611E-FD83-4E8F-B204-90598C4B6A8E}] => (Allow) D:\Steam\steamapps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{F50C632B-BF3A-42F0-ACED-5D9F811644D0}] => (Allow) D:\Steam\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{B7B51E7D-9898-45E6-91E6-7EFEC7BF8D2F}] => (Allow) D:\Steam\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{ED8C3C00-F507-458F-9A43-4EF257D6136A}] => (Allow) D:\Steam\steamapps\common\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{DC8A50B1-BCC0-4E0A-9A0E-BF7E3CDBB7B5}] => (Allow) D:\Steam\steamapps\common\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{A9315339-7734-49ED-926B-6D3F57A59841}] => (Allow) E:\SteamLibrary2\steamapps\common\NBA 2K16\NBA2K16.exe
FirewallRules: [{37A2F626-C2B3-4C1C-BEDE-5870C8AD352A}] => (Allow) E:\SteamLibrary2\steamapps\common\NBA 2K16\NBA2K16.exe
FirewallRules: [TCP Query User{41C6AA39-1769-42E3-A748-DAA887C2EA74}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{0416EFE7-E0B1-4B55-AFBB-F5DD6608CC50}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{21B1EBA0-57D9-4B98-91ED-620111E4568B}] => (Allow) E:\SteamLibrary2\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{D3714945-868B-46A7-93C6-55681D310739}] => (Allow) E:\SteamLibrary2\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [TCP Query User{EFF0B115-F6CF-4EB7-806D-580F90E0E858}C:\program files (x86)\diablo iii public test\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii public test\diablo iii.exe
FirewallRules: [UDP Query User{ED07206A-CBB9-4FCD-A9E8-A31F1D3F80F0}C:\program files (x86)\diablo iii public test\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii public test\diablo iii.exe
FirewallRules: [{298D3DD5-E398-417E-9145-5BA8BDF59D2B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F2E038C6-DC1D-4F55-B5D0-B1E3BFDF4C8A}] => (Allow) LPort=2869
FirewallRules: [{FCE96DAA-FFE5-46FE-A273-7F1CC2F1483D}] => (Allow) LPort=1900
FirewallRules: [{C4667858-4C39-402D-8A4D-EF7863B49F9E}] => (Allow) C:\WINDOWS\system32\ftp.exe
FirewallRules: [{C8B81540-347E-44B7-9046-47345692B917}] => (Allow) C:\WINDOWS\system32\ftp.exe
FirewallRules: [TCP Query User{C8D8F64A-2191-4B5C-92A2-D189BF4237BC}E:\downloads\adobe tool v4.9.4.0\adobetool.exe] => (Allow) E:\downloads\adobe tool v4.9.4.0\adobetool.exe
FirewallRules: [UDP Query User{C9240CCF-0BA6-4D3B-952C-90D2F704E5A3}E:\downloads\adobe tool v4.9.4.0\adobetool.exe] => (Allow) E:\downloads\adobe tool v4.9.4.0\adobetool.exe
FirewallRules: [{7BFDF4C3-4442-4D52-9ADF-8CD497218BE9}] => (Block) C:\ProgramFiles\Adobe\Adobe Lightroom\lightroom.exe
FirewallRules: [{EBC93274-9E88-49D4-ADFF-193D5937785E}] => (Allow) C:\Windows\system32\ftp.exe
FirewallRules: [{2C471FD7-4DDD-497C-B4E5-F973EEE4F347}] => (Allow) C:\Windows\system32\ftp.exe
FirewallRules: [{88E10EBF-21B2-454F-B5E8-9CF7482B4BD5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5FFC8087-194E-44DD-8651-51F29FF29366}] => (Allow) C:\Windows\system32\ftp.exe
FirewallRules: [{D95A45D4-19E6-443C-92D5-ECB3624C817E}] => (Allow) D:\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{580B7102-75DE-481D-B833-E84CEBA73085}] => (Allow) D:\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{6F4E9496-71F6-4DB1-92F1-5CFE1A97D2FC}] => (Allow) D:\Steam\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{A525FA32-9A3D-43A0-BDF9-38C5B4A23033}] => (Allow) D:\Steam\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{1F0620DC-65C9-4B00-ABA6-E998E59EBC46}] => (Allow) D:\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{B11122C3-38FD-4C56-A2A1-558E0FEA57D4}] => (Allow) D:\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{1071C570-AABB-4A84-8B46-429AC564370D}] => (Allow) E:\SteamLibrary2\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{C065CEA9-FE8E-448F-B900-E827051DECDB}] => (Allow) E:\SteamLibrary2\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{8C82583C-169E-4622-A00C-2A2A4AD497E6}] => (Allow) C:\Windows\system32\ftp.exe
FirewallRules: [{60F143AB-0CE3-43EF-B5C2-19948027C94F}] => (Allow) %ProgramFiles% (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [{5C7FE536-61C6-44A7-9CC8-58BE7B40468B}] => (Allow) %ProgramFiles% (x86)\Malwarebytes Anti-Malware\mbamdor.exe
FirewallRules: [{CF21392C-6FD2-4EDB-9068-EAF6B290F1F7}] => (Allow) %ProgramFiles% (x86)\Malwarebytes Anti-Malware\mbampt.exe
FirewallRules: [{2D2FA9A8-0238-4428-8693-32F09C845439}] => (Allow) %ProgramFiles% (x86)\Malwarebytes Anti-Malware\mbamresearch.exe
FirewallRules: [{3FAC202C-A584-403E-818B-EE35345A6C3C}] => (Allow) %ProgramFiles% (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
FirewallRules: [{7D0E0AF4-8EF3-4EE6-B105-4F409D2A9322}] => (Allow) %ProgramFiles% (x86)\Malwarebytes Anti-Malware\mbamservice.exe

==================== Restore Points =========================

07-04-2016 17:22:51 Installed SpyHunter
10-04-2016 08:48:28 Checkpoint by HitmanPro
14-04-2016 05:16:42 Windows Update
17-04-2016 16:21:50 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/24/2016 05:57:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RAUL_ROG)
Description: Activation of application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (04/24/2016 05:38:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (04/23/2016 06:19:15 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (3944) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (04/23/2016 06:19:15 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (3944) An attempt to create the file "C:\Windows\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).

Error: (04/23/2016 06:19:05 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (3944) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (04/23/2016 06:19:05 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (3944) An attempt to create the file "C:\Windows\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).

Error: (04/23/2016 06:18:54 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (3944) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (04/23/2016 06:18:54 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (3944) An attempt to create the file "C:\Windows\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).

Error: (04/23/2016 06:18:44 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (3944) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (04/23/2016 06:18:44 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (3944) An attempt to create the file "C:\Windows\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).


System errors:
=============
Error: (04/24/2016 05:57:06 PM) (Source: DCOM) (EventID: 10010) (User: RAUL_ROG)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (04/24/2016 05:57:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (04/24/2016 05:57:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (04/24/2016 05:57:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (04/24/2016 05:57:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (04/24/2016 05:36:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error: 
%%193

Error: (04/24/2016 05:36:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMProtector service failed to start due to the following error: 
%%193

Error: (04/24/2016 05:36:23 PM) (Source: DCOM) (EventID: 10010) (User: RAUL_ROG)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (04/24/2016 05:36:23 PM) (Source: DCOM) (EventID: 10010) (User: RAUL_ROG)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (04/24/2016 05:36:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.


CodeIntegrity:
===================================
  Date: 2016-04-10 08:22:50.085
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-10 07:11:07.413
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-07 18:52:28.319
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-07 18:51:58.595
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-07 18:51:55.682
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-07 17:20:26.062
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\WINDOWS\System32\zdengine64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-07 17:20:26.045
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\WINDOWS\System32\zdengine64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-07 17:19:11.346
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\WINDOWS\System32\zdengine64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-07 17:19:11.324
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\WINDOWS\System32\zdengine64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-07 17:19:11.117
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\WINDOWS\System32\zdengine64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4720HQ CPU @ 2.60GHz
Percentage of memory in use: 17%
Total physical RAM: 16333.1 MB
Available physical RAM: 13400.26 MB
Total Virtual: 18765.1 MB
Available Virtual: 15585.08 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:190.77 GB) (Free:72.36 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:270.93 GB) (Free:3.8 GB) NTFS
Drive e: (Data1) (Fixed) (Total:931.51 GB) (Free:822.47 GB) NTFS
Drive f: (Data2) (Fixed) (Total:931.51 GB) (Free:931.3 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 8490DD2E)

Partition: GPT.

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 5D71F35B)

Partition: GPT.

==================== End of Addition.txt ============================

Link to post
Share on other sites

2 minutes ago, Raul125 said:

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2016-04-10 09:37 - 00001149 ___RA C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com
127.0.0.1       union.baidu2019.com
127.0.0.1                   keystone.mwbsys.com
127.0.0.1                   sirius.mwbsys.com
127.0.0.1                   bactem.mwbsys.com

Hello and :welcome::

Unfortunately, the logs show that you are trying to pirate MBAM.

That's probably why you're having trouble activating.

If you'd like to purchase a legal and legitimate license, we'd be more than happy to assist you with activation.

Otherwise, there's nothing further we can do at this time.

Thanks for your understanding,

 

 

Link to post
Share on other sites

Well, that is probably the issue here.

I used to have a pirated version which suddenly went back to being to free version, and that is why I have purchased a 1 year lincense just today.
Is there something I need to remove from the registry in order to activate my key? I have proof of the purchase with PayPal, of course.

Link to post
Share on other sites

1 minute ago, Raul125 said:

Well, that is probably the issue here.

I used to have a pirated version which suddenly went back to being to free version, and that is why I have purchased a 1 year lincense just today.
Is there something I need to remove from the registry in order to activate my key? I have proof of the purchase with PayPal, of course.

First, you need to restore the Windows default hosts file.
Here is a tutorial for that:

https://support.microsoft.com/en-us/kb/972034

Then, you might need to run the MBAM clean removal tool at least once, rebooting the computer when prompted.

Then you can try again to cleanly reinstall and reactivate, following all the steps here: MBAM Clean Removal Process 2x.

If that doesn't work, then you'll probably need to contact Support HERE.  They can assist you better with licensing issues.

(No, license information is not stored in the Windows registry, so there's no way to hack that.)

Thank you again,

Link to post
Share on other sites

10 minutes ago, daledoc1 said:

First, you need to restore the Windows default hosts file.
Here is a tutorial for that:

https://support.microsoft.com/en-us/kb/972034

Then, you might need to run the MBAM clean removal tool at least once, rebooting the computer when prompted.

Then you can try again to cleanly reinstall and reactivate, following all the steps here: MBAM Clean Removal Process 2x.

If that doesn't work, then you'll probably need to contact Support HERE.  They can assist you better with licensing issues.

(No, license information is not stored in the Windows registry, so there's no way to hack that.)

Thank you again,

Thank you, Dale! I followed those steps and managed to register my premium account!
Well worth the 25 bucks!

I guess this will be more stable, and shouldn't suddenly revert back on my to free version all of a sudden?

Link to post
Share on other sites

1 minute ago, Raul125 said:

Thank you, Dale! I followed those steps and managed to register my premium account!
Well worth the 25 bucks!

I guess this will be more stable, and shouldn't suddenly revert back on my to free version all of a sudden?

That's great!

Yes, if you have a valid, legitimate license from a reputable source (preferably the Malwarebytes online store or an authorized reseller), you should be all set.

If you have purchased online from ebay or other unauthorized sources, then there's no way to know.  Only the Help Desk can verify the authenticity of a license. We here in the forum do not have access to the information needed to do so.

Thanks again for your support,

 

Link to post
Share on other sites

1 minute ago, daledoc1 said:

That's great!

Yes, if you have a valid, legitimate license from a reputable source (preferably the Malwarebytes online store or an authorized reseller), you should be all set.

If you have purchased online from ebay or other unauthorized sources, then there's no way to know.  Only the Help Desk can verify the authenticity of a license. We here in the forum do not have access to the information needed to do so.

Thanks again for your support,

 

I have purchased from inside the program itself, by clicking the "upgrade" button, so should be good!
Thank you again, this really helped a lot! :)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.