Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-09-2016 Ran by Pedro Teixeira (30-09-2016 20:56:12) Running from D:\Downloads Windows 10 Pro Version 1511 (X64) (2016-04-11 03:28:08) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1434435996-2445027704-2925530844-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1434435996-2445027704-2925530844-503 - Limited - Disabled) Guest (S-1-5-21-1434435996-2445027704-2925530844-501 - Limited - Disabled) Pedro Teixeira (S-1-5-21-1434435996-2445027704-2925530844-1001 - Administrator - Enabled) => C:\Users\Pedro Teixeira ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.5.1.209 - Adobe Systems Incorporated) Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated) Ansel (Version: 372.90 - NVIDIA Corporation) Hidden Awesomenauts (HKLM\...\Steam App 204300) (Version: - Ronimo Games) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) BitTorrent (HKU\S-1-5-21-1434435996-2445027704-2925530844-1001\...\BitTorrent) (Version: 7.9.8.42577 - BitTorrent Inc.) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve) Dark Souls: Prepare to Die Edition (HKLM\...\Steam App 211420) (Version: - FromSoftware) DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON XP-235 Series Printer Uninstall (HKLM\...\EPSON XP-235 Series) (Version: - Seiko Epson Corporation) Ferramentas de Verificação do Microsoft Office 2016 - Português (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden FIFA 17 (HKLM-x32\...\{8C0DD062-B659-409C-9AB7-8EBD1D64D2EB}) (Version: 1.0.45.33307 - Electronic Arts) FileZilla Client 3.15.0 (HKLM-x32\...\FileZilla Client) (Version: 3.15.0 - Tim Kosse) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios) Gyazo 3.2.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Herramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Manuais EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.50.0.0 - SEIKO EPSON CORPORATION) METAL GEAR SOLID V: GROUND ZEROES (HKLM-x32\...\Steam App 311340) (Version: - Kojima Productions) METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version: - Konami Digital Entertainment) Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft) Mozilla Firefox 49.0.1 (x64 pt-PT) (HKLM\...\Mozilla Firefox 49.0.1 (x64 pt-PT)) (Version: 49.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla) MusicBee 2.5 (HKLM-x32\...\MusicBee) (Version: 2.5 - Steven Mayall) NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Driver 372.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.90 - NVIDIA Corporation) NVIDIA GeForce Experience 3.0.6.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.6.48 - NVIDIA Corporation) NVIDIA Graphics Driver 372.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.90 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation) NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NvNodejs (Version: 3.0.6.48 - NVIDIA Corporation) Hidden NvTelemetry (Version: 1.0.0.0 - NVIDIA Corporation) Hidden Oracle VM VirtualBox 5.0.12 (HKLM\...\{6F93731D-89E1-4A8F-BDA9-D104860DDB02}) (Version: 5.0.12 - Oracle Corporation) Origin (HKLM-x32\...\Origin) (Version: 10.1.1.35466 - Electronic Arts, Inc.) Outils de vérification linguistique 2016 de Microsoft Office - Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Outlast (HKLM\...\Steam App 238320) (Version: - Red Barrels) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.8.8 - Razer Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.810 - Nome de sua empresa:) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7746 - Realtek Semiconductor Corp.) Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix) RogueKiller version 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.) SHIELD Streaming (Version: 7.1.0310 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.0.6.48 - NVIDIA Corporation) Hidden Skype™ 7.27 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.27.101 - Skype Technologies S.A.) Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION) Spotify (HKU\S-1-5-21-1434435996-2445027704-2925530844-1001\...\Spotify) (Version: 1.0.25.127.g58007b4c - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.64630 - TeamViewer) Undertale (HKLM\...\Steam App 391540) (Version: - tobyfox) VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.) Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.) WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH) Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_EN_is1) (Version: 18.0.1.6 - ZONER software) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1434435996-2445027704-2925530844-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-A43F310BD8CE}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File CustomCLSID: HKU\S-1-5-21-1434435996-2445027704-2925530844-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Pedro Teixeira\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1434435996-2445027704-2925530844-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {3674D19D-CB17-4142-A06B-8026F52F4A8B} - System32\Tasks\{65443FF0-35A0-47D4-B7ED-386995716AC2} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Beta-Ing\uninstall.exe" -c shuz -f "C:\Program Files (x86)\Common Files\Beta-Ing\uninstall.dat" -a uninstallme 3D213BB2-7DBE-4C68-93F4-84864A50A75C DeviceId=74f875f7-ac4b-4dc9-a387-d54de1476c61 BarcodeId=51198003 ChannelId=3 DistributerName=APSFWakeNet Task: {492CEA74-0BF2-4518-980A-DD7355C2BBEE} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-09-17] (NVIDIA Corporation) Task: {624B7386-B645-4C59-BED5-6109734E8395} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-17] (NVIDIA Corporation) Task: {77FB8161-5A64-477F-9AC1-B61B99365D50} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-17] (NVIDIA Corporation) Task: {7847EBEE-676A-42DA-B5C9-DBCFB97C135E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {83E235DA-242B-46EA-B5EB-5B960BBFB673} - System32\Tasks\EPSON XP-235 Series Update {761C79BD-5393-4F71-93C3-094ED53A02FE} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPFE.EXE [2013-11-22] (SEIKO EPSON CORPORATION) Task: {86778E9B-77C0-4E94-A719-46F27E81F666} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION Task: {89762254-4B67-4FD7-96A2-C6430ABA83CD} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Pedro Teixeira\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-23] (Microsoft Corporation) Task: {97D01D67-D5FF-416F-A3EF-AA3C7B9BB68C} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-06-02] () Task: {B4E04653-3697-4B53-8E03-72968716BA1D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-09-17] (NVIDIA Corporation) Task: {B6200BE0-7D45-4534-AD5D-B4225439734F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation) Task: {C3DF4B77-418A-49EF-B28E-60EE1FBCF145} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {E32CC059-E783-4992-9066-393E8E2EE942} - System32\Tasks\Driver Booster SkipUAC (Pedro Teixeira) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe Task: {EA424D63-071F-4CED-8700-CBE1FFAEFEE1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-17] (NVIDIA Corporation) Task: {EAD2951D-F7ED-462C-8094-60AB8253E433} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-17] (NVIDIA Corporation) Task: {F2E17F8E-EF74-44F8-A211-2D1948429786} - System32\Tasks\EPSON XP-235 Series Update {3A89AE2E-0364-4195-B4C6-DA6339DBC539} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPFE.EXE [2013-11-22] (SEIKO EPSON CORPORATION) Task: {F412E53D-7495-4F87-8715-3D007CFDB8EB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-16] (Adobe Systems Incorporated) Task: {FE3E5CA5-0267-48DF-A10D-A3E549257C45} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-06-02] () (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\EPSON XP-235 Series Update {3A89AE2E-0364-4195-B4C6-DA6339DBC539}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPFE.EXE:/EXE:{3A89AE2E-0364-4195-B4C6-DA6339DBC539} /F:UpdateWORKGROUP\DESKTOP-9665JOT$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\WINDOWS\Tasks\EPSON XP-235 Series Update {761C79BD-5393-4F71-93C3-094ED53A02FE}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPFE.EXE:/EXE:{761C79BD-5393-4F71-93C3-094ED53A02FE} /F:UpdateWORKGROUP\DESKTOP-9665JOT$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\WINDOWS\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-04-11 04:24 - 2016-09-16 23:54 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-09-10 23:13 - 2016-09-10 23:13 - 00142336 ____H () C:\_\local64spl.dll 2016-09-10 23:13 - 2016-09-10 23:13 - 00142336 ____H () D:\Program Files\MSUser.Default\Help_4\local64spl.dll 2016-09-10 23:13 - 2016-09-10 23:13 - 00142336 ____H () D:\Program Files\MSUser.Default\Help_4_\local64spl.dll 2016-09-10 23:13 - 2016-09-10 23:13 - 00142336 ____H () D:\Program Files\MSUser.Default\Help_5\local64spl.dll 2016-09-10 23:13 - 2016-09-10 23:13 - 00142336 ____H () D:\Program Files\MSUser.Default\Help_5_\local64spl.dll 2016-09-10 23:13 - 2016-09-10 23:13 - 00142336 ____H () D:\Program Files\MSUser.Default\Help_6\local64spl.dll 2016-09-10 23:13 - 2016-09-10 23:13 - 00142336 ____H () D:\Program Files\MSUser.Default\Help_6_\local64spl.dll 2016-04-11 04:24 - 2015-12-21 00:43 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe 2016-09-29 22:43 - 2016-09-17 02:42 - 04490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll 2016-09-29 22:43 - 2016-09-17 02:42 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-09-29 22:44 - 2016-09-17 02:42 - 00419896 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll 2015-11-05 01:11 - 2015-11-05 01:12 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2016-09-13 20:03 - 2016-09-07 06:39 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-09-13 20:03 - 2016-09-07 06:39 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-01-22 14:55 - 2016-01-22 14:55 - 00553136 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2016-08-23 17:08 - 2016-08-23 17:08 - 01864384 _____ () C:\Users\Pedro Teixeira\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll 2016-04-11 13:21 - 2016-04-11 13:21 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-07-12 20:34 - 2016-07-01 04:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-09-13 19:56 - 2016-09-07 05:15 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-09-13 19:56 - 2016-09-07 05:10 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-09-13 19:56 - 2016-09-07 05:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-09-13 19:56 - 2016-09-07 05:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-01-22 14:54 - 2016-01-22 14:54 - 31420080 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe 2016-09-30 12:32 - 2016-09-26 09:30 - 25222728 _____ () C:\Program Files\RogueKiller\RogueKiller64.exe 2016-09-29 22:51 - 2016-09-29 22:51 - 00015872 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe 2016-08-25 11:52 - 2016-08-25 11:52 - 03763712 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x64__8wekyb3d8bbwe\Calculator.exe 2016-04-11 04:24 - 2016-09-30 12:56 - 00035984 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll 2016-04-11 04:24 - 2015-12-21 00:43 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll 2016-09-29 22:51 - 2016-09-29 22:51 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll 2015-12-21 03:06 - 2016-09-17 02:42 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-09-29 22:44 - 2016-09-15 19:50 - 00502328 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node 2016-09-29 22:44 - 2016-09-15 19:50 - 00257592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2016-09-29 22:44 - 2016-09-15 19:50 - 02799552 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2016-09-29 22:44 - 2016-09-15 19:50 - 00246328 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2016-09-29 22:44 - 2016-09-15 19:50 - 00430648 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node 2016-09-29 22:44 - 2016-09-15 19:50 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2016-09-29 22:44 - 2016-09-15 19:50 - 00373696 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node 2016-08-23 17:08 - 2016-08-23 17:08 - 01383616 _____ () C:\Users\Pedro Teixeira\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll 2016-08-23 17:08 - 2016-08-23 17:08 - 00118976 _____ () C:\Users\Pedro Teixeira\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll 2015-12-21 02:45 - 2016-09-08 04:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-12-21 02:45 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2015-12-21 02:45 - 2016-09-20 20:28 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll 2015-12-21 02:45 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2015-12-21 02:45 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2015-12-21 02:45 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2015-12-21 02:45 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2015-12-21 02:45 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2015-12-21 02:45 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-12-21 02:45 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2015-12-21 02:45 - 2016-09-20 20:28 - 00835360 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2016-03-09 02:20 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2015-12-21 02:45 - 2016-08-04 21:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2016-09-30 20:29 - 2016-09-30 20:29 - 00035840 _____ () C:\WINDOWS\TEMP\29DC.tmp 2016-09-29 22:44 - 2016-09-17 02:42 - 60819000 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll 2016-08-19 08:39 - 2016-08-19 08:39 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll 2016-01-28 13:32 - 2016-01-28 13:32 - 40523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll 2016-01-28 13:32 - 2016-01-28 13:32 - 01365696 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libglesv2.dll 2016-01-28 13:32 - 2016-01-28 13:32 - 00219328 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libegl.dll 2016-01-21 01:22 - 2016-01-21 01:22 - 00124416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node 2016-01-21 01:22 - 2016-01-21 01:22 - 00188416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node 2016-01-21 01:23 - 2016-01-21 01:23 - 00121344 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node 2016-01-21 01:23 - 2016-01-21 01:23 - 00129536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node 2016-02-12 11:24 - 2016-02-12 11:24 - 00158400 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\native\ProxyResolverWin.dll 2016-01-21 01:22 - 2016-01-21 01:22 - 00081408 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node 2016-09-29 22:51 - 2016-09-29 22:51 - 00012288 _____ () C:\Program Files (x86)\Origin\libEGL.DLL 2015-12-21 02:45 - 2015-09-25 00:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-07-10 12:04 - 2016-09-29 23:40 - 00001188 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1434435996-2445027704-2925530844-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Pedro Teixeira\Desktop\wallhaven-88192.jpg DNS Servers: 188.120.239.115 - 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [UDP Query User{CE3E794F-5DD7-4ADE-9A7B-DB5831712026}D:\programas inuteis\mobilego\mobilego.exe] => (Allow) D:\programas inuteis\mobilego\mobilego.exe FirewallRules: [TCP Query User{01382A0A-E341-44A6-86FF-6F0A3B0B5918}D:\programas inuteis\mobilego\mobilego.exe] => (Allow) D:\programas inuteis\mobilego\mobilego.exe FirewallRules: [UDP Query User{8A7F6CBA-23F1-4181-95E9-ED2B5BC804C3}D:\programas inuteis\mobilego\mobilegoservice.exe] => (Allow) D:\programas inuteis\mobilego\mobilegoservice.exe FirewallRules: [TCP Query User{AF6DD28D-1397-476E-9EE1-1F017D8ECF49}D:\programas inuteis\mobilego\mobilegoservice.exe] => (Allow) D:\programas inuteis\mobilego\mobilegoservice.exe FirewallRules: [{A2DD1D8D-88B1-4019-90A1-421FFE209011}] => (Allow) D:\SteamLibrary\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe FirewallRules: [{A0696E0B-126E-4983-9B7B-F9186FA455E8}] => (Allow) D:\SteamLibrary\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe FirewallRules: [UDP Query User{2A45123E-1A11-4D27-BCDC-146A8D5517B0}D:\steamlibrary\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) D:\steamlibrary\steamapps\common\awesomenauts\awesomenauts.exe FirewallRules: [TCP Query User{B986F09F-3338-4059-A5FD-76FE4045F454}D:\steamlibrary\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) D:\steamlibrary\steamapps\common\awesomenauts\awesomenauts.exe FirewallRules: [{6390B8C3-4A42-4447-AE0A-97D664981220}] => (Allow) D:\SteamLibrary\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe FirewallRules: [{E7561032-7A2C-45C1-99D4-AF8DD4304A3D}] => (Allow) D:\SteamLibrary\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe FirewallRules: [{1355582A-6252-4629-B3F4-8A3AC5EA3599}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe FirewallRules: [{C98DDD79-D7FC-49F6-BAA1-00B9EA684989}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe FirewallRules: [{747AC9AC-637E-4FCB-AAD9-285ADB950A8D}] => (Allow) D:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe FirewallRules: [{C52C9C6C-68C7-4857-92C4-322469A2F94E}] => (Allow) D:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe FirewallRules: [UDP Query User{34A234FB-CA13-4F99-98EE-0AB8C978981D}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe FirewallRules: [TCP Query User{B27BBF9E-B3AA-4BDA-BB6E-E3F69E6E8DC9}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe FirewallRules: [{14FC2854-1DA2-415A-B717-6578CF1138AD}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe FirewallRules: [{D797EA39-F783-4E6C-A53D-74FF5E4B2D30}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe FirewallRules: [UDP Query User{84F042FF-1D5B-4506-A0CA-8E54D86123D7}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe FirewallRules: [TCP Query User{29E3865B-D22B-4E62-975D-26C3D6A10888}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe FirewallRules: [{0B0976EB-9A9A-43B1-B519-7A84B6D02F93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe FirewallRules: [{23F8A2A2-8070-4743-B3F4-E69593FC29D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe FirewallRules: [{5EDBCB29-6B56-4AB6-9DD2-DE344984A1D8}] => (Allow) C:\Program Files\Zoner\Photo Studio 18\Program32\MediaServer.exe FirewallRules: [{67FEC59E-7A9A-442F-A620-62121D229AA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe FirewallRules: [{6F50C47F-1CC0-445A-AEEE-5A8C21B7CEBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe FirewallRules: [{A6544BAD-D16D-4BF4-B664-E9B98F0D2271}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{83E61D24-9347-4A84-B685-B9F05B0531D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [UDP Query User{3EF63992-807F-4BFC-B552-1ADBCC64D59D}C:\users\pedro teixeira\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pedro teixeira\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{B31CA2B8-2867-475C-B9BF-3D9C48ED6920}C:\users\pedro teixeira\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pedro teixeira\appdata\roaming\spotify\spotify.exe FirewallRules: [{3F1650A6-654F-4B9D-95C0-B3B4A7391DEC}] => (Allow) C:\Users\Pedro Teixeira\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{E14301FB-287C-429B-B63C-F112C008445D}] => (Allow) C:\Users\Pedro Teixeira\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{966C4261-569A-4862-B3BD-FD2EE61F22BB}] => (Allow) C:\Users\Pedro Teixeira\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{E06FA9E2-0BAB-49A4-A895-497692BB63C7}] => (Allow) C:\Users\Pedro Teixeira\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{EB677F68-8A68-43C1-91C3-E755849823A2}] => (Allow) C:\Users\Pedro Teixeira\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{DBF46D52-4528-480B-8DDE-ED8CD2082DAE}] => (Allow) C:\Users\Pedro Teixeira\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{61F6C3DD-9C37-4248-8DDF-37448D6943D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{E24D4EDF-DEBC-42FF-9158-D74A18F23634}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{60306D80-2E8D-458E-8994-0C6AA815DF6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{3AD1D953-4521-41D2-BA66-89FD02C5867F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{92815D77-B827-4872-85AA-546C4E6843E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{DFB63ACE-851B-4E7B-8CD6-30D553A5BECF}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe FirewallRules: [{F41A1B27-EED0-480A-B280-B3A56E9CF023}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe FirewallRules: [{4C06D83D-3424-41F8-B8C3-229D12E8C1E9}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe FirewallRules: [{C0A27743-55A3-41CF-A634-70ED9DF23DE6}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe FirewallRules: [{CFBD3240-B437-4F5A-8CA8-5D45DCA8A678}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe FirewallRules: [{0F8B487F-8D7E-4288-B1B1-9179DD549C79}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe FirewallRules: [{A0159B5E-0306-4249-A9EF-E9EF6D594693}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{37815E6E-B813-464E-B8FB-92D9CE247A9F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{0746CFCB-9B22-402E-A3E7-3ECD7F7FFAC4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{E31BE7AA-0B8F-4696-B918-5EAA9728C922}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{462B5683-35E6-458B-925C-EC292DBE75F6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{9DBACAFE-38F4-4FF1-B59A-4295FF7AFC84}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{3EBBBEC2-0DA5-425C-A809-D2FFE69EEF66}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{3B716F7B-1508-4B13-82CF-FAC3DD088312}D:\jogos\overwatch\overwatch.exe] => (Allow) D:\jogos\overwatch\overwatch.exe FirewallRules: [UDP Query User{BE153953-A883-4C31-AC40-B8D7F0063890}D:\jogos\overwatch\overwatch.exe] => (Allow) D:\jogos\overwatch\overwatch.exe FirewallRules: [TCP Query User{BC81F556-B34F-4B98-B158-87EC4A58B502}D:\jogos\hearthstone\hearthstone.exe] => (Allow) D:\jogos\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{E5DB02B0-6A37-46B2-8332-A379D6E19A63}D:\jogos\hearthstone\hearthstone.exe] => (Allow) D:\jogos\hearthstone\hearthstone.exe FirewallRules: [{2825D309-BC2B-4CC2-ACE6-86AE3FF6D18E}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe FirewallRules: [{F20A5ABC-390F-435B-828A-EBFD59AD654C}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe FirewallRules: [{03453B7B-FA2B-4756-BB77-44E7F176A3E5}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{8EA0A391-02A8-486D-8C0D-A5411F9B5AF2}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{5BFAB8F0-EA76-4B5C-869C-CCF35B5EFF2B}] => (Allow) C:\Users\Pedro Teixeira\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\EpsonNetSetup\Data\ENEasyApp.exe FirewallRules: [{65B948DE-D965-4EE6-B97F-BE0766C14749}] => (Allow) C:\Users\Pedro Teixeira\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\EpsonNetSetup\Data\ENEasyApp.exe FirewallRules: [{9BFF8D60-88FB-49DB-8852-0293724CFF39}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe FirewallRules: [{18FEC11D-0AE9-4292-BC2C-01947C215C2E}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe FirewallRules: [{C34AF584-2414-4960-9665-C961E6F8FB2D}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe FirewallRules: [{95536A25-A872-4BD9-A43C-B35F52E9C738}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe FirewallRules: [{946BB365-182E-4471-BC64-33D1A47EC214}] => (Allow) C:\Users\Pedro Teixeira\AppData\Local\Temp\andy-x64\Setup.exe FirewallRules: [{E69E624F-82B9-4710-B178-7061D6242509}] => (Allow) C:\Program Files\Andy\andy.exe FirewallRules: [{216F79CD-21B9-42E6-B7A4-2532D5BDA0F0}] => (Allow) C:\Program Files\Andy\andy.exe FirewallRules: [{4DDE5795-EB1E-4391-B98F-32C6AB653C3B}] => (Allow) C:\Program Files\Andy\AndyConsole.exe FirewallRules: [{A2C4FEF1-F0A6-44E3-94B4-BF0CC58CB9B9}] => (Allow) C:\Program Files\Andy\AndyConsole.exe FirewallRules: [{5CDF69BE-0DEB-4B45-84CD-3FC365489659}] => (Allow) C:\Program Files\Andy\HandyAndy.exe FirewallRules: [{F1898D84-DF1C-49BA-9DC8-B4FE71E0A2A4}] => (Allow) C:\Program Files\Andy\HandyAndy.exe FirewallRules: [{7963B18E-1530-4EF7-BF19-6AB5340E4DDE}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe FirewallRules: [{13DFE804-6B28-4EA8-8FDF-383EC4CCBA0A}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe FirewallRules: [{E602987B-9941-4700-BC33-A1182B2CEB92}] => (Allow) C:\Users\Pedro Teixeira\AppData\Local\Temp\andy-x64\Setup.exe FirewallRules: [{DF3FF11A-4C3B-4A9E-89A2-10E915D80701}] => (Allow) D:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe FirewallRules: [{75B07DE7-B7AA-482E-960E-5ECD8E17DAFC}] => (Allow) D:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe FirewallRules: [{521FB18C-942A-4750-9881-4B388DFC83AA}] => (Allow) D:\SteamLibrary\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe FirewallRules: [{70B3DA96-636B-425B-88DF-B9F597D78DFD}] => (Allow) D:\SteamLibrary\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe FirewallRules: [{E6A4A668-7821-4F24-B165-14170022B88A}] => (Allow) D:\SteamLibrary\steamapps\common\Outlast\OutlastLauncher.exe FirewallRules: [{CD1360A0-025E-4A23-9C90-6BE438AC9297}] => (Allow) D:\SteamLibrary\steamapps\common\Outlast\OutlastLauncher.exe FirewallRules: [TCP Query User{7A5442A4-800B-4F8A-88AF-90C85A43BC29}D:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) D:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe FirewallRules: [UDP Query User{0D305920-BB08-463D-A4AA-1C8B099255D3}D:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) D:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe FirewallRules: [{6AD85868-DF79-4637-A037-1A4D7360E47D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe FirewallRules: [{C9843E46-066C-488D-AEDA-4543894B19F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe FirewallRules: [{28FCD473-EE25-44B0-87D8-42C69C327277}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{A63FA0B5-B766-40C7-9747-E3C9B2FC1451}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{A6DB85F0-7C72-419A-8559-AC2180E312A6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{AF076150-C5B5-42CF-B490-124F3644C295}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{537CE270-75DC-4D18-8B07-29BB8FF2C0A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{294233AF-F27D-47B8-B03B-7E6A29812DFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [TCP Query User{517B4D79-F5CC-4F57-B6E2-8738C5A06678}D:\downloads\golf.with.your.friends.v0.0.95h1\golf with your friends.exe] => (Allow) D:\downloads\golf.with.your.friends.v0.0.95h1\golf with your friends.exe FirewallRules: [UDP Query User{28B1A8ED-4E1D-4741-A417-1A5476A39E7D}D:\downloads\golf.with.your.friends.v0.0.95h1\golf with your friends.exe] => (Allow) D:\downloads\golf.with.your.friends.v0.0.95h1\golf with your friends.exe FirewallRules: [{80E1350E-AA76-4E24-8235-A4E5DBF0ABEE}] => (Allow) D:\Jogos\FIFA 17\FIFASetup\fifaconfig.exe FirewallRules: [{C68CBDAA-8A51-484B-B6D2-46D2D093BBA3}] => (Allow) D:\Jogos\FIFA 17\FIFASetup\fifaconfig.exe FirewallRules: [TCP Query User{7EED6CAC-B191-4388-86A3-87E04B49249F}D:\jogos\fifa 17\fifa17.exe] => (Allow) D:\jogos\fifa 17\fifa17.exe FirewallRules: [UDP Query User{A0434E1A-2AE7-4F72-8767-AB1D81B72B9A}D:\jogos\fifa 17\fifa17.exe] => (Allow) D:\jogos\fifa 17\fifa17.exe ==================== Restore Points ========================= 22-09-2016 16:33:11 Scheduled Checkpoint 29-09-2016 17:20:36 Ponto de verificação por HitmanPro 30-09-2016 13:20:56 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/30/2016 08:56:26 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent Error: (09/30/2016 08:47:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-9665JOT) Description: Activation of app Microsoft.WindowsMaps_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (09/30/2016 06:56:28 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent Error: (09/30/2016 04:56:26 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent Error: (09/30/2016 02:56:47 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent Error: (09/30/2016 02:56:06 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent Error: (09/30/2016 02:55:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-9665JOT) Description: Activation of app Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (09/30/2016 01:20:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (09/30/2016 12:56:54 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (09/30/2016 12:56:43 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 System errors: ============= Error: (09/30/2016 08:47:51 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9665JOT) Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user DESKTOP-9665JOT\Pedro Teixeira SID (S-1-5-21-1434435996-2445027704-2925530844-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool. Error: (09/30/2016 08:47:51 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9665JOT) Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user DESKTOP-9665JOT\Pedro Teixeira SID (S-1-5-21-1434435996-2445027704-2925530844-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool. Error: (09/30/2016 08:47:51 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9665JOT) Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user DESKTOP-9665JOT\Pedro Teixeira SID (S-1-5-21-1434435996-2445027704-2925530844-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool. Error: (09/30/2016 03:11:50 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9665JOT) Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user DESKTOP-9665JOT\Pedro Teixeira SID (S-1-5-21-1434435996-2445027704-2925530844-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool. Error: (09/30/2016 03:11:50 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9665JOT) Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user DESKTOP-9665JOT\Pedro Teixeira SID (S-1-5-21-1434435996-2445027704-2925530844-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool. Error: (09/30/2016 01:41:49 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9665JOT) Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user DESKTOP-9665JOT\Pedro Teixeira SID (S-1-5-21-1434435996-2445027704-2925530844-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool. Error: (09/30/2016 01:21:09 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9665JOT) Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user DESKTOP-9665JOT\Pedro Teixeira SID (S-1-5-21-1434435996-2445027704-2925530844-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool. Error: (09/30/2016 01:21:09 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9665JOT) Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user DESKTOP-9665JOT\Pedro Teixeira SID (S-1-5-21-1434435996-2445027704-2925530844-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool. Error: (09/30/2016 12:56:38 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9665JOT) Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user DESKTOP-9665JOT\Pedro Teixeira SID (S-1-5-21-1434435996-2445027704-2925530844-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool. Error: (09/30/2016 12:56:38 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9665JOT) Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user DESKTOP-9665JOT\Pedro Teixeira SID (S-1-5-21-1434435996-2445027704-2925530844-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool. CodeIntegrity: =================================== Date: 2016-09-30 12:16:16.845 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-29 13:43:01.422 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-27 12:03:43.393 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-26 14:35:06.021 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-25 03:59:27.082 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-23 13:37:35.465 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-22 01:23:18.436 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-21 00:57:52.690 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-19 13:54:24.084 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-17 19:35:20.304 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz Percentage of memory in use: 53% Total physical RAM: 8134.85 MB Available physical RAM: 3774.55 MB Total Virtual: 10367.1 MB Available Virtual: 3963.22 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:232.33 GB) (Free:62.71 GB) NTFS Drive d: (New Volume) (Fixed) (Total:931.39 GB) (Free:659.32 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ============================