Jump to content

Pedromfa

Members
  • Posts

    19
  • Joined

  • Last visited

Reputation

0 Neutral
  1. i still get a error because it can't create a directory ..
  2. Rkill 2.6.6 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2014 BleepingComputer.com More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 05/21/2014 10:11:42 PM in x86 mode. Windows Version: Windows 7 Ultimate Service Pack 1 Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * No malware processes found to kill. Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * No issues found. Checking Windows Service Integrity: * Windows Defender (WinDefend) is not Running. Startup Type set to: Automatic Searching for Missing Digital Signatures: * No issues found. Checking HOSTS File: * HOSTS file entries found: 127.0.0.1 localhost Program finished at: 05/21/2014 10:14:00 PM Execution time: 0 hours(s), 2 minute(s), and 17 seconds(s)
  3. I forgot to copy the log on the scan that " remove found threats " was ticked . But i scanned with the online scanner afterwards , and no threats were found By the way , it seems that i cannot install malware bytes , same error as before , directory (...)
  4. C:\FRST\Quarantine\C\Program Files\SN.Booster.xBAD a variant of Win32/SProtector.D potentially unwanted application C:\FRST\Quarantine\C\Program Files\SNT\T.dll a variant of Win32/AdWare.MultiPlug.N application C:\FRST\Quarantine\C\Program Files\SNT\T.x64.dll a variant of Win64/Adware.MultiPlug.A application C:\FRST\Quarantine\C\Users\Insys\AppData\Local\Temp\DownloadManager.exe.xBAD a variant of Win32/OutBrowse.D potentially unwanted application C:\FRST\Quarantine\C\Users\Insys\AppData\Local\Temp\instruct.exe.xBAD a variant of Win32/OutBrowse.D potentially unwanted application C:\FRST\Quarantine\C\Users\Insys\AppData\Local\Temp\SearchProtectINT.exe.xBAD Win32/Toolbar.Conduit.R potentially unwanted application C:\FRST\Quarantine\C\Users\Insys\AppData\Local\Temp\SPSetup.exe.xBAD a variant of Win32/Conduit.SearchProtect.H potentially unwanted application C:\FRST\Quarantine\C\Users\Pedro\AppData\Local\Temp\FLVPlayerSetup.exe.xBAD Win32/Somoto.J potentially unwanted application C:\FRST\Quarantine\C\Users\Pedro\AppData\Local\Temp\UpdateCheckerSetup.exe.xBAD a variant of Win32/Somoto.D potentially unwanted application C:\FRST\Quarantine\C\Users\Pedro\Downloads\Visualizador_Contatos.exe.xBAD Win32/TrojanDownloader.Banload.SJG trojan C:\FRST\Quarantine\C\Users\Pedro\jZb72An\Visualizador_Contatos.exe Win32/TrojanDownloader.Banload.SJG trojan C:\FRST\Quarantine\C\Users\Pedro\lWj61Ma\extan.exe Win32/Spy.Bancos.ACG trojan C:\Program Files\SNSvc.dll a variant of Win32/SProtector.D potentially unwanted application C:\Program Files\Comodo\Dragon\extensions\ask_toolbar.crx a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application C:\Program Files\Mega Browse\MegaBrowseUninstall.exe Win32/BrowseFox.C potentially unwanted application C:\Program Files\SupTab\SupTab.dll a variant of Win32/Thinknice.B potentially unwanted application C:\ProgramData\SNT\mW.exe a variant of Win32/AdWare.MultiPlug.T application C:\ProgramData\YoutubeAdblocker\1KvQk.exe a variant of Win32/AdWare.MultiPlug.T application C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\CltMngSvc.exe.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\SPTool.dll.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\uninstall.exe.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application C:\Qoobox\Quarantine\C\Program Files\SearchProtect\SearchProtect\bin\cltmng.exe.vir a variant of Win32/Conduit.SearchProtect.I potentially unwanted application C:\Qoobox\Quarantine\C\Program Files\SearchProtect\SearchProtect\bin\SPVC32.dll.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application C:\Qoobox\Quarantine\C\Program Files\SearchProtect\SearchProtect\bin\SPVC64Loader.dll.vir a variant of Win64/Conduit.SearchProtect.A potentially unwanted application C:\Qoobox\Quarantine\C\Program Files\SearchProtect\UI\bin\cltmngui.exe.vir a variant of Win32/Conduit.SearchProtect.I potentially unwanted application C:\Qoobox\Quarantine\C\Program Files\YoutubeAdblocker\RJAy.dll.vir a variant of Win32/AdWare.MultiPlug.N application C:\Qoobox\Quarantine\C\Program Files\YoutubeAdblocker\RJAy.x64.dll.vir a variant of Win64/Adware.MultiPlug.A application C:\Qoobox\Quarantine\C\ProgramData\MyApps\SN.Booster\SN.Booster.exe.vir Win32/TrojanDownloader.Agent.AFD trojan C:\Qoobox\Quarantine\C\Users\Pedro\AppData\Roaming\machine32.exe.vir a variant of Win32/Spy.Banker.AAUL trojan C:\Qoobox\Quarantine\C\Users\Pedro\AppData\Roaming\machine64.exe.vir Win32/Spy.Bancos.ACG trojan C:\System Volume Information\SystemRestore\FRStaging\Program Files\SupTab\SupTab.dll a variant of Win32/Thinknice.B potentially unwanted application C:\System Volume Information\SystemRestore\FRStaging\ProgramData\IePluginService\PluginService.exe a variant of Win32/ELEX.AD potentially unwanted application C:\System Volume Information\SystemRestore\FRStaging\ProgramData\WPM\wprotectmanager.exe a variant of Win32/ELEX.AE potentially unwanted application C:\System Volume Information\SystemRestore\FRStaging\Users\Insys\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XD8JYLTK\SPSetup[1].exe a variant of Win32/Conduit.SearchProtect.H potentially unwanted application C:\System Volume Information\SystemRestore\FRStaging\Users\Insys\AppData\Local\Temp\amt_awesomehp.exe a variant of Win32/ELEX.Z potentially unwanted application C:\System Volume Information\SystemRestore\FRStaging\Users\Insys\AppData\Local\Temp\ICReinstall_remouse.exe a variant of Win32/InstallCore.BY potentially unwanted application C:\System Volume Information\SystemRestore\FRStaging\Users\Insys\AppData\Local\Temp\fullpackage_temp1394931253\tmp\SupTab.exe a variant of Win32/Thinknice.B potentially unwanted application C:\System Volume Information\SystemRestore\FRStaging\Users\Insys\AppData\Local\Temp\fullpackage_temp1394931253\tmp\wpm.exe a variant of Win32/ELEX.AE potentially unwanted application C:\System Volume Information\SystemRestore\FRStaging\Users\Insys\AppData\Local\Temp\fullpackage_temp1394993527\tmp\wpm.exe a variant of Win32/ELEX.AE potentially unwanted application C:\System Volume Information\SystemRestore\FRStaging\Users\Insys\AppData\Local\Temp\is701137889\15298271_stp\Mar9_www.sweet-page.exe a variant of Win32/ELEX.Z potentially unwanted application C:\Users\All Users\SNT\mW.exe a variant of Win32/AdWare.MultiPlug.T application C:\Users\All Users\YoutubeAdblocker\1KvQk.exe a variant of Win32/AdWare.MultiPlug.T application C:\Users\Insys\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0K1CE9P4\SearchProtectGeneric2[1].exe Win32/OutBrowse.Q potentially unwanted application C:\Users\Insys\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RKEGMEDA\SPSetup[1].exe a variant of Win32/Conduit.SearchProtect.H potentially unwanted application C:\Users\Insys\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XD8JYLTK\Mobogenie_Setup_2.2.5_563[1].exe Win32/Mobogenie.B potentially unwanted application C:\Users\Insys\AppData\Roaming\Temp.exe a variant of MSIL/Spy.LimitLogger.A trojan C:\Users\Insys\AppData\Roaming\SupTab\SupTab.dll a variant of Win32/Thinknice.B potentially unwanted application C:\Users\Insys\Desktop\Download.By.Tutoriaisid.blogspot.com.br\Office 2010 Toolkit.exe a variant of MSIL/HackKMS.A potentially unsafe application C:\Users\Insys\Downloads\222-aTubeCatcher.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application C:\Users\Insys\Downloads\Adobe-After-Effects-CS4-Crack.rar BAT/HostsChanger.A potentially unsafe application C:\Users\Insys\Downloads\atube-catcher-387955-32-bits.exe a variant of Win32/InstallCore.OI potentially unwanted application C:\Users\Insys\Downloads\Ayakashi Ghost Guild Cheats.exe a variant of MSIL/GameHack.AE potentially unsafe application C:\Users\Insys\Downloads\beatCelebPlayer.exe a variant of Win32/Verti.B potentially unwanted application C:\Users\Insys\Downloads\cleaner_ava (1).exe a variant of Win32/ELEX.Q potentially unwanted application C:\Users\Insys\Downloads\cleaner_ava.exe a variant of Win32/ELEX.Q potentially unwanted application C:\Users\Insys\Downloads\Counter Strike 1.6 Key Code.rar__3516_i556590427_il5529578.exe a variant of Win32/Amonetize.AJ potentially unwanted application C:\Users\Insys\Downloads\Counter Strike cd key.exe a variant of Win32/Injected.F trojan C:\Users\Insys\Downloads\FlightSim.exe a variant of Win32/Verti.B potentially unwanted application C:\Users\Insys\Downloads\greenluma_latest (1).exe a variant of MSIL/Injector.CTR trojan C:\Users\Insys\Downloads\greenluma_latest.exe a variant of MSIL/Injector.CTR trojan C:\Users\Insys\Downloads\MP-Hacks_ESP_v5.0.rar Win32/HackTool.Unreal-Rage potentially unsafe application C:\Users\Insys\Downloads\rcsetup151.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application C:\Users\Insys\Downloads\SoftonicDownloader_para_avg-antivirus-free-2014 (1).exe a variant of Win32/SoftonicDownloader.F potentially unwanted application C:\Users\Insys\Downloads\SoftonicDownloader_para_avg-antivirus-free-2014.exe a variant of Win32/SoftonicDownloader.F potentially unwanted application C:\Users\Insys\Downloads\StartDownload.exe a variant of Win32/AdWare.iBryte.W application C:\Users\Insys\Downloads\Steam Key Generator.rar MSIL/FakeTool.FT trojan C:\Users\Insys\Downloads\SteamKeygen2014_Downloader.exe a variant of Win32/BundleInstaller.D potentially unwanted application C:\Users\Insys\Downloads\Vegas Pro.exe a variant of Win32/FirseriaInstaller.H potentially unwanted application C:\Users\Insys\Downloads\windows.7.codec.pack.v4.0.8.setup.exe Win32/OpenCandy potentially unsafe application C:\Users\Insys\Downloads\yet_another_cleaner_ava.exe a variant of Win32/ELEX.Q potentially unwanted application C:\Users\Insys\Downloads\[cheat-project.com] MP-Hacks ESP v5.0 2009-02-24.rar Win32/HackTool.Unreal-Rage potentially unsafe application C:\Users\Insys\Downloads\[cheat-project.com] MP-Hacks ESP v5.0 2009-02-24\HACK\MP-Hacks ESP.exe Win32/HackTool.Unreal-Rage potentially unsafe application C:\Users\Pedro\AppData\Local\FilesFrog Update Checker\update_checker.exe a variant of Win32/Somoto.D potentially unwanted application C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\chrome.crx JS/Spy.Banker.L trojan C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehkebkalogplefdncmdccimnhgecojcj\0.0.1_0\content.js JS/Spy.Banker.L trojan C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000000 Win32/Somoto.N potentially unwanted application
  5. ComboFix 14-05-19.01 - Insys 20-05-2014 19:02:03.3.2 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.351.2070.18.3055.2270 [GMT 1:00] Executando de: c:\users\Insys\Desktop\ComboFix.exe Comandos utilizados :: c:\users\Insys\Desktop\CFscript.txt.txt SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\users\Insys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk" "c:\windows\system32\drivers\tzszwgxf.sys" "c:\windows\Tasks\SN.Booster-S-482248051.job" . . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\MyPC Backup c:\program files\MyPC Backup\aff.conf c:\program files\MyPC Backup\AlphaVSS.51.x86.dll c:\program files\MyPC Backup\AlphaVSS.52.x64.dll c:\program files\MyPC Backup\AlphaVSS.52.x86.dll c:\program files\MyPC Backup\AlphaVSS.60.x64.dll c:\program files\MyPC Backup\AlphaVSS.60.x86.dll c:\program files\MyPC Backup\AlphaVSS.Common.dll c:\program files\MyPC Backup\AWSSDK.dll c:\program files\MyPC Backup\BackupStack.exe c:\program files\MyPC Backup\Config\api.ts2 c:\program files\MyPC Backup\Configuration Updater.exe c:\program files\MyPC Backup\Crypto32.dll c:\program files\MyPC Backup\Crypto64.dll c:\program files\MyPC Backup\Database\mpcb_backup_conf.db c:\program files\MyPC Backup\Database\mpcb_backup_id.db c:\program files\MyPC Backup\Database\mpcb_file_cache.db c:\program files\MyPC Backup\Database\mpcb_queues.db c:\program files\MyPC Backup\Database\mpcb_settings.db c:\program files\MyPC Backup\Database\mpcb_sig_cache.db c:\program files\MyPC Backup\Database\mpcb_version_queue.db c:\program files\MyPC Backup\de_DE.mo c:\program files\MyPC Backup\diffstack.dll c:\program files\MyPC Backup\es_ES.mo c:\program files\MyPC Backup\fr_FR.mo c:\program files\MyPC Backup\GetText.dll c:\program files\MyPC Backup\it_IT.mo c:\program files\MyPC Backup\log\AUTH.log c:\program files\MyPC Backup\log\BACKUP.log c:\program files\MyPC Backup\log\BACKUP_COMPLETE.log c:\program files\MyPC Backup\log\EXTERNAL_DRIVE.log c:\program files\MyPC Backup\log\GRID_RECOVERY_INIT.log c:\program files\MyPC Backup\log\LICENCE.log c:\program files\MyPC Backup\log\NETWORK_SHARES.log c:\program files\MyPC Backup\log\REMOTING.log c:\program files\MyPC Backup\log\REQUEST.log c:\program files\MyPC Backup\log\SERVICE.log c:\program files\MyPC Backup\log\SHELL.log c:\program files\MyPC Backup\log\UPDATER.log c:\program files\MyPC Backup\log\UTC_MIGRATION.log c:\program files\MyPC Backup\log\WAIT_HANDLES.log c:\program files\MyPC Backup\LogicNP.EZShellExtensions.dll c:\program files\MyPC Backup\MPCBClient.dll c:\program files\MyPC Backup\MPCBContextMenu.dll c:\program files\MyPC Backup\MPCBIconOverlays.dll c:\program files\MyPC Backup\MyPC Backup.exe c:\program files\MyPC Backup\mypcbackup.ico c:\program files\MyPC Backup\ObjectListView.dll c:\program files\MyPC Backup\pt_PT.mo c:\program files\MyPC Backup\RegisterExtensionDotNet20_x64.exe c:\program files\MyPC Backup\RegisterExtensionDotNet20_x86.exe c:\program files\MyPC Backup\Resources\keycache\_8edf547a-6002-42c2-824f-1bf71ccdf936_backupKeyCache.block c:\program files\MyPC Backup\Resources\keycache\_8edf547a-6002-42c2-824f-1bf71ccdf936_backupKeyCache.tree c:\program files\MyPC Backup\RestartExplorer.exe c:\program files\MyPC Backup\Service Start.exe c:\program files\MyPC Backup\Shared Stack.dll c:\program files\MyPC Backup\Signup Wizard.exe c:\program files\MyPC Backup\syncicon.ico c:\program files\MyPC Backup\syncing.ico c:\program files\MyPC Backup\tick.ico c:\program files\MyPC Backup\uninst.exe c:\program files\MyPC Backup\UnRegisterExtensions.exe c:\program files\MyPC Backup\Updater.exe c:\program files\MyPC Backup\x64\System.Data.SQLite.dll c:\program files\MyPC Backup\x86\System.Data.SQLite.dll c:\program files\tixati c:\program files\tixati\errorreporter.exe c:\program files\tixati\license.txt c:\program files\tixati\tixati.exe c:\program files\tixati\uninstall.exe c:\programdata\myapps\sn.booster c:\programdata\myapps\sn.booster\482248051.ini c:\programdata\myapps\sn.booster\SN.Booster.exe c:\users\Insys\AppData\Local\SearchProtect c:\users\Insys\AppData\Local\SearchProtect\SearchProtect\rep\Cvc.dat c:\users\Insys\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat c:\users\Insys\AppData\Local\SearchProtect\SearchProtect\rep\UserSettings.dat c:\users\Insys\AppData\Local\SearchProtect\UI\rep\UIRepository.dat c:\users\Pedro\AppData\Local\SearchProtect c:\users\Pedro\AppData\Local\SearchProtect\SearchProtect\rep\Cvc.dat c:\users\Pedro\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat c:\users\Pedro\AppData\Local\SearchProtect\SearchProtect\rep\UserSettings.dat c:\users\Pedro\AppData\Local\SearchProtect\UI\rep\UIRepository.dat c:\users\Pedro\AppData\Roaming\tixati c:\users\Pedro\AppData\Roaming\tixati\autothrottle.dat c:\users\Pedro\AppData\Roaming\tixati\autothrottle2.dat c:\users\Pedro\AppData\Roaming\tixati\autothrottle2.dat.lastloadok.dat c:\users\Pedro\AppData\Roaming\tixati\bwpresets2.dat c:\users\Pedro\AppData\Roaming\tixati\bwpresets2.dat.lastloadok.dat c:\users\Pedro\AppData\Roaming\tixati\channels2.dat c:\users\Pedro\AppData\Roaming\tixati\channels2.dat.lastloadok.dat c:\users\Pedro\AppData\Roaming\tixati\colors2.dat c:\users\Pedro\AppData\Roaming\tixati\colors2.dat.lastloadok.dat c:\users\Pedro\AppData\Roaming\tixati\core.dat c:\users\Pedro\AppData\Roaming\tixati\core2.dat c:\users\Pedro\AppData\Roaming\tixati\core2.dat.lastloadok.dat c:\users\Pedro\AppData\Roaming\tixati\dht.dat c:\users\Pedro\AppData\Roaming\tixati\dht2.dat c:\users\Pedro\AppData\Roaming\tixati\dht2.dat.lastloadok.dat c:\users\Pedro\AppData\Roaming\tixati\rss.dat c:\users\Pedro\AppData\Roaming\tixati\rss2.dat c:\users\Pedro\AppData\Roaming\tixati\rss2.dat.lastloadok.dat c:\users\Pedro\AppData\Roaming\tixati\scheduler2.dat c:\users\Pedro\AppData\Roaming\tixati\scheduler2.dat.lastloadok.dat c:\users\Pedro\AppData\Roaming\tixati\settings.dat c:\users\Pedro\AppData\Roaming\tixati\settings2.dat c:\users\Pedro\AppData\Roaming\tixati\settings2.dat.lastloadok.dat c:\users\Pedro\AppData\Roaming\tixati\uisettings2.dat c:\users\Pedro\AppData\Roaming\tixati\uisettings2.dat.lastloadok.dat c:\users\Pedro\AppData\Roaming\tixati\upnp_diagnostic_log.txt . . ((((((((((((((((((((((((((((((((((((((( Drivers/Serviços ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_916e5338 -------\Service_BackupStack . . (((((((((((((((( Arquivos/Ficheiros criados de 2014-04-20 to 2014-05-20 )))))))))))))))))))))))))))) . . 2014-05-20 18:11 . 2014-05-20 18:11 -------- d-----w- c:\users\Pedro\AppData\Local\temp 2014-05-20 18:11 . 2014-05-20 18:11 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-05-19 20:19 . 2014-05-20 18:13 -------- d-----w- c:\users\Insys\AppData\Local\temp 2014-05-14 22:08 . 2014-05-14 22:08 -------- d-----w- C:\37d6d7e46f68fc165f38f736e1e3ca38 2014-05-14 21:44 . 2014-05-14 21:45 -------- d-----w- c:\windows\system32\C2MP 2014-05-14 18:47 . 2014-05-14 18:47 48392 ----a-w- c:\windows\system32\certsentry.dll 2014-05-14 18:46 . 2014-05-14 18:46 -------- d-----w- c:\program files\Comodo 2014-05-14 18:46 . 2014-05-14 18:46 -------- d-----w- c:\program files\DsNET Corp 2014-05-14 17:44 . 2014-05-14 17:44 -------- d-----w- c:\users\Insys\AppData\Roaming\Publish Providers 2014-05-14 17:36 . 2014-05-14 17:41 -------- d-----w- c:\users\Insys\AppData\Local\Sony 2014-05-14 17:36 . 2014-05-14 17:36 -------- d-----w- c:\programdata\Sony 2014-05-14 17:36 . 2014-05-15 21:55 -------- d-----w- c:\program files\Sony 2014-05-14 17:34 . 2014-05-16 20:26 -------- d-----w- c:\users\Insys\AppData\Roaming\Sony 2014-05-13 20:29 . 2014-05-16 21:22 -------- d-----w- C:\FRST 2014-05-13 19:39 . 2014-05-13 19:39 -------- d-----w- c:\programdata\Licenses 2014-05-13 19:39 . 2014-05-13 19:39 -------- d-----w- c:\program files\Trojan Remover 2014-05-13 19:39 . 2014-05-13 19:39 -------- d-----w- c:\programdata\Simply Super Software 2014-05-12 21:38 . 2014-05-12 21:38 -------- d-----w- C:\d6bfc0a25fc0a372e506cbfb3ea4f6 2014-05-12 21:31 . 2014-05-12 21:31 -------- d-----w- c:\program files\Common Files\Bitdefender 2014-05-12 21:28 . 2014-05-12 21:29 -------- d-----w- c:\users\Insys\AppData\Roaming\QuickScan 2014-05-12 21:23 . 2014-05-12 21:23 -------- d-----w- c:\programdata\McAfee 2014-05-12 21:20 . 2014-05-12 21:20 411552 ----a-w- c:\windows\system32\drivers\tzszwgxf.sys 2014-05-12 19:43 . 2014-05-12 19:43 -------- d-----w- c:\programdata\Malwarebytes 2014-05-06 22:05 . 2014-05-15 23:37 -------- d-s---w- c:\windows\system32\CompatTel 2014-05-06 21:04 . 2014-05-06 21:04 -------- d-----w- c:\program files\360 2014-05-04 14:29 . 2014-05-04 14:29 -------- d-----w- c:\program files\AellCheapPrIIce 2014-05-04 00:37 . 2014-05-04 00:37 -------- d-----w- c:\users\Insys\AppData\Local\Blizzard 2014-05-04 00:33 . 2014-05-04 14:31 -------- d-----w- c:\program files\Hearthstone 2014-05-04 00:24 . 2014-05-04 00:24 -------- d-----w- c:\users\Insys\AppData\Local\Blizzard Entertainment 2014-05-04 00:24 . 2014-05-04 00:38 -------- d-----w- c:\users\Insys\AppData\Local\Battle.net 2014-05-04 00:24 . 2014-05-04 00:32 -------- d-----w- c:\users\Insys\AppData\Roaming\Battle.net 2014-05-04 00:23 . 2014-05-04 14:31 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment 2014-05-04 00:23 . 2014-05-04 00:24 -------- d-----w- c:\programdata\Blizzard Entertainment 2014-05-04 00:20 . 2014-05-04 00:20 -------- d-----w- c:\programdata\Battle.net 2014-04-27 08:12 . 2014-04-27 08:12 -------- d-----w- c:\users\Insys\AppData\Local\GIZMO2 2014-04-27 01:12 . 2014-04-27 01:12 -------- d--h--w- c:\windows\msdownld.tmp 2014-04-26 22:20 . 2014-04-26 22:20 -------- d-----w- c:\users\Pedro\AppData\Local\GIZMO2 2014-04-26 22:05 . 2014-04-26 22:05 -------- d-----w- c:\programdata\SNT 2014-04-26 22:05 . 2014-05-20 18:10 -------- d-----w- c:\programdata\MyApps 2014-04-26 22:05 . 2014-04-26 22:05 174928 ----a-w- c:\program files\SNSvc.dll 2014-04-26 22:05 . 2014-04-26 22:05 -------- d-----w- c:\programdata\YoutubeAdblocker 2014-04-26 22:04 . 2014-05-12 21:17 -------- d-----w- c:\programdata\Save Niet 2014-04-26 22:04 . 2014-05-12 21:15 -------- d-----w- c:\program files\Save Niet 2014-04-26 22:04 . 2014-05-12 21:15 -------- d-----w- c:\programdata\cc813dae40a4cea1 2014-04-26 22:04 . 2014-04-26 22:04 -------- d-----w- c:\users\Pedro\AppData\Local\Torch 2014-04-26 22:04 . 2014-04-26 22:04 -------- d-----w- c:\users\Pedro\AppData\Local\Comodo 2014-04-26 22:04 . 2014-04-26 22:04 -------- d-----w- c:\users\Insys\AppData\Local\Torch 2014-04-26 22:04 . 2014-04-26 22:04 -------- d-----w- c:\users\Insys\AppData\Local\Comodo 2014-04-26 22:04 . 2014-04-26 22:04 -------- d-----w- c:\users\HomeGroupUser$ 2014-04-26 22:04 . 2014-04-26 22:04 -------- d-----w- c:\users\Convidado 2014-04-26 22:04 . 2014-04-26 22:04 -------- d-----w- c:\users\Administrador 2014-04-26 22:04 . 2014-04-26 22:04 -------- d-----w- c:\programdata\InstallMate 2014-04-26 22:01 . 2014-04-26 22:01 -------- d-----w- c:\users\Pedro\AppData\Local\WebPlayer 2014-04-26 22:01 . 2014-04-26 22:01 -------- d-----w- c:\users\Pedro\AppData\Local\FilesFrog Update Checker 2014-04-25 21:15 . 2014-04-25 21:32 -------- d-----w- c:\users\Pedro\.VirtualBox 2014-04-25 21:15 . 2014-04-25 22:10 -------- d-----w- c:\users\Pedro\AppData\Local\Genymobile 2014-04-25 21:14 . 2013-04-12 11:33 188176 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys 2014-04-25 21:14 . 2014-04-25 22:12 -------- dc----w- c:\windows\system32\DRVSTORE 2014-04-25 21:14 . 2013-04-12 11:33 94480 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys 2014-04-25 21:14 . 2014-04-25 21:14 -------- d-----w- c:\program files\Oracle 2014-04-25 21:12 . 2014-04-25 21:12 -------- d-----w- c:\program files\Genymobile 2014-04-25 20:55 . 2014-04-25 20:56 -------- d-----w- c:\programdata\BlueStacksSetup 2014-04-25 20:55 . 2014-04-25 20:55 -------- d-----w- c:\users\Pedro\AppData\Local\Bluestacks . . . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-04-12 18:29 . 2014-04-12 18:29 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys 2014-04-12 14:04 . 2014-04-12 14:04 2975056 ----a-w- c:\windows\system32\Steam.dll 2014-03-31 08:35 . 2013-09-07 16:33 231584 ------w- c:\windows\system32\MpSigStub.exe 2014-03-11 19:51 . 2013-10-05 14:50 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2014-03-11 19:51 . 2013-10-05 14:50 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2014-03-11 07:00 . 2014-03-11 07:00 114408 ----a-w- c:\windows\system32\drivers\scdemu.sys 2014-03-07 04:35 . 2014-04-08 15:01 7969936 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4DCA77BC-9C2C-4F19-928B-6D7D9375BA0E}\mpengine.dll . . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por padrão não são apresentadas. REGEDIT4 . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-09-09 280576] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ CodecPackUpdateChecker.lnk - c:\windows\System32\C2MP\UpdateChecker.exe [2013-8-29 48200] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . R2 CltMngSvc;Search Protect Service;c:\progra~1\SearchProtect\Main\bin\CltMngSvc.exe [x] R2 IePluginService;IePlugin Service;c:\programdata\IePluginService\PluginService.exe [2014-04-14 0] R2 QHActiveDefense;360 Total Security;c:\program files\360\Total Security\safemon\QHActiveDefense.exe [2014-04-30 607560] R2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys [x] R2 Wpm;Wpm Service;c:\programdata\WPM\wprotectmanager.exe [2014-04-10 0] R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2013-03-25 65200] R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2014-04-12 23456] R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x] R3 HWHandSet;HWUSBSERSP;c:\windows\system32\DRIVERS\hw_quusbmdm.sys [2011-10-24 195200] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-02-09 108032] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848] R3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2014-04-10 0] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2013-04-12 104720] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Serviço de Tecnologias de Activação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-09-08 1343400] S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2013-04-12 188176] S2 DragonUpdater;COMODO Dragon Update Service;c:\program files\Comodo\Dragon\dragon_updater.exe [2014-03-20 2135232] S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [2010-03-31 379904] S3 SiS6350;SiS6350;c:\windows\system32\DRIVERS\SISGRKMD.sys [2009-12-16 465920] S3 SiSGbeLH;Controlador SiS191/SiS190 Ethernet Device NDIS 6.0;c:\windows\system32\DRIVERS\SiSGB6.sys [2009-07-13 48128] S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2013-04-12 115984] . . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2014-05-15 18:41 1077576 ----a-w- c:\program files\Google\Chrome\Application\34.0.1847.137\Installer\chrmstp.exe . Conteúdo da pasta 'Tarefas Agendadas' . 2014-04-10 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-05 19:51] . 2014-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf706dd9b94f0.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-10-05 20:37] . 2014-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-10-05 20:37] . 2014-04-12 c:\windows\Tasks\RegistryDr_Popup.job - c:\program files\Registry Dr\Splash.exe [2014-03-19 14:46] . 2014-04-12 c:\windows\Tasks\RegistryDr_Start.job - c:\program files\Registry Dr\RegistryDr.exe [2014-03-19 14:46] . 2014-04-26 c:\windows\Tasks\SomotoUpdateCheckerAutoStart.job - c:\users\Pedro\AppData\Local\FilesFrog Update Checker\update_checker.exe [2013-10-17 09:50] . . ------- Scan Suplementar ------- . uStart Page = about:blank mStart Page = hxxp://websearch.amaizingsearches.info/?pid=233&r=2014/04/26&hid=11410117755029885341&lg=EN&cc=PT&unqvl=51 uInternet Settings,ProxyOverride = <local> uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 TCP: DhcpNameServer = 192.168.1.1 . - - - - ORFÃOS REMOVIDOS - - - - . c:\users\Insys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk - c:\program files\MyPC Backup\MyPC Backup.exe AddRemove-MyPC Backup - c:\program files\MyPC Backup\uninst.exe AddRemove-S-482248051 - c:\programdata\myapps\sn.booster\sn.booster.exe AddRemove-tixati - c:\program files\tixati\uninstall.exe . . . --------------------- CHAVES DO REGISTRO BLOQUEADAS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Outros Processos em Execução ------------------------ . c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe c:\windows\System32\WUDFHost.exe c:\windows\system32\conhost.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\Google\Update\1.3.24.7\GoogleCrashHandler.exe c:\windows\system32\sppsvc.exe c:\\?\c:\windows\system32\wbem\WMIADAP.EXE . ************************************************************************** . Tempo para conclusão: 2014-05-20 19:17:48 - Máquina reiniciou ComboFix-quarantined-files.txt 2014-05-20 18:17 ComboFix2.txt 2014-05-19 20:19 . Pré-execução: 147.970.564.096 bytes livres Pós execução: 147.703.508.992 bytes livres . - - End Of File - - 7A1618EA3761FF788902BAB5DF14C5C8 A36C5E4F47E84449FF07ED3517B43A31 I will post the ESET online scan in a few minutes
  6. ComboFix 14-05-19.01 - Insys 19-05-2014 21:06:43.2.2 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.351.2070.18.3055.2374 [GMT 1:00] Executando de: c:\users\Insys\Desktop\ComboFix.exe SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\install.exe c:\program files\SearchProtect c:\program files\SearchProtect\EULA.txt c:\program files\SearchProtect\Main\bin\CltMngSvc.exe c:\program files\SearchProtect\Main\bin\SPTool.dll c:\program files\SearchProtect\Main\bin\uninstall.exe c:\program files\SearchProtect\Main\rep\SystemRepository.dat c:\program files\SearchProtect\SearchProtect\bin\cltmng.exe c:\program files\SearchProtect\SearchProtect\bin\SPTool64.exe c:\program files\SearchProtect\SearchProtect\bin\SPVC32.dll c:\program files\SearchProtect\SearchProtect\bin\SPVC32Loader.dll c:\program files\SearchProtect\SearchProtect\bin\SPVC64.dll c:\program files\SearchProtect\SearchProtect\bin\SPVC64Loader.dll c:\program files\SearchProtect\UI\bin\cltmngui.exe c:\program files\SearchProtect\UI\dialogs\bubble\bubble.css c:\program files\SearchProtect\UI\dialogs\bubble\bubble.html c:\program files\SearchProtect\UI\dialogs\bubble\bubble.js c:\program files\SearchProtect\UI\dialogs\bubble\defaults.js c:\program files\SearchProtect\UI\dialogs\Images\Apply-default.png c:\program files\SearchProtect\UI\dialogs\Images\Apply-onclick.png c:\program files\SearchProtect\UI\dialogs\Images\Apply-Rollover.png c:\program files\SearchProtect\UI\dialogs\Images\bg-uninstall.png c:\program files\SearchProtect\UI\dialogs\Images\bg-with-logo.png c:\program files\SearchProtect\UI\dialogs\Images\bg.png c:\program files\SearchProtect\UI\dialogs\Images\bgNotif.png c:\program files\SearchProtect\UI\dialogs\Images\bgSettings.png c:\program files\SearchProtect\UI\dialogs\Images\bgSettingsDS.png c:\program files\SearchProtect\UI\dialogs\Images\bgUninstall.png c:\program files\SearchProtect\UI\dialogs\Images\btnBlue.png c:\program files\SearchProtect\UI\dialogs\Images\btnClose.png c:\program files\SearchProtect\UI\dialogs\Images\btnSilver.png c:\program files\SearchProtect\UI\dialogs\Images\button-bg.png c:\program files\SearchProtect\UI\dialogs\Images\checkbox.png c:\program files\SearchProtect\UI\dialogs\Images\checkbox_checked.png c:\program files\SearchProtect\UI\dialogs\Images\checkbox_def.png c:\program files\SearchProtect\UI\dialogs\Images\close-win-def.png c:\program files\SearchProtect\UI\dialogs\Images\close-win-over-click.png c:\program files\SearchProtect\UI\dialogs\Images\gray-bg.png c:\program files\SearchProtect\UI\dialogs\Images\hez-def.png c:\program files\SearchProtect\UI\dialogs\Images\hez-selected.png c:\program files\SearchProtect\UI\dialogs\Images\hez.png c:\program files\SearchProtect\UI\dialogs\Images\icon-win.png c:\program files\SearchProtect\UI\dialogs\Images\info-icon.png c:\program files\SearchProtect\UI\dialogs\Images\menu-rollover.png c:\program files\SearchProtect\UI\dialogs\Images\menu-selected.png c:\program files\SearchProtect\UI\dialogs\Images\radio-button-def.png c:\program files\SearchProtect\UI\dialogs\Images\radio-button-selected.png c:\program files\SearchProtect\UI\dialogs\Images\radio-button.png c:\program files\SearchProtect\UI\dialogs\Images\radio-button2.png c:\program files\SearchProtect\UI\dialogs\Images\Settings-icon.png c:\program files\SearchProtect\UI\dialogs\Images\text-field.png c:\program files\SearchProtect\UI\dialogs\Images\v.png c:\program files\SearchProtect\UI\dialogs\Images\x.png c:\program files\SearchProtect\UI\dialogs\libs\defaults.js c:\program files\SearchProtect\UI\dialogs\libs\dialogUtils.js c:\program files\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js c:\program files\SearchProtect\UI\dialogs\libs\json2.min.js c:\program files\SearchProtect\UI\dialogs\libs\main.js c:\program files\SearchProtect\UI\dialogs\libs\SPDialogAPI.js c:\program files\SearchProtect\UI\dialogs\protection\defaults.js c:\program files\SearchProtect\UI\dialogs\protection\protection.css c:\program files\SearchProtect\UI\dialogs\protection\protection.html c:\program files\SearchProtect\UI\dialogs\protection\protection.js c:\program files\SearchProtect\UI\dialogs\protectionDS\defaults.js c:\program files\SearchProtect\UI\dialogs\protectionDS\protectionDS.css c:\program files\SearchProtect\UI\dialogs\protectionDS\protectionDS.html c:\program files\SearchProtect\UI\dialogs\protectionDS\protectionDS.js c:\program files\SearchProtect\UI\dialogs\settings.html c:\program files\SearchProtect\UI\dialogs\settings\defaults.js c:\program files\SearchProtect\UI\dialogs\settings\settings.css c:\program files\SearchProtect\UI\dialogs\settings\settings.html c:\program files\SearchProtect\UI\dialogs\settings\settings.js c:\program files\SearchProtect\UI\dialogs\style.css c:\program files\SearchProtect\UI\dialogs\uninstall\defaults.js c:\program files\SearchProtect\UI\dialogs\uninstall\uninstall.css c:\program files\SearchProtect\UI\dialogs\uninstall\uninstall.html c:\program files\SearchProtect\UI\dialogs\uninstall\uninstall.js c:\program files\sXe Injected c:\program files\sXe Injected\ddsxei.sys c:\program files\sXe Injected\sXe-I EULA.txt c:\program files\sXe Injected\sXe Injected.exe c:\program files\sXe Injected\sXe Injected.txt c:\program files\sXe Injected\sXe.dll c:\program files\sXe Injected\uninstall.exe c:\program files\sXe Injected\uninstall.ini c:\program files\YoutubeAdblocker c:\program files\YoutubeAdblocker\RJAy.dat c:\program files\YoutubeAdblocker\RJAy.dll c:\program files\YoutubeAdblocker\RJAy.tlb c:\program files\YoutubeAdblocker\RJAy.x64.dll c:\users\Insys\AppData\Roaming\dclogs c:\users\Insys\AppData\Roaming\dclogs\2007-10-30-3.dc c:\users\Insys\AppData\Roaming\dclogs\2014-03-02-1.dc c:\users\Insys\AppData\Roaming\dclogs\2014-03-03-2.dc c:\users\Insys\AppData\Roaming\dclogs\2014-03-04-3.dc c:\users\Insys\AppData\Roaming\poclbm c:\users\Insys\AppData\Roaming\poclbm\poclbm.ini c:\users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihcmkdganopbcmgcgdggdpnncahjkal c:\users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihcmkdganopbcmgcgdggdpnncahjkal\1.5\background.html c:\users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihcmkdganopbcmgcgdggdpnncahjkal\1.5\content.js c:\users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihcmkdganopbcmgcgdggdpnncahjkal\1.5\lsdb.js c:\users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihcmkdganopbcmgcgdggdpnncahjkal\1.5\manifest.json c:\users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihcmkdganopbcmgcgdggdpnncahjkal\1.5\qXkiaOIIt7d.js c:\users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fihcmkdganopbcmgcgdggdpnncahjkal_0.localstorage-journal c:\users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fihcmkdganopbcmgcgdggdpnncahjkal_0.localstorage c:\users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Preferences c:\users\Pedro\AppData\Roaming\machine32.exe c:\users\Pedro\AppData\Roaming\machine64.exe c:\windows\system32\pt c:\windows\system32\pt\AuthFWSnapIn.Resources.dll c:\windows\system32\pt\AuthFWWizFwk.Resources.dll c:\windows\system32\pt\Narrator.resources.dll . . (((((((((((((((( Arquivos/Ficheiros criados de 2014-04-19 to 2014-05-19 )))))))))))))))))))))))))))) . . 2014-05-19 20:17 . 2014-05-19 20:17 -------- d-----w- c:\users\Insys\AppData\Local\temp 2014-05-19 20:17 . 2014-05-19 20:17 -------- d-----w- c:\users\Pedro\AppData\Local\temp 2014-05-19 20:17 . 2014-05-19 20:17 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-05-18 11:50 . 2014-05-18 11:50 -------- d-----w- c:\users\Pedro\AppData\Local\SearchProtect 2014-05-16 22:47 . 2014-05-16 22:47 -------- d-----w- c:\program files\tixati 2014-05-14 22:08 . 2014-05-14 22:08 -------- d-----w- C:\37d6d7e46f68fc165f38f736e1e3ca38 2014-05-14 21:44 . 2014-05-14 21:45 -------- d-----w- c:\windows\system32\C2MP 2014-05-14 18:47 . 2014-05-14 18:47 48392 ----a-w- c:\windows\system32\certsentry.dll 2014-05-14 18:46 . 2014-05-14 18:46 -------- d-----w- c:\program files\Comodo 2014-05-14 18:46 . 2014-05-14 18:46 -------- d-----w- c:\program files\DsNET Corp 2014-05-14 18:42 . 2014-05-18 11:44 -------- d-----w- c:\program files\MyPC Backup 2014-05-14 17:44 . 2014-05-14 17:44 -------- d-----w- c:\users\Insys\AppData\Roaming\Publish Providers 2014-05-14 17:36 . 2014-05-14 17:41 -------- d-----w- c:\users\Insys\AppData\Local\Sony 2014-05-14 17:36 . 2014-05-14 17:36 -------- d-----w- c:\programdata\Sony 2014-05-14 17:36 . 2014-05-15 21:55 -------- d-----w- c:\program files\Sony 2014-05-14 17:34 . 2014-05-16 20:26 -------- d-----w- c:\users\Insys\AppData\Roaming\Sony 2014-05-14 17:32 . 2014-05-14 17:32 -------- d-----w- c:\users\Insys\AppData\Local\SearchProtect 2014-05-13 20:29 . 2014-05-16 21:22 -------- d-----w- C:\FRST 2014-05-13 19:39 . 2014-05-13 19:39 -------- d-----w- c:\programdata\Licenses 2014-05-13 19:39 . 2014-05-13 19:39 -------- d-----w- c:\program files\Trojan Remover 2014-05-13 19:39 . 2014-05-13 19:39 -------- d-----w- c:\programdata\Simply Super Software 2014-05-12 21:38 . 2014-05-12 21:38 -------- d-----w- C:\d6bfc0a25fc0a372e506cbfb3ea4f6 2014-05-12 21:31 . 2014-05-12 21:31 -------- d-----w- c:\program files\Common Files\Bitdefender 2014-05-12 21:28 . 2014-05-12 21:29 -------- d-----w- c:\users\Insys\AppData\Roaming\QuickScan 2014-05-12 21:23 . 2014-05-12 21:23 -------- d-----w- c:\programdata\McAfee 2014-05-12 21:20 . 2014-05-12 21:20 411552 ----a-w- c:\windows\system32\drivers\tzszwgxf.sys 2014-05-12 19:43 . 2014-05-12 19:43 -------- d-----w- c:\programdata\Malwarebytes 2014-05-06 22:05 . 2014-05-15 23:37 -------- d-s---w- c:\windows\system32\CompatTel 2014-05-06 21:04 . 2014-05-06 21:04 -------- d-----w- c:\program files\360 2014-05-04 14:29 . 2014-05-04 14:29 -------- d-----w- c:\program files\AellCheapPrIIce 2014-05-04 00:37 . 2014-05-04 00:37 -------- d-----w- c:\users\Insys\AppData\Local\Blizzard 2014-05-04 00:33 . 2014-05-04 14:31 -------- d-----w- c:\program files\Hearthstone 2014-05-04 00:24 . 2014-05-04 00:24 -------- d-----w- c:\users\Insys\AppData\Local\Blizzard Entertainment 2014-05-04 00:24 . 2014-05-04 00:38 -------- d-----w- c:\users\Insys\AppData\Local\Battle.net 2014-05-04 00:24 . 2014-05-04 00:32 -------- d-----w- c:\users\Insys\AppData\Roaming\Battle.net 2014-05-04 00:23 . 2014-05-04 14:31 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment 2014-05-04 00:23 . 2014-05-04 00:24 -------- d-----w- c:\programdata\Blizzard Entertainment 2014-05-04 00:20 . 2014-05-04 00:20 -------- d-----w- c:\programdata\Battle.net 2014-04-27 08:12 . 2014-04-27 08:12 -------- d-----w- c:\users\Insys\AppData\Local\GIZMO2 2014-04-27 01:12 . 2014-04-27 01:12 -------- d--h--w- c:\windows\msdownld.tmp 2014-04-26 23:20 . 2014-04-27 00:24 -------- d-----w- c:\users\Pedro\AppData\Roaming\tixati 2014-04-26 22:20 . 2014-04-26 22:20 -------- d-----w- c:\users\Pedro\AppData\Local\GIZMO2 2014-04-26 22:05 . 2014-04-26 22:05 -------- d-----w- c:\programdata\SNT 2014-04-26 22:05 . 2014-04-26 22:05 -------- d-----w- c:\programdata\MyApps 2014-04-26 22:05 . 2014-04-26 22:05 174928 ----a-w- c:\program files\SNSvc.dll 2014-04-26 22:05 . 2014-04-26 22:05 -------- d-----w- c:\programdata\YoutubeAdblocker 2014-04-26 22:04 . 2014-05-12 21:17 -------- d-----w- c:\programdata\Save Niet 2014-04-26 22:04 . 2014-05-12 21:15 -------- d-----w- c:\program files\Save Niet 2014-04-26 22:04 . 2014-05-12 21:15 -------- d-----w- c:\programdata\cc813dae40a4cea1 2014-04-26 22:04 . 2014-04-26 22:04 -------- d-----w- c:\users\Pedro\AppData\Local\Torch 2014-04-26 22:04 . 2014-04-26 22:04 -------- d-----w- c:\users\Pedro\AppData\Local\Comodo 2014-04-26 22:04 . 2014-04-26 22:04 -------- d-----w- c:\users\Insys\AppData\Local\Torch 2014-04-26 22:04 . 2014-04-26 22:04 -------- d-----w- c:\users\Insys\AppData\Local\Comodo 2014-04-26 22:04 . 2014-04-26 22:04 -------- d-----w- c:\users\HomeGroupUser$ 2014-04-26 22:04 . 2014-04-26 22:04 -------- d-----w- c:\users\Convidado 2014-04-26 22:04 . 2014-04-26 22:04 -------- d-----w- c:\users\Administrador 2014-04-26 22:04 . 2014-04-26 22:04 -------- d-----w- c:\programdata\InstallMate 2014-04-26 22:01 . 2014-04-26 22:01 -------- d-----w- c:\users\Pedro\AppData\Local\WebPlayer 2014-04-26 22:01 . 2014-04-26 22:01 -------- d-----w- c:\users\Pedro\AppData\Local\FilesFrog Update Checker 2014-04-25 21:15 . 2014-04-25 21:32 -------- d-----w- c:\users\Pedro\.VirtualBox 2014-04-25 21:15 . 2014-04-25 22:10 -------- d-----w- c:\users\Pedro\AppData\Local\Genymobile 2014-04-25 21:14 . 2013-04-12 11:33 188176 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys 2014-04-25 21:14 . 2014-04-25 22:12 -------- dc----w- c:\windows\system32\DRVSTORE 2014-04-25 21:14 . 2013-04-12 11:33 94480 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys 2014-04-25 21:14 . 2014-04-25 21:14 -------- d-----w- c:\program files\Oracle 2014-04-25 21:12 . 2014-04-25 21:12 -------- d-----w- c:\program files\Genymobile 2014-04-25 20:55 . 2014-04-25 20:56 -------- d-----w- c:\programdata\BlueStacksSetup 2014-04-25 20:55 . 2014-04-25 20:55 -------- d-----w- c:\users\Pedro\AppData\Local\Bluestacks . . . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-04-12 18:29 . 2014-04-12 18:29 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys 2014-04-12 14:04 . 2014-04-12 14:04 2975056 ----a-w- c:\windows\system32\Steam.dll 2014-03-31 08:35 . 2013-09-07 16:33 231584 ------w- c:\windows\system32\MpSigStub.exe 2014-03-11 19:51 . 2013-10-05 14:50 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2014-03-11 19:51 . 2013-10-05 14:50 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2014-03-11 07:00 . 2014-03-11 07:00 114408 ----a-w- c:\windows\system32\drivers\scdemu.sys 2014-03-07 04:35 . 2014-04-08 15:01 7969936 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4DCA77BC-9C2C-4F19-928B-6D7D9375BA0E}\mpengine.dll . . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por padrão não são apresentadas. REGEDIT4 . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-09-09 280576] . c:\users\Insys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ MyPC Backup.lnk - c:\program files\MyPC Backup\MyPC Backup.exe [2014-3-14 2901032] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ CodecPackUpdateChecker.lnk - c:\windows\System32\C2MP\UpdateChecker.exe [2013-8-29 48200] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . R2 916e5338;SN.Sustainer;c:\windows\system32\rundll32.exe [2009-07-14 44544] R2 BackupStack;Computer Backup (MyPC Backup);c:\program files\MyPC Backup\BackupStack.exe [2014-03-14 36392] R2 IePluginService;IePlugin Service;c:\programdata\IePluginService\PluginService.exe [2014-04-14 0] R2 QHActiveDefense;360 Total Security;c:\program files\360\Total Security\safemon\QHActiveDefense.exe [2014-04-30 607560] R2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys [x] R2 Wpm;Wpm Service;c:\programdata\WPM\wprotectmanager.exe [2014-04-10 0] R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2013-03-25 65200] R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2014-04-12 23456] R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x] R3 HWHandSet;HWUSBSERSP;c:\windows\system32\DRIVERS\hw_quusbmdm.sys [2011-10-24 195200] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-02-09 108032] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848] R3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2014-04-10 0] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2013-04-12 104720] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Serviço de Tecnologias de Activação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-09-08 1343400] S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2013-04-12 188176] S2 CltMngSvc;Search Protect Service;c:\progra~1\SearchProtect\Main\bin\CltMngSvc.exe [x] S2 DragonUpdater;COMODO Dragon Update Service;c:\program files\Comodo\Dragon\dragon_updater.exe [2014-03-20 2135232] S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [2010-03-31 379904] S3 SiS6350;SiS6350;c:\windows\system32\DRIVERS\SISGRKMD.sys [2009-12-16 465920] S3 SiSGbeLH;Controlador SiS191/SiS190 Ethernet Device NDIS 6.0;c:\windows\system32\DRIVERS\SiSGB6.sys [2009-07-13 48128] S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2013-04-12 115984] . . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2014-05-15 18:41 1077576 ----a-w- c:\program files\Google\Chrome\Application\34.0.1847.137\Installer\chrmstp.exe . Conteúdo da pasta 'Tarefas Agendadas' . 2014-04-10 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-05 19:51] . 2014-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf706dd9b94f0.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-10-05 20:37] . 2014-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-10-05 20:37] . 2014-04-12 c:\windows\Tasks\RegistryDr_Popup.job - c:\program files\Registry Dr\Splash.exe [2014-03-19 14:46] . 2014-04-12 c:\windows\Tasks\RegistryDr_Start.job - c:\program files\Registry Dr\RegistryDr.exe [2014-03-19 14:46] . 2014-04-26 c:\windows\Tasks\SN.Booster-S-482248051.job - c:\programdata\myapps\sn.booster\SN.Booster.exe [2013-04-26 22:05] . 2014-04-26 c:\windows\Tasks\SomotoUpdateCheckerAutoStart.job - c:\users\Pedro\AppData\Local\FilesFrog Update Checker\update_checker.exe [2013-10-17 09:50] . . ------- Scan Suplementar ------- . uStart Page = about:blank mStart Page = hxxp://websearch.amaizingsearches.info/?pid=233&r=2014/04/26&hid=11410117755029885341&lg=EN&cc=PT&unqvl=51 uInternet Settings,ProxyOverride = <local> uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 TCP: DhcpNameServer = 192.168.1.1 . - - - - ORFÃOS REMOVIDOS - - - - . BHO-{BD4CD860-DB9F-735A-84A7-B7887C75B861} - c:\program files\YoutubeAdblocker\RJAy.dll MSConfigStartUp-Adobe Creative Cloud - c:\program files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe MSConfigStartUp-BisonHK - c:\program files\BisonCam\BisonHK.exe MSConfigStartUp-Tiny download manager - c:\users\Insys\AppData\Local\DM\TinyDM.exe AddRemove-SearchProtect - c:\progra~1\SearchProtect\Main\bin\uninstall.exe AddRemove-Steam App 200210 - c:\program files\Steam\steam.exe AddRemove-Steam App 256410 - c:\program files\Steam\steam.exe AddRemove-sXe Injected - c:\program files\sXe Injected\uninstall.exe AddRemove-{5F189DF5-2D05-472B-9091-84D9848AE48B}{916e5338} - c:\progra~1\SN0310~1.BOO AddRemove-{56837588-F559-40CF-91D9-D439D405FB28} - c:\users\Insys\AppData\Local\Temp\Download_89BB\SteamKeygen2014_Downloader.exe . . . --------------------- CHAVES DO REGISTRO BLOQUEADAS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Tempo para conclusão: 2014-05-19 21:19:15 ComboFix-quarantined-files.txt 2014-05-19 20:19 . Pré-execução: 106.569.846.784 bytes livres Pós execução: 107.182.632.960 bytes livres . - - End Of File - - CD0CD91E081DAFF69C233CC02781BB42 A36C5E4F47E84449FF07ED3517B43A31
  7. They are ALL , greeb check marks AVG 20140516 Ad-Aware 20140516 AegisLab 20140516 Agnitum 20140516 AhnLab-V3 20140516 AntiVir 20140516 Antiy-AVL 20140516 Avast 20140517 Baidu-International 20140516 BitDefender 20140516 Bkav 20140516 ByteHero 20140517 CAT-QuickHeal 20140516 CMC 20140516 ClamAV 20140517 Commtouch 20140517 Comodo 20140516 DrWeb 20140516 ESET-NOD32 20140517 Emsisoft 20140516 F-Prot 20140516 F-Secure 20140516 Fortinet 20140516 GData 20140516 Ikarus 20140516 Jiangmin 20140516 K7AntiVirus 20140516 K7GW 20140516 Kaspersky 20140517 Kingsoft 20140517 Malwarebytes 20140517 McAfee 20140516 McAfee-GW-Edition 20140516 MicroWorld-eScan 20140516 Microsoft 20140516 NANO-Antivirus 20140516 Norman 20140516 Panda 20140516 Qihoo-360 20140517 Rising 20140507 SUPERAntiSpyware 20140516 Sophos 20140516 Symantec 20140516 Tencent 20140517 TheHacker 20140515 TotalDefense 20140516 TrendMicro 20140516 TrendMicro-HouseCall 20140516 VBA32 20140516 VIPRE 20140517 ViRobot 20140516 Zillya 20140516 nProtect 20140516
  8. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-05-2014 Ran by Insys (administrator) on INSYS-PC on 16-05-2014 22:20:00 Running from C:\Users\Insys\Desktop Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Portuguese Standard Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= () C:\Program Files\Comodo\Dragon\dragon_updater.exe (Client Connect LTD) C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe (Google Inc.) C:\Program Files\Google\Update\1.3.24.7\GoogleCrashHandler.exe (Client Connect LTD) C:\Program Files\SearchProtect\SearchProtect\bin\cltmng.exe (Client Connect LTD) C:\Program Files\SearchProtect\UI\bin\cltmngui.exe (MyPCBackup.com) C:\Program Files\MyPC Backup\MyPC Backup.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Sony Creative Software Inc.) C:\Program Files\Sony\Vegas Pro 11.0\vegas110.exe (Sony Creative Software Inc.) C:\Program Files\Sony\Vegas Pro 11.0\ErrorReportLauncher.exe (Microsoft Corporation) C:\Windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe,userinit.exe HKLM\...\Policies\Explorer: [NoToolbarCustomize] 0 HKLM\...\Policies\Explorer: [NoBandCustomize] 0 HKU\.DEFAULT\...\RunOnce: [sPReview] - C:\Windows\System32\SPReview\SPReview.exe [280576 2013-09-09] (Microsoft Corporation) HKU\S-1-5-21-1446833926-4087065971-51131571-1001\...\Policies\Explorer: [NoToolbarCustomize] 0 HKU\S-1-5-21-1446833926-4087065971-51131571-1001\...\Policies\Explorer: [NoBandCustomize] 0 AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [171840 2014-05-03] (Client Connect LTD) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\System32\C2MP\UpdateChecker.exe () Startup: C:\Users\Insys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk ShortcutTarget: MyPC Backup.lnk -> C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://pt.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x257DB7D783AECE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-PT HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.amaizingsearches.info/?pid=233&r=2014/04/26&hid=11410117755029885341&lg=EN&cc=PT&unqvl=51 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO: YoutubeAdblocker - {BD4CD860-DB9F-735A-84A7-B7887C75B861} - C:\Program Files\YoutubeAdblocker\RJAy.dll () BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Insys\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-03-11] Chrome: ======= CHR HomePage: hxxp://search.conduit.com/?gd=&ctid=CT3323885&octid=EB_ORIGINAL_CTID&ISID=M88949B72-4A57-4E67-A110-1B190465F0C1&SearchSource=55&CUI=&UM=5&UP=SPC3A912B7-1FFA-4E0E-8CE5-B497D2B0A8B6&SSPV= CHR StartupUrls: "hxxp://www.trovi.com/?gd=&ctid=CT3320133&octid=EB_ORIGINAL_CTID&ISID=MEDA66BFC-55B0-4E89-83F6-CBB8A99651AF&SearchSource=55&CUI=&UM=5&UP=SPC3A912B7-1FFA-4E0E-8CE5-B497D2B0A8B6&SSPV=" CHR DefaultSearchKeyword: trovi.search CHR DefaultSearchProvider: Trovi search CHR Extension: (Google Translate) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-04-12] CHR Extension: (Google Drive) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-05] CHR Extension: (Turn Off the Lights) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2014-03-05] CHR Extension: (YouTube) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-05] CHR Extension: (Pesquisa do Google) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-05] CHR Extension: (AdBlock) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-04] CHR Extension: (Arcane Legends) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibmlkgieigeddcedpbijnpojheoddido [2014-04-21] CHR Extension: (Super Animes - Fate Zero - Einzbern) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngnmipnamnakggdpmkfkbampjbhhloeb [2014-03-05] CHR Extension: (Google Wallet) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-05] CHR Extension: (Gmail) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-05] CHR HKLM\...\Chrome\Extension: [ehkebkalogplefdncmdccimnhgecojcj] - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\chrome.crx [2014-04-26] CHR HKLM\...\Chrome\Extension: [lpmhiipjeomjecdgkkgpmeogahbilpmp] - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\face.crx [2014-04-26] CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-03-16] ========================== Services (Whitelisted) ================= S2 916e5338; C:\Program Files\SNSvc.dll [174928 2014-04-26] () S2 BackupStack; C:\Program Files\MyPC Backup\BackupStack.exe [36392 2014-03-14] (Just Develop It) R2 CltMngSvc; C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe [2496320 2014-05-03] (Client Connect LTD) R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2135232 2014-03-20] () S2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [0 2014-04-14] () S2 QHActiveDefense; C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe [607560 2014-04-30] () S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [0 2014-04-10] () S2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [0 2014-04-10] () ==================== Drivers (Whitelisted) ==================== S3 Cam5607; C:\Windows\System32\Drivers\BisonC07.sys [1182320 2009-07-25] (Bison Electronics. Inc. ) S3 HWHandSet; C:\Windows\System32\DRIVERS\hw_quusbmdm.sys [195200 2011-10-24] (Huawei Technologies Co., Ltd.) R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [45968 2011-11-03] (Rovi Corporation) R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [379904 2010-03-31] (Realtek Semiconductor Corporation ) R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [114408 2014-03-11] (Power Software Ltd) S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2011-10-24] (Huawei Technologies Co., Ltd.) S2 sbapifs; system32\DRIVERS\sbapifs.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-16 22:19 - 2014-05-16 22:19 - 00000000 ____D () C:\Users\Insys\Desktop\FRST-OlderVersion 2014-05-16 22:09 - 2010-02-17 15:41 - 00000000 ____D () C:\Users\Insys\Desktop\Adobe After Effects CS4 Crack 2014-05-16 22:06 - 2014-05-16 22:06 - 00979038 _____ () C:\Users\Insys\Downloads\Adobe-After-Effects-CS4-Crack.rar 2014-05-16 21:57 - 2014-02-28 21:46 - 00000000 ____D () C:\Users\Insys\Desktop\AFTER EFFECTS CS6 2014-05-16 21:52 - 2014-05-16 21:53 - 1243758966 _____ () C:\Users\Insys\Downloads\AFTER EFFECTS CS6.zip 2014-05-16 00:33 - 2014-05-16 00:33 - 00002682 _____ () C:\Users\Insys\Downloads\FSS.txt 2014-05-16 00:32 - 2014-05-16 00:33 - 00409088 _____ (Farbar) C:\Users\Insys\Downloads\FSS.exe 2014-05-16 00:31 - 2014-05-16 00:37 - 01179648 _____ () C:\Users\Insys\Documents\Untitled.mxf 2014-05-16 00:13 - 2014-02-16 11:50 - 00000000 ____D () C:\Users\Insys\Desktop\Clips + Smooths 2014-05-16 00:09 - 2014-05-16 00:09 - 00000000 ____D () C:\Users\Insys\Desktop\Twixtor Sony Vegas Pro 11 2014-05-16 00:08 - 2014-05-16 00:09 - 14544990 _____ () C:\Users\Insys\Downloads\Twixtor Pro Sony Vegas -Drips-.zip 2014-05-16 00:04 - 2014-05-16 00:06 - 94735068 _____ () C:\Users\Insys\Desktop\Aelius Editing Contest Week 1.rar 2014-05-15 23:48 - 2014-05-15 23:48 - 00646780 _____ () C:\Users\Insys\Desktop\Ichigo vs Kenpachi Full Fight (English Dub).part 2014-05-15 22:57 - 2014-05-15 22:59 - 00435016 _____ () C:\Users\Insys\Desktop\Mt Eden Dubstep Sierra Leone [HD].mp3.sfk 2014-05-15 22:55 - 2012-09-02 17:08 - 00051310 _____ () C:\Users\Insys\Desktop\Preset pack 4 (CC Mega pack).sfpreset 2014-05-15 22:27 - 2014-05-15 22:27 - 00002024 _____ () C:\Users\Insys\Desktop\Ichigo vs Byakuya Full Fight (English Dub Ganesh N).avi-14996648333-14347667-0.sfk 2014-05-15 22:26 - 2014-05-15 22:27 - 00011664 _____ () C:\Users\Insys\Desktop\Ichigo vs Byakuya Full Fight (English Dub Ganesh N).avi-14912564333-84084000-0.sfk 2014-05-15 21:50 - 2014-05-15 21:50 - 00000074 _____ () C:\Users\Insys\Desktop\bleach.mxf.sfl 2014-05-15 21:17 - 2014-05-15 21:50 - 1365967160 _____ () C:\Users\Insys\Desktop\bleach.mxf 2014-05-15 21:15 - 2014-05-15 21:16 - 13328352 _____ (Sony Creative Software Inc.) C:\Users\Insys\Downloads\presetmngr20k.exe 2014-05-15 21:15 - 2014-05-15 21:15 - 00005258 _____ () C:\Users\Insys\Desktop\Preset pack 4 (CC Mega Pack).rar 2014-05-15 19:39 - 2014-05-15 19:39 - 00000992 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf706dd9b94f0.job 2014-05-15 19:29 - 2014-05-15 19:29 - 00468480 _____ () C:\Users\Insys\Desktop\CKScanner.exe 2014-05-14 23:08 - 2014-05-14 23:08 - 00000000 ____D () C:\37d6d7e46f68fc165f38f736e1e3ca38 2014-05-14 23:06 - 2014-05-15 22:32 - 00030800 _____ () C:\Users\Insys\Desktop\inacabado bleach.veg 2014-05-14 23:06 - 2014-05-15 21:15 - 00035744 _____ () C:\Users\Insys\Desktop\inacabado bleach.veg.bak 2014-05-14 23:06 - 2014-05-14 23:06 - 00016280 _____ () C:\Users\Insys\Documents\inacabado bleach.veg 2014-05-14 22:46 - 2014-05-14 22:47 - 00286016 _____ () C:\Users\Insys\Desktop\♬ Two Door Cinema Club What You Know (Feed Me Dubstep Cover) [HD].mp3.sfk 2014-05-14 22:45 - 2014-05-14 22:47 - 02594440 _____ () C:\Users\Insys\Desktop\Ichigo vs Byakuya Full Fight (English Dub Ganesh N).avi.sfk 2014-05-14 22:44 - 2014-05-14 22:45 - 00000000 ____D () C:\Windows\system32\C2MP 2014-05-14 22:44 - 2014-05-14 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack 2014-05-14 22:44 - 2014-05-14 22:44 - 21916168 _____ (Windows 7 - Codec Pack) C:\Users\Insys\Downloads\windows.7.codec.pack.v4.0.8.setup.exe 2014-05-14 22:36 - 2014-05-16 00:33 - 00000000 ____D () C:\Users\Insys\Desktop\GrantPerms 2014-05-14 22:36 - 2014-05-14 22:36 - 00453083 _____ () C:\Users\Insys\Downloads\GrantPerms.zip 2014-05-14 20:22 - 2014-05-14 20:37 - 300351122 _____ () C:\Users\Insys\Desktop\Ichigo vs Byakuya Full Fight (English Dub Ganesh N).avi 2014-05-14 20:18 - 2014-05-14 20:48 - 307514917 _____ () C:\Users\Insys\Desktop\Ichigo vs Byakuya Full Fight (English Dub Ganesh N)[1].mp4 2014-05-14 20:14 - 2014-05-14 20:18 - 265008856 _____ () C:\Users\Insys\Desktop\BEST FREE KICKS MONTAGE VOL29 by freekickerz.avi 2014-05-14 19:47 - 2014-05-14 19:47 - 00048392 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll 2014-05-14 19:47 - 2014-05-14 19:47 - 00001074 _____ () C:\Users\Public\Desktop\Comodo Dragon.lnk 2014-05-14 19:47 - 2014-05-14 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo 2014-05-14 19:46 - 2014-05-14 19:46 - 00002070 _____ () C:\Users\Public\Desktop\Video Search.lnk 2014-05-14 19:46 - 2014-05-14 19:46 - 00001144 _____ () C:\Users\Public\Desktop\aTube Catcher.lnk 2014-05-14 19:46 - 2014-05-14 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher 2014-05-14 19:46 - 2014-05-14 19:46 - 00000000 ____D () C:\Program Files\DsNET Corp 2014-05-14 19:46 - 2014-05-14 19:46 - 00000000 ____D () C:\Program Files\Comodo 2014-05-14 19:43 - 2014-05-14 19:43 - 00001915 _____ () C:\Users\Insys\Desktop\Sync Folder.lnk 2014-05-14 19:42 - 2014-05-14 19:42 - 17109800 _____ (DsNET Corp) C:\Users\Insys\Downloads\222-aTubeCatcher.exe 2014-05-14 19:42 - 2014-05-14 19:42 - 00001045 _____ () C:\Users\Insys\Desktop\MyPC Backup.lnk 2014-05-14 19:42 - 2014-05-14 19:42 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup 2014-05-14 19:42 - 2014-05-14 19:42 - 00000000 ____D () C:\Program Files\MyPC Backup 2014-05-14 18:49 - 2014-05-14 18:49 - 00623504 _____ () C:\Users\Insys\Downloads\atube-catcher-387955-32-bits.exe 2014-05-14 18:44 - 2014-05-14 18:44 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\Publish Providers 2014-05-14 18:43 - 2014-05-14 18:43 - 00002492 _____ () C:\Users\Insys\Desktop\Register Vegas Pro.htm 2014-05-14 18:39 - 2012-03-25 19:18 - 00000000 ____D () C:\Users\Insys\Desktop\SonyVegasProCrack 2014-05-14 18:37 - 2014-05-09 08:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-14 18:37 - 2014-05-09 08:04 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-14 18:37 - 2014-04-12 03:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-05-14 18:37 - 2014-04-12 03:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-05-14 18:37 - 2014-04-12 03:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-05-14 18:37 - 2014-04-12 03:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-05-14 18:37 - 2014-04-12 03:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-05-14 18:37 - 2014-04-12 03:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-05-14 18:37 - 2014-04-12 03:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-05-14 18:37 - 2014-03-04 10:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2014-05-14 18:37 - 2014-03-04 10:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-05-14 18:37 - 2014-03-04 10:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-05-14 18:37 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-05-14 18:37 - 2014-03-04 10:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-05-14 18:37 - 2014-03-04 10:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-05-14 18:37 - 2014-03-04 10:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-05-14 18:37 - 2014-03-04 10:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-05-14 18:37 - 2014-03-04 10:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-05-14 18:37 - 2014-03-04 10:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-05-14 18:37 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2014-05-14 18:37 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2014-05-14 18:37 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2014-05-14 18:37 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2014-05-14 18:37 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-05-14 18:37 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2014-05-14 18:37 - 2014-03-04 10:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-05-14 18:36 - 2014-05-15 22:55 - 00000000 ____D () C:\Program Files\Sony 2014-05-14 18:36 - 2014-05-15 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony 2014-05-14 18:36 - 2014-05-14 18:41 - 00000000 ____D () C:\Users\Insys\AppData\Local\Sony 2014-05-14 18:36 - 2014-05-14 18:36 - 00001038 _____ () C:\Users\Public\Desktop\Vegas Pro 11.0.lnk 2014-05-14 18:36 - 2014-05-14 18:36 - 00000000 ____D () C:\ProgramData\Sony 2014-05-14 18:36 - 2014-03-25 03:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-05-14 18:34 - 2014-05-16 21:26 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\Sony 2014-05-14 18:33 - 2014-05-14 18:34 - 213003208 _____ (Sony Creative Software Inc.) C:\Users\Insys\Desktop\vegaspro11.0.682_32bit.exe 2014-05-14 18:32 - 2014-05-14 18:32 - 00076771 _____ () C:\Users\Insys\Desktop\VegasProCrack.rar 2014-05-14 18:32 - 2014-05-14 18:32 - 00000000 ____D () C:\Users\Insys\AppData\Local\SearchProtect 2014-05-14 18:31 - 2014-05-14 18:31 - 00000000 ____D () C:\Program Files\SearchProtect 2014-05-14 18:29 - 2014-05-14 18:29 - 00509144 _____ (A-installer) C:\Users\Insys\Downloads\Vegas Pro.exe 2014-05-14 18:21 - 2014-05-14 18:21 - 00001517 _____ () C:\Users\Insys\Desktop\ServicesRepair - Atalho.lnk 2014-05-14 18:21 - 2014-05-14 18:21 - 00000000 ____D () C:\Users\Public\Desktop\CC Support 2014-05-14 18:20 - 2014-05-14 18:21 - 04009167 _____ () C:\Users\Insys\Downloads\ServicesRepair.exe 2014-05-13 22:23 - 2014-05-13 22:24 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Insys\Downloads\mbam-setup-2.0.1.1004 (1).exe 2014-05-13 21:40 - 2014-05-13 21:40 - 00023347 _____ () C:\Users\Insys\Downloads\Addition.txt 2014-05-13 21:32 - 2014-05-16 22:20 - 00012111 _____ () C:\Users\Insys\Desktop\FRST.txt 2014-05-13 21:32 - 2014-05-13 21:35 - 00023347 _____ () C:\Users\Insys\Desktop\Addition.txt 2014-05-13 21:29 - 2014-05-16 22:20 - 00000000 ____D () C:\FRST 2014-05-13 21:27 - 2014-05-16 22:19 - 01056768 _____ (Farbar) C:\Users\Insys\Desktop\FRST.exe 2014-05-13 21:26 - 2014-03-16 02:53 - 00000860 _____ () C:\Windows\system32\Drivers\etc\hosts.trb 2014-05-13 21:05 - 2014-05-13 21:05 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Insys\Downloads\mbam-setup-2.0.1.1004.exe 2014-05-13 20:55 - 2014-05-13 20:55 - 04796856 _____ (AVAST Software) C:\Users\Insys\Downloads\avast_free_antivirus_setup_online.exe 2014-05-13 20:39 - 2014-05-13 20:39 - 00001109 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk 2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\Users\Insys\Documents\Simply Super Software 2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\ProgramData\Simply Super Software 2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover 2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\ProgramData\Licenses 2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\Program Files\Trojan Remover 2014-05-13 20:38 - 2014-05-13 20:38 - 18058688 _____ (Simply Super Software ) C:\Users\Insys\Downloads\trjsetup.exe 2014-05-12 22:38 - 2014-05-12 22:38 - 00000000 ____D () C:\d6bfc0a25fc0a372e506cbfb3ea4f6 2014-05-12 22:34 - 2014-05-13 06:02 - 00000000 _____ () C:\Users\Insys\Downloads\Windows-KB890830-V5.11.exe 2014-05-12 22:31 - 2014-05-12 22:31 - 05697760 _____ () C:\Users\Insys\Downloads\bitdefender_isecurity_[quickscan].exe 2014-05-12 22:31 - 2014-05-12 22:31 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender 2014-05-12 22:28 - 2014-05-12 22:29 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\QuickScan 2014-05-12 22:25 - 2014-05-12 22:25 - 02055784 _____ (Trend Micro Inc.) C:\Users\Insys\Downloads\HousecallLauncher.exe 2014-05-12 22:25 - 2014-05-12 22:25 - 00000036 _____ () C:\Users\Insys\AppData\Local\housecall.guid.cache 2014-05-12 22:23 - 2014-05-12 22:23 - 08326064 _____ (McAfee, Inc.) C:\Users\Insys\Downloads\SecurityScan_Release.exe 2014-05-12 22:23 - 2014-05-12 22:23 - 00000000 ____D () C:\ProgramData\McAfee 2014-05-12 22:20 - 2014-05-12 22:20 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\tzszwgxf.sys 2014-05-12 22:19 - 2014-05-12 22:20 - 88882192 _____ (AVAST Software) C:\Users\Insys\Downloads\avast_free_antivirus_setup.exe 2014-05-12 21:59 - 2014-05-12 21:59 - 01243655 _____ () C:\Users\Insys\Downloads\ProcessExplorer.zip 2014-05-12 21:06 - 2014-05-12 21:06 - 00052822 _____ () C:\Users\Insys\Downloads\Extras.Txt 2014-05-12 21:05 - 2014-05-12 21:05 - 00163214 _____ () C:\Users\Insys\Downloads\OTL.Txt 2014-05-12 20:47 - 2014-05-12 20:47 - 11519096 _____ (OPSWAT, Inc.) C:\Users\Insys\Downloads\AppRemover.exe 2014-05-12 20:45 - 2014-05-12 20:45 - 00602112 _____ (OldTimer Tools) C:\Users\Insys\Downloads\OTL.exe 2014-05-12 20:43 - 2014-05-12 20:43 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-12 20:42 - 2014-05-12 20:42 - 01440846 _____ () C:\Users\Insys\Downloads\mbam-chameleon-1.62.1.1000.zip 2014-05-12 20:39 - 2014-05-12 20:39 - 04768528 _____ (AVAST Software) C:\Users\Insys\Downloads\avast_pro_antivirus_setup_online.exe 2014-05-12 20:33 - 2014-05-12 20:33 - 04436952 _____ () C:\Users\Insys\Desktop\avg_free_stb_all_2014_4259_softonic.exe 2014-05-12 20:29 - 2014-05-12 20:29 - 00386904 _____ (Softonic ) C:\Users\Insys\Downloads\SoftonicDownloader_para_avg-antivirus-free-2014.exe 2014-05-12 20:29 - 2014-05-12 20:29 - 00386904 _____ (Softonic ) C:\Users\Insys\Downloads\SoftonicDownloader_para_avg-antivirus-free-2014 (1).exe 2014-05-10 23:04 - 2014-05-10 23:04 - 00921512 _____ (Oracle Corporation) C:\Users\Insys\Downloads\chromeinstall-7u55.exe 2014-05-10 15:02 - 2014-05-10 15:04 - 00000000 ____D () C:\Users\Insys\Desktop\juventude e trabalho 2014-05-06 23:05 - 2014-05-16 00:37 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-06 22:04 - 2014-05-06 22:04 - 00001107 _____ () C:\Users\Insys\Desktop\360 Total Security.lnk 2014-05-06 22:04 - 2014-05-06 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center 2014-05-06 22:04 - 2014-05-06 22:04 - 00000000 ____D () C:\Program Files\360 2014-05-06 21:57 - 2014-05-06 21:57 - 22607176 _____ () C:\Users\Insys\Downloads\360TS_Setup.exe 2014-05-04 15:51 - 2014-05-04 15:54 - 320867494 _____ () C:\Users\Insys\Downloads\Counter-Strike 1.6 No Steam.rar 2014-05-04 15:29 - 2014-05-04 15:29 - 00000000 ____D () C:\Program Files\AellCheapPrIIce 2014-05-04 01:37 - 2014-05-04 01:37 - 00000000 ____D () C:\Users\Insys\AppData\Local\Blizzard 2014-05-04 01:33 - 2014-05-04 15:31 - 00000000 ____D () C:\Program Files\Hearthstone 2014-05-04 01:24 - 2014-05-04 01:38 - 00000000 ____D () C:\Users\Insys\AppData\Local\Battle.net 2014-05-04 01:24 - 2014-05-04 01:32 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\Battle.net 2014-05-04 01:24 - 2014-05-04 01:24 - 00000000 ____D () C:\Users\Insys\AppData\Local\Blizzard Entertainment 2014-05-04 01:23 - 2014-05-04 15:31 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment 2014-05-04 01:23 - 2014-05-04 01:24 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment 2014-05-04 01:20 - 2014-05-04 01:20 - 00000000 ____D () C:\ProgramData\Battle.net 2014-05-04 01:19 - 2014-05-04 01:19 - 07094224 _____ (Blizzard Entertainment) C:\Users\Insys\Downloads\Hearthstone-Setup-ptBR.exe 2014-05-03 23:46 - 2014-05-03 23:46 - 00018575 _____ () C:\Users\Insys\Downloads\squarefont.zip 2014-05-01 22:57 - 2014-05-01 22:57 - 00000000 ____D () C:\Users\Insys\Documents\Klei 2014-05-01 22:50 - 2014-05-01 22:55 - 155860495 _____ () C:\Users\Insys\Downloads\Dont Starve .rar 2014-05-01 22:49 - 2014-05-01 22:50 - 11822248 _____ (Elex do Brasil Participações Ltda) C:\Users\Insys\Downloads\yet_another_cleaner_ava.exe 2014-04-29 20:03 - 2014-04-29 20:03 - 17435168 _____ () C:\Users\Insys\Downloads\SwiftKey_Keyboard_v4.4.2.254.apk 2014-04-28 20:23 - 2014-04-28 20:23 - 02741951 _____ () C:\Users\Insys\Downloads\AIVC (Alice) - Pro Version v3.1 apkmania.com.rar 2014-04-27 09:12 - 2014-04-27 09:12 - 00000000 ____D () C:\Users\Insys\AppData\Local\GIZMO2 2014-04-27 02:12 - 2014-04-27 02:12 - 00000000 ___HD () C:\Windows\msdownld.tmp 2014-04-27 02:11 - 2014-04-27 02:12 - 00000000 ____D () C:\Windows\system32\directx 2014-04-27 00:21 - 2014-04-27 00:21 - 00003442 _____ () C:\Users\Pedro\Downloads\37E792D91449F1337D5FA52635356B88CB5A7A96.torrent 2014-04-27 00:20 - 2014-04-27 01:24 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\tixati 2014-04-27 00:20 - 2014-04-27 00:20 - 00057051 _____ () C:\Users\Pedro\Downloads\CDB1D4052D61A3BF5D0FF2FD2C083163C0CA8A54.torrent 2014-04-27 00:20 - 2014-04-27 00:20 - 00040472 _____ () C:\Users\Pedro\Downloads\E75ED20D538971366FE4B8D5EB35947CDE6AA712.torrent 2014-04-27 00:20 - 2014-04-27 00:20 - 00040472 _____ () C:\Users\Pedro\Downloads\7BAC0B2A5171336DA7DE1EA05EF9D5E03DE0254D.torrent 2014-04-27 00:20 - 2014-04-27 00:20 - 00040372 _____ () C:\Users\Pedro\Downloads\E7190945010711F731BD6A3FD1B3FB3EAFDD2B52.torrent 2014-04-26 23:20 - 2014-04-26 23:20 - 00000000 ____D () C:\Users\Pedro\AppData\Local\GIZMO2 2014-04-26 23:18 - 2014-04-26 23:19 - 100300522 _____ (UNIQLO CO., LTD.) C:\Users\Pedro\Downloads\UNIQLO_SCREENSAVER_setup.exe 2014-04-26 23:05 - 2014-04-26 23:05 - 00174928 _____ () C:\Program Files\SNSvc.dll 2014-04-26 23:05 - 2014-04-26 23:05 - 00000432 ____H () C:\Windows\Tasks\SN.Booster-S-482248051.job 2014-04-26 23:05 - 2014-04-26 23:05 - 00000000 ____D () C:\ProgramData\YoutubeAdblocker 2014-04-26 23:05 - 2014-04-26 23:05 - 00000000 ____D () C:\ProgramData\SNT 2014-04-26 23:05 - 2014-04-26 23:05 - 00000000 ____D () C:\Program Files\YoutubeAdblocker 2014-04-26 23:04 - 2014-05-12 22:17 - 00000000 ____D () C:\ProgramData\Save Niet 2014-04-26 23:04 - 2014-05-12 22:15 - 00000000 ____D () C:\ProgramData\cc813dae40a4cea1 2014-04-26 23:04 - 2014-05-12 22:15 - 00000000 ____D () C:\Program Files\Save Niet 2014-04-26 23:04 - 2014-04-26 23:04 - 00323888 _____ (MyApps) C:\Users\Pedro\Downloads\Download_Manager-l4d2_2013_nosTEAM.zip.exe 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Torch 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Comodo 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Insys\AppData\Local\Torch 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Insys\AppData\Local\Comodo 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\HomeGroupUser$ 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Convidado\AppData\Local\Torch 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Convidado\AppData\Local\Google 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Convidado\AppData\Local\Comodo 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Convidado 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Torch 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Google 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Comodo 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Administrador 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\ProgramData\InstallMate 2014-04-26 23:01 - 2014-04-26 23:01 - 00002135 _____ () C:\Users\Pedro\Desktop\FLV Player.lnk 2014-04-26 23:01 - 2014-04-26 23:01 - 00000324 _____ () C:\Windows\Tasks\SomotoUpdateCheckerAutoStart.job 2014-04-26 23:01 - 2014-04-26 23:01 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player 2014-04-26 23:01 - 2014-04-26 23:01 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker 2014-04-26 23:01 - 2014-04-26 23:01 - 00000000 ____D () C:\Users\Pedro\AppData\Local\WebPlayer 2014-04-26 23:01 - 2014-04-26 23:01 - 00000000 ____D () C:\Users\Pedro\AppData\Local\FilesFrog Update Checker 2014-04-26 22:58 - 2014-04-26 22:58 - 00236952 _____ () C:\Users\Pedro\Downloads\ClickHeretoDownloadSetup-4a8bR5ZD.exe 2014-04-26 22:52 - 2014-04-26 22:52 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-04-26 10:22 - 2014-04-26 10:22 - 02108416 _____ () C:\Users\Pedro\AppData\Roaming\machine32.exe 2014-04-26 10:22 - 2014-04-26 10:22 - 01067583 _____ () C:\Users\Pedro\AppData\Roaming\machine64.exe 2014-04-26 10:22 - 2014-04-26 10:22 - 00000007 _____ () C:\Users\Pedro\AppData\Roaming\v1291.txt 2014-04-25 23:12 - 2014-04-25 23:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox 2014-04-25 22:30 - 2014-04-25 22:30 - 10486864 _____ (BlueStack Systems Inc.) C:\Users\Pedro\Downloads\BlueStacks-SplitInstaller_native (1).exe 2014-04-25 22:25 - 2014-04-25 22:29 - 535085536 _____ () C:\Users\Pedro\Downloads\adt-bundle-windows-x86-20140321.zip 2014-04-25 22:15 - 2014-04-25 23:10 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Genymobile 2014-04-25 22:15 - 2014-04-25 22:32 - 00000000 ____D () C:\Users\Pedro\.VirtualBox 2014-04-25 22:14 - 2014-04-25 22:14 - 00001076 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk 2014-04-25 22:14 - 2014-04-25 22:14 - 00000000 ____D () C:\Program Files\Oracle 2014-04-25 22:14 - 2013-04-12 12:33 - 00188176 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys 2014-04-25 22:14 - 2013-04-12 12:33 - 00094480 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys 2014-04-25 22:12 - 2014-04-25 22:12 - 00000000 ____D () C:\Program Files\Genymobile 2014-04-25 22:11 - 2014-04-25 22:12 - 123486848 _____ (Genymobile ) C:\Users\Pedro\Downloads\genymotion-2.2.0-vbox.exe 2014-04-25 21:55 - 2014-04-25 21:55 - 10486864 _____ (BlueStack Systems Inc.) C:\Users\Pedro\Downloads\BlueStacks-SplitInstaller_native.exe 2014-04-25 21:55 - 2014-04-25 21:55 - 00065984 _____ () C:\Users\Pedro\AppData\Local\GDIPFONTCACHEV1.DAT 2014-04-25 21:55 - 2014-04-25 21:55 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Bluestacks 2014-04-25 21:18 - 2014-02-10 20:34 - 00000121 _____ () C:\Users\Pedro\Downloads\Games Android Hvga.url 2014-04-25 21:09 - 2014-04-25 21:11 - 209715200 _____ () C:\Users\Pedro\Downloads\Data TASA v1.1.9 gamesandroidhvga.com.part2.rar 2014-04-25 21:09 - 2014-04-25 21:11 - 153089373 _____ () C:\Users\Pedro\Downloads\Data TASA v1.1.9 gamesandroidhvga.com.part3.rar 2014-04-25 21:08 - 2013-09-01 19:16 - 00000000 ____D () C:\Users\Pedro\Downloads\com.gameloft.android.ANMP.GloftAMHM 2014-04-25 21:06 - 2014-04-25 21:07 - 209715200 _____ () C:\Users\Pedro\Downloads\Data TASA v1.1.9 gamesandroidhvga.com.part1.rar 2014-04-25 21:06 - 2014-04-25 21:06 - 15483326 _____ () C:\Users\Pedro\Downloads\TASA v1.1.9 gamesandroidhvga.com.apk 2014-04-25 10:53 - 2014-04-25 10:53 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2014-04-24 21:32 - 2014-04-24 21:32 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\WinRAR 2014-04-24 20:49 - 2014-04-24 20:49 - 02428889 _____ () C:\Users\Pedro\Desktop\Light Flow Lite - LED Control.apk 2014-04-21 12:51 - 2014-04-21 12:51 - 02537944 _____ () C:\Users\Insys\Downloads\HeroesAndGenerals-setup-86736.exe 2014-04-21 10:37 - 2014-04-21 10:38 - 05520368 _____ () C:\Users\Insys\Downloads\IMG_4756.MOV 2014-04-21 10:08 - 2014-04-21 10:08 - 00033269 _____ () C:\Users\Insys\Downloads\carlosagrela1978615771.xml 2014-04-18 16:03 - 2014-04-18 16:03 - 00023157 _____ () C:\Users\Insys\Downloads\[www.CsWorldx.Blogspot.Com] R-Aimbot v1.0.rar 2014-04-18 15:57 - 2014-04-18 15:58 - 00000000 ____D () C:\Users\Insys\Downloads\[cheat-project.com] MP-Hacks ESP v5.0 2009-02-24 2014-04-18 15:56 - 2014-04-18 15:57 - 00075357 _____ () C:\Users\Insys\Downloads\[cheat-project.com] MP-Hacks ESP v5.0 2009-02-24.rar 2014-04-18 15:54 - 2014-04-18 15:54 - 00075357 _____ () C:\Users\Insys\Downloads\MP-Hacks_ESP_v5.0.rar 2014-04-18 15:48 - 2014-04-18 15:48 - 00899845 _____ () C:\Users\Insys\Downloads\Cd hack 5 and Xiter Cs injector.rar 2014-04-16 23:28 - 2014-04-16 23:28 - 02572648 _____ () C:\Users\Insys\Downloads\Hack + Software v10.2 2014.zip 2014-04-16 23:26 - 2014-04-16 23:26 - 00727552 _____ () C:\Users\Insys\Downloads\Ayakashi Ghost Guild Cheats.exe ==================== One Month Modified Files and Folders ======= 2014-05-16 22:20 - 2014-05-13 21:32 - 00012111 _____ () C:\Users\Insys\Desktop\FRST.txt 2014-05-16 22:20 - 2014-05-13 21:29 - 00000000 ____D () C:\FRST 2014-05-16 22:19 - 2014-05-16 22:19 - 00000000 ____D () C:\Users\Insys\Desktop\FRST-OlderVersion 2014-05-16 22:19 - 2014-05-13 21:27 - 01056768 _____ (Farbar) C:\Users\Insys\Desktop\FRST.exe 2014-05-16 22:10 - 2013-09-07 16:52 - 01637475 _____ () C:\Windows\WindowsUpdate.log 2014-05-16 22:06 - 2014-05-16 22:06 - 00979038 _____ () C:\Users\Insys\Downloads\Adobe-After-Effects-CS4-Crack.rar 2014-05-16 22:01 - 2014-04-09 21:34 - 00012006 _____ () C:\Windows\setupact.log 2014-05-16 21:53 - 2014-05-16 21:52 - 1243758966 _____ () C:\Users\Insys\Downloads\AFTER EFFECTS CS6.zip 2014-05-16 21:26 - 2014-05-14 18:34 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\Sony 2014-05-16 21:01 - 2009-07-14 05:34 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-16 21:01 - 2009-07-14 05:34 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-16 00:37 - 2014-05-16 00:31 - 01179648 _____ () C:\Users\Insys\Documents\Untitled.mxf 2014-05-16 00:37 - 2014-05-06 23:05 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-16 00:37 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\tr-TR 2014-05-16 00:37 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pt-PT 2014-05-16 00:33 - 2014-05-16 00:33 - 00002682 _____ () C:\Users\Insys\Downloads\FSS.txt 2014-05-16 00:33 - 2014-05-16 00:32 - 00409088 _____ (Farbar) C:\Users\Insys\Downloads\FSS.exe 2014-05-16 00:33 - 2014-05-14 22:36 - 00000000 ____D () C:\Users\Insys\Desktop\GrantPerms 2014-05-16 00:09 - 2014-05-16 00:09 - 00000000 ____D () C:\Users\Insys\Desktop\Twixtor Sony Vegas Pro 11 2014-05-16 00:09 - 2014-05-16 00:08 - 14544990 _____ () C:\Users\Insys\Downloads\Twixtor Pro Sony Vegas -Drips-.zip 2014-05-16 00:06 - 2014-05-16 00:04 - 94735068 _____ () C:\Users\Insys\Desktop\Aelius Editing Contest Week 1.rar 2014-05-15 23:48 - 2014-05-15 23:48 - 00646780 _____ () C:\Users\Insys\Desktop\Ichigo vs Kenpachi Full Fight (English Dub).part 2014-05-15 22:59 - 2014-05-15 22:57 - 00435016 _____ () C:\Users\Insys\Desktop\Mt Eden Dubstep Sierra Leone [HD].mp3.sfk 2014-05-15 22:55 - 2014-05-14 18:36 - 00000000 ____D () C:\Program Files\Sony 2014-05-15 22:47 - 2014-04-04 00:48 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\vlc 2014-05-15 22:32 - 2014-05-14 23:06 - 00030800 _____ () C:\Users\Insys\Desktop\inacabado bleach.veg 2014-05-15 22:27 - 2014-05-15 22:27 - 00002024 _____ () C:\Users\Insys\Desktop\Ichigo vs Byakuya Full Fight (English Dub Ganesh N).avi-14996648333-14347667-0.sfk 2014-05-15 22:27 - 2014-05-15 22:26 - 00011664 _____ () C:\Users\Insys\Desktop\Ichigo vs Byakuya Full Fight (English Dub Ganesh N).avi-14912564333-84084000-0.sfk 2014-05-15 21:50 - 2014-05-15 21:50 - 00000074 _____ () C:\Users\Insys\Desktop\bleach.mxf.sfl 2014-05-15 21:50 - 2014-05-15 21:17 - 1365967160 _____ () C:\Users\Insys\Desktop\bleach.mxf 2014-05-15 21:20 - 2014-05-14 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony 2014-05-15 21:16 - 2014-05-15 21:15 - 13328352 _____ (Sony Creative Software Inc.) C:\Users\Insys\Downloads\presetmngr20k.exe 2014-05-15 21:15 - 2014-05-15 21:15 - 00005258 _____ () C:\Users\Insys\Desktop\Preset pack 4 (CC Mega Pack).rar 2014-05-15 21:15 - 2014-05-14 23:06 - 00035744 _____ () C:\Users\Insys\Desktop\inacabado bleach.veg.bak 2014-05-15 19:39 - 2014-05-15 19:39 - 00000992 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf706dd9b94f0.job 2014-05-15 19:36 - 2013-10-05 20:38 - 00000000 ____D () C:\Windows\system32\MRT 2014-05-15 19:33 - 2013-10-05 20:38 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-05-15 19:29 - 2014-05-15 19:29 - 00468480 _____ () C:\Users\Insys\Desktop\CKScanner.exe 2014-05-14 23:08 - 2014-05-14 23:08 - 00000000 ____D () C:\37d6d7e46f68fc165f38f736e1e3ca38 2014-05-14 23:06 - 2014-05-14 23:06 - 00016280 _____ () C:\Users\Insys\Documents\inacabado bleach.veg 2014-05-14 22:47 - 2014-05-14 22:46 - 00286016 _____ () C:\Users\Insys\Desktop\♬ Two Door Cinema Club What You Know (Feed Me Dubstep Cover) [HD].mp3.sfk 2014-05-14 22:47 - 2014-05-14 22:45 - 02594440 _____ () C:\Users\Insys\Desktop\Ichigo vs Byakuya Full Fight (English Dub Ganesh N).avi.sfk 2014-05-14 22:45 - 2014-05-14 22:44 - 00000000 ____D () C:\Windows\system32\C2MP 2014-05-14 22:45 - 2014-05-14 22:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack 2014-05-14 22:44 - 2014-05-14 22:44 - 21916168 _____ (Windows 7 - Codec Pack) C:\Users\Insys\Downloads\windows.7.codec.pack.v4.0.8.setup.exe 2014-05-14 22:36 - 2014-05-14 22:36 - 00453083 _____ () C:\Users\Insys\Downloads\GrantPerms.zip 2014-05-14 20:48 - 2014-05-14 20:18 - 307514917 _____ () C:\Users\Insys\Desktop\Ichigo vs Byakuya Full Fight (English Dub Ganesh N)[1].mp4 2014-05-14 20:37 - 2014-05-14 20:22 - 300351122 _____ () C:\Users\Insys\Desktop\Ichigo vs Byakuya Full Fight (English Dub Ganesh N).avi 2014-05-14 20:18 - 2014-05-14 20:14 - 265008856 _____ () C:\Users\Insys\Desktop\BEST FREE KICKS MONTAGE VOL29 by freekickerz.avi 2014-05-14 19:47 - 2014-05-14 19:47 - 00048392 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll 2014-05-14 19:47 - 2014-05-14 19:47 - 00001074 _____ () C:\Users\Public\Desktop\Comodo Dragon.lnk 2014-05-14 19:47 - 2014-05-14 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo 2014-05-14 19:46 - 2014-05-14 19:46 - 00002070 _____ () C:\Users\Public\Desktop\Video Search.lnk 2014-05-14 19:46 - 2014-05-14 19:46 - 00001144 _____ () C:\Users\Public\Desktop\aTube Catcher.lnk 2014-05-14 19:46 - 2014-05-14 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher 2014-05-14 19:46 - 2014-05-14 19:46 - 00000000 ____D () C:\Program Files\DsNET Corp 2014-05-14 19:46 - 2014-05-14 19:46 - 00000000 ____D () C:\Program Files\Comodo 2014-05-14 19:43 - 2014-05-14 19:43 - 00001915 _____ () C:\Users\Insys\Desktop\Sync Folder.lnk 2014-05-14 19:42 - 2014-05-14 19:42 - 17109800 _____ (DsNET Corp) C:\Users\Insys\Downloads\222-aTubeCatcher.exe 2014-05-14 19:42 - 2014-05-14 19:42 - 00001045 _____ () C:\Users\Insys\Desktop\MyPC Backup.lnk 2014-05-14 19:42 - 2014-05-14 19:42 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup 2014-05-14 19:42 - 2014-05-14 19:42 - 00000000 ____D () C:\Program Files\MyPC Backup 2014-05-14 18:49 - 2014-05-14 18:49 - 00623504 _____ () C:\Users\Insys\Downloads\atube-catcher-387955-32-bits.exe 2014-05-14 18:44 - 2014-05-14 18:44 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\Publish Providers 2014-05-14 18:43 - 2014-05-14 18:43 - 00002492 _____ () C:\Users\Insys\Desktop\Register Vegas Pro.htm 2014-05-14 18:41 - 2014-05-14 18:36 - 00000000 ____D () C:\Users\Insys\AppData\Local\Sony 2014-05-14 18:36 - 2014-05-14 18:36 - 00001038 _____ () C:\Users\Public\Desktop\Vegas Pro 11.0.lnk 2014-05-14 18:36 - 2014-05-14 18:36 - 00000000 ____D () C:\ProgramData\Sony 2014-05-14 18:34 - 2014-05-14 18:33 - 213003208 _____ (Sony Creative Software Inc.) C:\Users\Insys\Desktop\vegaspro11.0.682_32bit.exe 2014-05-14 18:32 - 2014-05-14 18:32 - 00076771 _____ () C:\Users\Insys\Desktop\VegasProCrack.rar 2014-05-14 18:32 - 2014-05-14 18:32 - 00000000 ____D () C:\Users\Insys\AppData\Local\SearchProtect 2014-05-14 18:31 - 2014-05-14 18:31 - 00000000 ____D () C:\Program Files\SearchProtect 2014-05-14 18:29 - 2014-05-14 18:29 - 00509144 _____ (A-installer) C:\Users\Insys\Downloads\Vegas Pro.exe 2014-05-14 18:21 - 2014-05-14 18:21 - 00001517 _____ () C:\Users\Insys\Desktop\ServicesRepair - Atalho.lnk 2014-05-14 18:21 - 2014-05-14 18:21 - 00000000 ____D () C:\Users\Public\Desktop\CC Support 2014-05-14 18:21 - 2014-05-14 18:20 - 04009167 _____ () C:\Users\Insys\Downloads\ServicesRepair.exe 2014-05-13 22:24 - 2014-05-13 22:23 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Insys\Downloads\mbam-setup-2.0.1.1004 (1).exe 2014-05-13 22:23 - 2014-04-12 17:01 - 00000000 ____D () C:\Users\Pedro 2014-05-13 22:23 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public 2014-05-13 21:40 - 2014-05-13 21:40 - 00023347 _____ () C:\Users\Insys\Downloads\Addition.txt 2014-05-13 21:35 - 2014-05-13 21:32 - 00023347 _____ () C:\Users\Insys\Desktop\Addition.txt 2014-05-13 21:05 - 2014-05-13 21:05 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Insys\Downloads\mbam-setup-2.0.1.1004.exe 2014-05-13 20:55 - 2014-05-13 20:55 - 04796856 _____ (AVAST Software) C:\Users\Insys\Downloads\avast_free_antivirus_setup_online.exe 2014-05-13 20:46 - 2013-09-07 16:57 - 00000000 ____D () C:\Users\Insys 2014-05-13 20:41 - 2014-03-16 01:55 - 00000000 ____D () C:\ProgramData\WPM 2014-05-13 20:41 - 2014-03-16 01:55 - 00000000 ____D () C:\ProgramData\IePluginService 2014-05-13 20:40 - 2014-04-10 22:52 - 00000000 __SHD () C:\Windows\system32\Windows Firewall 2014-05-13 20:39 - 2014-05-13 20:39 - 00001109 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk 2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\Users\Insys\Documents\Simply Super Software 2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\ProgramData\Simply Super Software 2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover 2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\ProgramData\Licenses 2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\Program Files\Trojan Remover 2014-05-13 20:38 - 2014-05-13 20:38 - 18058688 _____ (Simply Super Software ) C:\Users\Insys\Downloads\trjsetup.exe 2014-05-13 06:02 - 2014-05-12 22:34 - 00000000 _____ () C:\Users\Insys\Downloads\Windows-KB890830-V5.11.exe 2014-05-12 22:38 - 2014-05-12 22:38 - 00000000 ____D () C:\d6bfc0a25fc0a372e506cbfb3ea4f6 2014-05-12 22:31 - 2014-05-12 22:31 - 05697760 _____ () C:\Users\Insys\Downloads\bitdefender_isecurity_[quickscan].exe 2014-05-12 22:31 - 2014-05-12 22:31 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender 2014-05-12 22:29 - 2014-05-12 22:28 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\QuickScan 2014-05-12 22:25 - 2014-05-12 22:25 - 02055784 _____ (Trend Micro Inc.) C:\Users\Insys\Downloads\HousecallLauncher.exe 2014-05-12 22:25 - 2014-05-12 22:25 - 00000036 _____ () C:\Users\Insys\AppData\Local\housecall.guid.cache 2014-05-12 22:23 - 2014-05-12 22:23 - 08326064 _____ (McAfee, Inc.) C:\Users\Insys\Downloads\SecurityScan_Release.exe 2014-05-12 22:23 - 2014-05-12 22:23 - 00000000 ____D () C:\ProgramData\McAfee 2014-05-12 22:20 - 2014-05-12 22:20 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\tzszwgxf.sys 2014-05-12 22:20 - 2014-05-12 22:19 - 88882192 _____ (AVAST Software) C:\Users\Insys\Downloads\avast_free_antivirus_setup.exe 2014-05-12 22:17 - 2014-04-26 23:04 - 00000000 ____D () C:\ProgramData\Save Niet 2014-05-12 22:15 - 2014-04-26 23:04 - 00000000 ____D () C:\ProgramData\cc813dae40a4cea1 2014-05-12 22:15 - 2014-04-26 23:04 - 00000000 ____D () C:\Program Files\Save Niet 2014-05-12 22:02 - 2009-07-14 03:04 - 00002577 _____ () C:\Windows\system32\config.nt 2014-05-12 21:59 - 2014-05-12 21:59 - 01243655 _____ () C:\Users\Insys\Downloads\ProcessExplorer.zip 2014-05-12 21:06 - 2014-05-12 21:06 - 00052822 _____ () C:\Users\Insys\Downloads\Extras.Txt 2014-05-12 21:05 - 2014-05-12 21:05 - 00163214 _____ () C:\Users\Insys\Downloads\OTL.Txt 2014-05-12 20:55 - 2014-04-03 23:19 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\tixati 2014-05-12 20:47 - 2014-05-12 20:47 - 11519096 _____ (OPSWAT, Inc.) C:\Users\Insys\Downloads\AppRemover.exe 2014-05-12 20:45 - 2014-05-12 20:45 - 00602112 _____ (OldTimer Tools) C:\Users\Insys\Downloads\OTL.exe 2014-05-12 20:43 - 2014-05-12 20:43 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-12 20:42 - 2014-05-12 20:42 - 01440846 _____ () C:\Users\Insys\Downloads\mbam-chameleon-1.62.1.1000.zip 2014-05-12 20:39 - 2014-05-12 20:39 - 04768528 _____ (AVAST Software) C:\Users\Insys\Downloads\avast_pro_antivirus_setup_online.exe 2014-05-12 20:33 - 2014-05-12 20:33 - 04436952 _____ () C:\Users\Insys\Desktop\avg_free_stb_all_2014_4259_softonic.exe 2014-05-12 20:29 - 2014-05-12 20:29 - 00386904 _____ (Softonic ) C:\Users\Insys\Downloads\SoftonicDownloader_para_avg-antivirus-free-2014.exe 2014-05-12 20:29 - 2014-05-12 20:29 - 00386904 _____ (Softonic ) C:\Users\Insys\Downloads\SoftonicDownloader_para_avg-antivirus-free-2014 (1).exe 2014-05-10 23:04 - 2014-05-10 23:04 - 00921512 _____ (Oracle Corporation) C:\Users\Insys\Downloads\chromeinstall-7u55.exe 2014-05-10 17:12 - 2014-02-09 04:17 - 00000000 ____D () C:\ProgramData\Adobe 2014-05-10 17:12 - 2013-09-11 10:51 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\Adobe 2014-05-10 17:09 - 2013-09-07 17:18 - 00000000 ____D () C:\Users\Insys\Desktop\Nadia 2014-05-10 15:04 - 2014-05-10 15:02 - 00000000 ____D () C:\Users\Insys\Desktop\juventude e trabalho 2014-05-09 08:06 - 2014-05-14 18:37 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-09 08:04 - 2014-05-14 18:37 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-06 22:04 - 2014-05-06 22:04 - 00001107 _____ () C:\Users\Insys\Desktop\360 Total Security.lnk 2014-05-06 22:04 - 2014-05-06 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center 2014-05-06 22:04 - 2014-05-06 22:04 - 00000000 ____D () C:\Program Files\360 2014-05-06 21:57 - 2014-05-06 21:57 - 22607176 _____ () C:\Users\Insys\Downloads\360TS_Setup.exe 2014-05-04 15:54 - 2014-05-04 15:51 - 320867494 _____ () C:\Users\Insys\Downloads\Counter-Strike 1.6 No Steam.rar 2014-05-04 15:42 - 2014-04-12 01:21 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\TS3Client 2014-05-04 15:31 - 2014-05-04 01:33 - 00000000 ____D () C:\Program Files\Hearthstone 2014-05-04 15:31 - 2014-05-04 01:23 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment 2014-05-04 15:29 - 2014-05-04 15:29 - 00000000 ____D () C:\Program Files\AellCheapPrIIce 2014-05-04 01:38 - 2014-05-04 01:24 - 00000000 ____D () C:\Users\Insys\AppData\Local\Battle.net 2014-05-04 01:37 - 2014-05-04 01:37 - 00000000 ____D () C:\Users\Insys\AppData\Local\Blizzard 2014-05-04 01:32 - 2014-05-04 01:24 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\Battle.net 2014-05-04 01:24 - 2014-05-04 01:24 - 00000000 ____D () C:\Users\Insys\AppData\Local\Blizzard Entertainment 2014-05-04 01:24 - 2014-05-04 01:23 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment 2014-05-04 01:20 - 2014-05-04 01:20 - 00000000 ____D () C:\ProgramData\Battle.net 2014-05-04 01:19 - 2014-05-04 01:19 - 07094224 _____ (Blizzard Entertainment) C:\Users\Insys\Downloads\Hearthstone-Setup-ptBR.exe 2014-05-03 23:46 - 2014-05-03 23:46 - 00018575 _____ () C:\Users\Insys\Downloads\squarefont.zip 2014-05-01 22:57 - 2014-05-01 22:57 - 00000000 ____D () C:\Users\Insys\Documents\Klei 2014-05-01 22:55 - 2014-05-01 22:50 - 155860495 _____ () C:\Users\Insys\Downloads\Dont Starve .rar 2014-05-01 22:50 - 2014-05-01 22:49 - 11822248 _____ (Elex do Brasil Participações Ltda) C:\Users\Insys\Downloads\yet_another_cleaner_ava.exe 2014-04-29 20:03 - 2014-04-29 20:03 - 17435168 _____ () C:\Users\Insys\Downloads\SwiftKey_Keyboard_v4.4.2.254.apk 2014-04-28 20:23 - 2014-04-28 20:23 - 02741951 _____ () C:\Users\Insys\Downloads\AIVC (Alice) - Pro Version v3.1 apkmania.com.rar 2014-04-27 09:16 - 2013-09-08 19:13 - 00000000 ____D () C:\Games 2014-04-27 09:12 - 2014-04-27 09:12 - 00000000 ____D () C:\Users\Insys\AppData\Local\GIZMO2 2014-04-27 02:12 - 2014-04-27 02:12 - 00000000 ___HD () C:\Windows\msdownld.tmp 2014-04-27 02:12 - 2014-04-27 02:11 - 00000000 ____D () C:\Windows\system32\directx 2014-04-27 01:24 - 2014-04-27 00:20 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\tixati 2014-04-27 00:21 - 2014-04-27 00:21 - 00003442 _____ () C:\Users\Pedro\Downloads\37E792D91449F1337D5FA52635356B88CB5A7A96.torrent 2014-04-27 00:20 - 2014-04-27 00:20 - 00057051 _____ () C:\Users\Pedro\Downloads\CDB1D4052D61A3BF5D0FF2FD2C083163C0CA8A54.torrent 2014-04-27 00:20 - 2014-04-27 00:20 - 00040472 _____ () C:\Users\Pedro\Downloads\E75ED20D538971366FE4B8D5EB35947CDE6AA712.torrent 2014-04-27 00:20 - 2014-04-27 00:20 - 00040472 _____ () C:\Users\Pedro\Downloads\7BAC0B2A5171336DA7DE1EA05EF9D5E03DE0254D.torrent 2014-04-27 00:20 - 2014-04-27 00:20 - 00040372 _____ () C:\Users\Pedro\Downloads\E7190945010711F731BD6A3FD1B3FB3EAFDD2B52.torrent 2014-04-26 23:20 - 2014-04-26 23:20 - 00000000 ____D () C:\Users\Pedro\AppData\Local\GIZMO2 2014-04-26 23:19 - 2014-04-26 23:18 - 100300522 _____ (UNIQLO CO., LTD.) C:\Users\Pedro\Downloads\UNIQLO_SCREENSAVER_setup.exe 2014-04-26 23:05 - 2014-04-26 23:05 - 00174928 _____ () C:\Program Files\SNSvc.dll 2014-04-26 23:05 - 2014-04-26 23:05 - 00000432 ____H () C:\Windows\Tasks\SN.Booster-S-482248051.job 2014-04-26 23:05 - 2014-04-26 23:05 - 00000000 ____D () C:\ProgramData\YoutubeAdblocker 2014-04-26 23:05 - 2014-04-26 23:05 - 00000000 ____D () C:\ProgramData\SNT 2014-04-26 23:05 - 2014-04-26 23:05 - 00000000 ____D () C:\Program Files\YoutubeAdblocker 2014-04-26 23:04 - 2014-04-26 23:04 - 00323888 _____ (MyApps) C:\Users\Pedro\Downloads\Download_Manager-l4d2_2013_nosTEAM.zip.exe 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Torch 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Comodo 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Insys\AppData\Local\Torch 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Insys\AppData\Local\Comodo 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\HomeGroupUser$ 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Convidado\AppData\Local\Torch 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Convidado\AppData\Local\Google 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Convidado\AppData\Local\Comodo 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Convidado 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Torch 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Google 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Comodo 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Administrador 2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\ProgramData\InstallMate 2014-04-26 23:04 - 2014-04-12 17:04 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Google 2014-04-26 23:04 - 2013-09-07 17:12 - 00000000 ____D () C:\Users\Insys\AppData\Local\Google 2014-04-26 23:01 - 2014-04-26 23:01 - 00002135 _____ () C:\Users\Pedro\Desktop\FLV Player.lnk 2014-04-26 23:01 - 2014-04-26 23:01 - 00000324 _____ () C:\Windows\Tasks\SomotoUpdateCheckerAutoStart.job 2014-04-26 23:01 - 2014-04-26 23:01 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player 2014-04-26 23:01 - 2014-04-26 23:01 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker 2014-04-26 23:01 - 2014-04-26 23:01 - 00000000 ____D () C:\Users\Pedro\AppData\Local\WebPlayer 2014-04-26 23:01 - 2014-04-26 23:01 - 00000000 ____D () C:\Users\Pedro\AppData\Local\FilesFrog Update Checker 2014-04-26 22:58 - 2014-04-26 22:58 - 00236952 _____ () C:\Users\Pedro\Downloads\ClickHeretoDownloadSetup-4a8bR5ZD.exe 2014-04-26 22:52 - 2014-04-26 22:52 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-04-26 10:22 - 2014-04-26 10:22 - 02108416 _____ () C:\Users\Pedro\AppData\Roaming\machine32.exe 2014-04-26 10:22 - 2014-04-26 10:22 - 01067583 _____ () C:\Users\Pedro\AppData\Roaming\machine64.exe 2014-04-26 10:22 - 2014-04-26 10:22 - 00000007 _____ () C:\Users\Pedro\AppData\Roaming\v1291.txt 2014-04-25 23:12 - 2014-04-25 23:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox 2014-04-25 23:12 - 2013-09-09 00:36 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-04-25 23:10 - 2014-04-25 22:15 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Genymobile 2014-04-25 23:10 - 2014-04-12 15:04 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\dll-files.com 2014-04-25 22:35 - 2014-04-12 23:43 - 00000000 ____D () C:\Program Files\Altitude 2014-04-25 22:32 - 2014-04-25 22:15 - 00000000 ____D () C:\Users\Pedro\.VirtualBox 2014-04-25 22:30 - 2014-04-25 22:30 - 10486864 _____ (BlueStack Systems Inc.) C:\Users\Pedro\Downloads\BlueStacks-SplitInstaller_native (1).exe 2014-04-25 22:29 - 2014-04-25 22:25 - 535085536 _____ () C:\Users\Pedro\Downloads\adt-bundle-windows-x86-20140321.zip 2014-04-25 22:14 - 2014-04-25 22:14 - 00001076 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk 2014-04-25 22:14 - 2014-04-25 22:14 - 00000000 ____D () C:\Program Files\Oracle 2014-04-25 22:12 - 2014-04-25 22:12 - 00000000 ____D () C:\Program Files\Genymobile 2014-04-25 22:12 - 2014-04-25 22:11 - 123486848 _____ (Genymobile ) C:\Users\Pedro\Downloads\genymotion-2.2.0-vbox.exe 2014-04-25 21:55 - 2014-04-25 21:55 - 10486864 _____ (BlueStack Systems Inc.) C:\Users\Pedro\Downloads\BlueStacks-SplitInstaller_native.exe 2014-04-25 21:55 - 2014-04-25 21:55 - 00065984 _____ () C:\Users\Pedro\AppData\Local\GDIPFONTCACHEV1.DAT 2014-04-25 21:55 - 2014-04-25 21:55 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Bluestacks 2014-04-25 21:11 - 2014-04-25 21:09 - 209715200 _____ () C:\Users\Pedro\Downloads\Data TASA v1.1.9 gamesandroidhvga.com.part2.rar 2014-04-25 21:11 - 2014-04-25 21:09 - 153089373 _____ () C:\Users\Pedro\Downloads\Data TASA v1.1.9 gamesandroidhvga.com.part3.rar 2014-04-25 21:07 - 2014-04-25 21:06 - 209715200 _____ () C:\Users\Pedro\Downloads\Data TASA v1.1.9 gamesandroidhvga.com.part1.rar 2014-04-25 21:06 - 2014-04-25 21:06 - 15483326 _____ () C:\Users\Pedro\Downloads\TASA v1.1.9 gamesandroidhvga.com.apk 2014-04-25 10:53 - 2014-04-25 10:53 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2014-04-24 21:32 - 2014-04-24 21:32 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\WinRAR 2014-04-24 20:49 - 2014-04-24 20:49 - 02428889 _____ () C:\Users\Pedro\Desktop\Light Flow Lite - LED Control.apk 2014-04-21 12:51 - 2014-04-21 12:51 - 02537944 _____ () C:\Users\Insys\Downloads\HeroesAndGenerals-setup-86736.exe 2014-04-21 10:38 - 2014-04-21 10:37 - 05520368 _____ () C:\Users\Insys\Downloads\IMG_4756.MOV 2014-04-21 10:08 - 2014-04-21 10:08 - 00033269 _____ () C:\Users\Insys\Downloads\carlosagrela1978615771.xml 2014-04-18 16:03 - 2014-04-18 16:03 - 00023157 _____ () C:\Users\Insys\Downloads\[www.CsWorldx.Blogspot.Com] R-Aimbot v1.0.rar 2014-04-18 15:58 - 2014-04-18 15:57 - 00000000 ____D () C:\Users\Insys\Downloads\[cheat-project.com] MP-Hacks ESP v5.0 2009-02-24 2014-04-18 15:57 - 2014-04-18 15:56 - 00075357 _____ () C:\Users\Insys\Downloads\[cheat-project.com] MP-Hacks ESP v5.0 2009-02-24.rar 2014-04-18 15:54 - 2014-04-18 15:54 - 00075357 _____ () C:\Users\Insys\Downloads\MP-Hacks_ESP_v5.0.rar 2014-04-18 15:48 - 2014-04-18 15:48 - 00899845 _____ () C:\Users\Insys\Downloads\Cd hack 5 and Xiter Cs injector.rar 2014-04-16 23:28 - 2014-04-16 23:28 - 02572648 _____ () C:\Users\Insys\Downloads\Hack + Software v10.2 2014.zip 2014-04-16 23:26 - 2014-04-16 23:26 - 00727552 _____ () C:\Users\Insys\Downloads\Ayakashi Ghost Guild Cheats.exe Some content of TEMP: ==================== C:\Users\Insys\AppData\Local\Temp\BackupSetup.exe C:\Users\Insys\AppData\Local\Temp\nsh3293.exe C:\Users\Insys\AppData\Local\Temp\nsiC35C.exe C:\Users\Insys\AppData\Local\Temp\vcredist_x86.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe [2014-05-14 18:37] - [2014-03-04 10:17] - 0304128 ____A (Microsoft Corporation) 998507B046BA314CE8245364C686FA67 C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-04 15:06 ==================== End Of Log ============================
  9. Farbar Service Scanner Version: 14-05-2014 Ran by Insys (administrator) on 16-05-2014 at 00:33:48 Running from "C:\Users\Insys\Downloads" Microsoft Windows 7 Ultimate Service Pack 1 (X86) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR"=DWORD:1 Action Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== WinDefend Service is not running. Checking service configuration: The start type of WinDefend service is OK. The ImagePath of WinDefend service is OK. The ServiceDll of WinDefend service is OK. Other Services: ============== File Check: ======== C:\Windows\system32\nsisvc.dll => MD5 is legit C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit C:\Windows\system32\dhcpcore.dll => MD5 is legit C:\Windows\system32\Drivers\afd.sys [2014-02-09 04:08] - [2014-02-09 04:08] - 0338944 ____A (Microsoft Corporation) F81BB7E487EDCEAB630A7EE66CF23913 C:\Windows\system32\Drivers\tdx.sys => MD5 is legit C:\Windows\system32\Drivers\tcpip.sys [2014-02-09 04:08] - [2014-02-09 04:08] - 1294272 ____A (Microsoft Corporation) CA59F7C570AF70BC174F477CFE2D9EE3 C:\Windows\system32\dnsrslvr.dll => MD5 is legit C:\Windows\system32\mpssvc.dll => MD5 is legit C:\Windows\system32\bfe.dll => MD5 is legit C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit C:\Windows\system32\SDRSVC.dll => MD5 is legit C:\Windows\system32\vssvc.exe => MD5 is legit C:\Windows\system32\wscsvc.dll => MD5 is legit C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\system32\wuaueng.dll => MD5 is legit C:\Windows\system32\qmgr.dll => MD5 is legit C:\Windows\system32\es.dll => MD5 is legit C:\Windows\system32\cryptsvc.dll [2013-09-10 12:25] - [2013-07-09 05:46] - 0140288 ____A (Microsoft Corporation) 7CA1BECEA5DE2643ADDAD32670E7A4C9 C:\Program Files\Windows Defender\MpSvc.dll [2013-09-10 12:22] - [2013-05-27 05:57] - 0680960 ____A (Microsoft Corporation) 082CF481F659FAE0DE51AD060881EB47 C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit **** End of log ****
  10. GrantPerms by Farbar Ran by Insys (administrator) at 2014-05-16 00:33:03 =============================================== \\?\C:\ Owner: BUILTIN\Administradores DACL(P)(AI): BUILTIN\Administradores FULL ALLOW (CI)(OI) NT AUTHORITY\SYSTEM FULL ALLOW (CI)(OI) BUILTIN\Utilizadores READ/EXECUTE ALLOW (CI)(OI)
  11. THAT , is my problem , i do not have any security on ! i have : Windows Firewall disabled , and cant turn it on ;An infected antivirus , that doesnt do anything ;Windows Defender also disabled , and once again , cant be turned on .. ;A Trojan inside my computer that doesnt allow me to connect any new devices via USB , or install a new antivirus software .
  12. It seems that CKScanner stops responding after i click "search for files"
  13. GrantPerms by Farbar Ran by Insys (administrator) at 2014-05-14 22:36:51 =============================================== \\?\C:\ Owner: NT SERVICE\TrustedInstaller DACL(P)(AI): BUILTIN\Administradores FULL ALLOW (NI) BUILTIN\Administradores FULL ALLOW (CI)(OI)(IO) NT AUTHORITY\SYSTEM FULL ALLOW (NI) NT AUTHORITY\SYSTEM FULL ALLOW (CI)(OI)(IO) BUILTIN\Utilizadores READ/EXECUTE ALLOW (CI)(OI) NT AUTHORITY\Utilizadores Autenticados change ALLOW (CI)(OI)(IO) NT AUTHORITY\Utilizadores Autenticados ADD SUBDIRECTORY ALLOW (NI)
  14. still does not work .. gives me this error when trying to install malware bytes : The installation assistant was unable to create the directory " C:\ProgramData\MalwareBytes\Malware bytes Anti-Malware (...) Error 5 : Acess denied
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.