Jump to content

danielce23

Honorary Members
 View Profile  See their activity

  • Posts

    22

  • Joined

  • Last visited

 Content Type 

Everything posted by danielce23

  1. danielce23
    Hi, I'm having problems with my computer. Sometimes there is no audio in it, i can't hear anything and I used the troubleshooting and it said that the problem was that the volume was down, but that's impossible when I had the volume at 100%. I also went to the device manager and everything related with my audio was working great. I don't know how to fix this. But anyway, that's not the only problem. The other problem that I have is related to videos. They can load, but they never start. I don't understand this, I reboot the computer and it works sometimes, but only for a few hours. I'll just attach a printscreen of a youtube video that doesn't start because of many known problems with youtube videos loading. Thank you in advance for all the help I'll receive.
  2. danielce23
    At least my computer is safe now. Thank you for all the help and time, i really appreciate it!
  3. danielce23
    And now I have 2 more problems, don't know why, but they appeared after updating java: 1- Sometimes my computer doesn't have audio, can't listen to anything; 2- Can't play youtube videos. I don't know what to do. Sorry for bothering you with all these things.
  4. danielce23
    Unhide by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2014 BleepingComputer.com More Information about Unhide.exe can be found at this link: http://www.bleepingcomputer.com/forums/topic405109.html Program started at: 07/11/2014 03:08:56 PM Windows Version: Windows 8 Please be patient while your files are made visible again. Processing the C:\ drive Finished processing the C:\ drive. 285708 files processed. The C:\Users\daniel\AppData\Local\Temp\smtmp\ folder does not exist!! Unhide cannot restore your missing shortcuts!! Please see this topic in order to learn how to restore default Start Menu shortcuts: http://www.bleepingcomputer.com/forums/topic405109.html Searching for Windows Registry changes made by FakeHDD rogues. - Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer - Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System * DisableTaskMgr policy was found and deleted! - Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced Program finished at: 07/11/2014 03:16:25 PM Execution time: 0 hours(s), 7 minute(s), and 29 seconds(s)
  5. danielce23
    But all the icons in the desktop and start menu are still hidden. Do I have to create shortcuts again or is there a way to make them appear again?
  6. danielce23
    SecurityCheck: Results of screen317's Security Check version 0.99.85 x64 (UAC is enabled) Internet Explorer 10 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! AVG Internet Security 2014 Windows Defender Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Java 7 Update 55 Java SE Development Kit 7 Update 45 Java version out of Date! Adobe Flash Player 11.9.900.152 Flash Player out of Date! Google Chrome 35.0.1916.114 Google Chrome 35.0.1916.153 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe AVG avgwdsvc.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log``````````````````````
  7. danielce23
    AdwCleaner: # AdwCleaner v3.215 - Report created 11/07/2014 at 13:34:48 # Updated 09/07/2014 by Xplode# Operating System : Windows 8 (64 bits)# Username : daniel - DANIEL# Running from : C:\Users\daniel\Downloads\adwcleaner_3.215.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\Tarma InstallerFolder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer ProFolder Deleted : C:\Users\daniel\AppData\Local\ConduitFolder Deleted : C:\Users\daniel\AppData\LocalLow\ConduitFolder Deleted : C:\Users\daniel\AppData\LocalLow\BS_Player_ControlBarFolder Deleted : C:\Users\daniel\AppData\Roaming\Optimizer ProFolder Deleted : C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPlyFile Deleted : C:\ENDFile Deleted : C:\windows\System32\roboot64.exeFile Deleted : C:\Users\daniel\AppData\Local\Temp\Uninstall.exeFile Deleted : C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exeKey Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{055DD326-956C-4827-9467-A172509E81B3}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{055DD326-956C-4827-9467-A172509E81B3}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE6CA869-2D87-4AC6-BB17-2CEE78BEF8F8}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8D94DFB-2B31-41CF-90A9-6CF9A005178A}Key Deleted : HKCU\Software\BIKey Deleted : HKCU\Software\ConduitKey Deleted : HKCU\Software\Nation ToolbarKey Deleted : HKCU\Software\Optimizer ProKey Deleted : HKCU\Software\SoftonicKey Deleted : HKCU\Software\TutorialsKey Deleted : HKCU\Software\TutoTagKey Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}Key Deleted : HKCU\Software\AppDataLow\ToolbarKey Deleted : HKCU\Software\AppDataLow\Software\ConduitKey Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopesKey Deleted : HKCU\Software\AppDataLow\Software\SmartBarKey Deleted : HKCU\Software\AppDataLow\Software\BS_Player_ControlBarKey Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}Key Deleted : HKLM\Software\ConduitKey Deleted : HKLM\Software\Nation ToolbarKey Deleted : HKLM\Software\PriceMeterLiveUpdateKey Deleted : HKLM\Software\BS_Player_ControlBarKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player_ControlBar ToolbarKey Deleted : [x64] HKLM\SOFTWARE\Tarma Installer ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16921 Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] -\\ Google Chrome v35.0.1916.153 [ File : C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted [Homepage] : hxxp://isearch.omiga-plus.com/?type=hp&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S ************************* AdwCleaner[R0].txt - [4910 octets] - [11/07/2014 13:32:53]AdwCleaner[s0].txt - [4477 octets] - [11/07/2014 13:34:48] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [4537 octets] ########## JRT: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.1.4 (04.06.2014:1)OS: Windows 8 x64Ran by daniel on 11/07/2014 at 13:46:08,01~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Users\daniel\AppData\Roaming\getrighttogo"Successfully deleted: [Folder] "C:\Users\daniel\AppData\Roaming\thinstall"Successfully deleted: [Folder] "C:\windows\syswow64\ai_recyclebin" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on 11/07/2014 at 14:01:14,38End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Going to reboot now
  8. danielce23
    C:\FRST\Quarantine\C\Program Files (x86)\BS_Player_ControlBar\hk64tbBS_P.dll Win64/Toolbar.Conduit.A potentially unwanted application C:\FRST\Quarantine\C\Program Files (x86)\BS_Player_ControlBar\hktbBS_P.dll Win32/Toolbar.Conduit.W potentially unwanted application C:\FRST\Quarantine\C\Program Files (x86)\BS_Player_ControlBar\ldrtbBS_P.dll a variant of Win32/Toolbar.Conduit.P potentially unwanted application C:\FRST\Quarantine\C\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll Win32/Toolbar.Conduit.W potentially unwanted application C:\FRST\Quarantine\C\Program Files (x86)\BS_Player_ControlBar\tbBS_P.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application C:\Users\daniel\AppData\LocalLow\BS_Player_ControlBar\hk64tbBS_0.dll Win64/Toolbar.Conduit.A potentially unwanted application C:\Users\daniel\AppData\LocalLow\BS_Player_ControlBar\hk64tbBS_P.dll Win64/Toolbar.Conduit.A potentially unwanted application C:\Users\daniel\AppData\LocalLow\BS_Player_ControlBar\hktbBS_0.dll Win32/Toolbar.Conduit.W potentially unwanted application C:\Users\daniel\AppData\LocalLow\BS_Player_ControlBar\hktbBS_P.dll Win32/Toolbar.Conduit.W potentially unwanted application C:\Users\daniel\AppData\LocalLow\BS_Player_ControlBar\ldrtbBS_0.dll a variant of Win32/Toolbar.Conduit.P potentially unwanted application C:\Users\daniel\AppData\LocalLow\BS_Player_ControlBar\ldrtbBS_P.dll a variant of Win32/Toolbar.Conduit.P potentially unwanted application C:\Users\daniel\AppData\LocalLow\BS_Player_ControlBar\tbBS_0.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application C:\Users\daniel\AppData\LocalLow\BS_Player_ControlBar\tbBS_1.dll a variant of Win32/Toolbar.Conduit.Y potentially unwanted application C:\Users\daniel\AppData\LocalLow\BS_Player_ControlBar\tbBS_P.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application C:\Users\daniel\Downloads\ccsetup407.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
  9. danielce23
    Wait, it's growing.. really slowly.
  10. danielce23
    Is it normal to take it so long? The scan time is already at 48 minutes, and is in 77%, and the number of files scanned stopped growing.
  11. danielce23
    I did it. Fixlog.txt: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-07-2014 01Ran by daniel at 2014-07-09 13:03:29 Run:1Running from C:\Users\daniel\DownloadsBoot Mode: Normal============================================== Content of fixlist:*****************HKU\S-1-5-21-3878485727-3170171642-3420939130-1002\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exeHKLM-x32\...\Run: [tuto4pc_pt_18] => [X]AppInit_DLLs-x32: c:\progra~2\optimi~1\optpro~1.dll => "c:\progra~2\optimi~1\optpro~1.dll" File Not FoundHKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga...q={searchTerms}HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga...q={searchTerms}URLSearchHook: HKLM-x32 - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.)URLSearchHook: HKCU - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.)SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - DefaultScope {C62BF5D9-086A-4A9E-854B-70C0EF781786} URL = SearchScopes: HKCU - {C62BF5D9-086A-4A9E-854B-70C0EF781786} URL = SearchScopes: HKCU - {FF3A512A-7699-4A8F-B237-57A227D82FD4} URL = http://search.condui...8101886176&UM=1BHO-x32: BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.)Toolbar: HKLM-x32 - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.)Toolbar: HKCU - No Name - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No FileCHR HomePage: hxxp://isearch.omiga-plus.com/?type=hp&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5SCHR Extension: (wareztuga.tv streamer) - C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajnommifabkikkfaponcacapkfaghkcj [2014-06-16] C:\Program Files (x86)\BS_Player_ControlBarC:\Program Files (x86)\Optimizer ProC:\Users\daniel\AppData\Roaming\CamLayout.iniC:\Users\daniel\AppData\Roaming\CamShapes.ini2014-07-07 14:07 - 2014-07-07 14:08 - 00000000 ____D () C:\Program Files (x86)\SupTab2014-07-07 14:05 - 2014-07-07 14:10 - 00000000 ____D () C:\Program Files (x86)\globalUpdate2014-07-07 14:05 - 2014-07-07 14:05 - 00000000 ____D () C:\Users\daniel\AppData\Local\globalUpdateC:\Users\daniel\AppData\Roaming\Movdap***************** HKU\S-1-5-21-3878485727-3170171642-3420939130-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Optimizer Pro => value deleted successfully.HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\tuto4pc_pt_18 => value deleted successfully." c:\progra~2\optimi~1\optpro~1.dll" => Value Data removed successfully.HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} => value deleted successfully.'HKCR\Wow6432Node\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}' => Key deleted successfully.HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} => value deleted successfully.HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C62BF5D9-086A-4A9E-854B-70C0EF781786}' => Key deleted successfully.'HKCR\CLSID\{C62BF5D9-086A-4A9E-854B-70C0EF781786}'=> Key not found.'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FF3A512A-7699-4A8F-B237-57A227D82FD4}' => Key deleted successfully.'HKCR\CLSID\{FF3A512A-7699-4A8F-B237-57A227D82FD4}'=> Key not found.'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}' => Key deleted successfully.'HKCR\Wow6432Node\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}'=> Key not found.HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} => value deleted successfully.'HKCR\Wow6432Node\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}'=> Key not found.HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} => value deleted successfully.'HKCR\CLSID\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}'=> Key not found.CHR HomePage: hxxp://isearch.omiga-plus.com/?type=hp&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S ==> The Chrome "Settings" can be used to fix the entry.C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajnommifabkikkfaponcacapkfaghkcj => Moved successfully.C:\Program Files (x86)\BS_Player_ControlBar => Moved successfully."C:\Program Files (x86)\Optimizer Pro" => File/Directory not found.C:\Users\daniel\AppData\Roaming\CamLayout.ini => Moved successfully.C:\Users\daniel\AppData\Roaming\CamShapes.ini => Moved successfully.C:\Program Files (x86)\SupTab => Moved successfully.C:\Program Files (x86)\globalUpdate => Moved successfully.C:\Users\daniel\AppData\Local\globalUpdate => Moved successfully."C:\Users\daniel\AppData\Roaming\Movdap" => File/Directory not found. ==== End of Fixlog ==== I clicked the "copy clipboard" but it did nothing, so I exported a .txt file and that's what I'm posting here: Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 09/07/2014Scan Time: 13:05:39Logfile: sadsa.txtAdministrator: Yes Version: 2.00.2.1012Malware Database: v2014.07.09.03Rootkit Database: v2014.07.07.01License: TrialMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: Disabled OS: Windows 8CPU: x64File System: NTFSUser: daniel Scan Type: Threat ScanResult: CompletedObjects Scanned: 299000Time Elapsed: 15 min, 32 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 1PUP.Optional.ISearch.A, C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "homepage": "http://isearch.omiga-plus.com/?type=hp&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S",), Replaced,[c4b3cdd0f586b284e738daee2adae917] Physical Sectors: 0(No malicious items detected) (end)
  12. danielce23
    I removed those programms sucessfully, but in the next step (Fix with FRST) I can't put the fixlist.txt in the right place, because everytime I click in Fix, it is said "No fixlist.txt found.", but I think I put the file in the right place. The program is in c:\ And the file is in c:\FRST Am I doing it wrong?
  13. danielce23
    Addition.txt: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01Ran by daniel at 2014-07-08 19:00:32Running from C:\Users\daniel\DownloadsBoot Mode: Normal========================================================== ==================== Security Center ======================== AV: AVG Internet Security 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: AVG Internet Security 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2} ==================== Installed Programs ====================== µTorrent (HKCU\...\uTorrent) (Version: 3.3.1.29938 - BitTorrent Inc.)Actualizações da NVIDIA 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) HiddenAdobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)Adobe AIR (x32 Version: 13.0.0.111 - Adobe Systems Incorporated) HiddenAdobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.152 - Adobe Systems Incorporated)Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) HiddenAge of Empires II HD The Forgotten (HKLM-x32\...\QWdlb2ZFbXBpcmVzSUlIRFRoZUZvcmdvdHRlbg==_is1) (Version: 1 - )Age of Mythology Gold Edition 1.00 (HKLM-x32\...\Age of Mythology Gold Edition 1.00) (Version: - )Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) HiddenAVG 2014 (HKLM\...\AVG) (Version: 2014.0.4716 - AVG Technologies)AVG 2014 (Version: 14.0.3986 - AVG Technologies) HiddenAVG 2014 (Version: 14.0.4716 - AVG Technologies) HiddenBalsamiq Mockups For Desktop (HKLM-x32\...\BalsamiqMockupsForDesktop.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1) (Version: 2.2.21 - Balsamiq SRL)Balsamiq Mockups For Desktop (x32 Version: 2.2.21 - Balsamiq SRL) HiddenBejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) HiddenBizagi Process Modeler (HKLM-x32\...\InstallShield_{15F1B53E-973B-4147-A530-6D03D285931D}) (Version: 2.6.04 - Bizagi Limited)Bizagi Process Modeler (Version: 2.6.04 - Bizagi Limited) HiddenBS Player ControlBar Toolbar (HKLM-x32\...\BS_Player_ControlBar Toolbar) (Version: 6.14.0.28 - BS Player ControlBar)BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.64.1073 - AB Team, d.o.o.)Bundled software uninstaller (HKLM-x32\...\bi_uninstaller) (Version: - ) <==== ATTENTIONCCleaner (HKLM\...\CCleaner) (Version: 4.07 - Piriform)Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) HiddenD3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenDAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0335 - Disc Soft Ltd)Dealply (HKCU\...\Dealply) (Version: - ) <==== ATTENTIONDealPly (remove only) (HKLM-x32\...\DealPly) (Version: 4.8.7.2 - DealPly Technologies Ltd.) <==== ATTENTIONDefinition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6FBE07BA-4C6D-451A-90AB-05250B8F08F2}) (Version: - Microsoft)Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{2BC398D2-11C8-43B1-AB84-675D33EB28C2}) (Version: - Microsoft)Desura (HKLM-x32\...\Desura) (Version: 100.53 - Desura)Electronics Workbench V5.12 (HKLM-x32\...\Electronics_Workbench_V5) (Version: - )Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) HiddenFerramentas de Verificação do Microsoft Office 2013 - Português (HKLM-x32\...\{90150000-001F-0816-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)Football Manager 2014 (HKLM-x32\...\Football Manager 2014_is1) (Version: Football Manager 2014 - )Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )Galeria de Fotografias (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenGoogle Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)Intel AppUp® center (HKLM-x32\...\Intel AppUp® center 41663) (Version: 3.8.0.41663.61 - Intel)Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2875 - Intel Corporation)Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) HiddenIsland Tribe (x32 Version: 2.2.0.98 - WildTangent) HiddenJava 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) HiddenJava SE Development Kit 7 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) HiddenMagic Academy (x32 Version: 2.2.0.98 - WildTangent) HiddenMalwarebytes Anti-Malware versão 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)Microsoft Access MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Access Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) HiddenMicrosoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) HiddenMicrosoft DCF MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Excel MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Groove MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft InfoPath MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Lync MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office OSM MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office OSM UX MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office Proofing (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office Proofing Tools 2013 - Español (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office Shared 64-bit MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office Shared 64-bit Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office Shared MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office Shared Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft OneNote MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Outlook MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft PowerPoint MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Publisher MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Word MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) HiddenMicrosoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) HiddenMotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenMSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) HiddenMSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) HiddenMSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) HiddenMSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)My Game Long Name (HKLM\...\UDK-c9f71a33-59e4-4032-a926-a84ce892baf5) (Version: - Epic Games, Inc.)NetBeans IDE 7.4 (HKLM-x32\...\nbi-nb-base-7.4.0.0.201310111528) (Version: 7.4 - NetBeans.org)NVIDIA Control Panel 306.97 (Version: 306.97 - NVIDIA Corporation) HiddenNVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)NVIDIA Graphics Driver 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) HiddenNVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) HiddenNVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) HiddenNVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) HiddenNVIDIA PhysX (x32 Version: 9.12.0604 - NVIDIA Corporation) HiddenNVIDIA PhysX System Software 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) HiddenNVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) HiddenNVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) HiddenOptimizer Pro v3.0 (HKLM-x32\...\Optimizer Pro_is1) (Version: 3.0 - PC Utilities Pro) <==== ATTENTIONOutils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenOutlast: Whistleblower (HKLM-x32\...\T3V0bGFzdFdoaXN0bGVibG93ZXI=_is1) (Version: 1 - )Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) HiddenPhoto Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenPhoto Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenPlants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) HiddenPolar Bowler (x32 Version: 2.2.0.97 - WildTangent) HiddenPowerISO (HKLM-x32\...\PowerISO) (Version: 5.6 - Power Software Ltd)Realtek Bluetooth Filter Driver Package (HKLM-x32\...\InstallShield_{0CC0980D-811D-43B8-A455-8D150EB5BC0D}) (Version: 12.24.2012.0802 - REALTEK Semiconductor Corp)Realtek Bluetooth Filter Driver Package (x32 Version: 12.24.2012.0802 - REALTEK Semiconductor Corp) HiddenRealtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6794 - Realtek Semiconductor Corp.)Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (x32 Version: - Microsoft) HiddenShared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) HiddenSkype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)SRS Premium Sound Control Panel (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.5000 - SRS Labs, Inc.)Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)Super Meat Boy v1.5 (HKLM-x32\...\Super Meat Boy v1.5_is1) (Version: - Team Meat)Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.21 - Synaptics Incorporated)System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.08.6402 - Toshiba Corporation)TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6417 - Toshiba Corporation)TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.51.8.2C - TOSHIBA CORPORATION)TOSHIBA Flash Cards Support Utility (x32 Version: 1.51.8.2C - TOSHIBA CORPORATION) HiddenTOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6626.6410 - Toshiba Corporation)TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.5.1.1 - Toshiba Corporation)TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 1.0.0.5C - Toshiba Corporation)TOSHIBA Password Utility (x32 Version: 1.0.0.5C - Toshiba Corporation) HiddenTOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.1.54043006 - Toshiba Corporation)TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)TOSHIBA Service Station (HKLM\...\{B8C8422F-01F1-4791-B084-047AAFF9BFCC}) (Version: 2.4.4 - TOSHIBA)TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0015 - Toshiba Corporation)TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH)TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.1.0.21-A - Toshiba Corporation)Update for Microsoft Excel 2013 (KB2760339) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0816-0000-0000000FF1CE}_Office15.PROPLUS_{5AF12BAD-24FF-4435-AD4D-028304D2C2CB}) (Version: - Microsoft)Update for Microsoft Excel 2013 (KB2760339) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0816-0000-0000000FF1CE}_Office15.PROPLUS_{5AF12BAD-24FF-4435-AD4D-028304D2C2CB}) (Version: - Microsoft)Update for Microsoft Excel 2013 (KB2760339) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0816-0000-0000000FF1CE}_Office15.PROPLUS_{5AF12BAD-24FF-4435-AD4D-028304D2C2CB}) (Version: - Microsoft)Update for Microsoft Excel 2013 (KB2760339) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0816-0000-0000000FF1CE}_Office15.PROPLUS_{5AF12BAD-24FF-4435-AD4D-028304D2C2CB}) (Version: - Microsoft)Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)Update for Microsoft Lync 2013 (KB2760512) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0816-0000-0000000FF1CE}_Office15.PROPLUS_{111488AB-6858-4070-9E96-C897651BE6A2}) (Version: - Microsoft)Update for Microsoft Lync 2013 (KB2760556) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4E4070FA-FD57-4525-B386-654E72B17AA3}) (Version: - Microsoft)Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{AC57CF13-C24E-4C00-969F-5394DAE589C5}) (Version: - Microsoft)Update for Microsoft Lync 2013 (KB2850074) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{A4EACEBA-1944-45DB-B547-8967AA7926B9}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4F307363-49DA-4AE7-9D9D-DAA1FF59274F}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2752025) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{85BB7F80-F649-4890-83A5-BFB757DCC83F}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2752094) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{3028DB10-7144-49CC-AC4E-86DDC0D80BC2}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4F8AD68D-9F41-446E-AA81-C43BF88671BF}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2760343) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{09745343-EFB5-47DB-A2A3-D6DAA2EDCD43}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2767845) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7E8D777B-BD75-480D-AC03-AF9C3D83CDBF}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2767860) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{ED03CCD1-6F78-4F6E-B16E-195C33B37D7A}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0816-0000-0000000FF1CE}_Office15.PROPLUS_{D34A8FB9-6058-422A-A73E-6F65CB064F54}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2810014) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{ACA66343-9133-4E28-92D6-2311210B80CC}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2810017) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{DD93525B-9AD5-4349-B2A3-357730A2A8F4}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2810017) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0816-0000-0000000FF1CE}_Office15.PROPLUS_{6F4C1B87-473E-422E-A83D-676CCF53E525}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2810018) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7039E7CD-C93C-4F4E-9394-206E5AF19B71}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{9BC5FF1D-9626-44D7-BC7F-EB44BD8BDB9F}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2878313) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1FB43AFB-8112-41B9-B9A6-A43474F46123}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880464) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{06EF2BF7-7351-4D70-A0D5-588FCCF9808D}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{3365FE58-896F-45DE-8051-E48F6D8069FD}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{A2D4D766-14AE-46CA-BD99-801FB1523626}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0C0A-0000-0000000FF1CE}_Office15.PROPLUSR_{17F87C6D-FB2C-40BA-9228-5C49C9A27972}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0090-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)Update for Microsoft OneNote 2013 (KB2768011) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{C72E5FFA-67C2-4800-A004-23540A3ADE78}) (Version: - Microsoft)Update for Microsoft OneNote 2013 (KB2768011) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0816-0000-0000000FF1CE}_Office15.PROPLUS_{DDAA5F4A-303A-45D5-9750-5383ECB9D82D}) (Version: - Microsoft)Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version: - Microsoft)Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version: - Microsoft)Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version: - Microsoft)Update for Microsoft Outlook 2013 (KB2810015) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{62B432E8-BE85-4EAA-ACCF-27746B25E566}) (Version: - Microsoft)Update for Microsoft Outlook 2013 (KB2810015) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0816-0000-0000000FF1CE}_Office15.PROPLUS_{1CBE1B29-EFE4-4C9A-A113-CF20DB95B019}) (Version: - Microsoft)Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version: - Microsoft)Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version: - Microsoft)Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version: - Microsoft)Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version: - Microsoft)Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{90150000-0019-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version: - Microsoft)Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version: - Microsoft)Update for Microsoft SkyDrive Pro (KB2767865) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{16BCD4A9-864A-45ED-8C6B-1D91BA9B6428}) (Version: - Microsoft)Update for Microsoft SkyDrive Pro (KB2810019) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0816-1000-0000000FF1CE}_Office15.PROPLUS_{A5EB6A93-71B1-4CB1-87F7-75F7F7D7D071}) (Version: - Microsoft)Update for Microsoft SkyDrive Pro (KB2810019) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0816-0000-0000000FF1CE}_Office15.PROPLUS_{A5EB6A93-71B1-4CB1-87F7-75F7F7D7D071}) (Version: - Microsoft)Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version: - Microsoft)Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)Utility Common Driver (x32 Version: 1.0.52.6 - TOSHIBA) HiddenVirtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) HiddenVisual Paradigm for UML 11.0 (HKLM\...\1106-5897-7327-6550) (Version: 11.0 - Visual Paradigm International Ltd.)Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)WildTangent Games App (Toshiba Games) (x32 Version: 4.0.10.25 - WildTangent) HiddenWildTangent Games App (x32 Version: 4.0.11.2 - WildTangent) HiddenWindows Driver Package - Realtek Semiconductor Corp. RtkBtFilter Bluetooth (07/11/2012 2.3.13.3) (HKLM\...\57F58DC141BEB353704E041792E5B00606694FEA) (Version: 07/11/2012 2.3.13.3 - Realtek Semiconductor Corp.)Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWindows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWindows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWindows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWindows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWindows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWindows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWindows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWindows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWinRAR 4.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH) ==================== Restore Points ========================= 24-06-2014 10:49:48 Windows Update07-07-2014 18:10:48 OTL Restore Point - 07/07/2014 19:10:42 ==================== Hosts content: ========================== 2012-07-26 06:26 - 2014-07-07 19:09 - 00000098 ____A C:\windows\system32\Drivers\etc\hosts127.0.0.1 localhost::1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTaskTask: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsListTask: {2C7ABEE4-8A25-4BD9-B9D9-ADFFDA701E05} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-18] (Google Inc.)Task: {66A74AA8-E1F6-43B6-B7EF-F8A37B7B5578} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DANIEL-daniel Daniel => C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2014-04-08] (Microsoft Corporation)Task: {7726CE94-9C02-4DA7-917A-83748E6BA5C2} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)Task: {88586A48-8C16-4D83-B9FE-BDB5792B0127} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-06-12] (Microsoft Corporation)Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensingTask: {B629A875-F919-4117-AEB4-31AE9FDD5030} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-18] (Toshiba Europe GmbH)Task: {C686ED9B-B851-40CF-9951-92DF32C58151} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2012-07-27] (TOSHIBA Corporation)Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryStateTask: {DC14CDE2-D3E6-45CB-AE36-709881040B2E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-18] (Google Inc.)Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTaskTask: {F71E98DF-3732-4671-B7B0-D9B4FF6E9FB3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exeTask: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-05-14 08:15 - 2014-05-14 08:15 - 08890536 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll2013-10-27 22:38 - 2011-03-02 13:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll2013-07-19 23:36 - 2013-07-19 23:37 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll2013-04-10 16:02 - 2012-06-26 01:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll2014-06-12 15:55 - 2014-06-05 14:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll2014-06-12 15:55 - 2014-06-05 14:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll2014-06-12 15:55 - 2014-06-05 14:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll2014-06-12 15:55 - 2014-06-05 14:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll2014-06-12 15:55 - 2014-06-05 14:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll2014-06-12 15:55 - 2014-06-05 14:58 - 14612296 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= HKLM\...\StartupApproved\Run32: => "Aeria Ignite"HKCU\...\StartupApproved\Run: => "uTorrent"HKCU\...\StartupApproved\Run: => "DAEMON Tools Lite" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (07/08/2014 00:18:01 AM) (Source: Perflib) (EventID: 1008) (User: )Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (07/07/2014 08:36:27 PM) (Source: NvStreamSvc) (EventID: 1) (User: )Description: NvStreamSvcNetworkStreamService did not shut down when asked, terminating. [0] Error: (07/07/2014 08:36:26 PM) (Source: NvStreamSvc) (EventID: 1) (User: )Description: NvStreamSvcFailed to launch stream service as user [87] Error: (07/07/2014 08:36:13 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: O programa Explorer.EXE versão 6.2.9200.16628 deixou de interagir com o Windows e foi fechado. Para verificar se existem mais informações disponíveis sobre o problema, consulte o histórico de problemas no painel de controlo do Centro de Ação. ID do Processo: 15f0 Hora de Início: 01cf9a1218405a56 Hora de Cessação: 0 Caminho da Aplicação: C:\windows\Explorer.EXE ID do Relatório: b54ef636-060d-11e4-beb1-2cd05ac29869 Nome completo do pacote com falha: ID da aplicação relativa ao pacote com falha: Error: (07/07/2014 08:28:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DANIEL)Description: A ativação da aplicação Microsoft.BingSports_8wekyb3d8bbwe!AppexSports falhou com o erro: -2147024865. Consulte o registo Microsoft-Windows-TWinUI/Operacional para obter informações adicionais. Error: (07/07/2014 08:28:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DANIEL)Description: A ativação da aplicação Microsoft.BingWeather_8wekyb3d8bbwe!App falhou com o erro: -2147024865. Consulte o registo Microsoft-Windows-TWinUI/Operacional para obter informações adicionais. Error: (07/07/2014 02:09:09 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Nome da aplicação com falha: regsvr32.exe, versão: 6.2.9200.16384, carimbo de data/hora: 0x5010a64aNome do módulo com falha: ntdll.dll, versão: 6.2.9200.16578, carimbo de data/hora: 0x515fac6eCódigo de exceção: 0xc0000005Desvio de falha: 0x00043672ID do processo com falha: 0x3cHora de início da aplicação com falha: 0xregsvr32.exe0Caminho da aplicação com falha: regsvr32.exe1Caminho do módulo com falha: regsvr32.exe2ID do Relatório: regsvr32.exe3Nome completo do pacote com falha: regsvr32.exe4ID da aplicação relativa ao pacote com falha: regsvr32.exe5 Error: (07/07/2014 02:09:08 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Nome da aplicação com falha: regsvr32.exe, versão: 6.2.9200.16384, carimbo de data/hora: 0x5010a64aNome do módulo com falha: Torntv V9.0-bho.dll, versão: 1.0.0.1, carimbo de data/hora: 0x53b9c7a3Código de exceção: 0xc00000fdDesvio de falha: 0x0003d717ID do processo com falha: 0x3cHora de início da aplicação com falha: 0xregsvr32.exe0Caminho da aplicação com falha: regsvr32.exe1Caminho do módulo com falha: regsvr32.exe2ID do Relatório: regsvr32.exe3Nome completo do pacote com falha: regsvr32.exe4ID da aplicação relativa ao pacote com falha: regsvr32.exe5 Error: (07/07/2014 02:06:06 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Nome da aplicação com falha: regsvr32.exe, versão: 6.2.9200.16384, carimbo de data/hora: 0x5010a64aNome do módulo com falha: ntdll.dll, versão: 6.2.9200.16578, carimbo de data/hora: 0x515fac6eCódigo de exceção: 0xc0000005Desvio de falha: 0x00043672ID do processo com falha: 0xd44Hora de início da aplicação com falha: 0xregsvr32.exe0Caminho da aplicação com falha: regsvr32.exe1Caminho do módulo com falha: regsvr32.exe2ID do Relatório: regsvr32.exe3Nome completo do pacote com falha: regsvr32.exe4ID da aplicação relativa ao pacote com falha: regsvr32.exe5 Error: (07/07/2014 02:06:03 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Nome da aplicação com falha: regsvr32.exe, versão: 6.2.9200.16384, carimbo de data/hora: 0x5010a64aNome do módulo com falha: Torntv V9.0-bho.dll, versão: 1.0.0.1, carimbo de data/hora: 0x53b9c7a3Código de exceção: 0xc00000fdDesvio de falha: 0x0003d717ID do processo com falha: 0xd44Hora de início da aplicação com falha: 0xregsvr32.exe0Caminho da aplicação com falha: regsvr32.exe1Caminho do módulo com falha: regsvr32.exe2ID do Relatório: regsvr32.exe3Nome completo do pacote com falha: regsvr32.exe4ID da aplicação relativa ao pacote com falha: regsvr32.exe5 System errors:=============Error: (07/08/2014 04:14:59 AM) (Source: NetBT) (EventID: 4321) (User: )Description: O nome "WORKGROUP :1d" não pode ser registado na interface com o endereço IP 192.168.1.73.O computador com o endereço IP 192.168.1.253 não permitiu que o nome fosse reivindicado por este computador. Error: (07/07/2014 08:28:15 PM) (Source: DCOM) (EventID: 10001) (User: DANIEL)Description: "C:\windows\system32\backgroundTaskHost.exe" -ServerName:AppexSports.AppXpgfzkkax0p24b53pgd813d7zpchsy299.mca31AppexSports.AppXzwt95zf827jx8vevssdmkdacbwrgjgeb.mcaIndisponívelIndisponível Error: (07/07/2014 08:28:15 PM) (Source: DCOM) (EventID: 10001) (User: DANIEL)Description: "C:\windows\system32\backgroundTaskHost.exe" -ServerName:App.AppX42r8evwg359fn5xfrxhj5nv2n3dnya3e.mca31App.AppXckhq7ex47a0jh2z0wj5cd086mqkeegzy.mcaIndisponívelIndisponível Error: (07/07/2014 06:55:42 PM) (Source: Application Popup) (EventID: 1060) (User: )Description: \??\C:\Windows\SysWow64\drivers\TrueSight.sys Error: (07/07/2014 05:56:05 PM) (Source: Application Popup) (EventID: 1060) (User: )Description: \??\C:\Windows\SysWow64\drivers\TrueSight.sys Error: (07/07/2014 03:33:19 PM) (Source: Application Popup) (EventID: 1060) (User: )Description: \??\C:\Windows\SysWow64\drivers\TrueSight.sys Error: (07/07/2014 03:32:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: O serviço Serviço DealPly Live (dealplylive) falhou o arranque devido ao seguinte erro: %%2 Error: (07/07/2014 02:13:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: O serviço Serviço DealPly Live (dealplylive) falhou o arranque devido ao seguinte erro: %%2 Error: (07/07/2014 02:08:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: O serviço WindowsMangerProtect Service terminou inesperadamente. Isto aconteceu 1 vez(es). Error: (07/03/2014 06:53:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: O serviço Serviço DealPly Live (dealplylive) falhou o arranque devido ao seguinte erro: %%2 Microsoft Office Sessions:=========================Error: (07/08/2014 00:18:01 AM) (Source: Perflib) (EventID: 1008) (User: )Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (07/07/2014 08:36:27 PM) (Source: NvStreamSvc) (EventID: 1) (User: )Description: NvStreamSvcNetworkStreamService did not shut down when asked, terminating. [0] Error: (07/07/2014 08:36:26 PM) (Source: NvStreamSvc) (EventID: 1) (User: )Description: NvStreamSvcFailed to launch stream service as user [87] Error: (07/07/2014 08:36:13 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: Explorer.EXE6.2.9200.1662815f001cf9a1218405a560C:\windows\Explorer.EXEb54ef636-060d-11e4-beb1-2cd05ac29869 Error: (07/07/2014 08:28:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DANIEL)Description: Microsoft.BingSports_8wekyb3d8bbwe!AppexSports-2147024865 Error: (07/07/2014 08:28:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DANIEL)Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2147024865 Error: (07/07/2014 02:09:09 PM) (Source: Application Error) (EventID: 1000) (User: )Description: regsvr32.exe6.2.9200.163845010a64antdll.dll6.2.9200.16578515fac6ec0000005000436723c01cf99e4a2d8cc16C:\windows\SysWOW64\regsvr32.exeC:\windows\SYSTEM32\ntdll.dlle1922f75-05d7-11e4-beab-2cd05ac29869 Error: (07/07/2014 02:09:08 PM) (Source: Application Error) (EventID: 1000) (User: )Description: regsvr32.exe6.2.9200.163845010a64aTorntv V9.0-bho.dll1.0.0.153b9c7a3c00000fd0003d7173c01cf99e4a2d8cc16C:\windows\SysWOW64\regsvr32.exeC:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho.dlle0b2a523-05d7-11e4-beab-2cd05ac29869 Error: (07/07/2014 02:06:06 PM) (Source: Application Error) (EventID: 1000) (User: )Description: regsvr32.exe6.2.9200.163845010a64antdll.dll6.2.9200.16578515fac6ec000000500043672d4401cf99e43287948bC:\windows\SysWOW64\regsvr32.exeC:\windows\SYSTEM32\ntdll.dll7422db6b-05d7-11e4-beab-2cd05ac29869 Error: (07/07/2014 02:06:03 PM) (Source: Application Error) (EventID: 1000) (User: )Description: regsvr32.exe6.2.9200.163845010a64aTorntv V9.0-bho.dll1.0.0.153b9c7a3c00000fd0003d717d4401cf99e43287948bC:\windows\SysWOW64\regsvr32.exeC:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho.dll723b7833-05d7-11e4-beab-2cd05ac29869 ==================== Memory info =========================== Percentage of memory in use: 39%Total physical RAM: 8081.68 MBAvailable physical RAM: 4886.12 MBTotal Pagefile: 9297.68 MBAvailable Pagefile: 6314.05 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (TI31049100A) (Fixed) (Total:918.63 GB) (Free:798.69 GB) NTFSDrive d: (finalpor) (CDROM) (Total:0.17 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (Size: 932 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End Of Log ============================ aswMBR.txt: aswMBR version 1.0.1.2041 Copyright© 2014 AVAST SoftwareRun date: 2014-07-08 17:56:12-----------------------------17:56:12.577 OS Version: Windows x64 6.2.9200 17:56:12.577 Number of processors: 8 586 0x3A0917:56:12.579 ComputerName: DANIEL UserName: daniel17:56:15.613 Initialize success17:56:15.707 VM: initialized successfully17:56:15.710 VM: Intel CPU supported 17:56:58.491 VM: disk I/O iaStorA.sys17:58:09.845 AVAST engine defs: 1407080117:58:51.159 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000004517:58:51.164 Disk 0 Vendor: TOSHIBA_MQ01ABD100 AX003M Size: 953869MB BusType: 1117:58:51.306 Disk 0 MBR read successfully17:58:51.312 Disk 0 MBR scan17:58:51.319 Disk 0 unknown MBR code17:58:51.325 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 117:58:51.475 Disk 0 scanning C:\windows\system32\drivers17:59:05.134 Service scanning17:59:53.703 Modules scanning17:59:53.716 Disk 0 trace - called modules:17:59:54.065 ntoskrnl.exe CLASSPNP.SYS disk.sys thpdrv.sys ACPI.sys storport.sys hal.dll iaStorA.sys 17:59:54.074 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008dfa060]17:59:54.082 3 CLASSPNP.SYS[fffff88000c01e0a] -> nt!IofCallDriver -> \Device\THPDRV1[0xfffffa8008dfb060]17:59:54.090 5 thpdrv.sys[fffff880021e5b3b] -> nt!IofCallDriver -> [0xfffffa8007b21dd0]17:59:54.098 7 ACPI.sys[fffff88001179a91] -> nt!IofCallDriver -> \Device\00000045[0xfffffa8007a9e060]17:59:56.823 AVAST engine scan C:\windows18:00:04.534 AVAST engine scan C:\windows\system3218:04:27.368 AVAST engine scan C:\windows\system32\drivers18:04:49.502 AVAST engine scan C:\Users\daniel18:08:52.553 File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Desktop.OS.dll **INFECTED** Win32:Webcake-A [Adw]18:08:52.636 File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Dora.dat **INFECTED** Win32:Webcake-A [Adw]18:08:52.719 File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Maintain.dat **INFECTED** Win32:Webcake-A [Adw]18:08:52.771 File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Paladin.dat **INFECTED** Win32:Webcake-A [Adw]18:08:52.890 File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Phoenix.dat **INFECTED** Win32:Webcake-A [Adw]18:11:57.056 AVAST engine scan C:\ProgramData18:13:16.368 Scan finished successfully18:18:34.122 Disk 0 MBR has been saved successfully to "C:\Users\daniel\Desktop\MBR.dat"18:18:34.127 The log file has been saved successfully to "C:\Users\daniel\Desktop\aswMBR.txt" aswMBR version 1.0.1.2041 Copyright© 2014 AVAST SoftwareRun date: 2014-07-08 18:59:45-----------------------------18:59:45.308 OS Version: Windows x64 6.2.9200 18:59:45.308 Number of processors: 8 586 0x3A0918:59:45.308 ComputerName: DANIEL UserName: daniel18:59:51.949 Initialize success18:59:51.949 VM: initialized successfully18:59:52.188 VM: Intel CPU supported 18:59:56.437 VM: disk I/O iaStorA.sys19:00:33.887 AVAST engine defs: 1407080119:00:51.673 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000004519:00:51.677 Disk 0 Vendor: TOSHIBA_MQ01ABD100 AX003M Size: 953869MB BusType: 1119:00:52.032 Disk 0 MBR read successfully19:00:52.037 Disk 0 MBR scan19:00:52.045 Disk 0 unknown MBR code19:00:52.059 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 119:00:52.433 Disk 0 scanning C:\windows\system32\drivers19:01:35.031 Service scanning19:02:21.400 Modules scanning19:02:21.412 Disk 0 trace - called modules:19:02:21.813 ntoskrnl.exe CLASSPNP.SYS disk.sys thpdrv.sys ACPI.sys storport.sys hal.dll iaStorA.sys 19:02:21.821 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008dfa060]19:02:21.828 3 CLASSPNP.SYS[fffff88000c01e0a] -> nt!IofCallDriver -> \Device\THPDRV1[0xfffffa8008dfb060]19:02:21.836 5 thpdrv.sys[fffff880021e5b3b] -> nt!IofCallDriver -> [0xfffffa8007b21dd0]19:02:21.846 7 ACPI.sys[fffff88001179a91] -> nt!IofCallDriver -> \Device\00000045[0xfffffa8007a9e060]19:02:24.212 AVAST engine scan C:\windows19:03:17.757 AVAST engine scan C:\windows\system3219:06:08.885 Scan stopped19:06:11.926 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000004519:06:11.934 Disk 0 Vendor: TOSHIBA_MQ01ABD100 AX003M Size: 953869MB BusType: 1119:06:11.957 Disk 0 MBR read successfully19:06:11.965 Disk 0 MBR scan19:06:11.975 Disk 0 unknown MBR code19:06:11.985 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 119:06:12.001 Disk 0 scanning C:\windows\system32\drivers19:06:12.009 Service scanning19:07:03.491 Modules scanning19:07:03.505 Disk 0 trace - called modules:19:07:03.548 ntoskrnl.exe CLASSPNP.SYS disk.sys thpdrv.sys hal.dll 19:07:03.557 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008dfa060]19:07:03.564 3 CLASSPNP.SYS[fffff88000c01e0a] -> nt!IofCallDriver -> \Device\THPDRV1[0xfffffa8008dfb060]19:07:06.073 AVAST engine scan C:\windows19:07:25.951 AVAST engine scan C:\windows\system3219:12:14.831 AVAST engine scan C:\windows\system32\drivers19:12:38.332 AVAST engine scan C:\Users\daniel19:17:27.940 File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Desktop.OS.dll **INFECTED** Win32:Webcake-A [Adw]19:17:27.986 File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Dora.dat **INFECTED** Win32:Webcake-A [Adw]19:17:28.037 File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Maintain.dat **INFECTED** Win32:Webcake-A [Adw]19:17:28.090 File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Paladin.dat **INFECTED** Win32:Webcake-A [Adw]19:17:28.160 File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Phoenix.dat **INFECTED** Win32:Webcake-A [Adw]19:20:22.830 AVAST engine scan C:\ProgramData19:21:44.378 Scan finished successfully19:21:57.917 Disk 0 MBR has been saved successfully to "C:\Users\daniel\Desktop\MBR.dat"19:21:57.924 The log file has been saved successfully to "C:\Users\daniel\Desktop\aswMBR.txt"
  14. danielce23
    Here it is the FRST.txt: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01 Ran by daniel (administrator) on DANIEL on 08-07-2014 18:59:34Running from C:\Users\daniel\DownloadsPlatform: Windows 8 (X64) OS Language: Português (Portugal)Internet Explorer Version 10Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE(Microsoft Corporation) C:\Windows\System32\wlanext.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [] => [X]HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13261456 2012-11-29] (Realtek Semiconductor)HKLM\...\Run: [sRS Premium Sound 3D] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-20] (SRS Labs, Inc.)HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565544 2012-10-31] ()HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation)HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-04] (TOSHIBA Corporation)HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logonHKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)HKLM\...\Run: [TosPU] => C:\Program Files\TOSHIBA\PasswordUtility\TosPU.exe [2374552 2012-08-27] (Copyright © TOSHIBA Corp. 2012)HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2350880 2014-05-30] (NVIDIA Corporation)HKLM\...\Run: [shadowPlay] => C:\windows\system32\nvspcap64.dll [1279480 2014-05-29] (NVIDIA Corporation)HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-28] (Synaptics Incorporated)HKLM-x32\...\Run: [intel AppUp® center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-12-18] (Intel Corporation)HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkeyHKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2012-07-21] (TOSHIBA CORPORATION)HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-07-03] (Power Software Ltd)HKLM-x32\...\Run: [tuto4pc_pt_18] => [X]HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5179408 2014-06-17] (AVG Technologies CZ, s.r.o.)HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)HKLM\...\Policies\Explorer: [NoControlPanel] 0HKU\S-1-5-21-3878485727-3170171642-3420939130-1002\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silentHKU\S-1-5-21-3878485727-3170171642-3420939130-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)HKU\S-1-5-21-3878485727-3170171642-3420939130-1002\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exeHKU\S-1-5-21-3878485727-3170171642-3420939130-1002\...\Run: [Akamai NetSession Interface] => C:\Users\daniel\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)HKU\S-1-5-21-3878485727-3170171642-3420939130-1002\...\Run: [spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1199576 2013-01-31] (Spotify Ltd)HKU\S-1-5-21-3878485727-3170171642-3420939130-1002\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [1753280 2014-06-30] (Valve Corporation)AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [247144 2012-10-03] (NVIDIA Corporation)AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [202600 2012-10-03] (NVIDIA Corporation)AppInit_DLLs-x32: c:\progra~2\optimi~1\optpro~1.dll => "c:\progra~2\optimi~1\optpro~1.dll" File Not FoundShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers-x32: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers-x32: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S&q={searchTerms}HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comHKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S&q={searchTerms}HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.comURLSearchHook: HKLM-x32 - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.)URLSearchHook: HKCU - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.)StartMenuInternet: IEXPLORE.EXE - iexplore.exeSearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {C62BF5D9-086A-4A9E-854B-70C0EF781786} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJSSearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {C62BF5D9-086A-4A9E-854B-70C0EF781786} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJSSearchScopes: HKCU - DefaultScope {C62BF5D9-086A-4A9E-854B-70C0EF781786} URL = SearchScopes: HKCU - {C62BF5D9-086A-4A9E-854B-70C0EF781786} URL = SearchScopes: HKCU - {FF3A512A-7699-4A8F-B237-57A227D82FD4} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559&CUI=UN20912038101886176&UM=1BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.)Toolbar: HKLM-x32 - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.)Toolbar: HKCU - No Name - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No FileHandler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox:========FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation) Chrome: =======CHR HomePage: hxxp://isearch.omiga-plus.com/?type=hp&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5SCHR StartupUrls: "https://www.google.com/"CHR Extension: (wareztuga.tv streamer) - C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajnommifabkikkfaponcacapkfaghkcj [2014-06-16]CHR Extension: (AdBlock) - C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-27]CHR Extension: (Into The Mist) - C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh [2014-07-07]CHR Extension: (Google Wallet) - C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]CHR StartMenuInternet: Google Chrome - chrome.exe ==================== Services (Whitelisted) ================= R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1417160 2014-06-17] (AVG Technologies CZ, s.r.o.)R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3241488 2014-06-27] (AVG Technologies CZ, s.r.o.)R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.)S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-12-05] (Realtek Semiconductor)R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-18] (Toshiba Europe GmbH)S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-17] (AVG Technologies CZ, s.r.o.)R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [274712 2014-05-14] (AVG Technologies CZ, s.r.o.)R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-07-25] (Disc Soft Ltd)S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-03] (Realtek Semiconductor Corp.)R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [24208 2012-07-11] (Realtek Microelectronics)R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1498256 2012-08-29] (Realtek Semiconductor Corporation )R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31032 2012-11-30] (Synaptics Incorporated)R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows ® Win 7 DDK provider)U3 TrueSight; C:\Windows\SysWOW64\drivers\TrueSight.sys [29696 2014-07-07] ()S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]S3 xhunter1; \??\C:\windows\xhunter1.sys [X]U3 aswMBR; \??\C:\Users\daniel\AppData\Local\Temp\aswMBR.sys [X]U3 aswVmm; \??\C:\Users\daniel\AppData\Local\Temp\aswVmm.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-08 18:18 - 2014-07-08 18:18 - 00002604 _____ () C:\Users\daniel\Desktop\aswMBR.txt2014-07-08 18:18 - 2014-07-08 18:18 - 00000512 _____ () C:\Users\daniel\Desktop\MBR.dat2014-07-08 17:52 - 2014-07-08 17:53 - 00052287 _____ () C:\Users\daniel\Downloads\Addition.txt2014-07-08 17:52 - 2014-07-08 17:52 - 05185536 _____ (AVAST Software) C:\Users\daniel\Downloads\aswmbr.exe2014-07-08 17:52 - 2014-07-08 17:52 - 00001484 _____ () C:\Users\daniel\Desktop\FRST64 - Atalho.lnk2014-07-08 17:52 - 2014-07-08 17:52 - 00001484 _____ () C:\Users\daniel\Desktop\aswmbr - Atalho.lnk2014-07-08 17:51 - 2014-07-08 19:00 - 00018561 _____ () C:\Users\daniel\Downloads\FRST.txt2014-07-08 17:51 - 2014-07-08 18:59 - 00000000 ____D () C:\FRST2014-07-08 17:50 - 2014-07-08 17:51 - 02084352 _____ (Farbar) C:\Users\daniel\Downloads\FRST64.exe2014-07-08 16:11 - 2014-07-08 16:14 - 00001797 _____ () C:\Users\daniel\Desktop\chrome - Atalho.lnk2014-07-08 16:03 - 2014-07-08 16:03 - 00000727 _____ () C:\Users\daniel\Desktop\play-TheForest - Atalho.lnk2014-07-08 16:01 - 2014-07-08 16:01 - 00001187 _____ () C:\Users\daniel\Desktop\utorrent - Atalho.lnk2014-07-07 18:49 - 2014-07-07 18:51 - 00001797 _____ () C:\Users\daniel\Desktop\fm.exe.lnk2014-07-07 18:36 - 2014-07-07 18:36 - 00000000 ____D () C:\_OTL2014-07-07 18:19 - 2014-07-07 18:19 - 00001132 _____ () C:\Users\daniel\Desktop\OTL.exe.lnk2014-07-07 18:01 - 2014-07-07 18:02 - 00002186 _____ () C:\Users\daniel\Desktop\Rkill.txt2014-07-07 18:00 - 2014-07-07 18:00 - 00001482 _____ () C:\Users\daniel\Downloads\iExplore.exe - Atalho.lnk2014-07-07 17:59 - 2014-07-07 17:59 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\daniel\Downloads\iExplore.exe2014-07-07 17:30 - 2014-07-07 17:30 - 00001210 _____ () C:\Users\daniel\Desktop\RogueKiller.exe.lnk2014-07-07 17:25 - 2014-07-07 17:27 - 00001167 _____ () C:\Users\daniel\Desktop\unhide.exe.lnk2014-07-07 16:12 - 2014-07-08 15:59 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys2014-07-07 16:12 - 2014-07-07 16:12 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-07-07 16:12 - 2014-07-07 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-07-07 16:12 - 2014-07-07 16:12 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-07-07 16:12 - 2014-07-07 16:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-07-07 16:12 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys2014-07-07 16:12 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys2014-07-07 16:12 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys2014-07-07 16:11 - 2014-07-07 16:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\daniel\Downloads\mbam-setup-2.0.2.1012.exe2014-07-07 16:00 - 2014-07-07 16:00 - 00102128 _____ () C:\Users\daniel\Downloads\Extras.Txt2014-07-07 15:57 - 2014-07-08 17:01 - 00107822 _____ () C:\Users\daniel\Downloads\OTL.Txt2014-07-07 15:44 - 2014-07-07 15:44 - 00602112 _____ (OldTimer Tools) C:\Users\daniel\Downloads\OTL.exe2014-07-07 15:33 - 2014-07-07 18:55 - 00029696 _____ () C:\windows\SysWOW64\Drivers\TrueSight.sys2014-07-07 15:33 - 2014-07-07 15:33 - 04764760 _____ () C:\Users\daniel\Downloads\RogueKiller.exe2014-07-07 15:33 - 2014-07-07 15:33 - 00000000 ____D () C:\ProgramData\RogueKiller2014-07-07 14:34 - 2014-07-08 15:57 - 00002166 _____ () C:\Users\daniel\Desktop\unhide.txt2014-07-07 14:34 - 2014-07-07 14:34 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\daniel\Downloads\unhide.exe2014-07-07 14:07 - 2014-07-07 14:08 - 00000000 ____D () C:\Program Files (x86)\SupTab2014-07-07 14:05 - 2014-07-07 14:10 - 00000000 ____D () C:\Program Files (x86)\globalUpdate2014-07-07 14:05 - 2014-07-07 14:05 - 00000000 ____D () C:\Users\daniel\AppData\Local\globalUpdate2014-07-07 01:04 - 2014-07-08 15:48 - 00000000 ____D () C:\Users\daniel\Downloads\Noah (2014) [1080p]2014-07-07 01:00 - 2014-07-07 01:04 - 00000000 ____D () C:\Users\daniel\Downloads\forest 0.032014-07-03 16:25 - 2014-07-03 18:18 - 00000000 ____D () C:\Program Files (x86)\Age of Mythology Extended Edition2014-07-03 02:09 - 2014-07-03 02:09 - 00022234 _____ () C:\Users\daniel\Downloads\[kickass.to]age.of.mythology.extended.edition.reloaded.torrent2014-06-29 23:44 - 2014-06-29 23:44 - 00681218 _____ () C:\Users\daniel\Downloads\EI_130221017_130221080.rar2014-06-29 21:13 - 2014-06-29 21:30 - 00000000 ____D () C:\Users\daniel\Documents\JD GUI2014-06-29 21:13 - 2014-06-29 21:13 - 00788580 _____ () C:\Users\daniel\Downloads\jd-gui-0.3.6.windows.zip2014-06-26 23:20 - 2014-06-26 23:20 - 00503622 _____ () C:\Users\daniel\Downloads\Projeto MSI 2014 -Epoca de Recurso.zip2014-06-24 11:52 - 2014-06-24 11:52 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf2014-06-18 22:38 - 2014-06-18 22:38 - 05470664 _____ (Microsoft Corporation) C:\Users\daniel\Downloads\proofingtools_pt-pt-x86.exe2014-06-18 22:38 - 2014-06-18 22:38 - 00000000 ____D () C:\Program Files (x86)\MSECache2014-06-18 12:42 - 2014-06-18 12:43 - 00000000 ____D () C:\Users\daniel\Downloads\The Forest Early Access 0.02 PC game ^^nosTEAM^^2014-06-17 20:21 - 2014-06-17 20:21 - 00012487 _____ () C:\Users\daniel\Documents\Cromos.xlsx2014-06-17 16:21 - 2014-06-17 16:21 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx64.sys2014-06-17 16:07 - 2014-06-17 16:07 - 00328984 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgloga.sys2014-06-17 16:06 - 2014-06-17 16:06 - 00242968 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys2014-06-17 16:06 - 2014-06-17 16:06 - 00190744 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsha.sys2014-06-17 16:06 - 2014-06-17 16:06 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys2014-06-17 16:06 - 2014-06-17 16:06 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx64.sys2014-06-17 16:06 - 2014-06-17 16:06 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgrkx64.sys2014-06-16 11:23 - 2014-06-16 11:23 - 00067067 _____ () C:\Users\daniel\Downloads\wareztugatv-streamer (4).crx2014-06-16 10:45 - 2014-06-16 10:45 - 00183952 _____ () C:\Users\daniel\Downloads\Squash.zip2014-06-11 19:32 - 2014-07-07 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation2014-06-11 19:32 - 2014-06-24 11:52 - 00000399 _____ () C:\windows\setupact.log2014-06-11 19:32 - 2014-06-11 19:52 - 00000000 ____D () C:\Users\daniel\AppData\Local\NVIDIA Corporation2014-06-11 19:32 - 2014-06-11 19:52 - 00000000 ____D () C:\Users\daniel\AppData\Local\NVIDIA2014-06-11 19:32 - 2014-06-11 19:32 - 00000000 _____ () C:\windows\setuperr.log2014-06-11 19:32 - 2014-05-30 00:00 - 01291232 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll2014-06-11 19:32 - 2014-05-30 00:00 - 01122312 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll2014-06-11 19:32 - 2014-05-29 23:59 - 01715176 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll2014-06-11 19:32 - 2014-05-29 23:59 - 01279480 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll2014-06-11 19:32 - 2014-03-31 17:42 - 00040392 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys2014-06-11 19:32 - 2014-03-31 17:42 - 00037320 _____ (NVIDIA Corporation) C:\windows\system32\nvaudcap64v.dll2014-06-11 19:32 - 2014-03-31 17:42 - 00034760 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll2014-06-11 19:31 - 2014-06-11 19:31 - 30000520 _____ (NVIDIA Corporation) C:\Users\daniel\Downloads\GeForce_Experience_v2.1.0.0.exe2014-06-11 18:51 - 2014-07-08 18:57 - 00000000 ____D () C:\Users\Public\Documents\Tunngle2014-06-11 18:51 - 2009-09-16 07:02 - 00031232 _____ (Tunngle.net) C:\windows\system32\Drivers\tap0901t.sys2014-06-11 18:45 - 2014-06-11 18:52 - 00000000 _____ () C:\windows\SysWOW64\Access.dat2014-06-11 18:44 - 2014-06-11 19:32 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Tunngle2014-06-11 18:44 - 2014-06-11 18:44 - 00000000 ____D () C:\Users\daniel\Documents\Tunngle2014-06-11 18:43 - 2014-06-11 18:43 - 04055968 _____ (Tunngle.net GmbH ) C:\Users\daniel\Downloads\Tunngle_Setup_v4.5.1.4b.exe2014-06-11 17:12 - 2014-06-11 17:12 - 602894349 _____ () C:\Users\daniel\Downloads\The Stomping Land Fix Totem.rar2014-06-11 10:08 - 2014-05-24 03:48 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe2014-06-11 10:08 - 2014-05-24 03:47 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll2014-06-11 10:08 - 2014-05-24 03:47 - 01366016 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll2014-06-11 10:08 - 2014-05-24 03:47 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll2014-06-11 10:08 - 2014-05-24 03:47 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll2014-06-11 10:08 - 2014-05-24 03:46 - 19290112 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll2014-06-11 10:08 - 2014-05-24 03:46 - 15368704 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll2014-06-11 10:08 - 2014-05-24 03:46 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll2014-06-11 10:08 - 2014-05-24 03:46 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll2014-06-11 10:08 - 2014-05-24 03:46 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll2014-06-11 10:08 - 2014-05-24 03:46 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll2014-06-11 10:08 - 2014-05-24 03:46 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll2014-06-11 10:08 - 2014-05-24 03:46 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll2014-06-11 10:08 - 2014-05-24 03:46 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll2014-06-11 10:08 - 2014-05-24 03:46 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll2014-06-11 10:08 - 2014-05-24 03:45 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl2014-06-11 10:08 - 2014-05-24 03:45 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll2014-06-11 10:08 - 2014-05-24 03:45 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll2014-06-11 10:08 - 2014-05-24 02:26 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll2014-06-11 10:08 - 2014-05-24 02:26 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll2014-06-11 10:08 - 2014-05-24 02:26 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll2014-06-11 10:08 - 2014-05-24 02:26 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll2014-06-11 10:08 - 2014-05-24 02:26 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll2014-06-11 10:08 - 2014-05-24 02:25 - 13731328 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll2014-06-11 10:08 - 2014-05-24 02:25 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl2014-06-11 10:08 - 2014-05-24 02:25 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll2014-06-11 10:08 - 2014-05-24 02:25 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll2014-06-11 10:08 - 2014-05-24 02:25 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll2014-06-11 10:08 - 2014-05-24 02:25 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll2014-06-11 10:08 - 2014-05-24 02:25 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll2014-06-11 10:08 - 2014-05-24 02:25 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll2014-06-11 10:08 - 2014-05-24 02:09 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb2014-06-11 10:08 - 2014-05-24 02:03 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb2014-06-11 10:08 - 2014-05-23 23:37 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll2014-06-11 10:08 - 2014-05-03 06:47 - 03246592 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll2014-06-11 10:08 - 2014-05-03 04:34 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll2014-06-11 10:08 - 2014-04-29 23:32 - 01301504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll2014-06-11 10:08 - 2014-04-29 23:22 - 01023488 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll2014-06-11 10:07 - 2014-05-24 03:46 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll2014-06-11 10:07 - 2014-05-24 03:46 - 02650112 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll2014-06-11 10:07 - 2014-05-24 02:26 - 14365696 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll2014-06-11 10:07 - 2014-05-24 02:26 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll2014-06-11 10:07 - 2014-05-24 02:25 - 02862080 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll2014-06-11 10:07 - 2014-05-24 02:25 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll2014-06-11 10:07 - 2014-05-24 02:25 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll2014-06-11 10:07 - 2014-04-03 12:22 - 02233176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys2014-06-11 10:07 - 2014-04-03 12:19 - 00328024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys2014-06-11 10:07 - 2014-04-03 04:44 - 00619008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys2014-06-11 10:07 - 2014-03-31 23:08 - 00387268 _____ () C:\windows\system32\ApnDatabase.xml2014-06-11 10:07 - 2014-03-25 00:42 - 00305152 _____ (Microsoft Corporation) C:\windows\SysWOW64\wusa.exe2014-06-11 10:07 - 2014-03-24 23:56 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\wusa.exe2014-06-11 10:07 - 2014-03-07 01:47 - 01419264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll2014-06-11 10:07 - 2014-03-07 01:08 - 01845760 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll2014-06-10 18:30 - 2014-07-07 18:40 - 00089464 _____ () C:\windows\PFRO.log2014-06-10 16:00 - 2014-06-10 18:00 - 00000000 ____D () C:\Program Files (x86)\Outlast Whistleblower2014-06-09 23:13 - 2014-06-09 23:43 - 00000000 ____D () C:\Users\daniel\Downloads\The Forest Early Access 0.01b PC game ^^nosTEAM^^2014-06-09 23:10 - 2014-06-09 23:10 - 00012300 _____ () C:\Users\daniel\Downloads\[kickass.to]the.forest.early.access.0.01b.pc.game.nosteam.torrent2014-06-09 00:20 - 2014-06-09 22:44 - 664029124 _____ (Cat-A-Cat ) C:\Users\daniel\Downloads\The Forest.exe2014-06-09 00:18 - 2014-06-09 00:18 - 00013191 _____ () C:\Users\daniel\Downloads\[kickass.to]the.forest.early.access.2014.pc.repack.torrent ==================== One Month Modified Files and Folders ======= 2014-07-08 19:00 - 2014-07-08 17:51 - 00018561 _____ () C:\Users\daniel\Downloads\FRST.txt2014-07-08 19:00 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\sru2014-07-08 18:59 - 2014-07-08 17:51 - 00000000 ____D () C:\FRST2014-07-08 18:58 - 2013-07-18 22:21 - 00001022 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job2014-07-08 18:58 - 2013-01-31 23:35 - 00000000 ____D () C:\Program Files (x86)\InstallShield Installation Information2014-07-08 18:57 - 2014-06-11 18:51 - 00000000 ____D () C:\Users\Public\Documents\Tunngle2014-07-08 18:57 - 2013-11-12 23:54 - 00000000 ____D () C:\Program Files (x86)\Steam2014-07-08 18:57 - 2013-09-09 14:07 - 00000000 ____D () C:\Games2014-07-08 18:57 - 2013-07-18 22:27 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\uTorrent2014-07-08 18:42 - 2013-10-22 17:52 - 00000000 ____D () C:\ProgramData\MFAData2014-07-08 18:18 - 2014-07-08 18:18 - 00002604 _____ () C:\Users\daniel\Desktop\aswMBR.txt2014-07-08 18:18 - 2014-07-08 18:18 - 00000512 _____ () C:\Users\daniel\Desktop\MBR.dat2014-07-08 17:53 - 2014-07-08 17:52 - 00052287 _____ () C:\Users\daniel\Downloads\Addition.txt2014-07-08 17:52 - 2014-07-08 17:52 - 05185536 _____ (AVAST Software) C:\Users\daniel\Downloads\aswmbr.exe2014-07-08 17:52 - 2014-07-08 17:52 - 00001484 _____ () C:\Users\daniel\Desktop\FRST64 - Atalho.lnk2014-07-08 17:52 - 2014-07-08 17:52 - 00001484 _____ () C:\Users\daniel\Desktop\aswmbr - Atalho.lnk2014-07-08 17:52 - 2013-09-26 00:24 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Skype2014-07-08 17:51 - 2014-07-08 17:50 - 02084352 _____ (Farbar) C:\Users\daniel\Downloads\FRST64.exe2014-07-08 17:03 - 2013-07-18 22:15 - 00000000 ____D () C:\Users\daniel\AppData\Local\Packages2014-07-08 17:03 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\AUInstallAgent2014-07-08 17:01 - 2014-07-07 15:57 - 00107822 _____ () C:\Users\daniel\Downloads\OTL.Txt2014-07-08 16:20 - 2014-04-18 16:46 - 01128590 _____ () C:\windows\WindowsUpdate.log2014-07-08 16:14 - 2014-07-08 16:11 - 00001797 _____ () C:\Users\daniel\Desktop\chrome - Atalho.lnk2014-07-08 16:14 - 2013-10-31 01:35 - 00004966 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for DANIEL-daniel Daniel2014-07-08 16:03 - 2014-07-08 16:03 - 00000727 _____ () C:\Users\daniel\Desktop\play-TheForest - Atalho.lnk2014-07-08 16:01 - 2014-07-08 16:01 - 00001187 _____ () C:\Users\daniel\Desktop\utorrent - Atalho.lnk2014-07-08 15:59 - 2014-07-07 16:12 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys2014-07-08 15:59 - 2013-07-18 22:21 - 00001018 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job2014-07-08 15:59 - 2012-07-26 08:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT2014-07-08 15:58 - 2012-07-26 06:26 - 00262144 ___SH () C:\windows\system32\config\BBI2014-07-08 15:57 - 2014-07-07 14:34 - 00002166 _____ () C:\Users\daniel\Desktop\unhide.txt2014-07-08 15:48 - 2014-07-07 01:04 - 00000000 ____D () C:\Users\daniel\Downloads\Noah (2014) [1080p]2014-07-08 15:29 - 2013-07-26 20:46 - 00000000 ____D () C:\Program Files (x86)\BS_Player_ControlBar2014-07-08 00:14 - 2012-07-26 06:26 - 00262144 ___SH () C:\windows\system32\config\ELAM2014-07-07 20:32 - 2012-08-02 02:24 - 00776694 _____ () C:\windows\system32\prfh0816.dat2014-07-07 20:32 - 2012-08-02 02:24 - 00159974 _____ () C:\windows\system32\prfc0816.dat2014-07-07 20:32 - 2012-07-26 08:28 - 01784926 _____ () C:\windows\system32\PerfStringBackup.INI2014-07-07 18:55 - 2014-07-07 15:33 - 00029696 _____ () C:\windows\SysWOW64\Drivers\TrueSight.sys2014-07-07 18:51 - 2014-07-07 18:49 - 00001797 _____ () C:\Users\daniel\Desktop\fm.exe.lnk2014-07-07 18:40 - 2014-06-10 18:30 - 00089464 _____ () C:\windows\PFRO.log2014-07-07 18:36 - 2014-07-07 18:36 - 00000000 ____D () C:\_OTL2014-07-07 18:19 - 2014-07-07 18:19 - 00001132 _____ () C:\Users\daniel\Desktop\OTL.exe.lnk2014-07-07 18:02 - 2014-07-07 18:01 - 00002186 _____ () C:\Users\daniel\Desktop\Rkill.txt2014-07-07 18:00 - 2014-07-07 18:00 - 00001482 _____ () C:\Users\daniel\Downloads\iExplore.exe - Atalho.lnk2014-07-07 17:59 - 2014-07-07 17:59 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\daniel\Downloads\iExplore.exe2014-07-07 17:43 - 2013-07-18 22:25 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3878485727-3170171642-3420939130-10022014-07-07 17:30 - 2014-07-07 17:30 - 00001210 _____ () C:\Users\daniel\Desktop\RogueKiller.exe.lnk2014-07-07 17:27 - 2014-07-07 17:25 - 00001167 _____ () C:\Users\daniel\Desktop\unhide.exe.lnk2014-07-07 16:43 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\WinStore2014-07-07 16:41 - 2013-08-11 10:27 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Movdap2014-07-07 16:12 - 2014-07-07 16:12 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-07-07 16:12 - 2014-07-07 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-07-07 16:12 - 2014-07-07 16:12 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-07-07 16:12 - 2014-07-07 16:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-07-07 16:11 - 2014-07-07 16:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\daniel\Downloads\mbam-setup-2.0.2.1012.exe2014-07-07 16:00 - 2014-07-07 16:00 - 00102128 _____ () C:\Users\daniel\Downloads\Extras.Txt2014-07-07 15:44 - 2014-07-07 15:44 - 00602112 _____ (OldTimer Tools) C:\Users\daniel\Downloads\OTL.exe2014-07-07 15:33 - 2014-07-07 15:33 - 04764760 _____ () C:\Users\daniel\Downloads\RogueKiller.exe2014-07-07 15:33 - 2014-07-07 15:33 - 00000000 ____D () C:\ProgramData\RogueKiller2014-07-07 15:27 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\SysWOW64\tr-TR2014-07-07 15:01 - 2014-03-31 11:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG2014-07-07 14:34 - 2014-07-07 14:34 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\daniel\Downloads\unhide.exe2014-07-07 14:10 - 2014-07-07 14:05 - 00000000 ____D () C:\Program Files (x86)\globalUpdate2014-07-07 14:09 - 2013-10-22 17:58 - 00000000 ____D () C:\ProgramData\AVG20142014-07-07 14:08 - 2014-07-07 14:07 - 00000000 ____D () C:\Program Files (x86)\SupTab2014-07-07 14:08 - 2014-06-11 19:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation2014-07-07 14:08 - 2014-05-31 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames2014-07-07 14:08 - 2014-05-24 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java2014-07-07 14:08 - 2014-04-20 23:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.742014-07-07 14:08 - 2014-04-08 15:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Paradigm2014-07-07 14:08 - 2014-03-21 01:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronics Workbench2014-07-07 14:08 - 2014-03-07 00:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype2014-07-07 14:08 - 2014-01-17 22:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy2014-07-07 14:08 - 2013-11-17 21:44 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam2014-07-07 14:08 - 2013-11-12 23:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam2014-07-07 14:08 - 2013-11-09 01:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps2014-07-07 14:08 - 2013-10-27 23:05 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 20132014-07-07 14:08 - 2013-10-27 22:38 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR2014-07-07 14:08 - 2013-10-27 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR2014-07-07 14:08 - 2013-10-22 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans2014-07-07 14:08 - 2013-10-22 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit2014-07-07 14:08 - 2013-08-12 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio 2.72014-07-07 14:08 - 2013-07-26 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player2014-07-07 14:08 - 2013-07-25 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro2014-07-07 14:08 - 2013-07-25 13:17 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly2014-07-07 14:08 - 2013-07-25 13:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer2014-07-07 14:08 - 2013-07-20 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desura2014-07-07 14:08 - 2013-07-18 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO2014-07-07 14:08 - 2013-07-18 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2014-07-07 14:08 - 2013-07-18 22:13 - 00000000 ___RD () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2014-07-07 14:08 - 2013-07-18 22:13 - 00000000 ___RD () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories2014-07-07 14:08 - 2013-07-18 22:13 - 00000000 ___RD () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility2014-07-07 14:08 - 2013-04-10 16:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games2014-07-07 14:08 - 2013-04-10 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRS Labs2014-07-07 14:08 - 2013-04-10 16:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel2014-07-07 14:08 - 2013-01-31 23:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp® center2014-07-07 14:08 - 2013-01-31 23:35 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA2014-07-07 14:08 - 2012-07-26 09:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools2014-07-07 14:05 - 2014-07-07 14:05 - 00000000 ____D () C:\Users\daniel\AppData\Local\globalUpdate2014-07-07 01:04 - 2014-07-07 01:00 - 00000000 ____D () C:\Users\daniel\Downloads\forest 0.032014-07-04 18:25 - 2013-10-22 16:50 - 00000000 ____D () C:\Users\daniel\Documents\NetBeansProjects2014-07-03 18:18 - 2014-07-03 16:25 - 00000000 ____D () C:\Program Files (x86)\Age of Mythology Extended Edition2014-07-03 18:17 - 2013-11-19 17:57 - 00000000 ____D () C:\Program Files (x86)\Age of Empires II HD The Forgotten2014-07-03 02:09 - 2014-07-03 02:09 - 00022234 _____ () C:\Users\daniel\Downloads\[kickass.to]age.of.mythology.extended.edition.reloaded.torrent2014-06-29 23:44 - 2014-06-29 23:44 - 00681218 _____ () C:\Users\daniel\Downloads\EI_130221017_130221080.rar2014-06-29 21:30 - 2014-06-29 21:13 - 00000000 ____D () C:\Users\daniel\Documents\JD GUI2014-06-29 21:13 - 2014-06-29 21:13 - 00788580 _____ () C:\Users\daniel\Downloads\jd-gui-0.3.6.windows.zip2014-06-28 18:57 - 2013-12-11 20:35 - 00000000 ____D () C:\netbeans2014-06-27 23:41 - 2013-11-02 13:54 - 00755200 ___SH () C:\Users\daniel\Downloads\Thumbs.db2014-06-26 23:20 - 2014-06-26 23:20 - 00503622 _____ () C:\Users\daniel\Downloads\Projeto MSI 2014 -Epoca de Recurso.zip2014-06-26 20:00 - 2014-04-26 23:07 - 00101888 ___SH () C:\Users\daniel\Desktop\Thumbs.db2014-06-25 20:00 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\rescache2014-06-24 11:52 - 2014-06-24 11:52 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf2014-06-24 11:52 - 2014-06-11 19:32 - 00000399 _____ () C:\windows\setupact.log2014-06-21 15:53 - 2013-07-18 22:21 - 00003994 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA2014-06-21 15:53 - 2013-07-18 22:21 - 00003758 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore2014-06-20 18:32 - 2014-04-08 15:06 - 00000000 ____D () C:\Users\daniel\vpworkspace2014-06-18 22:38 - 2014-06-18 22:38 - 05470664 _____ (Microsoft Corporation) C:\Users\daniel\Downloads\proofingtools_pt-pt-x86.exe2014-06-18 22:38 - 2014-06-18 22:38 - 00000000 ____D () C:\Program Files (x86)\MSECache2014-06-18 12:43 - 2014-06-18 12:42 - 00000000 ____D () C:\Users\daniel\Downloads\The Forest Early Access 0.02 PC game ^^nosTEAM^^2014-06-17 20:21 - 2014-06-17 20:21 - 00012487 _____ () C:\Users\daniel\Documents\Cromos.xlsx2014-06-17 19:51 - 2013-10-27 22:55 - 00000000 ____D () C:\Users\daniel\AppData\Local\Microsoft Help2014-06-17 16:21 - 2014-06-17 16:21 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx64.sys2014-06-17 16:07 - 2014-06-17 16:07 - 00328984 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgloga.sys2014-06-17 16:06 - 2014-06-17 16:06 - 00242968 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys2014-06-17 16:06 - 2014-06-17 16:06 - 00190744 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsha.sys2014-06-17 16:06 - 2014-06-17 16:06 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys2014-06-17 16:06 - 2014-06-17 16:06 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx64.sys2014-06-17 16:06 - 2014-06-17 16:06 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgrkx64.sys2014-06-16 11:23 - 2014-06-16 11:23 - 00067067 _____ () C:\Users\daniel\Downloads\wareztugatv-streamer (4).crx2014-06-16 10:45 - 2014-06-16 10:45 - 00183952 _____ () C:\Users\daniel\Downloads\Squash.zip2014-06-14 13:18 - 2013-10-27 22:55 - 00000000 ____D () C:\ProgramData\Microsoft Help2014-06-13 16:56 - 2014-03-20 12:26 - 05198640 _____ () C:\windows\system32\FNTCACHE.DAT2014-06-13 16:56 - 2013-04-10 16:04 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation2014-06-12 19:21 - 2012-07-26 08:59 - 00000000 ____D () C:\windows\CbsTemp2014-06-12 19:17 - 2013-08-02 20:35 - 00000000 ____D () C:\windows\system32\MRT2014-06-12 19:13 - 2013-07-20 12:09 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe2014-06-11 19:52 - 2014-06-11 19:32 - 00000000 ____D () C:\Users\daniel\AppData\Local\NVIDIA Corporation2014-06-11 19:52 - 2014-06-11 19:32 - 00000000 ____D () C:\Users\daniel\AppData\Local\NVIDIA2014-06-11 19:32 - 2014-06-11 19:32 - 00000000 _____ () C:\windows\setuperr.log2014-06-11 19:32 - 2014-06-11 18:44 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Tunngle2014-06-11 19:32 - 2013-04-10 16:04 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation2014-06-11 19:32 - 2013-04-10 16:03 - 00000000 ____D () C:\Program Files\NVIDIA Corporation2014-06-11 19:31 - 2014-06-11 19:31 - 30000520 _____ (NVIDIA Corporation) C:\Users\daniel\Downloads\GeForce_Experience_v2.1.0.0.exe2014-06-11 18:52 - 2014-06-11 18:45 - 00000000 _____ () C:\windows\SysWOW64\Access.dat2014-06-11 18:44 - 2014-06-11 18:44 - 00000000 ____D () C:\Users\daniel\Documents\Tunngle2014-06-11 18:43 - 2014-06-11 18:43 - 04055968 _____ (Tunngle.net GmbH ) C:\Users\daniel\Downloads\Tunngle_Setup_v4.5.1.4b.exe2014-06-11 17:12 - 2014-06-11 17:12 - 602894349 _____ () C:\Users\daniel\Downloads\The Stomping Land Fix Totem.rar2014-06-11 16:59 - 2014-04-20 23:51 - 00000000 ____D () C:\DOSBox-0.742014-06-10 18:00 - 2014-06-10 16:00 - 00000000 ____D () C:\Program Files (x86)\Outlast Whistleblower2014-06-09 23:43 - 2014-06-09 23:13 - 00000000 ____D () C:\Users\daniel\Downloads\The Forest Early Access 0.01b PC game ^^nosTEAM^^2014-06-09 23:10 - 2014-06-09 23:10 - 00012300 _____ () C:\Users\daniel\Downloads\[kickass.to]the.forest.early.access.0.01b.pc.game.nosteam.torrent2014-06-09 22:44 - 2014-06-09 00:20 - 664029124 _____ (Cat-A-Cat ) C:\Users\daniel\Downloads\The Forest.exe2014-06-09 00:18 - 2014-06-09 00:18 - 00013191 _____ () C:\Users\daniel\Downloads\[kickass.to]the.forest.early.access.2014.pc.repack.torrent2014-06-08 22:23 - 2014-05-31 17:28 - 00000000 ____D () C:\AeriaGames2014-06-08 22:20 - 2014-05-31 17:58 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames Files to move or delete:====================C:\Users\daniel\AppData\Roaming\CamLayout.iniC:\Users\daniel\AppData\Roaming\CamShapes.ini Some content of TEMP:====================C:\Users\daniel\AppData\Local\Temp\Uninstall.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-02 14:37 ==================== End Of Log ============================
  15. danielce23
    And what should I do after?
  16. danielce23
    I have to remove all the cracked software, right now?
  17. danielce23
    And here the Addiction.txt: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01Ran by daniel at 2014-07-08 17:52:43Running from C:\Users\daniel\DownloadsBoot Mode: Normal========================================================== ==================== Security Center ======================== AV: AVG Internet Security 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: AVG Internet Security 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2} ==================== Installed Programs ====================== µTorrent (HKCU\...\uTorrent) (Version: 3.3.1.29938 - BitTorrent Inc.)Actualizações da NVIDIA 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) HiddenAdobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)Adobe AIR (x32 Version: 13.0.0.111 - Adobe Systems Incorporated) HiddenAdobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.152 - Adobe Systems Incorporated)Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) HiddenAge of Empires II HD The Forgotten (HKLM-x32\...\QWdlb2ZFbXBpcmVzSUlIRFRoZUZvcmdvdHRlbg==_is1) (Version: 1 - )Age of Mythology Gold Edition 1.00 (HKLM-x32\...\Age of Mythology Gold Edition 1.00) (Version: - )Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) HiddenAVG 2014 (HKLM\...\AVG) (Version: 2014.0.4716 - AVG Technologies)AVG 2014 (Version: 14.0.3986 - AVG Technologies) HiddenAVG 2014 (Version: 14.0.4716 - AVG Technologies) HiddenBalsamiq Mockups For Desktop (HKLM-x32\...\BalsamiqMockupsForDesktop.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1) (Version: 2.2.21 - Balsamiq SRL)Balsamiq Mockups For Desktop (x32 Version: 2.2.21 - Balsamiq SRL) HiddenBejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) HiddenBizagi Process Modeler (HKLM-x32\...\InstallShield_{15F1B53E-973B-4147-A530-6D03D285931D}) (Version: 2.6.04 - Bizagi Limited)Bizagi Process Modeler (Version: 2.6.04 - Bizagi Limited) HiddenBS Player ControlBar Toolbar (HKLM-x32\...\BS_Player_ControlBar Toolbar) (Version: 6.14.0.28 - BS Player ControlBar)BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.64.1073 - AB Team, d.o.o.)Bundled software uninstaller (HKLM-x32\...\bi_uninstaller) (Version: - ) <==== ATTENTIONCCleaner (HKLM\...\CCleaner) (Version: 4.07 - Piriform)Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) HiddenD3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenDAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0335 - Disc Soft Ltd)Dealply (HKCU\...\Dealply) (Version: - ) <==== ATTENTIONDealPly (remove only) (HKLM-x32\...\DealPly) (Version: 4.8.7.2 - DealPly Technologies Ltd.) <==== ATTENTIONDefinition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6FBE07BA-4C6D-451A-90AB-05250B8F08F2}) (Version: - Microsoft)Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{2BC398D2-11C8-43B1-AB84-675D33EB28C2}) (Version: - Microsoft)Desura (HKLM-x32\...\Desura) (Version: 100.53 - Desura)Electronics Workbench V5.12 (HKLM-x32\...\Electronics_Workbench_V5) (Version: - )Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) HiddenFerramentas de Verificação do Microsoft Office 2013 - Português (HKLM-x32\...\{90150000-001F-0816-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)Football Manager 2014 (HKLM-x32\...\Football Manager 2014_is1) (Version: Football Manager 2014 - )Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )Galeria de Fotografias (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenGoogle Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)Intel AppUp® center (HKLM-x32\...\Intel AppUp® center 41663) (Version: 3.8.0.41663.61 - Intel)Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2875 - Intel Corporation)Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) HiddenIsland Tribe (x32 Version: 2.2.0.98 - WildTangent) HiddenJava 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) HiddenJava SE Development Kit 7 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) HiddenMagic Academy (x32 Version: 2.2.0.98 - WildTangent) HiddenMalwarebytes Anti-Malware versão 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)Microsoft Access MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Access Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) HiddenMicrosoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) HiddenMicrosoft DCF MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Excel MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Groove MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft InfoPath MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Lync MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office OSM MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office OSM UX MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office Proofing (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office Proofing Tools 2013 - Español (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office Shared 64-bit MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office Shared 64-bit Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office Shared MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office Shared Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft OneNote MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Outlook MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft PowerPoint MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Publisher MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Word MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) HiddenMicrosoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) HiddenMotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenMSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) HiddenMSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) HiddenMSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) HiddenMSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)My Game Long Name (HKLM\...\UDK-6d15850e-2822-4118-a23f-ea7b1ba58c8e) (Version: - Epic Games, Inc.)My Game Long Name (HKLM\...\UDK-c9f71a33-59e4-4032-a926-a84ce892baf5) (Version: - Epic Games, Inc.)NetBeans IDE 7.4 (HKLM-x32\...\nbi-nb-base-7.4.0.0.201310111528) (Version: 7.4 - NetBeans.org)NVIDIA Control Panel 306.97 (Version: 306.97 - NVIDIA Corporation) HiddenNVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)NVIDIA Graphics Driver 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) HiddenNVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) HiddenNVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) HiddenNVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) HiddenNVIDIA PhysX (x32 Version: 9.12.0604 - NVIDIA Corporation) HiddenNVIDIA PhysX System Software 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) HiddenNVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) HiddenNVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) HiddenOptimizer Pro v3.0 (HKLM-x32\...\Optimizer Pro_is1) (Version: 3.0 - PC Utilities Pro) <==== ATTENTIONOs Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.631 - Electronic Arts)Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) HiddenOutlast: Whistleblower (HKLM-x32\...\T3V0bGFzdFdoaXN0bGVibG93ZXI=_is1) (Version: 1 - )Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) HiddenPhoto Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenPhoto Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenPlagueInc 1.0 (HKLM-x32\...\PlagueInc 1.0) (Version: 1.0 - Cat-A-Cat)Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) HiddenPolar Bowler (x32 Version: 2.2.0.97 - WildTangent) HiddenPowerISO (HKLM-x32\...\PowerISO) (Version: 5.6 - Power Software Ltd)Realtek Bluetooth Filter Driver Package (HKLM-x32\...\InstallShield_{0CC0980D-811D-43B8-A455-8D150EB5BC0D}) (Version: 12.24.2012.0802 - REALTEK Semiconductor Corp)Realtek Bluetooth Filter Driver Package (x32 Version: 12.24.2012.0802 - REALTEK Semiconductor Corp) HiddenRealtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6794 - Realtek Semiconductor Corp.)Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (x32 Version: - Microsoft) HiddenShared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) HiddenSkype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)SRS Premium Sound Control Panel (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.5000 - SRS Labs, Inc.)Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)Super Meat Boy v1.5 (HKLM-x32\...\Super Meat Boy v1.5_is1) (Version: - Team Meat)Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.21 - Synaptics Incorporated)System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.08.6402 - Toshiba Corporation)TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6417 - Toshiba Corporation)TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.51.8.2C - TOSHIBA CORPORATION)TOSHIBA Flash Cards Support Utility (x32 Version: 1.51.8.2C - TOSHIBA CORPORATION) HiddenTOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6626.6410 - Toshiba Corporation)TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.5.1.1 - Toshiba Corporation)TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 1.0.0.5C - Toshiba Corporation)TOSHIBA Password Utility (x32 Version: 1.0.0.5C - Toshiba Corporation) HiddenTOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.1.54043006 - Toshiba Corporation)TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)TOSHIBA Service Station (HKLM\...\{B8C8422F-01F1-4791-B084-047AAFF9BFCC}) (Version: 2.4.4 - TOSHIBA)TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0015 - Toshiba Corporation)TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH)TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.1.0.21-A - Toshiba Corporation)Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version: - Tunngle.net GmbH)Update for Microsoft Excel 2013 (KB2760339) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0816-0000-0000000FF1CE}_Office15.PROPLUS_{5AF12BAD-24FF-4435-AD4D-028304D2C2CB}) (Version: - Microsoft)Update for Microsoft Excel 2013 (KB2760339) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0816-0000-0000000FF1CE}_Office15.PROPLUS_{5AF12BAD-24FF-4435-AD4D-028304D2C2CB}) (Version: - Microsoft)Update for Microsoft Excel 2013 (KB2760339) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0816-0000-0000000FF1CE}_Office15.PROPLUS_{5AF12BAD-24FF-4435-AD4D-028304D2C2CB}) (Version: - Microsoft)Update for Microsoft Excel 2013 (KB2760339) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0816-0000-0000000FF1CE}_Office15.PROPLUS_{5AF12BAD-24FF-4435-AD4D-028304D2C2CB}) (Version: - Microsoft)Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)Update for Microsoft Lync 2013 (KB2760512) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0816-0000-0000000FF1CE}_Office15.PROPLUS_{111488AB-6858-4070-9E96-C897651BE6A2}) (Version: - Microsoft)Update for Microsoft Lync 2013 (KB2760556) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4E4070FA-FD57-4525-B386-654E72B17AA3}) (Version: - Microsoft)Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{AC57CF13-C24E-4C00-969F-5394DAE589C5}) (Version: - Microsoft)Update for Microsoft Lync 2013 (KB2850074) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{A4EACEBA-1944-45DB-B547-8967AA7926B9}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4F307363-49DA-4AE7-9D9D-DAA1FF59274F}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2752025) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{85BB7F80-F649-4890-83A5-BFB757DCC83F}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2752094) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{3028DB10-7144-49CC-AC4E-86DDC0D80BC2}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4F8AD68D-9F41-446E-AA81-C43BF88671BF}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2760343) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{09745343-EFB5-47DB-A2A3-D6DAA2EDCD43}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2767845) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7E8D777B-BD75-480D-AC03-AF9C3D83CDBF}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2767860) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{ED03CCD1-6F78-4F6E-B16E-195C33B37D7A}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0816-0000-0000000FF1CE}_Office15.PROPLUS_{D34A8FB9-6058-422A-A73E-6F65CB064F54}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2810014) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{ACA66343-9133-4E28-92D6-2311210B80CC}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2810017) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{DD93525B-9AD5-4349-B2A3-357730A2A8F4}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2810017) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0816-0000-0000000FF1CE}_Office15.PROPLUS_{6F4C1B87-473E-422E-A83D-676CCF53E525}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2810018) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7039E7CD-C93C-4F4E-9394-206E5AF19B71}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{9BC5FF1D-9626-44D7-BC7F-EB44BD8BDB9F}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2878313) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1FB43AFB-8112-41B9-B9A6-A43474F46123}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880464) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{06EF2BF7-7351-4D70-A0D5-588FCCF9808D}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{3365FE58-896F-45DE-8051-E48F6D8069FD}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{A2D4D766-14AE-46CA-BD99-801FB1523626}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0C0A-0000-0000000FF1CE}_Office15.PROPLUSR_{17F87C6D-FB2C-40BA-9228-5C49C9A27972}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0090-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)Update for Microsoft OneNote 2013 (KB2768011) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{C72E5FFA-67C2-4800-A004-23540A3ADE78}) (Version: - Microsoft)Update for Microsoft OneNote 2013 (KB2768011) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0816-0000-0000000FF1CE}_Office15.PROPLUS_{DDAA5F4A-303A-45D5-9750-5383ECB9D82D}) (Version: - Microsoft)Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version: - Microsoft)Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version: - Microsoft)Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version: - Microsoft)Update for Microsoft Outlook 2013 (KB2810015) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{62B432E8-BE85-4EAA-ACCF-27746B25E566}) (Version: - Microsoft)Update for Microsoft Outlook 2013 (KB2810015) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0816-0000-0000000FF1CE}_Office15.PROPLUS_{1CBE1B29-EFE4-4C9A-A113-CF20DB95B019}) (Version: - Microsoft)Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version: - Microsoft)Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version: - Microsoft)Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version: - Microsoft)Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version: - Microsoft)Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{90150000-0019-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version: - Microsoft)Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version: - Microsoft)Update for Microsoft SkyDrive Pro (KB2767865) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{16BCD4A9-864A-45ED-8C6B-1D91BA9B6428}) (Version: - Microsoft)Update for Microsoft SkyDrive Pro (KB2810019) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0816-1000-0000000FF1CE}_Office15.PROPLUS_{A5EB6A93-71B1-4CB1-87F7-75F7F7D7D071}) (Version: - Microsoft)Update for Microsoft SkyDrive Pro (KB2810019) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0816-0000-0000000FF1CE}_Office15.PROPLUS_{A5EB6A93-71B1-4CB1-87F7-75F7F7D7D071}) (Version: - Microsoft)Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version: - Microsoft)Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)Utility Common Driver (x32 Version: 1.0.52.6 - TOSHIBA) HiddenVirtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) HiddenVisual Paradigm for UML 11.0 (HKLM\...\1106-5897-7327-6550) (Version: 11.0 - Visual Paradigm International Ltd.)Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)WildTangent Games App (Toshiba Games) (x32 Version: 4.0.10.25 - WildTangent) HiddenWildTangent Games App (x32 Version: 4.0.11.2 - WildTangent) HiddenWindows Driver Package - Realtek Semiconductor Corp. RtkBtFilter Bluetooth (07/11/2012 2.3.13.3) (HKLM\...\57F58DC141BEB353704E041792E5B00606694FEA) (Version: 07/11/2012 2.3.13.3 - Realtek Semiconductor Corp.)Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWindows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWindows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWindows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWindows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWindows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWindows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWindows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWindows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWinRAR 4.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH) ==================== Restore Points ========================= 24-06-2014 10:49:48 Windows Update07-07-2014 18:10:48 OTL Restore Point - 07/07/2014 19:10:42 ==================== Hosts content: ========================== 2012-07-26 06:26 - 2014-07-07 19:09 - 00000098 ____A C:\windows\system32\Drivers\etc\hosts127.0.0.1 localhost::1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTaskTask: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsListTask: {2C7ABEE4-8A25-4BD9-B9D9-ADFFDA701E05} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-18] (Google Inc.)Task: {66A74AA8-E1F6-43B6-B7EF-F8A37B7B5578} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DANIEL-daniel Daniel => C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2014-04-08] (Microsoft Corporation)Task: {7726CE94-9C02-4DA7-917A-83748E6BA5C2} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)Task: {88586A48-8C16-4D83-B9FE-BDB5792B0127} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-06-12] (Microsoft Corporation)Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensingTask: {B629A875-F919-4117-AEB4-31AE9FDD5030} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-18] (Toshiba Europe GmbH)Task: {C686ED9B-B851-40CF-9951-92DF32C58151} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2012-07-27] (TOSHIBA Corporation)Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryStateTask: {DC14CDE2-D3E6-45CB-AE36-709881040B2E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-18] (Google Inc.)Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTaskTask: {F71E98DF-3732-4671-B7B0-D9B4FF6E9FB3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exeTask: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-05-14 08:15 - 2014-05-14 08:15 - 08890536 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll2013-01-31 23:49 - 2012-10-23 22:44 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll2012-10-31 23:15 - 2012-10-31 23:15 - 02565544 _____ () C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe2012-07-19 02:38 - 2012-07-19 02:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll2012-07-19 02:38 - 2012-07-19 02:38 - 00049064 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\FnZ.dll2012-08-14 03:13 - 2012-08-14 03:13 - 00018344 _____ () C:\Program Files\TOSHIBA\Teco\TecoMUI.dll2012-08-04 23:01 - 2012-08-04 23:01 - 00213136 _____ () C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe2011-08-12 22:57 - 2011-08-12 22:57 - 00437632 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\TcrdKBB.exe2014-06-12 19:13 - 2014-06-12 19:13 - 01179136 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.UI\cce138051887d83dccffdc206031b09f\Windows.UI.ni.dll2014-06-12 19:13 - 2014-06-12 19:13 - 00351232 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Data\c355b610137057eab41db4660c5c19e1\Windows.Data.ni.dll2014-02-20 15:15 - 2014-02-20 15:15 - 00295936 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\674a093211b1f8a3e570f640741e3b98\Windows.Foundation.ni.dll2014-05-24 13:05 - 2014-05-31 02:27 - 01116672 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll2014-05-24 13:05 - 2014-05-31 02:27 - 00399360 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll2014-01-08 20:46 - 2014-05-31 02:27 - 00331264 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll2014-04-23 10:37 - 2014-05-31 02:27 - 00438784 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll2013-10-24 10:45 - 2014-06-26 23:40 - 00764416 _____ () C:\Program Files (x86)\Steam\SDL2.dll2014-05-24 13:05 - 2014-06-30 22:47 - 02139328 _____ () C:\Program Files (x86)\Steam\video.dll2014-05-24 13:05 - 2014-04-29 01:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll2013-10-30 12:25 - 2014-06-30 22:46 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL2013-10-23 13:07 - 2014-05-02 00:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll2013-06-14 16:49 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll2013-06-14 16:49 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll2013-06-14 16:49 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll2013-04-10 16:04 - 2012-10-03 03:51 - 00004096 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll2013-04-10 16:02 - 2012-06-26 01:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll2014-06-12 15:55 - 2014-06-05 14:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll2014-06-12 15:55 - 2014-06-05 14:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll2014-06-12 15:55 - 2014-06-05 14:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll2014-06-12 15:55 - 2014-06-05 14:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll2014-06-12 15:55 - 2014-06-05 14:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= HKLM\...\StartupApproved\Run32: => "Aeria Ignite"HKCU\...\StartupApproved\Run: => "uTorrent"HKCU\...\StartupApproved\Run: => "DAEMON Tools Lite" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (07/08/2014 00:18:01 AM) (Source: Perflib) (EventID: 1008) (User: )Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (07/07/2014 08:36:27 PM) (Source: NvStreamSvc) (EventID: 1) (User: )Description: NvStreamSvcNetworkStreamService did not shut down when asked, terminating. [0] Error: (07/07/2014 08:36:26 PM) (Source: NvStreamSvc) (EventID: 1) (User: )Description: NvStreamSvcFailed to launch stream service as user [87] Error: (07/07/2014 08:36:13 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: O programa Explorer.EXE versão 6.2.9200.16628 deixou de interagir com o Windows e foi fechado. Para verificar se existem mais informações disponíveis sobre o problema, consulte o histórico de problemas no painel de controlo do Centro de Ação. ID do Processo: 15f0 Hora de Início: 01cf9a1218405a56 Hora de Cessação: 0 Caminho da Aplicação: C:\windows\Explorer.EXE ID do Relatório: b54ef636-060d-11e4-beb1-2cd05ac29869 Nome completo do pacote com falha: ID da aplicação relativa ao pacote com falha: Error: (07/07/2014 08:28:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DANIEL)Description: A ativação da aplicação Microsoft.BingSports_8wekyb3d8bbwe!AppexSports falhou com o erro: -2147024865. Consulte o registo Microsoft-Windows-TWinUI/Operacional para obter informações adicionais. Error: (07/07/2014 08:28:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DANIEL)Description: A ativação da aplicação Microsoft.BingWeather_8wekyb3d8bbwe!App falhou com o erro: -2147024865. Consulte o registo Microsoft-Windows-TWinUI/Operacional para obter informações adicionais. Error: (07/07/2014 02:09:09 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Nome da aplicação com falha: regsvr32.exe, versão: 6.2.9200.16384, carimbo de data/hora: 0x5010a64aNome do módulo com falha: ntdll.dll, versão: 6.2.9200.16578, carimbo de data/hora: 0x515fac6eCódigo de exceção: 0xc0000005Desvio de falha: 0x00043672ID do processo com falha: 0x3cHora de início da aplicação com falha: 0xregsvr32.exe0Caminho da aplicação com falha: regsvr32.exe1Caminho do módulo com falha: regsvr32.exe2ID do Relatório: regsvr32.exe3Nome completo do pacote com falha: regsvr32.exe4ID da aplicação relativa ao pacote com falha: regsvr32.exe5 Error: (07/07/2014 02:09:08 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Nome da aplicação com falha: regsvr32.exe, versão: 6.2.9200.16384, carimbo de data/hora: 0x5010a64aNome do módulo com falha: Torntv V9.0-bho.dll, versão: 1.0.0.1, carimbo de data/hora: 0x53b9c7a3Código de exceção: 0xc00000fdDesvio de falha: 0x0003d717ID do processo com falha: 0x3cHora de início da aplicação com falha: 0xregsvr32.exe0Caminho da aplicação com falha: regsvr32.exe1Caminho do módulo com falha: regsvr32.exe2ID do Relatório: regsvr32.exe3Nome completo do pacote com falha: regsvr32.exe4ID da aplicação relativa ao pacote com falha: regsvr32.exe5 Error: (07/07/2014 02:06:06 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Nome da aplicação com falha: regsvr32.exe, versão: 6.2.9200.16384, carimbo de data/hora: 0x5010a64aNome do módulo com falha: ntdll.dll, versão: 6.2.9200.16578, carimbo de data/hora: 0x515fac6eCódigo de exceção: 0xc0000005Desvio de falha: 0x00043672ID do processo com falha: 0xd44Hora de início da aplicação com falha: 0xregsvr32.exe0Caminho da aplicação com falha: regsvr32.exe1Caminho do módulo com falha: regsvr32.exe2ID do Relatório: regsvr32.exe3Nome completo do pacote com falha: regsvr32.exe4ID da aplicação relativa ao pacote com falha: regsvr32.exe5 Error: (07/07/2014 02:06:03 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Nome da aplicação com falha: regsvr32.exe, versão: 6.2.9200.16384, carimbo de data/hora: 0x5010a64aNome do módulo com falha: Torntv V9.0-bho.dll, versão: 1.0.0.1, carimbo de data/hora: 0x53b9c7a3Código de exceção: 0xc00000fdDesvio de falha: 0x0003d717ID do processo com falha: 0xd44Hora de início da aplicação com falha: 0xregsvr32.exe0Caminho da aplicação com falha: regsvr32.exe1Caminho do módulo com falha: regsvr32.exe2ID do Relatório: regsvr32.exe3Nome completo do pacote com falha: regsvr32.exe4ID da aplicação relativa ao pacote com falha: regsvr32.exe5 System errors:=============Error: (07/08/2014 04:14:59 AM) (Source: NetBT) (EventID: 4321) (User: )Description: O nome "WORKGROUP :1d" não pode ser registado na interface com o endereço IP 192.168.1.73.O computador com o endereço IP 192.168.1.253 não permitiu que o nome fosse reivindicado por este computador. Error: (07/07/2014 08:28:15 PM) (Source: DCOM) (EventID: 10001) (User: DANIEL)Description: "C:\windows\system32\backgroundTaskHost.exe" -ServerName:AppexSports.AppXpgfzkkax0p24b53pgd813d7zpchsy299.mca31AppexSports.AppXzwt95zf827jx8vevssdmkdacbwrgjgeb.mcaIndisponívelIndisponível Error: (07/07/2014 08:28:15 PM) (Source: DCOM) (EventID: 10001) (User: DANIEL)Description: "C:\windows\system32\backgroundTaskHost.exe" -ServerName:App.AppX42r8evwg359fn5xfrxhj5nv2n3dnya3e.mca31App.AppXckhq7ex47a0jh2z0wj5cd086mqkeegzy.mcaIndisponívelIndisponível Error: (07/07/2014 06:55:42 PM) (Source: Application Popup) (EventID: 1060) (User: )Description: \??\C:\Windows\SysWow64\drivers\TrueSight.sys Error: (07/07/2014 05:56:05 PM) (Source: Application Popup) (EventID: 1060) (User: )Description: \??\C:\Windows\SysWow64\drivers\TrueSight.sys Error: (07/07/2014 03:33:19 PM) (Source: Application Popup) (EventID: 1060) (User: )Description: \??\C:\Windows\SysWow64\drivers\TrueSight.sys Error: (07/07/2014 03:32:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: O serviço Serviço DealPly Live (dealplylive) falhou o arranque devido ao seguinte erro: %%2 Error: (07/07/2014 02:13:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: O serviço Serviço DealPly Live (dealplylive) falhou o arranque devido ao seguinte erro: %%2 Error: (07/07/2014 02:08:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: O serviço WindowsMangerProtect Service terminou inesperadamente. Isto aconteceu 1 vez(es). Error: (07/03/2014 06:53:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: O serviço Serviço DealPly Live (dealplylive) falhou o arranque devido ao seguinte erro: %%2 Microsoft Office Sessions:=========================Error: (07/08/2014 00:18:01 AM) (Source: Perflib) (EventID: 1008) (User: )Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (07/07/2014 08:36:27 PM) (Source: NvStreamSvc) (EventID: 1) (User: )Description: NvStreamSvcNetworkStreamService did not shut down when asked, terminating. [0] Error: (07/07/2014 08:36:26 PM) (Source: NvStreamSvc) (EventID: 1) (User: )Description: NvStreamSvcFailed to launch stream service as user [87] Error: (07/07/2014 08:36:13 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: Explorer.EXE6.2.9200.1662815f001cf9a1218405a560C:\windows\Explorer.EXEb54ef636-060d-11e4-beb1-2cd05ac29869 Error: (07/07/2014 08:28:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DANIEL)Description: Microsoft.BingSports_8wekyb3d8bbwe!AppexSports-2147024865 Error: (07/07/2014 08:28:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DANIEL)Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2147024865 Error: (07/07/2014 02:09:09 PM) (Source: Application Error) (EventID: 1000) (User: )Description: regsvr32.exe6.2.9200.163845010a64antdll.dll6.2.9200.16578515fac6ec0000005000436723c01cf99e4a2d8cc16C:\windows\SysWOW64\regsvr32.exeC:\windows\SYSTEM32\ntdll.dlle1922f75-05d7-11e4-beab-2cd05ac29869 Error: (07/07/2014 02:09:08 PM) (Source: Application Error) (EventID: 1000) (User: )Description: regsvr32.exe6.2.9200.163845010a64aTorntv V9.0-bho.dll1.0.0.153b9c7a3c00000fd0003d7173c01cf99e4a2d8cc16C:\windows\SysWOW64\regsvr32.exeC:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho.dlle0b2a523-05d7-11e4-beab-2cd05ac29869 Error: (07/07/2014 02:06:06 PM) (Source: Application Error) (EventID: 1000) (User: )Description: regsvr32.exe6.2.9200.163845010a64antdll.dll6.2.9200.16578515fac6ec000000500043672d4401cf99e43287948bC:\windows\SysWOW64\regsvr32.exeC:\windows\SYSTEM32\ntdll.dll7422db6b-05d7-11e4-beab-2cd05ac29869 Error: (07/07/2014 02:06:03 PM) (Source: Application Error) (EventID: 1000) (User: )Description: regsvr32.exe6.2.9200.163845010a64aTorntv V9.0-bho.dll1.0.0.153b9c7a3c00000fd0003d717d4401cf99e43287948bC:\windows\SysWOW64\regsvr32.exeC:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho.dll723b7833-05d7-11e4-beab-2cd05ac29869 ==================== Memory info =========================== Percentage of memory in use: 41%Total physical RAM: 8081.68 MBAvailable physical RAM: 4714.96 MBTotal Pagefile: 9297.68 MBAvailable Pagefile: 6322.19 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.78 MB ==================== Drives ================================ Drive c: (TI31049100A) (Fixed) (Total:918.63 GB) (Free:792.6 GB) NTFSDrive d: (finalpor) (CDROM) (Total:0.17 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (Size: 932 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End Of Log ============================ And the aswMBR.txt: aswMBR version 1.0.1.2041 Copyright© 2014 AVAST SoftwareRun date: 2014-07-08 17:56:12-----------------------------17:56:12.577 OS Version: Windows x64 6.2.9200 17:56:12.577 Number of processors: 8 586 0x3A0917:56:12.579 ComputerName: DANIEL UserName: daniel17:56:15.613 Initialize success17:56:15.707 VM: initialized successfully17:56:15.710 VM: Intel CPU supported 17:56:58.491 VM: disk I/O iaStorA.sys17:58:09.845 AVAST engine defs: 1407080117:58:51.159 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000004517:58:51.164 Disk 0 Vendor: TOSHIBA_MQ01ABD100 AX003M Size: 953869MB BusType: 1117:58:51.306 Disk 0 MBR read successfully17:58:51.312 Disk 0 MBR scan17:58:51.319 Disk 0 unknown MBR code17:58:51.325 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 117:58:51.475 Disk 0 scanning C:\windows\system32\drivers17:59:05.134 Service scanning17:59:53.703 Modules scanning17:59:53.716 Disk 0 trace - called modules:17:59:54.065 ntoskrnl.exe CLASSPNP.SYS disk.sys thpdrv.sys ACPI.sys storport.sys hal.dll iaStorA.sys 17:59:54.074 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008dfa060]17:59:54.082 3 CLASSPNP.SYS[fffff88000c01e0a] -> nt!IofCallDriver -> \Device\THPDRV1[0xfffffa8008dfb060]17:59:54.090 5 thpdrv.sys[fffff880021e5b3b] -> nt!IofCallDriver -> [0xfffffa8007b21dd0]17:59:54.098 7 ACPI.sys[fffff88001179a91] -> nt!IofCallDriver -> \Device\00000045[0xfffffa8007a9e060]17:59:56.823 AVAST engine scan C:\windows18:00:04.534 AVAST engine scan C:\windows\system3218:04:27.368 AVAST engine scan C:\windows\system32\drivers18:04:49.502 AVAST engine scan C:\Users\daniel18:08:52.553 File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Desktop.OS.dll **INFECTED** Win32:Webcake-A [Adw]18:08:52.636 File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Dora.dat **INFECTED** Win32:Webcake-A [Adw]18:08:52.719 File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Maintain.dat **INFECTED** Win32:Webcake-A [Adw]18:08:52.771 File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Paladin.dat **INFECTED** Win32:Webcake-A [Adw]18:08:52.890 File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Phoenix.dat **INFECTED** Win32:Webcake-A [Adw]18:11:57.056 AVAST engine scan C:\ProgramData18:13:16.368 Scan finished successfully18:18:34.122 Disk 0 MBR has been saved successfully to "C:\Users\daniel\Desktop\MBR.dat"18:18:34.127 The log file has been saved successfully to "C:\Users\daniel\Desktop\aswMBR.txt"
  18. danielce23
    Thanks for the help. Here it is the FRST.txt : Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01 Ran by daniel (administrator) on DANIEL on 08-07-2014 17:51:33 Running from C:\Users\daniel\Downloads Platform: Windows 8 (X64) OS Language: Português (Portugal) Internet Explorer Version 10 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe () C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe () C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe () C:\Program Files\TOSHIBA\Hotkey\Hotkey\TCrdKBB.exe (TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Akamai Technologies, Inc.) C:\Users\daniel\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\daniel\AppData\Local\Akamai\netsession_win.exe (Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (BitTorrent Inc.) C:\Users\daniel\Downloads\utorrent.exe (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [] => [X] HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13261456 2012-11-29] (Realtek Semiconductor) HKLM\...\Run: [sRS Premium Sound 3D] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-20] (SRS Labs, Inc.) HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565544 2012-10-31] () HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation) HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-04] (TOSHIBA Corporation) HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] () HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation) HKLM\...\Run: [TosPU] => C:\Program Files\TOSHIBA\PasswordUtility\TosPU.exe [2374552 2012-08-27] (Copyright © TOSHIBA Corp. 2012) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2350880 2014-05-30] (NVIDIA Corporation) HKLM\...\Run: [shadowPlay] => C:\windows\system32\nvspcap64.dll [1279480 2014-05-29] (NVIDIA Corporation) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-28] (Synaptics Incorporated) HKLM-x32\...\Run: [intel AppUp® center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-12-18] (Intel Corporation) HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2012-07-21] (TOSHIBA CORPORATION) HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-07-03] (Power Software Ltd) HKLM-x32\...\Run: [tuto4pc_pt_18] => [X] HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5179408 2014-06-17] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment) Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-3878485727-3170171642-3420939130-1002\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent HKU\S-1-5-21-3878485727-3170171642-3420939130-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd) HKU\S-1-5-21-3878485727-3170171642-3420939130-1002\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe HKU\S-1-5-21-3878485727-3170171642-3420939130-1002\...\Run: [Akamai NetSession Interface] => C:\Users\daniel\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.) HKU\S-1-5-21-3878485727-3170171642-3420939130-1002\...\Run: [spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1199576 2013-01-31] (Spotify Ltd) HKU\S-1-5-21-3878485727-3170171642-3420939130-1002\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [1753280 2014-06-30] (Valve Corporation) AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [247144 2012-10-03] (NVIDIA Corporation) AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [202600 2012-10-03] (NVIDIA Corporation) AppInit_DLLs-x32: c:\progra~2\optimi~1\optpro~1.dll => "c:\progra~2\optimi~1\optpro~1.dll" File Not Found ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S&q={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com URLSearchHook: HKLM-x32 - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.) URLSearchHook: HKCU - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.) StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {C62BF5D9-086A-4A9E-854B-70C0EF781786} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {C62BF5D9-086A-4A9E-854B-70C0EF781786} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS SearchScopes: HKCU - DefaultScope {C62BF5D9-086A-4A9E-854B-70C0EF781786} URL = SearchScopes: HKCU - {C62BF5D9-086A-4A9E-854B-70C0EF781786} URL = SearchScopes: HKCU - {FF3A512A-7699-4A8F-B237-57A227D82FD4} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559&CUI=UN20912038101886176&UM=1 BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.) Toolbar: HKLM-x32 - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.) Toolbar: HKCU - No Name - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll () FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation) Chrome: ======= CHR HomePage: hxxp://isearch.omiga-plus.com/?type=hp&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S CHR StartupUrls: "https://www.google.com/" CHR Extension: (wareztuga.tv streamer) - C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajnommifabkikkfaponcacapkfaghkcj [2014-06-16] CHR Extension: (AdBlock) - C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-27] CHR Extension: (Into The Mist) - C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh [2014-07-07] CHR Extension: (Google Wallet) - C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21] CHR StartMenuInternet: Google Chrome - chrome.exe ==================== Services (Whitelisted) ================= R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1417160 2014-06-17] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3241488 2014-06-27] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation) S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-12-05] (Realtek Semiconductor) R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-18] (Toshiba Europe GmbH) S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-17] (AVG Technologies CZ, s.r.o.) R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.) R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [274712 2014-05-14] (AVG Technologies CZ, s.r.o.) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-07-25] (Disc Soft Ltd) S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-03] (Realtek Semiconductor Corp.) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [24208 2012-07-11] (Realtek Microelectronics) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1498256 2012-08-29] (Realtek Semiconductor Corporation ) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31032 2012-11-30] (Synaptics Incorporated) R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net) R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows ® Win 7 DDK provider) U3 TrueSight; C:\Windows\SysWOW64\drivers\TrueSight.sys [29696 2014-07-07] () S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X] S3 xhunter1; \??\C:\windows\xhunter1.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-08 17:52 - 2014-07-08 17:52 - 00001484 _____ () C:\Users\daniel\Desktop\FRST64 - Atalho.lnk 2014-07-08 17:51 - 2014-07-08 17:52 - 00021371 _____ () C:\Users\daniel\Downloads\FRST.txt 2014-07-08 17:51 - 2014-07-08 17:51 - 00000000 ____D () C:\FRST 2014-07-08 17:50 - 2014-07-08 17:51 - 02084352 _____ (Farbar) C:\Users\daniel\Downloads\FRST64.exe 2014-07-08 16:11 - 2014-07-08 16:14 - 00001797 _____ () C:\Users\daniel\Desktop\chrome - Atalho.lnk 2014-07-08 16:03 - 2014-07-08 16:03 - 00000727 _____ () C:\Users\daniel\Desktop\play-TheForest - Atalho.lnk 2014-07-08 16:01 - 2014-07-08 16:01 - 00001187 _____ () C:\Users\daniel\Desktop\utorrent - Atalho.lnk 2014-07-07 18:49 - 2014-07-07 18:51 - 00001797 _____ () C:\Users\daniel\Desktop\fm.exe.lnk 2014-07-07 18:36 - 2014-07-07 18:36 - 00000000 ____D () C:\_OTL 2014-07-07 18:19 - 2014-07-07 18:19 - 00001132 _____ () C:\Users\daniel\Desktop\OTL.exe.lnk 2014-07-07 18:01 - 2014-07-07 18:02 - 00002186 _____ () C:\Users\daniel\Desktop\Rkill.txt 2014-07-07 18:00 - 2014-07-07 18:00 - 00001482 _____ () C:\Users\daniel\Downloads\iExplore.exe - Atalho.lnk 2014-07-07 17:59 - 2014-07-07 17:59 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\daniel\Downloads\iExplore.exe 2014-07-07 17:30 - 2014-07-07 17:30 - 00001210 _____ () C:\Users\daniel\Desktop\RogueKiller.exe.lnk 2014-07-07 17:25 - 2014-07-07 17:27 - 00001167 _____ () C:\Users\daniel\Desktop\unhide.exe.lnk 2014-07-07 16:12 - 2014-07-08 15:59 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-07 16:12 - 2014-07-07 16:12 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-07-07 16:12 - 2014-07-07 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-07-07 16:12 - 2014-07-07 16:12 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-07 16:12 - 2014-07-07 16:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-07-07 16:12 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2014-07-07 16:12 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2014-07-07 16:12 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys 2014-07-07 16:11 - 2014-07-07 16:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\daniel\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-07 16:00 - 2014-07-07 16:00 - 00102128 _____ () C:\Users\daniel\Downloads\Extras.Txt 2014-07-07 15:57 - 2014-07-08 17:01 - 00107822 _____ () C:\Users\daniel\Downloads\OTL.Txt 2014-07-07 15:44 - 2014-07-07 15:44 - 00602112 _____ (OldTimer Tools) C:\Users\daniel\Downloads\OTL.exe 2014-07-07 15:33 - 2014-07-07 18:55 - 00029696 _____ () C:\windows\SysWOW64\Drivers\TrueSight.sys 2014-07-07 15:33 - 2014-07-07 15:33 - 04764760 _____ () C:\Users\daniel\Downloads\RogueKiller.exe 2014-07-07 15:33 - 2014-07-07 15:33 - 00000000 ____D () C:\ProgramData\RogueKiller 2014-07-07 14:34 - 2014-07-08 15:57 - 00002166 _____ () C:\Users\daniel\Desktop\unhide.txt 2014-07-07 14:34 - 2014-07-07 14:34 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\daniel\Downloads\unhide.exe 2014-07-07 14:07 - 2014-07-07 14:08 - 00000000 ____D () C:\Program Files (x86)\SupTab 2014-07-07 14:05 - 2014-07-07 14:10 - 00000000 ____D () C:\Program Files (x86)\globalUpdate 2014-07-07 14:05 - 2014-07-07 14:05 - 00000000 ____D () C:\Users\daniel\AppData\Local\globalUpdate 2014-07-07 01:04 - 2014-07-08 15:48 - 00000000 ____D () C:\Users\daniel\Downloads\Noah (2014) [1080p] 2014-07-07 01:00 - 2014-07-07 01:04 - 00000000 ____D () C:\Users\daniel\Downloads\3DMGAME-The.Forest.Public.Alpha.v0.03.Build.20140701.Cracked-3DM 2014-07-03 16:25 - 2014-07-03 18:18 - 00000000 ____D () C:\Program Files (x86)\Age of Mythology Extended Edition 2014-07-03 02:09 - 2014-07-03 02:09 - 00022234 _____ () C:\Users\daniel\Downloads\[kickass.to]age.of.mythology.extended.edition.reloaded.torrent 2014-06-29 23:44 - 2014-06-29 23:44 - 00681218 _____ () C:\Users\daniel\Downloads\EI_130221017_130221080.rar 2014-06-29 21:13 - 2014-06-29 21:30 - 00000000 ____D () C:\Users\daniel\Documents\JD GUI 2014-06-29 21:13 - 2014-06-29 21:13 - 00788580 _____ () C:\Users\daniel\Downloads\jd-gui-0.3.6.windows.zip 2014-06-26 23:20 - 2014-06-26 23:20 - 00503622 _____ () C:\Users\daniel\Downloads\Projeto MSI 2014 -Epoca de Recurso.zip 2014-06-24 11:52 - 2014-06-24 11:52 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf 2014-06-18 22:38 - 2014-06-18 22:38 - 05470664 _____ (Microsoft Corporation) C:\Users\daniel\Downloads\proofingtools_pt-pt-x86.exe 2014-06-18 22:38 - 2014-06-18 22:38 - 00000000 ____D () C:\Program Files (x86)\MSECache 2014-06-18 12:42 - 2014-06-18 12:43 - 00000000 ____D () C:\Users\daniel\Downloads\The Forest Early Access 0.02 PC game ^^nosTEAM^^ 2014-06-17 20:21 - 2014-06-17 20:21 - 00012487 _____ () C:\Users\daniel\Documents\Cromos.xlsx 2014-06-17 16:21 - 2014-06-17 16:21 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx64.sys 2014-06-17 16:07 - 2014-06-17 16:07 - 00328984 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgloga.sys 2014-06-17 16:06 - 2014-06-17 16:06 - 00242968 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys 2014-06-17 16:06 - 2014-06-17 16:06 - 00190744 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsha.sys 2014-06-17 16:06 - 2014-06-17 16:06 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys 2014-06-17 16:06 - 2014-06-17 16:06 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx64.sys 2014-06-17 16:06 - 2014-06-17 16:06 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgrkx64.sys 2014-06-16 11:23 - 2014-06-16 11:23 - 00067067 _____ () C:\Users\daniel\Downloads\wareztugatv-streamer (4).crx 2014-06-16 10:45 - 2014-06-16 10:45 - 00183952 _____ () C:\Users\daniel\Downloads\Squash.zip 2014-06-11 19:32 - 2014-07-07 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-06-11 19:32 - 2014-06-24 11:52 - 00000399 _____ () C:\windows\setupact.log 2014-06-11 19:32 - 2014-06-11 19:52 - 00000000 ____D () C:\Users\daniel\AppData\Local\NVIDIA Corporation 2014-06-11 19:32 - 2014-06-11 19:52 - 00000000 ____D () C:\Users\daniel\AppData\Local\NVIDIA 2014-06-11 19:32 - 2014-06-11 19:32 - 00000000 _____ () C:\windows\setuperr.log 2014-06-11 19:32 - 2014-05-30 00:00 - 01291232 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll 2014-06-11 19:32 - 2014-05-30 00:00 - 01122312 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll 2014-06-11 19:32 - 2014-05-29 23:59 - 01715176 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll 2014-06-11 19:32 - 2014-05-29 23:59 - 01279480 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll 2014-06-11 19:32 - 2014-03-31 17:42 - 00040392 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys 2014-06-11 19:32 - 2014-03-31 17:42 - 00037320 _____ (NVIDIA Corporation) C:\windows\system32\nvaudcap64v.dll 2014-06-11 19:32 - 2014-03-31 17:42 - 00034760 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll 2014-06-11 19:31 - 2014-06-11 19:31 - 30000520 _____ (NVIDIA Corporation) C:\Users\daniel\Downloads\GeForce_Experience_v2.1.0.0.exe 2014-06-11 18:51 - 2014-07-07 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle 2014-06-11 18:51 - 2014-06-11 19:32 - 00000000 ____D () C:\ProgramData\Tunngle 2014-06-11 18:51 - 2014-06-11 18:51 - 00000000 ____D () C:\Users\Public\Documents\Tunngle 2014-06-11 18:51 - 2014-06-11 18:51 - 00000000 ____D () C:\Program Files (x86)\Tunngle 2014-06-11 18:51 - 2009-09-16 07:02 - 00031232 _____ (Tunngle.net) C:\windows\system32\Drivers\tap0901t.sys 2014-06-11 18:45 - 2014-06-11 18:52 - 00000000 _____ () C:\windows\SysWOW64\Access.dat 2014-06-11 18:44 - 2014-06-11 19:32 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Tunngle 2014-06-11 18:44 - 2014-06-11 18:44 - 00000000 ____D () C:\Users\daniel\Documents\Tunngle 2014-06-11 18:43 - 2014-06-11 18:43 - 04055968 _____ (Tunngle.net GmbH ) C:\Users\daniel\Downloads\Tunngle_Setup_v4.5.1.4b.exe 2014-06-11 17:12 - 2014-06-11 17:12 - 602894349 _____ () C:\Users\daniel\Downloads\The Stomping Land Fix Totem.rar 2014-06-11 10:08 - 2014-05-24 03:48 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2014-06-11 10:08 - 2014-05-24 03:47 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2014-06-11 10:08 - 2014-05-24 03:47 - 01366016 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2014-06-11 10:08 - 2014-05-24 03:47 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll 2014-06-11 10:08 - 2014-05-24 03:47 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll 2014-06-11 10:08 - 2014-05-24 03:46 - 19290112 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2014-06-11 10:08 - 2014-05-24 03:46 - 15368704 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2014-06-11 10:08 - 2014-05-24 03:46 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2014-06-11 10:08 - 2014-05-24 03:46 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2014-06-11 10:08 - 2014-05-24 03:46 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2014-06-11 10:08 - 2014-05-24 03:46 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll 2014-06-11 10:08 - 2014-05-24 03:46 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2014-06-11 10:08 - 2014-05-24 03:46 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2014-06-11 10:08 - 2014-05-24 03:46 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2014-06-11 10:08 - 2014-05-24 03:46 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2014-06-11 10:08 - 2014-05-24 03:45 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2014-06-11 10:08 - 2014-05-24 03:45 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2014-06-11 10:08 - 2014-05-24 03:45 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2014-06-11 10:08 - 2014-05-24 02:26 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2014-06-11 10:08 - 2014-05-24 02:26 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2014-06-11 10:08 - 2014-05-24 02:26 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2014-06-11 10:08 - 2014-05-24 02:26 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll 2014-06-11 10:08 - 2014-05-24 02:26 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll 2014-06-11 10:08 - 2014-05-24 02:25 - 13731328 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2014-06-11 10:08 - 2014-05-24 02:25 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2014-06-11 10:08 - 2014-05-24 02:25 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll 2014-06-11 10:08 - 2014-05-24 02:25 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2014-06-11 10:08 - 2014-05-24 02:25 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll 2014-06-11 10:08 - 2014-05-24 02:25 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll 2014-06-11 10:08 - 2014-05-24 02:25 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2014-06-11 10:08 - 2014-05-24 02:25 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll 2014-06-11 10:08 - 2014-05-24 02:09 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2014-06-11 10:08 - 2014-05-24 02:03 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2014-06-11 10:08 - 2014-05-23 23:37 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll 2014-06-11 10:08 - 2014-05-03 06:47 - 03246592 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll 2014-06-11 10:08 - 2014-05-03 04:34 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll 2014-06-11 10:08 - 2014-04-29 23:32 - 01301504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll 2014-06-11 10:08 - 2014-04-29 23:22 - 01023488 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll 2014-06-11 10:07 - 2014-05-24 03:46 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2014-06-11 10:07 - 2014-05-24 03:46 - 02650112 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2014-06-11 10:07 - 2014-05-24 02:26 - 14365696 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2014-06-11 10:07 - 2014-05-24 02:26 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2014-06-11 10:07 - 2014-05-24 02:25 - 02862080 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2014-06-11 10:07 - 2014-05-24 02:25 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2014-06-11 10:07 - 2014-05-24 02:25 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll 2014-06-11 10:07 - 2014-04-03 12:22 - 02233176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys 2014-06-11 10:07 - 2014-04-03 12:19 - 00328024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys 2014-06-11 10:07 - 2014-04-03 04:44 - 00619008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys 2014-06-11 10:07 - 2014-03-31 23:08 - 00387268 _____ () C:\windows\system32\ApnDatabase.xml 2014-06-11 10:07 - 2014-03-25 00:42 - 00305152 _____ (Microsoft Corporation) C:\windows\SysWOW64\wusa.exe 2014-06-11 10:07 - 2014-03-24 23:56 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\wusa.exe 2014-06-11 10:07 - 2014-03-07 01:47 - 01419264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll 2014-06-11 10:07 - 2014-03-07 01:08 - 01845760 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll 2014-06-10 18:30 - 2014-07-07 18:40 - 00089464 _____ () C:\windows\PFRO.log 2014-06-10 16:00 - 2014-06-10 18:00 - 00000000 ____D () C:\Program Files (x86)\Outlast Whistleblower 2014-06-09 23:13 - 2014-06-09 23:43 - 00000000 ____D () C:\Users\daniel\Downloads\The Forest Early Access 0.01b PC game ^^nosTEAM^^ 2014-06-09 23:10 - 2014-06-09 23:10 - 00012300 _____ () C:\Users\daniel\Downloads\[kickass.to]the.forest.early.access.0.01b.pc.game.nosteam.torrent 2014-06-09 00:20 - 2014-06-09 22:44 - 664029124 _____ (Cat-A-Cat ) C:\Users\daniel\Downloads\The Forest.exe 2014-06-09 00:18 - 2014-06-09 00:18 - 00013191 _____ () C:\Users\daniel\Downloads\[kickass.to]the.forest.early.access.2014.pc.repack.torrent ==================== One Month Modified Files and Folders ======= 2014-07-08 17:52 - 2014-07-08 17:52 - 00001484 _____ () C:\Users\daniel\Desktop\FRST64 - Atalho.lnk 2014-07-08 17:52 - 2014-07-08 17:51 - 00021371 _____ () C:\Users\daniel\Downloads\FRST.txt 2014-07-08 17:52 - 2013-09-26 00:24 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Skype 2014-07-08 17:51 - 2014-07-08 17:51 - 00000000 ____D () C:\FRST 2014-07-08 17:51 - 2014-07-08 17:50 - 02084352 _____ (Farbar) C:\Users\daniel\Downloads\FRST64.exe 2014-07-08 17:51 - 2013-07-18 22:27 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\uTorrent 2014-07-08 17:03 - 2013-07-18 22:15 - 00000000 ____D () C:\Users\daniel\AppData\Local\Packages 2014-07-08 17:03 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\AUInstallAgent 2014-07-08 17:01 - 2014-07-07 15:57 - 00107822 _____ () C:\Users\daniel\Downloads\OTL.Txt 2014-07-08 17:00 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\sru 2014-07-08 16:58 - 2013-07-18 22:21 - 00001022 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-08 16:42 - 2013-10-22 17:52 - 00000000 ____D () C:\ProgramData\MFAData 2014-07-08 16:20 - 2014-04-18 16:46 - 01128590 _____ () C:\windows\WindowsUpdate.log 2014-07-08 16:14 - 2014-07-08 16:11 - 00001797 _____ () C:\Users\daniel\Desktop\chrome - Atalho.lnk 2014-07-08 16:14 - 2013-10-31 01:35 - 00004966 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for DANIEL-daniel Daniel 2014-07-08 16:03 - 2014-07-08 16:03 - 00000727 _____ () C:\Users\daniel\Desktop\play-TheForest - Atalho.lnk 2014-07-08 16:01 - 2014-07-08 16:01 - 00001187 _____ () C:\Users\daniel\Desktop\utorrent - Atalho.lnk 2014-07-08 16:00 - 2013-11-12 23:54 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-07-08 15:59 - 2014-07-07 16:12 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-08 15:59 - 2013-07-18 22:21 - 00001018 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-08 15:59 - 2012-07-26 08:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2014-07-08 15:58 - 2012-07-26 06:26 - 00262144 ___SH () C:\windows\system32\config\BBI 2014-07-08 15:57 - 2014-07-07 14:34 - 00002166 _____ () C:\Users\daniel\Desktop\unhide.txt 2014-07-08 15:48 - 2014-07-07 01:04 - 00000000 ____D () C:\Users\daniel\Downloads\Noah (2014) [1080p] 2014-07-08 15:29 - 2013-07-26 20:46 - 00000000 ____D () C:\Program Files (x86)\BS_Player_ControlBar 2014-07-08 00:14 - 2012-07-26 06:26 - 00262144 ___SH () C:\windows\system32\config\ELAM 2014-07-07 20:32 - 2012-08-02 02:24 - 00776694 _____ () C:\windows\system32\prfh0816.dat 2014-07-07 20:32 - 2012-08-02 02:24 - 00159974 _____ () C:\windows\system32\prfc0816.dat 2014-07-07 20:32 - 2012-07-26 08:28 - 01784926 _____ () C:\windows\system32\PerfStringBackup.INI 2014-07-07 18:55 - 2014-07-07 15:33 - 00029696 _____ () C:\windows\SysWOW64\Drivers\TrueSight.sys 2014-07-07 18:51 - 2014-07-07 18:49 - 00001797 _____ () C:\Users\daniel\Desktop\fm.exe.lnk 2014-07-07 18:40 - 2014-06-10 18:30 - 00089464 _____ () C:\windows\PFRO.log 2014-07-07 18:36 - 2014-07-07 18:36 - 00000000 ____D () C:\_OTL 2014-07-07 18:19 - 2014-07-07 18:19 - 00001132 _____ () C:\Users\daniel\Desktop\OTL.exe.lnk 2014-07-07 18:02 - 2014-07-07 18:01 - 00002186 _____ () C:\Users\daniel\Desktop\Rkill.txt 2014-07-07 18:00 - 2014-07-07 18:00 - 00001482 _____ () C:\Users\daniel\Downloads\iExplore.exe - Atalho.lnk 2014-07-07 17:59 - 2014-07-07 17:59 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\daniel\Downloads\iExplore.exe 2014-07-07 17:43 - 2013-07-18 22:25 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3878485727-3170171642-3420939130-1002 2014-07-07 17:30 - 2014-07-07 17:30 - 00001210 _____ () C:\Users\daniel\Desktop\RogueKiller.exe.lnk 2014-07-07 17:27 - 2014-07-07 17:25 - 00001167 _____ () C:\Users\daniel\Desktop\unhide.exe.lnk 2014-07-07 16:43 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\WinStore 2014-07-07 16:41 - 2013-08-11 10:27 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Movdap 2014-07-07 16:12 - 2014-07-07 16:12 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-07-07 16:12 - 2014-07-07 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-07-07 16:12 - 2014-07-07 16:12 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-07 16:12 - 2014-07-07 16:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-07-07 16:11 - 2014-07-07 16:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\daniel\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-07 16:00 - 2014-07-07 16:00 - 00102128 _____ () C:\Users\daniel\Downloads\Extras.Txt 2014-07-07 15:44 - 2014-07-07 15:44 - 00602112 _____ (OldTimer Tools) C:\Users\daniel\Downloads\OTL.exe 2014-07-07 15:33 - 2014-07-07 15:33 - 04764760 _____ () C:\Users\daniel\Downloads\RogueKiller.exe 2014-07-07 15:33 - 2014-07-07 15:33 - 00000000 ____D () C:\ProgramData\RogueKiller 2014-07-07 15:27 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\SysWOW64\tr-TR 2014-07-07 15:01 - 2014-03-31 11:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-07-07 14:34 - 2014-07-07 14:34 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\daniel\Downloads\unhide.exe 2014-07-07 14:10 - 2014-07-07 14:05 - 00000000 ____D () C:\Program Files (x86)\globalUpdate 2014-07-07 14:09 - 2013-10-22 17:58 - 00000000 ____D () C:\ProgramData\AVG2014 2014-07-07 14:08 - 2014-07-07 14:07 - 00000000 ____D () C:\Program Files (x86)\SupTab 2014-07-07 14:08 - 2014-06-11 19:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-07-07 14:08 - 2014-06-11 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle 2014-07-07 14:08 - 2014-05-31 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames 2014-07-07 14:08 - 2014-05-29 13:53 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlagueInc 1.0 2014-07-07 14:08 - 2014-05-24 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-07-07 14:08 - 2014-04-20 23:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74 2014-07-07 14:08 - 2014-04-08 15:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Paradigm 2014-07-07 14:08 - 2014-03-21 01:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronics Workbench 2014-07-07 14:08 - 2014-03-07 00:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-07-07 14:08 - 2014-01-17 22:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy 2014-07-07 14:08 - 2013-11-17 21:44 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-07-07 14:08 - 2013-11-12 23:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2014-07-07 14:08 - 2013-11-09 01:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps 2014-07-07 14:08 - 2013-10-27 23:05 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2014-07-07 14:08 - 2013-10-27 22:38 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-07-07 14:08 - 2013-10-27 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-07-07 14:08 - 2013-10-22 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans 2014-07-07 14:08 - 2013-10-22 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2014-07-07 14:08 - 2013-08-12 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio 2.7 2014-07-07 14:08 - 2013-07-26 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player 2014-07-07 14:08 - 2013-07-25 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro 2014-07-07 14:08 - 2013-07-25 13:17 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly 2014-07-07 14:08 - 2013-07-25 13:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer 2014-07-07 14:08 - 2013-07-20 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desura 2014-07-07 14:08 - 2013-07-18 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO 2014-07-07 14:08 - 2013-07-18 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-07-07 14:08 - 2013-07-18 22:13 - 00000000 ___RD () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-07-07 14:08 - 2013-07-18 22:13 - 00000000 ___RD () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-07-07 14:08 - 2013-07-18 22:13 - 00000000 ___RD () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-07-07 14:08 - 2013-04-10 16:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-07-07 14:08 - 2013-04-10 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRS Labs 2014-07-07 14:08 - 2013-04-10 16:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2014-07-07 14:08 - 2013-01-31 23:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp® center 2014-07-07 14:08 - 2013-01-31 23:35 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA 2014-07-07 14:08 - 2012-07-26 09:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools 2014-07-07 14:05 - 2014-07-07 14:05 - 00000000 ____D () C:\Users\daniel\AppData\Local\globalUpdate 2014-07-07 01:38 - 2013-09-09 14:07 - 00000000 ____D () C:\Games 2014-07-07 01:04 - 2014-07-07 01:00 - 00000000 ____D () C:\Users\daniel\Downloads\3DMGAME-The.Forest.Public.Alpha.v0.03.Build.20140701.Cracked-3DM 2014-07-04 18:25 - 2013-10-22 16:50 - 00000000 ____D () C:\Users\daniel\Documents\NetBeansProjects 2014-07-03 18:18 - 2014-07-03 16:25 - 00000000 ____D () C:\Program Files (x86)\Age of Mythology Extended Edition 2014-07-03 18:17 - 2013-11-19 17:57 - 00000000 ____D () C:\Program Files (x86)\Age of Empires II HD The Forgotten 2014-07-03 02:09 - 2014-07-03 02:09 - 00022234 _____ () C:\Users\daniel\Downloads\[kickass.to]age.of.mythology.extended.edition.reloaded.torrent 2014-06-29 23:44 - 2014-06-29 23:44 - 00681218 _____ () C:\Users\daniel\Downloads\EI_130221017_130221080.rar 2014-06-29 21:30 - 2014-06-29 21:13 - 00000000 ____D () C:\Users\daniel\Documents\JD GUI 2014-06-29 21:13 - 2014-06-29 21:13 - 00788580 _____ () C:\Users\daniel\Downloads\jd-gui-0.3.6.windows.zip 2014-06-28 18:57 - 2013-12-11 20:35 - 00000000 ____D () C:\netbeans 2014-06-27 23:41 - 2013-11-02 13:54 - 00755200 ___SH () C:\Users\daniel\Downloads\Thumbs.db 2014-06-26 23:20 - 2014-06-26 23:20 - 00503622 _____ () C:\Users\daniel\Downloads\Projeto MSI 2014 -Epoca de Recurso.zip 2014-06-26 20:00 - 2014-04-26 23:07 - 00101888 ___SH () C:\Users\daniel\Desktop\Thumbs.db 2014-06-25 20:00 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\rescache 2014-06-24 11:52 - 2014-06-24 11:52 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf 2014-06-24 11:52 - 2014-06-11 19:32 - 00000399 _____ () C:\windows\setupact.log 2014-06-21 15:53 - 2013-07-18 22:21 - 00003994 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-21 15:53 - 2013-07-18 22:21 - 00003758 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-20 18:32 - 2014-04-08 15:06 - 00000000 ____D () C:\Users\daniel\vpworkspace 2014-06-18 22:38 - 2014-06-18 22:38 - 05470664 _____ (Microsoft Corporation) C:\Users\daniel\Downloads\proofingtools_pt-pt-x86.exe 2014-06-18 22:38 - 2014-06-18 22:38 - 00000000 ____D () C:\Program Files (x86)\MSECache 2014-06-18 12:43 - 2014-06-18 12:42 - 00000000 ____D () C:\Users\daniel\Downloads\The Forest Early Access 0.02 PC game ^^nosTEAM^^ 2014-06-17 20:21 - 2014-06-17 20:21 - 00012487 _____ () C:\Users\daniel\Documents\Cromos.xlsx 2014-06-17 19:51 - 2013-10-27 22:55 - 00000000 ____D () C:\Users\daniel\AppData\Local\Microsoft Help 2014-06-17 16:21 - 2014-06-17 16:21 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx64.sys 2014-06-17 16:07 - 2014-06-17 16:07 - 00328984 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgloga.sys 2014-06-17 16:06 - 2014-06-17 16:06 - 00242968 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys 2014-06-17 16:06 - 2014-06-17 16:06 - 00190744 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsha.sys 2014-06-17 16:06 - 2014-06-17 16:06 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys 2014-06-17 16:06 - 2014-06-17 16:06 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx64.sys 2014-06-17 16:06 - 2014-06-17 16:06 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgrkx64.sys 2014-06-16 11:23 - 2014-06-16 11:23 - 00067067 _____ () C:\Users\daniel\Downloads\wareztugatv-streamer (4).crx 2014-06-16 10:45 - 2014-06-16 10:45 - 00183952 _____ () C:\Users\daniel\Downloads\Squash.zip 2014-06-14 13:18 - 2013-10-27 22:55 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-06-13 16:56 - 2014-03-20 12:26 - 05198640 _____ () C:\windows\system32\FNTCACHE.DAT 2014-06-13 16:56 - 2013-04-10 16:04 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-06-12 19:21 - 2012-07-26 08:59 - 00000000 ____D () C:\windows\CbsTemp 2014-06-12 19:17 - 2013-08-02 20:35 - 00000000 ____D () C:\windows\system32\MRT 2014-06-12 19:13 - 2013-07-20 12:09 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2014-06-11 19:52 - 2014-06-11 19:32 - 00000000 ____D () C:\Users\daniel\AppData\Local\NVIDIA Corporation 2014-06-11 19:52 - 2014-06-11 19:32 - 00000000 ____D () C:\Users\daniel\AppData\Local\NVIDIA 2014-06-11 19:32 - 2014-06-11 19:32 - 00000000 _____ () C:\windows\setuperr.log 2014-06-11 19:32 - 2014-06-11 18:51 - 00000000 ____D () C:\ProgramData\Tunngle 2014-06-11 19:32 - 2014-06-11 18:44 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Tunngle 2014-06-11 19:32 - 2013-04-10 16:04 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-06-11 19:32 - 2013-04-10 16:03 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-06-11 19:31 - 2014-06-11 19:31 - 30000520 _____ (NVIDIA Corporation) C:\Users\daniel\Downloads\GeForce_Experience_v2.1.0.0.exe 2014-06-11 18:52 - 2014-06-11 18:45 - 00000000 _____ () C:\windows\SysWOW64\Access.dat 2014-06-11 18:51 - 2014-06-11 18:51 - 00000000 ____D () C:\Users\Public\Documents\Tunngle 2014-06-11 18:51 - 2014-06-11 18:51 - 00000000 ____D () C:\Program Files (x86)\Tunngle 2014-06-11 18:44 - 2014-06-11 18:44 - 00000000 ____D () C:\Users\daniel\Documents\Tunngle 2014-06-11 18:43 - 2014-06-11 18:43 - 04055968 _____ (Tunngle.net GmbH ) C:\Users\daniel\Downloads\Tunngle_Setup_v4.5.1.4b.exe 2014-06-11 17:12 - 2014-06-11 17:12 - 602894349 _____ () C:\Users\daniel\Downloads\The Stomping Land Fix Totem.rar 2014-06-11 16:59 - 2014-04-20 23:51 - 00000000 ____D () C:\DOSBox-0.74 2014-06-10 18:00 - 2014-06-10 16:00 - 00000000 ____D () C:\Program Files (x86)\Outlast Whistleblower 2014-06-09 23:43 - 2014-06-09 23:13 - 00000000 ____D () C:\Users\daniel\Downloads\The Forest Early Access 0.01b PC game ^^nosTEAM^^ 2014-06-09 23:10 - 2014-06-09 23:10 - 00012300 _____ () C:\Users\daniel\Downloads\[kickass.to]the.forest.early.access.0.01b.pc.game.nosteam.torrent 2014-06-09 22:44 - 2014-06-09 00:20 - 664029124 _____ (Cat-A-Cat ) C:\Users\daniel\Downloads\The Forest.exe 2014-06-09 00:18 - 2014-06-09 00:18 - 00013191 _____ () C:\Users\daniel\Downloads\[kickass.to]the.forest.early.access.2014.pc.repack.torrent 2014-06-08 22:23 - 2014-05-31 17:28 - 00000000 ____D () C:\AeriaGames 2014-06-08 22:20 - 2014-05-31 17:58 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames Files to move or delete: ==================== C:\Users\daniel\AppData\Roaming\CamLayout.ini C:\Users\daniel\AppData\Roaming\CamShapes.ini ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-02 14:37 ==================== End Of Log ============================
  19. danielce23
    I think I've been infected with a virus. All of my desktop and start menu icons are hidden... Everything just disappeared. I used MBAM to remove it, and I think it was removed. I installed unhide.exe to see if my icons appeared again, but they didn't. Can someone help me please? I really don't know what to do.
  20. danielce23
    Can someone help me? I use Windows 8, and I already saw a post here about something similiar, but still can't see any of my items. I think that I sucessfully removed the virus, Installed RogueKiller and OTL, but I don't know what to do next. Thank you in advance.
  21. danielce23
    This was the OTL report, but I don't know what to do with this. OTL logfile created on: 07/07/2014 15:46:53 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\daniel\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16921) Locale: 00000816 | Country: Portugal | Language: PTG | Date Format: dd/MM/yyyy 7,89 Gb Total Physical Memory | 5,14 Gb Available Physical Memory | 65,13% Memory free 9,08 Gb Paging File | 6,55 Gb Available in Paging File | 72,11% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 918,63 Gb Total Space | 792,54 Gb Free Space | 86,27% Space Free | Partition Type: NTFS Drive D: | 178,00 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: DANIEL | User Name: daniel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\daniel\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Users\daniel\Downloads\RogueKiller.exe () PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) PRC - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) PRC - C:\Users\daniel\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) PRC - C:\Program Files (x86)\WBDesktop.Updater.exe (cake bake) PRC - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd) PRC - C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) PRC - C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe () PRC - C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION) PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation) ========== Modules (No Company Name) ========== MOD - C:\Users\daniel\Downloads\RogueKiller.exe () MOD - C:\Program Files (x86)\Steam\video.dll () MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL () MOD - C:\Program Files (x86)\Steam\SDL2.dll () MOD - C:\Program Files (x86)\Steam\libavcodec-55.dll () MOD - C:\Program Files (x86)\Steam\libavutil-53.dll () MOD - C:\Program Files (x86)\Steam\libavformat-55.dll () MOD - C:\Program Files (x86)\Steam\libavresample-1.dll () MOD - C:\Program Files (x86)\Steam\bin\libcef.dll () MOD - C:\Program Files (x86)\Steam\libswscale-2.dll () MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll () MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll () MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll () MOD - C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll () MOD - C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe () ========== Services (SafeList) ========== SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation) SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation) SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation) SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation) SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) SRV:64bit: - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV:64bit: - (TOSHIBA eco Utility Service) -- C:\Program Files\TOSHIBA\Teco\TecoService.exe (TOSHIBA Corporation) SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation) SRV:64bit: - (Thpsrv) -- C:\Windows\SysNative\ThpSrv.exe (TOSHIBA Corporation) SRV:64bit: - (TPCHSrv) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation) SRV:64bit: - (TMachInfo) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation) SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation) SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation) SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation) SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation) SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation) SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation) SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (Intel® -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel® Corporation) SRV:64bit: - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.) SRV - (avgfws) -- C:\Program Files (x86)\AVG\AVG2014\avgfws.exe (AVG Technologies CZ, s.r.o.) SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) SRV - (TunngleService) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (WebCake Desktop Updater) -- C:\Program Files (x86)\WBDesktop.Updater.exe (cake bake) SRV - (Desura Install Service) -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe (Desura Pty Ltd) SRV - (TemproMonitoringService) -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH) SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation) SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\Drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\Drivers\avgloga.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\Drivers\avgidsha.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\Drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Avgdiska) -- C:\Windows\SysNative\Drivers\avgdiska.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\Drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\Drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation) DRV:64bit: - (Avgwfpa) -- C:\Windows\SysNative\Drivers\avgwfpa.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\Drivers\nvvad64v.sys (NVIDIA Corporation) DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation) DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation) DRV:64bit: - (tosrfec) -- C:\Windows\SysNative\Drivers\tosrfec.sys (TOSHIBA Corporation) DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation) DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation) DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation) DRV:64bit: - (Avgfwfd) -- C:\Windows\SysNative\Drivers\avgfwd6a.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Avgboota) -- C:\Windows\SysNative\Drivers\avgboota.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation) DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\Drivers\dtsoftbus01.sys (Disc Soft Ltd) DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation) DRV:64bit: - (SCDEmu) -- C:\windows\SysNative\drivers\scdemu.sys (Power Software Ltd) DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation) DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation) DRV:64bit: - (CeKbFilter) -- C:\Windows\SysNative\Drivers\CeKbFilter.sys (Compal Electronics, INC.) DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation) DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation) DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation) DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys (Synaptics Incorporated) DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation) DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation) DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation) DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\Drivers\nvpciflt.sys (NVIDIA Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\Drivers\iaStorA.sys (Intel Corporation) DRV:64bit: - (RTWlanE) -- C:\Windows\SysNative\Drivers\rtwlane.sys (Realtek Semiconductor Corporation ) DRV:64bit: - (Thotkey) -- C:\Windows\SysNative\Drivers\Thotkey.sys (Windows ® Win 7 DDK provider) DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek ) DRV:64bit: - (Thpdrv) -- C:\Windows\SysNative\Drivers\thpdrv.sys (TOSHIBA Corporation) DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation) DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation) DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation) DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation) DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation) DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation) DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation) DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation) DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation) DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\Drivers\WSDPrint.sys (Microsoft Corporation) DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation) DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation) DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation) DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation) DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation) DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation) DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation) DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation) DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation) DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation) DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation) DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation) DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation) DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation) DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation) DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation) DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation) DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\Drivers\TVALZ_O.SYS (TOSHIBA Corporation) DRV:64bit: - (tdcmdpst) -- C:\Windows\SysNative\Drivers\tdcmdpst.sys (TOSHIBA Corporation.) DRV:64bit: - (TVALZFL) -- C:\Windows\SysNative\Drivers\TVALZFL.sys (TOSHIBA Corporation) DRV:64bit: - (LPCFilter) -- C:\Windows\SysNative\Drivers\LPCFilter.sys (COMPAL ELECTRONIC INC.) DRV:64bit: - (RtkBtFilter) -- C:\Windows\SysNative\Drivers\RtkBtfilter.sys (Realtek Microelectronics) DRV:64bit: - (RSP2STOR) -- C:\Windows\SysNative\Drivers\RtsP2Stor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (Thpevm) -- C:\Windows\SysNative\Drivers\Thpevm.sys (TOSHIBA Corporation) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\Drivers\IntcDAud.sys (Intel® Corporation) DRV:64bit: - (tos_sps64) -- C:\Windows\SysNative\Drivers\tos_sps64.sys (TOSHIBA Corporation) DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athrx.sys (Qualcomm Atheros Communications, Inc.) DRV:64bit: - (MotioninJoyXFilter) -- C:\Windows\SysNative\Drivers\MijXfilt.sys (MotioninJoy) DRV:64bit: - (xusb21) -- C:\Windows\SysNative\Drivers\xusb21.sys (Microsoft Corporation) DRV:64bit: - (tap0901t) -- C:\Windows\SysNative\Drivers\tap0901t.sys (Tunngle.net) DRV - (TrueSight) -- C:\Windows\SysWOW64\drivers\TrueSight.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S&q={searchTerms} IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S&q={searchTerms} IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga-plus.com/web/?type=ds&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S&q={searchTerms} IE:64bit: - HKLM\..\SearchScopes\{C62BF5D9-086A-4A9E-854B-70C0EF781786}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S IE - HKLM\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga-plus.com/web/?type=ds&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S&q={searchTerms} IE - HKLM\..\SearchScopes\{C62BF5D9-086A-4A9E-854B-70C0EF781786}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S IE - HKCU\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.) IE - HKCU\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga-plus.com/web/?type=ds&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S&q={searchTerms} IE - HKCU\..\SearchScopes\{FF3A512A-7699-4A8F-B237-57A227D82FD4}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559&CUI=UN20912038101886176&UM=1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3: C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9: C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) [2014/03/03 02:48:58 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: http://isearch.omiga-plus.com/?type=hp&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S CHR - plugin: Error reading preferences file CHR - Extension: wareztuga.tv streamer = C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajnommifabkikkfaponcacapkfaghkcj\4.4_0\ CHR - Extension: AdBlock = C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.5_0\ CHR - Extension: Into The Mist = C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh\1_0\ CHR - Extension: Google Wallet = C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ CHR - Extension: Quick start = C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.9_0\ O1 HOSTS File: ([2012/07/26 06:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (DealPly Shopping) - {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} - C:\Program Files (x86)\DealPly\DealPlyIE.dll File not found O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (BS Player ControlBar Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (BS Player ControlBar Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (BS Player ControlBar Toolbar) - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [] File not found O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [shadowPlay] C:\windows\SysNative\nvspcap64.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [sRS Premium Sound 3D] C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe (SRS Labs, Inc.) O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe () O4:64bit: - HKLM..\Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TODDMain] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe () O4:64bit: - HKLM..\Run: [TosPU] C:\Program Files\TOSHIBA\PasswordUtility\TosPU.exe (Copyright © TOSHIBA Corp. 2012) O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Aeria Ignite] C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe (Aeria Games & Entertainment) O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [intel AppUp® center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation) O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION) O4 - HKLM..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey File not found O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd) O4 - HKLM..\Run: [tuto4pc_pt_18] File not found O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\daniel\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd) O4 - HKCU..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found O4 - HKCU..\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe File not found O4 - HKCU..\Run: [spotify Web Helper] C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O4 - HKCU..\Run: [steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) O4 - HKCU..\Run: [uTorrent] C:\Users\daniel\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105 File not found O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105 File not found O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: aeriagames.com ([]http in Trusted sites) O15 - HKCU\..Trusted Domains: aeriagames.com ([]https in Trusted sites) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5927A958-F97B-4459-BFB8-2BD578CA6667}: DhcpNameServer = 192.168.1.254 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\osf - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (c:\progra~2\optimi~1\optpro~1.dll) - File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2014/07/07 15:33:18 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller [2014/07/07 14:31:53 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution [2014/07/07 14:07:24 | 000,000,000 | ---D | C] -- C:\Users\daniel\AppData\Local\PriceMeter [2014/07/07 14:07:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SupTab [2014/07/07 14:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsMangerProtect [2014/07/07 14:05:42 | 000,000,000 | ---D | C] -- C:\Users\daniel\AppData\Local\globalUpdate [2014/07/07 14:05:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate [2014/07/03 16:25:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Age of Mythology Extended Edition [2014/06/29 21:13:30 | 000,000,000 | ---D | C] -- C:\Users\daniel\Documents\JD GUI [2014/06/18 22:38:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache [2014/06/17 16:21:34 | 000,235,800 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgldx64.sys [2014/06/17 16:07:12 | 000,328,984 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgloga.sys [2014/06/17 16:06:24 | 000,190,744 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgidsha.sys [2014/06/17 16:06:22 | 000,242,968 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgidsdrivera.sys [2014/06/17 16:06:22 | 000,153,368 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgdiska.sys [2014/06/17 16:06:20 | 000,123,672 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgmfx64.sys [2014/06/17 16:06:06 | 000,031,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgrkx64.sys [2014/06/11 19:32:57 | 001,715,176 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvspbridge64.dll [2014/06/11 19:32:57 | 001,279,480 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvspcap64.dll [2014/06/11 19:32:56 | 001,291,232 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvspbridge.dll [2014/06/11 19:32:56 | 001,122,312 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvspcap.dll [2014/06/11 19:32:55 | 000,000,000 | ---D | C] -- C:\Users\daniel\AppData\Local\NVIDIA Corporation [2014/06/11 19:32:55 | 000,000,000 | ---D | C] -- C:\Users\daniel\AppData\Local\NVIDIA [2014/06/11 19:32:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2014/06/11 19:32:30 | 000,040,392 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\drivers\nvvad64v.sys [2014/06/11 19:32:30 | 000,037,320 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvaudcap64v.dll [2014/06/11 19:32:30 | 000,034,760 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvaudcap32v.dll [2014/06/11 18:51:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Tunngle [2014/06/11 18:51:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle [2014/06/11 18:51:11 | 000,031,232 | ---- | C] (Tunngle.net) -- C:\windows\SysNative\drivers\tap0901t.sys [2014/06/11 18:51:11 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle [2014/06/11 18:51:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tunngle [2014/06/11 18:44:57 | 000,000,000 | ---D | C] -- C:\Users\daniel\Documents\Tunngle [2014/06/11 18:44:57 | 000,000,000 | ---D | C] -- C:\Users\daniel\AppData\Roaming\Tunngle [2014/06/11 10:08:23 | 001,301,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll [2014/06/11 10:08:22 | 003,246,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorets.dll [2014/06/11 10:08:22 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpudd.dll [2014/06/11 10:08:19 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll [2014/06/11 10:08:19 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll [2014/06/11 10:08:19 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll [2014/06/11 10:08:19 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UXInit.dll [2014/06/11 10:08:19 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll [2014/06/11 10:08:19 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll [2014/06/11 10:08:18 | 001,440,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl [2014/06/11 10:08:18 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll [2014/06/11 10:08:18 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll [2014/06/11 10:08:18 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UXInit.dll [2014/06/11 10:08:18 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe [2014/06/11 10:08:16 | 001,508,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl [2014/06/11 10:08:15 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\uxtheme.dll [2014/06/11 10:08:15 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll [2014/06/11 10:08:14 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll [2014/06/11 10:08:13 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll [2014/06/11 10:08:09 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll [2014/06/11 10:08:09 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll [2014/06/11 10:08:07 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll [2014/06/11 10:07:45 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll [2014/06/11 10:07:45 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll [2014/06/11 10:07:43 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll [2014/06/11 10:07:25 | 000,328,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Classpnp.sys [2014/06/11 10:07:25 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wusa.exe [2014/06/11 10:07:25 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wusa.exe [2014/06/10 16:00:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Outlast Whistleblower [2013/08/11 10:27:51 | 000,051,992 | ---- | C] (cake bake) -- C:\Program Files (x86)\WBDesktop.Updater.exe [2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2014/07/07 15:33:19 | 000,029,696 | ---- | M] () -- C:\windows\SysWow64\drivers\TrueSight.sys [2014/07/07 15:31:49 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2014/07/07 15:30:32 | 000,001,018 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2014/07/07 15:30:23 | 000,000,916 | ---- | M] () -- C:\windows\tasks\DealPlyLiveUpdateTaskMachineCore.job [2014/07/07 15:29:45 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2014/07/07 15:29:44 | 2484,436,991 | -HS- | M] () -- C:\hiberfil.sys [2014/07/07 15:22:00 | 000,000,920 | ---- | M] () -- C:\windows\tasks\DealPlyLiveUpdateTaskMachineUA.job [2014/07/07 15:17:02 | 000,000,308 | ---- | M] () -- C:\windows\tasks\Dealply.job [2014/07/07 14:58:01 | 000,001,022 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2014/07/03 18:58:19 | 001,784,926 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2014/07/03 18:58:19 | 000,776,694 | ---- | M] () -- C:\windows\SysNative\prfh0816.dat [2014/07/03 18:58:19 | 000,710,244 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2014/07/03 18:58:19 | 000,159,974 | ---- | M] () -- C:\windows\SysNative\prfc0816.dat [2014/07/03 18:58:19 | 000,132,614 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2014/06/24 11:52:10 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_SynTP_01011.Wdf [2014/06/17 16:21:34 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgldx64.sys [2014/06/17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgloga.sys [2014/06/17 16:06:24 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgidsha.sys [2014/06/17 16:06:22 | 000,242,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgidsdrivera.sys [2014/06/17 16:06:22 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgdiska.sys [2014/06/17 16:06:20 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgmfx64.sys [2014/06/17 16:06:06 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgrkx64.sys [2014/06/13 16:56:29 | 005,198,640 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT [2014/06/11 18:52:57 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\Access.dat [2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2014/07/07 15:33:19 | 000,029,696 | ---- | C] () -- C:\windows\SysWow64\drivers\TrueSight.sys [2014/06/24 11:52:10 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_SynTP_01011.Wdf [2014/06/11 18:45:54 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\Access.dat [2014/06/11 10:07:24 | 000,387,268 | ---- | C] () -- C:\windows\SysNative\ApnDatabase.xml [2013/12/19 11:17:02 | 000,000,174 | ---- | C] () -- C:\Users\daniel\AppData\Roaming\WB.CFG [2013/09/18 13:24:26 | 000,491,520 | ---- | C] () -- C:\windows\SysWow64\granny.dll [2013/09/13 22:02:30 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll [2013/08/12 17:18:26 | 000,004,510 | ---- | C] () -- C:\Users\daniel\AppData\Roaming\CamStudio.cfg [2013/08/12 17:18:26 | 000,000,408 | ---- | C] () -- C:\Users\daniel\AppData\Roaming\CamShapes.ini [2013/08/12 17:18:26 | 000,000,408 | ---- | C] () -- C:\Users\daniel\AppData\Roaming\CamLayout.ini [2013/08/12 17:18:26 | 000,000,046 | ---- | C] () -- C:\Users\daniel\AppData\Roaming\Camdata.ini [2013/08/12 15:24:54 | 000,008,192 | ---- | C] () -- C:\Users\daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013/07/19 12:47:31 | 000,000,110 | ---- | C] () -- C:\windows\wininit.ini [2013/04/10 16:11:26 | 000,037,820 | ---- | C] () -- C:\windows\rlt8723a_chip_bt40_fw_asic_rom_patch.dll [2013/04/10 16:10:45 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe [2013/01/31 23:49:49 | 000,598,780 | ---- | C] () -- C:\windows\SysWow64\igvpkrng700.bin [2013/01/31 23:49:47 | 000,064,512 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll [2013/01/31 23:49:46 | 000,755,048 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng700.bin [2012/07/26 09:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat [2012/07/26 09:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT [2012/07/26 08:21:26 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat [2012/07/26 02:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll [2012/07/25 21:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin [2012/07/25 21:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll [2012/07/25 21:22:56 | 000,267,284 | ---- | C] () -- C:\windows\SysWow64\igvpkrng600.bin [2012/07/25 21:22:54 | 000,963,376 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng600.bin ========== ZeroAccess Check ========== [2013/07/19 18:02:32 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2014/03/28 09:23:06 | 019,759,104 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014/03/28 07:18:26 | 017,562,112 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013/07/28 16:41:51 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\Aeria Games & Entertainment [2013/10/22 18:01:42 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\AVG2014 [2013/07/28 23:16:52 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\Awesomium [2014/05/13 15:06:58 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\BalsamiqMockupsForDesktop [2014/05/13 15:06:59 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\BalsamiqMockupsForDesktop.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1 [2014/03/18 15:40:37 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\Bizagi Ltd [2014/02/06 18:32:20 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\BSplayer [2013/07/26 20:47:07 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\BSplayer Pro [2014/05/27 18:16:50 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\DAEMON Tools Lite [2013/07/25 13:17:04 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\Dealply [2013/09/16 00:52:27 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\fltk.org [2014/02/10 17:14:40 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\GameRanger [2013/07/31 13:36:30 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\GetRightToGo [2014/03/18 15:40:40 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\IsolatedStorage [2014/01/17 22:45:00 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\MotioninJoy [2013/08/18 12:38:19 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\Movdap [2013/10/22 16:49:32 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\NetBeans [2013/08/17 13:45:26 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\OBS [2014/01/09 00:00:19 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\OpenOffice [2013/07/25 13:23:59 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\Optimizer Pro [2013/07/19 12:16:19 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\PowerISO [2013/08/10 17:48:45 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\Pro Cycling Manager 2013 [2013/08/01 22:48:05 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\sMedio [2013/07/19 18:03:22 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\Sports Interactive [2013/10/22 13:46:27 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\Spotify [2014/03/21 01:00:35 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\Thinstall [2013/10/22 18:00:34 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\TuneUp Software [2014/06/11 19:32:18 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\Tunngle [2014/07/07 02:14:34 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\uTorrent [2014/02/10 17:13:29 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\WildTangent ========== Purity Check ========== < End of report >
  22. danielce23
    Can someone help me? I use Windows 8, and I already saw a post here about something similiar, but still can't see any of my items. I think that I sucessfully removed the virus, Installed RogueKiller and OTL, but I don't know what to do next. Thank you in advance.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.