Help with Trojan Bitminer

Lordados · November 5, 2013

Hello

I am having trouble removing a trojan (Trojan bitminer) on my pc, when I turn on my pc it opens a process called "Calculator.exe nslookup" and this process takes all my memory and the pc is VERY slow. If I close the process after a while he comes back, I managed to locate the folder and delete the virus, but I just restart the pc again he appears ... The folder is located in C: \ users \ W7 \ AppData \ Roaming \ data within that folder (so says the malware bytes) has several trojans, already tried to remove them via various programs and even safe mode, but it seems that the virus always comes back after a reboot.

Here is the hijack it log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:19:28, on 04/11/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\W7\AppData\Local\Google\Chrome\Applicatio n\chrome.exe
C:\Users\W7\AppData\Local\Google\Chrome\Applicatio n\chrome.exe
C:\Users\W7\AppData\Local\Google\Chrome\Applicatio n\chrome.exe
C:\Users\W7\AppData\Local\Google\Chrome\Applicatio n\chrome.exe
C:\Users\W7\AppData\Local\Google\Chrome\Applicatio n\chrome.exe
C:\Users\W7\AppData\Local\Google\Chrome\Applicatio n\chrome.exe
C:\Users\W7\AppData\Local\Google\Chrome\Applicatio n\chrome.exe
C:\Users\W7\AppData\Local\Google\Chrome\Applicatio n\chrome.exe
C:\Users\W7\AppData\Local\Google\Chrome\Applicatio n\chrome.exe
C:\Users\W7\AppData\Local\Google\Chrome\Applicatio n\chrome.exe
C:\Users\W7\AppData\Local\Google\Chrome\Applicatio n\chrome.exe
C:\Users\W7\AppData\Local\Google\Chrome\Applicatio n\chrome.exe
C:\Users\W7\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdom...LGEL&bmod=LGEL
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.hao123.com/?tn=bbl_pay_hp_02_hao123_br
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchiseasy.info/?...cc=BR&unqvl=33
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1c68c940-1b2f-46eb-bd8c-2e1612ff6a58} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: TrueSuite WebStore - {5cb2b77d-c8ca-44db-af20-a7a4df462a12} - mscoree.dll (file missing)
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\TrueSuite\x86\TrueSuite.IEBHO.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O4 - HKLM\..\Run: [LG Media FUNtasia] "C:\Program Files (x86)\LG Software\LG Media FUNtasia\MediaFuntasiaStart.exe" tray
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NCUpdateHelper] C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [Memory Improve Master] C:\Program Files (x86)\Memory Improve Master\MemoryImproveMaster.exe /autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\W7\AppData\Local\Google\Update\GoogleUpd ate.exe" /c
O4 - HKCU\..\Run: [uTorrent] "C:\Users\W7\AppData\Roaming\uTorrent\uTorrent.exe " /MINIMIZED
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - Startup: Adobe.lnk = W7\AppData\Roaming\data\Adobe.vbe
O4 - Startup: PC App Store Uninstall 3.8.8.1435.lnk = C:\Windows\System32\rundll32.exe
O4 - Startup: Svchost.exe.lnk = C:\Users\W7\AppData\Local\Temp\RarSFX3\Svchost.exe
O4 - Startup: Usbsupply.exe

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: http://*.cga.com.cn
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: http://*.ogdev.net
O15 - Trusted Zone: http://*.sdo.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe
O23 - Service: Bluetooth Device Manager - Motorola Solutions, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: TrueSuiteService (FPLService) - AuthenTec, Inc - C:\Program Files\TrueSuite\TrueSuite.Service.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13117 bytes

MrCharlie · November 5, 2013

Welcome to the forum, please start HERE

Post back the 2 logs here.....DDS.txt and Attach.txt

(please don't put logs in code or quotes and use the default font)

General P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
2. If you have illegal/cracked software, cracks, keygens, custom (Adobe) host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.
Failure to remove such software will result in your topic being closed and no further assistance being provided.

<====><====><====><====><====><====><====><====>

Next................

Please download and run RogueKiller 32 bit to your desktop.

RogueKiller<---use this one for 64 bit systems

Which system am I using?

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes and use the default font)

MrC

Note:

Please read all of my instructions completely including these.

Make sure system restore is turned on and running

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs

<+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

Lordados · November 5, 2013

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.45.2

Run by W7 at 22:52:27 on 2013-11-04

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.55.1046.18.6078.2997 [GMT -2:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files\TrueSuite\TrueSuite.Service.exe

C:\Program Files\Fingerprint Sensor\ATService.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe

C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

C:\Windows\system32\rundll32.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Motorola\Bluetooth\obexsrv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k HPService

C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskhost.exe

C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\TrueSuite\TrueSuite.TouchControl.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Microsoft LifeChat\LifeChat.exe

C:\Program Files\LG Software\LG OSD\HotKey.exe

C:\Program Files\Microsoft Device Center\itype.exe

C:\Program Files\Microsoft Device Center\ipoint.exe

C:\Program Files\TrueSuite\x86\TrueSuite.ClientAppLogonExe.exe

C:\Program Files\TrueSuite\TrueSuite.ClientAppLogonExe.exe

C:\Program Files\Fingerprint Sensor\ATSwpNav.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\CyberLink\Shared files\brs.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Windows\System32\rundll32.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Usbsupply.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\iPod\bin\iPodService.exe

"C:\Users\W7\AppData\Local\Temp\RarSFX0\Svchost.exe"

C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe

C:\Windows\SysWOW64\cmd.exe

C:\Users\W7\AppData\Roaming\data\mstsc.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Users\W7\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Windows\system32\sppsvc.exe

C:\Users\W7\Downloads\mbar-1.07.0.1007.exe

C:\Windows\SysWOW64\cmd.exe

C:\Users\W7\Desktop\mbar\mbar.exe

C:\Users\W7\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\taskmgr.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\W7\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

c:\Program Files\Microsoft Security Client\MpCmdRun.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: TrueSuite WebStore: {5cb2b77d-c8ca-44db-af20-a7a4df462a12} -

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\TrueSuite\x86\TrueSuite.IEBHO.dll

BHO: Auxiliar de Conexão do Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

uRun: [Memory Improve Master] C:\Program Files (x86)\Memory Improve Master\MemoryImproveMaster.exe /autorun

uRun: [NVIDIA nTune] "C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe" clear

mRun: [LG Media FUNtasia] "C:\Program Files (x86)\LG Software\LG Media FUNtasia\MediaFuntasiaStart.exe" tray

mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

mRun: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [NCUpdateHelper] C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe

mRun: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot

StartupFolder: C:\Users\W7\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Adobe.lnk - C:\Users\W7\AppData\Roaming\data\Adobe.vbe

StartupFolder: C:\Users\W7\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PCAPPS~1.LNK - C:\Windows\System32\rundll32.exe

StartupFolder: C:\Users\W7\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SVCHOS~1.LNK - C:\Users\W7\AppData\Local\Temp\RarSFX0\Svchost.exe

StartupFolder: C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Usbsupply.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDriveTypeAutoRun = dword:189

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: &Enviar para o OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

LSP: %SystemRoot%\system32\PrxerDrv.dll

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: ogdev.net

Trusted Zone: sdo.com

Trusted Zone: soe.com

Trusted Zone: sony.com

TCP: NameServer = 192.168.1.2

TCP: Interfaces\{6B990466-4D42-4DEE-91B0-55CE2BE2B28A} : DHCPNameServer = 192.168.1.2

TCP: Interfaces\{6B990466-4D42-4DEE-91B0-55CE2BE2B28A}\4505D2C494E4B4F5642373233314 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{6B990466-4D42-4DEE-91B0-55CE2BE2B28A}\455435455402742514459435 : DHCPNameServer = 192.168.10.254 8.8.8.8

TCP: Interfaces\{6B990466-4D42-4DEE-91B0-55CE2BE2B28A}\A4F6C61637B696570243 : DHCPNameServer = 192.168.1.2

TCP: Interfaces\{CB2510C7-E5A3-45EA-A38C-A492D7B7275E} : DHCPNameServer = 187.21.64.15 187.21.64.16

TCP: Interfaces\{E8B8E3DA-5E0F-4A80-A0CD-BDA47FCAF6CA} : DHCPNameServer = 7.254.254.254

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

x64-BHO: TrueSuite WebStore: {5cb2b77d-c8ca-44db-af20-a7a4df462a12} -

x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\TrueSuite\TrueSuite.IEBHO.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

x64-BHO: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - <orphaned>

x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [LifeChat] "C:\Program Files\Microsoft LifeChat\LifeChat.exe"

x64-Run: [KeybdUtility] C:\Program Files\LG Software\LG OSD\HotKey.exe

x64-Run: [intelliType Pro] "C:\Program Files\Microsoft Device Center\itype.exe"

x64-Run: [intelliPoint] "C:\Program Files\Microsoft Device Center\ipoint.exe"

x64-Run: [ClientAppLogon32] C:\Program Files\TrueSuite\x86\TrueSuite.ClientAppLogonExe.exe

x64-Run: [ClientAppLogon] C:\Program Files\TrueSuite\TrueSuite.ClientAppLogonExe.exe

x64-Run: [ATSwpNav.exe] C:\Program Files\Fingerprint Sensor\ATSwpNav.exe

x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"

x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart

x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-IE: {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]

R1 CLBStor;InstantBurn Storage Helper Driver;C:\Windows\System32\drivers\CLBStor.sys [2012-4-1 24560]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-3-15 283200]

R2 ATService;AuthenTec Fingerprint Service;C:\Program Files\Fingerprint Sensor\ATService.exe [2010-6-25 2734912]

R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2011-8-17 680016]

R2 CLBUDF;CyberLink InstantBurn UDF Filesystem;C:\Windows\System32\drivers\CLBUDF.sys [2012-4-1 376304]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

R2 FPLService;TrueSuiteService;C:\Program Files\TrueSuite\TrueSuite.Service.exe [2010-7-21 288064]

R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-4-23 9216]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-8-17 13336]

R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-6-18 139616]

R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-10-28 15122208]

R3 ATSwpWDF;AuthenTec TruePrint USB Driver;C:\Windows\System32\drivers\ATSwpWDF.sys [2010-6-30 770152]

R3 Bluetooth Device Manager;Bluetooth Device Manager;C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2011-8-17 4151376]

R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-9-9 31088]

R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-8-17 1028096]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]

R3 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2013-11-4 91352]

R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2013-11-4 116440]

R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2011-8-17 1180736]

R3 nvoclk64;NVIDIA Enthusiasts Platform KDM;C:\Windows\System32\drivers\nvoclk64.sys [2009-9-15 42088]

R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-10-28 39200]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-8-17 344680]

R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\System32\drivers\tap0901t.sys [2013-4-24 31232]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-7-25 162672]

S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2011-8-17 1189968]

S3 BTMCOM;Bluetooth Serial Port;C:\Windows\System32\drivers\btmcom.sys [2011-8-17 52736]

S3 BTMUSB;Motorola Bluetooth Radio Service;C:\Windows\System32\drivers\btmusb.sys [2011-8-17 486144]

S3 NisSrv;Inspeção de Rede da Microsoft;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-8-12 366600]

S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-8-17 250984]

S3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-1-10 42184]

S3 TrojanKillerDriver;GridinSoft Trojan Killer Driver;C:\Windows\System32\drivers\gtkdrv.sys [2013-10-11 16640]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-4-21 59392]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-4-1 1255736]

S3 wsvd;wsvd;C:\Windows\System32\drivers\wsvd.sys [2009-6-4 121840]

S4 CLKMSVC10_9EC60124;CyberLink Product - 2012/03/31 23:13:02;C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-7-6 246256]

S4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-6-28 2470736]

S4 OverwolfUpdaterService;Overwolf Updater Service;C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2013-2-3 18360]

S4 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-7-5 2673064]

S4 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2013-4-24 746392]

.

=============== Created Last 30 ================

.

2013-11-05 00:31:52 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2013-11-05 00:31:49 116440 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys

2013-11-05 00:27:38 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys

2013-11-05 00:27:21 -------- d-----w- C:\FRST

2013-11-05 00:21:10 10280728 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B79F8619-8E4E-4E43-A5F3-7A86086B2F24}\mpengine.dll

2013-11-05 00:20:35 -------- d-----w- C:\Users\W7\AppData\Roaming\data

2013-11-05 00:06:56 -------- d-sh--w- C:\$RECYCLE.BIN

2013-11-04 22:53:14 -------- d-----w- C:\Users\W7\AppData\Local\ElevatedDiagnostics

2013-11-04 17:47:42 -------- d-----w- C:\Windows\System32\MRT

2013-11-04 17:30:28 256000 ----a-w- C:\Windows\PEV.exe

2013-11-04 17:30:28 208896 ----a-w- C:\Windows\MBR.exe

2013-11-04 17:30:27 98816 ----a-w- C:\Windows\sed.exe

2013-11-04 17:27:33 -------- d-----w- C:\ProgramData\Licenses

2013-11-04 17:21:54 -------- d-----w- C:\Users\W7\AppData\Roaming\Simply Super Software

2013-11-04 17:20:42 -------- d-----w- C:\ProgramData\Simply Super Software

2013-11-04 17:20:42 -------- d-----w- C:\Program Files (x86)\Trojan Remover

2013-11-04 16:57:54 -------- d-----w- C:\Program Files\GridinSoft Trojan Killer

2013-11-04 15:25:26 1643520 ----a-w- C:\Windows\System32\DWrite.dll

2013-11-04 15:25:26 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll

2013-11-04 15:03:01 -------- d-----w- C:\Users\W7\AppData\Roaming\Malwarebytes

2013-11-04 15:02:46 -------- d-----w- C:\ProgramData\Malwarebytes

2013-11-04 15:02:44 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-11-04 15:02:44 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-11-04 15:00:49 461312 ----a-w- C:\Windows\System32\scavengeui.dll

2013-11-04 01:45:00 -------- d-----w- C:\AdwCleaner

2013-11-04 01:41:03 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{209606EB-F292-4D2C-8E9B-2B543E1FB8BD}\gapaengine.dll

2013-11-04 01:40:59 10280728 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-11-04 01:34:04 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client

2013-11-04 01:34:02 -------- d-----w- C:\Program Files\Microsoft Security Client

2013-11-04 01:32:55 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DEE916AC-AB41-4C8B-8DD7-331CDCFA5ADD}\mpengine.dll

2013-11-04 01:31:09 -------- d-----w- C:\Windows\TempEEF6705C-55FF-B850-1078-C5F9C07523FB-Signatures

2013-11-03 21:34:05 -------- d-----w- C:\Program Files (x86)\WinDirStat

2013-11-03 15:01:24 -------- d-----w- C:\Program Files (x86)\NCWest

2013-11-03 14:48:07 -------- d-----w- C:\Program Files (x86)\NCSOFT

2013-11-03 13:22:46 -------- d-----w- C:\Program Files (x86)\Blade and Soul

2013-11-03 05:52:41 -------- d-----w- C:\Program Files (x86)\Snail Games USA

2013-11-02 21:35:09 -------- d-----w- C:\Program Files (x86)\Common Files\WuShu_0.0.1.065

2013-11-02 21:35:08 -------- d-----w- C:\Program Files (x86)\Common Files\AgeofWushu_download

2013-11-01 17:38:12 -------- d-----w- C:\Program Files (x86)\Grinding Gear Games

2013-10-31 19:08:32 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll

2013-10-31 19:08:32 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll

2013-10-31 19:08:32 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll

2013-10-31 19:08:32 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll

2013-10-31 19:08:32 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll

2013-10-29 19:50:04 -------- d-----w- C:\Program Files (x86)\baidu

2013-10-28 16:48:18 -------- d-----w- C:\Users\W7\AppData\Roaming\Guitar Pro 6

2013-10-28 16:48:18 -------- d-----w- C:\ProgramData\Guitar Pro 6

2013-10-28 16:41:31 955168 ----a-w- C:\Windows\SysWow64\nvspcap.dll

2013-10-28 16:41:31 1063200 ----a-w- C:\Windows\System32\nvspcap64.dll

2013-10-28 16:23:14 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-10-25 14:52:26 -------- d-----w- C:\Program Files (x86)\Batman Arkham Origins

2013-10-18 22:32:01 -------- d-----w- C:\Program Files (x86)\AP Tuner

2013-10-11 11:06:34 16640 ----a-w- C:\Windows\System32\drivers\gtkdrv.sys

2013-10-09 02:38:11 -------- d-----w- C:\ProgramData\Baidu

2013-10-08 20:15:58 -------- d-----w- C:\Program Files\iPod

2013-10-08 20:15:57 -------- d-----w- C:\Program Files\iTunes

2013-10-08 20:15:57 -------- d-----w- C:\Program Files (x86)\iTunes

.

==================== Find3M ====================

.

2013-10-23 08:20:08 6669600 ----a-w- C:\Windows\System32\nvcpl.dll

2013-10-23 08:20:07 3489568 ----a-w- C:\Windows\System32\nvsvc64.dll

2013-10-23 08:20:05 922912 ----a-w- C:\Windows\System32\nvvsvc.exe

2013-10-23 08:20:05 63776 ----a-w- C:\Windows\System32\nvshext.dll

2013-10-23 08:20:05 2559776 ----a-w- C:\Windows\System32\nvsvcr.dll

2013-10-23 08:20:05 219424 ----a-w- C:\Windows\System32\nvmctray.dll

2013-10-20 00:52:09 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2013-10-08 18:04:34 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-10-08 18:04:34 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-09-27 23:01:44 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys

2013-09-27 23:01:38 29984 ----a-w- C:\Windows\System32\nvaudcap64v.dll

2013-09-27 23:01:38 28960 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll

2013-09-22 04:33:25 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0

2013-09-12 08:58:10 1884448 ----a-w- C:\Windows\System32\nvdispco6432723.dll

2013-09-12 08:58:10 1511712 ----a-w- C:\Windows\System32\nvdispgenco6432723.dll

2013-08-21 16:46:43 4554640 ----a-w- C:\Windows\SysWow64\GameMon.des

2013-04-28 17:56:06 396800 ----a-w- C:\Program Files (x86)\ISSkinExW.dll

2012-05-24 03:15:32 721920 ----a-w- C:\Program Files (x86)\revolt.cjstyles

.

============= FINISH: 22:55:13,07 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 10/02/2012 11:16:32

System Uptime: 04/11/2013 22:18:16 (0 hours ago)

.

Motherboard: Intel Corp. | | Base Board Product Name

Processor: Intel® Core i7 CPU Q 740 @ 1.73GHz | CPU | 1716/1066mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 297 GiB total, 59,49 GiB free.

D: is FIXED (NTFS) - 298 GiB total, 53,259 GiB free.

E: is CDROM (CDFS)

F: is CDROM ()

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}

Description: Photosmart D110 series

Device ID: ROOT\MULTIFUNCTION\0000

Manufacturer: HP

Name: Photosmart D110 series

PNP Device ID: ROOT\MULTIFUNCTION\0000

Service:

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Hamachi Network Interface

Device ID: ROOT\NET\0000

Manufacturer: LogMeIn, Inc.

Name: Hamachi Network Interface

PNP Device ID: ROOT\NET\0000

Service: hamachi

.

Class GUID: {a173b237-6a34-4bb5-aa63-2561160fa200}

Description: Bluetooth Module

Device ID: USB\VID_13D3&PID_3314\6&10FFC980&0&2

Manufacturer: Motorola Solutions, Inc.

Name: Bluetooth Module

PNP Device ID: USB\VID_13D3&PID_3314\6&10FFC980&0&2

Service: BTMUSB

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

64 Bit HP CIO Components Installer

7-Zip 9.21 (x64 edition)

7-Zip 9.21beta

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader XI (11.0.05) - Português

Adobe Shockwave Player 11.6

Age of Wushu

Aion

AP Tuner 3.08

Apple Mobile Device Support

Apple Software Update

Atualizações da NVIDIA 9.3.16

aTube Catcher

AuthenTec TrueSuite

Batman Arkham Origins v.1.0.0.0

Bonjour

BufferChm

CCleaner

Core Temp 1.0 RC4

CPUID CPU-Z 1.61.5

CyberLink Blu-ray Disc Suite

CyberLink InstantBurn

CyberLink Power2Go

CyberLink PowerDVD 9

CyberLink PowerProducer

CyberLink YouCam

D110

D3DX10

DAEMON Tools Lite

DC Universe Online

DC Universe Online Live

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Destinations

DeviceDiscovery

EzManual

Fallout 3

Fallout New Vegas

Far Cry 3 Blood Dragon

FEZ

ffdshow [rev 3154] [2009-12-09]

Fraps (remove only)

GameBox Console

GeForce Experience NvStream Client Components

Gerenciador de Downloads

Google Chrome

GPBaseService2

Hi-Rez Studios Authenticate and Update Service

HP Customer Participation Program 14.0

HP Imaging Device Functions 14.0

HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7

HP Product Detection

HP Smart Web Printing 4.60

HP Solution Center 14.0

HP Update

HPAppStudio

HPPhotoGadget

HPProductAssistant

HPSSupply

Intel® Control Center

Intel® Management Engine Components

Intel® Rapid Storage Technology

iTunes

Java 7 Update 45

Java Auto Updater

Java 6 Update 31

Java 6 Update 31 (64-bit)

Java 7 Update 5 (64-bit)

JavaFX 2.1.1

Junk Mail filter update

League of Legends

LG Intelligent Update

LG Magnifier

LG Media FUNtasia

LG OSD

LG Smart Care

LG Smart Indicator

LG Smart Recovery

Logitech Unifying Software 2.10

LogMeIn Hamachi

LOLReplay

Malwarebytes Anti-Malware versão 1.75.0.1300

MarketResearch

Memory Improve Master Free Version v6.1.2.369

Microsoft .NET Framework 1.1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile PTB Language Pack

Microsoft .NET Framework 4 Extended

Microsoft .NET Framework 4 Extended PTB Language Pack

Microsoft Antimalware Service PT-BR Language Pack

Microsoft Application Error Reporting

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft LifeChat

Microsoft Mouse and Keyboard Center

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (Portuguese (Brazil)) 2010

Microsoft Office Excel MUI (Portuguese (Brazil)) 2010

Microsoft Office Home and Student 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (Portuguese (Brazil)) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (Portuguese (Brazil)) 2010

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010

Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2010

Microsoft Office Shared MUI (Portuguese (Brazil)) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (Portuguese (Brazil)) 2010

Microsoft Security Client

Microsoft Security Client PT-BR Language Pack

Microsoft Security Essentials

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual C++ 8.0 Support DLLs

Microsoft WSE 3.0 Runtime

Microsoft XNA Framework Redistributable 4.0 Refresh

Minecraft1.4.7

MKLOL

Motorola Bluetooth

MSVCRT

MSVCRT_amd64

NC Launcher (GameForge)

NCSOFT Game Launcher

Network64

Neverwinter

Nexon Game Manager

Nexus Mod Manager

NVIDIA Display Control Panel

NVIDIA Driver de gráficos 331.65

NVIDIA Driver de áudio HD 1.3.26.4

NVIDIA Drivers

NVIDIA GeForce Experience 1.7

NVIDIA Install Application

NVIDIA LED Visualizer 1.0

NVIDIA nTune

NVIDIA PhysX

NVIDIA ShadowPlay 9.3.16

NVIDIA Software do sistema PhysX 9.13.0725

NVIDIA System Monitor

NVIDIA Update Components

NVIDIA Virtual Audio 1.2.9

Orcs Must Die 2

Origin

Overwolf

Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)

Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil)

Painel de controle da NVIDIA 331.65

Pando Media Booster

Papers, Please

Project64 1.6

Proxifier version 3.21

PS_AIO_07_D110_SW_Min

QuickTime

QuickTransfer

Ralink RT2860 Wireless LAN Card

REACTOR

Realtek Ethernet Controller Driver For Windows 7

Realtek High Definition Audio Driver

Realtek USB 2.0 Card Reader

Reus

Revo Uninstaller 1.94

Rhinoceros 4.0 SR2

savenshaRe

Scan

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)

Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition

Security Update for Microsoft Outlook 2010 (KB2794707) 32-Bit Edition

Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition

Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition

SHIELD Streaming

Shop for HP Supplies

Skype™ 6.6

SmartWebPrinting

Smite

SolutionCenter

Status

Steam

Subway Surfers 1.0

Super Meat Boy v1.5

Suporte para Aplicativos Apple

swMSM

System Requirements Lab Detection

TeamSpeak 3 Client

TeamViewer 7

The Elder Scrolls V Skyrim Dragonborn © Bethesda Softworks version 1

Toolbox

TrayApp

TriDef 3D (LG) 1.1.6

TriDef 3D Content (LG) 1.0.1

Trojan Killer

Trojan Remover 6.8.8

Tunngle beta

Unity Web Player

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2836939v3)

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition

Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition

Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition

Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition

VLC media player 2.0.4

WebReg

WinDirStat 1.1.2

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinRAR 4.11 (64-bit)

WinRAR 5.00 (32-bit)

.

==== End Of File ===========================

Lordados · November 5, 2013

Rogue Killer report

RogueKiller V8.7.6 _x64_ [Oct 28 2013] Por Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.adlice.com/forum/

Site : http://www.adlice.com/softwares/roguekiller/

Blog : http://tigzyrk.blogspot.com/

Sistema Operacional : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Iniciado em : Modo Normal

Usuario : W7 [Privilegios de Admnistrador]

Modo : Verificar -- Data : 11/04/2013 23:05:39

| ARK || FAK || MBR |

¤¤¤ Entradas ruins : 5 ¤¤¤

[sUSP PATH][DLL] rundll32.exe -- C:\Users\W7\AppData\Roaming\Baidu Security\PC App Store\3.8.8.1435\Uninstall\PC App Store Uninstall\0\InstallUtility.dll [-] -> rundll32.exe FINALIZADO [TermProc]

[sUSP PATH] Usbsupply.exe -- C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Usbsupply.exe [-] -> FINALIZADO [TermProc]

[sVCHOST] Svchost.exe -- C:\Users\W7\AppData\Local\Temp\RarSFX0\Svchost.exe [-] -> FINALIZADO [TermProc]

[sUSP PATH] mstsc.exe -- C:\Users\W7\AppData\Roaming\data\mstsc.exe [-] -> FINALIZADO [TermProc]

¤¤¤ Entradas do Registro : 8 ¤¤¤

[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> ENCONTRADO

[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> ENCONTRADO

[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> ENCONTRADO

[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> ENCONTRADO

[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> ENCONTRADO

[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowVideos (0) -> ENCONTRADO

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> ENCONTRADO

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> ENCONTRADO

¤¤¤ As tarefas agendadas : 3 ¤¤¤

[V2][sUSP PATH] EPUpdater : C:\Users\W7\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [x] -> ENCONTRADO

[V2][sUSP PATH] Funmoods : C:\Users\W7\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.EXE - /Check [x] -> ENCONTRADO

[V2][sUSP PATH] RunAsStdUser Task : "C:\Users\W7\AppData\Local\RavenBleuSA\bin\1.0.11.0\RavenBleuSA.exe" [x] -> ENCONTRADO

¤¤¤ entradas de inicialização : 3 ¤¤¤

[W7][sUSP PATH] Adobe.lnk : C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe.lnk @C:\Users\W7\AppData\Roaming\data\Adobe.vbe [-][-] -> ENCONTRADO

[W7][sUSP PATH] PC App Store Uninstall 3.8.8.1435.lnk : C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PC App Store Uninstall 3.8.8.1435.lnk @C:\Windows\System32\rundll32.exe "C:\Users\W7\AppData\Roaming\Baidu Security\PC App Store\3.8.8.1435\Uninstall\PC App Store Uninstall\0\InstallUtility.dll", _OpenUrl -run "PC App Store Uninstall" -ini "OpenUrl.ini" [-][7][-][x][x][x] -> ENCONTRADO

[W7][HJNAME] Svchost.exe.lnk : C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Svchost.exe.lnk @C:\Users\W7\AppData\Local\Temp\RarSFX0\Svchost.exe [-][-] -> ENCONTRADO

¤¤¤ Os navegadores da Web : 0 ¤¤¤

¤¤¤ Arquivos / Pastas Pessoais: ¤¤¤

¤¤¤ Driver : [Não Carregado 0x0] ¤¤¤

¤¤¤ Hives externas: ¤¤¤

¤¤¤ Infecção : ¤¤¤

¤¤¤ Arquivo de Hosts: ¤¤¤

--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Verificaçao do MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK6465GSX +++++

--- User ---

[MBR] 9e0ca052cb6f8e60861faf2589c79fca

[bSP] 5d5b938334614db931649a7b8fa8b043 : Windows Vista/7/8 MBR Code

Partition table:

0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 2048 | Size: 1536 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 3147776 | Size: 304128 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 626001920 | Size: 304814 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Concluido : << RKreport[0]_S_11042013_230539.txt >>

MrCharlie · November 5, 2013

Please download Farbar Recovery Scan Tool and save it to a folder. (use correct version for your system.....Which system am I using?)

Please make sure you click download buttons that look like this, not "sponsored ad links":

Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

MrC

Lordados · November 5, 2013

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-10-2013

Ran by W7 at 2013-11-04 23:20:02

Running from C:\Users\W7\Downloads

Boot Mode: Normal

==========================================================

==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 6.2.2)

7-Zip 9.21 (x64 edition) (Version: 9.21.00.0)

7-Zip 9.21beta (x32)

Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)

Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)

Adobe Reader XI (11.0.05) - Português (x32 Version: 11.0.05)

Adobe Shockwave Player 11.6 (x32 Version: 11.6.8.638)

Age of Wushu (x32 Version: 0.0.1.065)

Aion (x32 Version: 4.0.0.3)

AP Tuner 3.08 (x32)

Apple Mobile Device Support (Version: 7.0.0.117)

Apple Software Update (x32 Version: 2.1.3.127)

Atualizações da NVIDIA 9.3.16 (Version: 9.3.16)

aTube Catcher (x32 Version: 2.9.1347)

AuthenTec TrueSuite (Version: 4.0.1.3)

Batman Arkham Origins v.1.0.0.0 (x32)

Bonjour (Version: 3.0.0.10)

BufferChm (x32 Version: 140.0.212.000)

CCleaner (Version: 4.07)

Core Temp 1.0 RC4 (Version: 1.0)

CPUID CPU-Z 1.61.5

CyberLink Blu-ray Disc Suite (x32 Version: 7.0.2407)

CyberLink InstantBurn (x32 Version: 5.0.5509b)

CyberLink Power2Go (x32 Version: 6.1.3602c)

CyberLink PowerDVD 9 (x32 Version: 9.0.4412.52)

CyberLink PowerProducer (x32 Version: 5.0.2.2415)

CyberLink YouCam (x32 Version: 3.1.3308)

D110 (x32 Version: 140.0.142.000)

D3DX10 (x32 Version: 15.4.2368.0902)

DAEMON Tools Lite (x32 Version: 4.47.1.0333)

DC Universe Online (HKCU Version: 1.0.3.183)

DC Universe Online Live (HKCU)

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)

Destinations (x32 Version: 140.0.77.000)

DeviceDiscovery (x32 Version: 140.0.212.000)

EzManual (x32)

Fallout 3 (x32 Version: 1.00.0000)

Fallout New Vegas (x32 Version: 1.4.0.525)

Fallout New Vegas (x32)

Far Cry 3 Blood Dragon (x32 Version: 1.00)

FEZ (x32 Version: 2.0.0.0)

ffdshow [rev 3154] [2009-12-09] (x32 Version: 1.0)

Fraps (remove only) (x32)

GameBox Console (x32 Version: 5.4.0.3)

GeForce Experience NvStream Client Components (Version: 1.6.28)

Gerenciador de Downloads (HKCU Version: 0.9.3.89)

Google Chrome (HKCU Version: 30.0.1599.101)

GPBaseService2 (x32 Version: 140.0.211.000)

Hi-Rez Studios Authenticate and Update Service (x32 Version: 3.0.0.0)

HP Customer Participation Program 14.0 (Version: 14.0)

HP Imaging Device Functions 14.0 (Version: 14.0)

HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (Version: 14.0)

HP Product Detection (x32 Version: 11.15.0007)

HP Smart Web Printing 4.60 (Version: 4.60)

HP Solution Center 14.0 (Version: 14.0)

HP Update (x32 Version: 5.002.002.002)

HPAppStudio (x32 Version: 140.0.95.000)

HPPhotoGadget (x32 Version: 140.0.524.000)

HPProductAssistant (x32 Version: 140.0.212.000)

HPSSupply (x32 Version: 140.0.211.000)

Intel® Control Center (x32 Version: 1.2.1.1007)

Intel® Management Engine Components (x32 Version: 6.0.0.1179)

Intel® Rapid Storage Technology (x32 Version: 9.6.0.1014)

iTunes (Version: 11.1.1.11)

Java 7 Update 45 (x32 Version: 7.0.450)

Java Auto Updater (x32 Version: 2.1.9.8)

Java 6 Update 31 (64-bit) (Version: 6.0.310)

Java 6 Update 31 (x32 Version: 6.0.310)

Java 7 Update 5 (64-bit) (Version: 7.0.50)

JavaFX 2.1.1 (x32 Version: 2.1.1)

Junk Mail filter update (x32 Version: 15.4.3502.0922)

League of Legends (x32 Version: 1.3)

LG Intelligent Update (x32 Version: 4.04.0403.99)

LG Magnifier (Version: 10.03.2201)

LG Media FUNtasia (x32 Version: 1.0.1102.0801)

LG OSD (Version: 11.04.1801)

LG Smart Care (x32 Version: 1.0.1107.1801)

LG Smart Indicator (x32 Version: 11.03.2501)

LG Smart Recovery (x32 Version: 5.5.3221)

Logitech Unifying Software 2.10 (Version: 2.10.37)

LogMeIn Hamachi (x32 Version: 2.1.0.374)

LOLReplay (x32 Version: 0.8.2.1)

Malwarebytes Anti-Malware versão 1.75.0.1300 (x32 Version: 1.75.0.1300)

MarketResearch (x32 Version: 140.0.212.000)

Memory Improve Master Free Version v6.1.2.369 (x32)

Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft .NET Framework 4 Client Profile PTB Language Pack (Version: 4.0.30319)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319)

Microsoft .NET Framework 4 Extended PTB Language Pack (Version: 4.0.30319)

Microsoft Antimalware Service PT-BR Language Pack (Version: 3.0.8402.2)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)

Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)

Microsoft LifeChat (Version: 1.40.224.0)

Microsoft Mouse and Keyboard Center (Version: 1.1.500.0)

Microsoft Office 2010 Service Pack 1 (SP1) (x32)

Microsoft Office Access MUI (Portuguese (Brazil)) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Excel MUI (Portuguese (Brazil)) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Home and Student 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Proof (Portuguese (Brazil)) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Proofing (Portuguese (Brazil)) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared MUI (Portuguese (Brazil)) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Word MUI (Portuguese (Brazil)) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Security Client (Version: 4.3.0219.0)

Microsoft Security Client PT-BR Language Pack (Version: 2.1.1116.0)

Microsoft Security Essentials (Version: 4.3.219.0)

Microsoft Silverlight (Version: 5.1.20913.0)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)

Microsoft Visual C++ 8.0 Support DLLs (x32 Version: 1.0.0)

Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)

Microsoft XNA Framework Redistributable 4.0 Refresh (x32 Version: 4.0.30901.0)

Minecraft1.4.7 (x32)

MKLOL (HKCU)

Motorola Bluetooth (Version: 3.0.02.298)

MSVCRT (x32 Version: 15.4.2862.0708)

MSVCRT_amd64 (x32 Version: 15.4.2862.0708)

NC Launcher (GameForge) (x32)

NCSOFT Game Launcher (x32)

Network64 (Version: 140.0.212.000)

Neverwinter (x32)

Nexon Game Manager (x32)

Nexus Mod Manager (Version: 0.45.4)

NVIDIA Display Control Panel (Version: 6.14.12.6136)

NVIDIA Driver de áudio HD 1.3.26.4 (Version: 1.3.26.4)

NVIDIA Driver de gráficos 331.65 (Version: 331.65)

NVIDIA Drivers (Version: 1.10)

NVIDIA GeForce Experience 1.7 (Version: 1.7)

NVIDIA Install Application (Version: 2.1002.140.952)

NVIDIA LED Visualizer 1.0 (Version: 1.0)

NVIDIA nTune (x32 Version: 1.00.0000)

NVIDIA PhysX (x32 Version: 9.13.0725)

NVIDIA ShadowPlay 9.3.16 (Version: 9.3.16)

NVIDIA Software do sistema PhysX 9.13.0725 (Version: 9.13.0725)

NVIDIA System Monitor (x32 Version: 6.5)

NVIDIA Update Components (Version: 9.3.16)

NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9)

Orcs Must Die 2 (x32)

Origin (x32 Version: 9.1.15.109)

Overwolf (x32 Version: 0.40.228)

Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (Version: 4.0.30319)

Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil) (Version: 4.0.30319)

Painel de controle da NVIDIA 331.65 (Version: 331.65)

Pando Media Booster (x32 Version: 2.6.0.8)

Papers, Please (x32 Version: 2.0.0.4)

Project64 1.6 (x32 Version: 1.6)

Proxifier version 3.21 (x32 Version: 3.21)

PS_AIO_07_D110_SW_Min (x32 Version: 140.0.142.000)

QuickTime (x32 Version: 7.74.80.86)

QuickTransfer (x32 Version: 140.0.98.000)

Ralink RT2860 Wireless LAN Card (x32 Version: 1.5.9.0)

REACTOR (x32 Version: 1.00.0000)

Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.23.623.2010)

Realtek High Definition Audio Driver (x32 Version: 6.0.1.6273)

Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30127)

Reus (x32 Version: 2.0.0.10)

Revo Uninstaller 1.94 (x32 Version: 1.94)

Rhinoceros 4.0 SR2 (x32 Version: 4.0.21017)

savenshaRe (x32 Version: 3.0.0.1391)

Scan (x32 Version: 140.0.77.000)

SHIELD Streaming (Version: 1.6.34)

Shop for HP Supplies (Version: 14.0)

Skype™ 6.6 (x32 Version: 6.6.106)

SmartWebPrinting (x32 Version: 140.0.186.000)

Smite (x32 Version: 0.1.1740.1)

SolutionCenter (x32 Version: 140.0.211.000)

Status (x32 Version: 140.0.212.000)

Steam (x32 Version: 1.0.0.0)

Subway Surfers 1.0 (x32 Version: 1.0)

Super Meat Boy v1.5 (x32)

Suporte para Aplicativos Apple (x32 Version: 2.3.6)

swMSM (x32 Version: 12.0.0.1)

System Requirements Lab Detection (x32 Version: 1.0.5.0)

TeamSpeak 3 Client (Version: 3.0.10)

TeamViewer 7 (x32 Version: 7.0.13852)

The Elder Scrolls V Skyrim Dragonborn © Bethesda Softworks version 1 (x32 Version: 1)

Toolbox (x32 Version: 140.0.424.000)

TrayApp (x32 Version: 140.0.212.000)

TriDef 3D (LG) 1.1.6 (x32 Version: 1.1.6)

TriDef 3D Content (LG) 1.0.1 (x32 Version: 1.0.1)

Trojan Killer (x32 Version: 2.1.9.4)

Trojan Remover 6.8.8 (x32 Version: 6.8.8)

Tunngle beta (x32)

Unity Web Player (HKCU Version: )

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)

Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2553065) (x32)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2566458) (x32)

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)

Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)

Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)

Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)

VLC media player 2.0.4 (x32 Version: 2.0.4)

WebReg (x32 Version: 140.0.212.017)

WinDirStat 1.1.2 (HKCU)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922)

Windows Live Essentials (x32 Version: 15.4.3502.0922)

Windows Live Essentials (x32 Version: 15.4.3555.0308)

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)

Windows Live Installer (x32 Version: 15.4.3502.0922)

Windows Live Language Selector (Version: 15.4.3555.0308)

Windows Live Mail (x32 Version: 15.4.3502.0922)

Windows Live Messenger (x32 Version: 15.4.3538.0513)

Windows Live MIME IFilter (Version: 15.4.3502.0922)

Windows Live Photo Common (x32 Version: 15.4.3502.0922)

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)

Windows Live SOXE (x32 Version: 15.4.3502.0922)

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)

Windows Live UX Platform (x32 Version: 15.4.3502.0922)

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)

Windows Live Writer (x32 Version: 15.4.3502.0922)

Windows Live Writer Resources (x32 Version: 15.4.3502.0922)

WinRAR 4.11 (64-bit) (Version: 4.11.0)

WinRAR 5.00 (32-bit) (x32 Version: 5.00.0)

==================== Restore Points =========================

==================== Hosts content: ==========================

2009-07-14 00:34 - 2013-11-04 22:05 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {137431AC-9C55-4016-BF42-76D0A6942E14} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)

Task: {15C577A4-1808-411B-BDD4-A5E30485CDFD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08] (Adobe Systems Incorporated)

Task: {183CB842-22DD-4782-A429-F9F8C7D5012C} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Device Center\ipoint.exe [2012-06-26] (Microsoft Corporation)

Task: {24C4E2CA-5833-4769-9841-B04881AE3868} - System32\Tasks\Funmoods => C:\Users\W7\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.EXE

Task: {2FC88D9F-7D08-4025-AF9B-2F48A891573B} - System32\Tasks\LifeChatTask => C:\Program Files\Microsoft LifeChat\LifeChat.exe [2009-09-24] (Microsoft Corporation)

Task: {3FB74724-FA01-406E-A5BE-E14620B6DE1E} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe

Task: {4BB5556D-2783-4AA2-8656-2C28BA9A5092} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1169240536-2603080374-1045579868-1004Core => C:\Users\W7\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-21] (Google Inc.)

Task: {4D9CB66C-2D93-44C0-B5BC-61C7C2225969} - System32\Tasks\LG Intelligent Update => C:\Program Files (x86)\lg_swupdate\GiljabiStart.exe [2012-04-01] (LG Electronics Inc.)

Task: {62BAF1BC-B92E-455B-B9F5-3CC6C5E0838E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {7916F32A-58CF-45EF-8835-5226C1B5F57F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1169240536-2603080374-1045579868-1004UA => C:\Users\W7\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-21] (Google Inc.)

Task: {7B484B05-9700-47F7-849E-2AC41B69851E} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc

Task: {839FB1FC-5D6F-41E9-ADFF-0CBD7CD0B439} - System32\Tasks\Baidu PC Faster Update => $szInstallingDir\Updater.exe

Task: {84EB74F3-5C8A-4A2D-A31E-C9C7A7EF5EE7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)

Task: {857F3F80-9167-4E3F-80B6-CB200A8EE7EB} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\DeviceCenter.exe [2012-06-26] (Microsoft)

Task: {9CCC7B28-8778-41AE-AB4E-C9D651783CD0} - System32\Tasks\Google Updater and Installer => C:\Users\W7\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-21] (Google Inc.)

Task: {AECC3C8D-3F22-450F-93DF-35C4995731DC} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Device Center\itype.exe [2012-06-26] (Microsoft Corporation)

Task: {CC8B27F1-162B-411A-9DA1-C467E7191388} - System32\Tasks\DealPlyUpdate => C:\Program Files (x86)\DealPly\DealPlyUpdate.exe

Task: {D2898CB0-C55A-4C5B-B51F-45F993F1F4D3} - System32\Tasks\EPUpdater => C:\Users\W7\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe

Task: {F6B520A7-7792-4D05-964D-7FF677D2C01E} - System32\Tasks\RunAsStdUser Task => C:\Users\W7\AppData\Local\RavenBleuSA\bin\1.0.11.0\RavenBleuSA.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1169240536-2603080374-1045579868-1004Core.job => C:\Users\W7\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1169240536-2603080374-1045579868-1004UA.job => C:\Users\W7\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-01-28 18:40 - 2012-11-22 18:57 - 00057448 _____ () C:\Windows\system32\PrxerNsp.dll

2012-02-20 22:29 - 2012-02-20 22:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2012-02-20 22:28 - 2012-02-20 22:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2009-11-02 15:20 - 2009-11-02 15:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll

2009-11-02 15:23 - 2009-11-02 15:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

2013-10-16 19:22 - 2013-10-08 22:01 - 00698832 _____ () C:\Users\W7\AppData\Local\Google\Chrome\Application\30.0.1599.101\libglesv2.dll

2013-10-16 19:22 - 2013-10-08 22:01 - 00099792 _____ () C:\Users\W7\AppData\Local\Google\Chrome\Application\30.0.1599.101\libegl.dll

2013-10-16 19:22 - 2013-10-08 22:02 - 04055504 _____ () C:\Users\W7\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll

2013-10-16 19:22 - 2013-10-08 22:02 - 00415184 _____ () C:\Users\W7\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll

2013-10-16 19:22 - 2013-10-08 22:01 - 01604560 _____ () C:\Users\W7\AppData\Local\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll

2011-08-17 11:53 - 2010-03-03 21:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

2013-10-16 19:22 - 2013-10-08 22:02 - 13584336 _____ () C:\Users\W7\AppData\Local\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Faulty Device Manager Devices =============

Name: Photosmart D110 series

Description: Photosmart D110 series

Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}

Manufacturer: HP

Service:

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Hamachi Network Interface

Description: Hamachi Network Interface

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: LogMeIn, Inc.

Service: hamachi

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth Module

Description: Bluetooth Module

Class Guid: {a173b237-6a34-4bb5-aa63-2561160fa200}

Manufacturer: Motorola Solutions, Inc.

Service: BTMUSB

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:

==================

Error: (11/04/2013 10:19:42 PM) (Source: NvStreamSvc) (User: )

Description: NvStreamSvcNvVAD initialization failed [6]

Error: (11/04/2013 10:19:42 PM) (Source: NvStreamSvc) (User: )

Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (11/04/2013 10:18:56 PM) (Source: Microsoft-Windows-EapHost) (User: AUTORIDADE NT)

Description: Ignorando: ocorreu uma falha na validação de Eap method DLL path name. Erro: typeId=43, authorId=9, vendorId=0, vendorType=0

Error: (11/04/2013 10:18:56 PM) (Source: Microsoft-Windows-EapHost) (User: AUTORIDADE NT)

Description: Ignorando: ocorreu uma falha na validação de Eap method DLL path name. Erro: typeId=25, authorId=9, vendorId=0, vendorType=0

Error: (11/04/2013 10:18:56 PM) (Source: Microsoft-Windows-EapHost) (User: AUTORIDADE NT)

Description: Ignorando: ocorreu uma falha na validação de Eap method DLL path name. Erro: typeId=17, authorId=9, vendorId=0, vendorType=0

Error: (11/04/2013 09:54:38 PM) (Source: VSS) (User: )

Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance. hr = 0x8007043c, Não é possível compartilhar este serviço no modo de segurança

.

Operação:

Instanciando servidor VSS

Error: (11/04/2013 09:54:38 PM) (Source: VSS) (User: )

Description: Erro no Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com a CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} e o nome IVssCoordinatorEx2 durante o Modo de Segurança.

O Serviço de Cópias de Sombra de Volume não pode ser iniciado no modo de segurança. [0x8007043c, Não é possível compartilhar este serviço no modo de segurança

]

Operação:

Instanciando servidor VSS

Error: (11/04/2013 07:51:38 PM) (Source: NvStreamSvc) (User: )

Description: NvStreamSvcNvVAD initialization failed [6]

Error: (11/04/2013 07:51:38 PM) (Source: NvStreamSvc) (User: )

Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (11/04/2013 07:50:36 PM) (Source: Microsoft-Windows-EapHost) (User: AUTORIDADE NT)

Description: Ignorando: ocorreu uma falha na validação de Eap method DLL path name. Erro: typeId=43, authorId=9, vendorId=0, vendorType=0

System errors:

=============

Error: (11/04/2013 11:10:52 PM) (Source: DCOM) (User: AUTORIDADE NT)

Description: Específico do aplicativoLocalIniciar{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)

Error: (11/04/2013 11:00:52 PM) (Source: DCOM) (User: AUTORIDADE NT)

Description: Específico do aplicativoLocalIniciar{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)

Error: (11/04/2013 10:54:25 PM) (Source: mbamchameleon) (User: )

Description: \Device\HarddiskVolume2\PROGRAM FILES\MICROSOFT SECURITY CLIENT\MPCMDRUN.EXE

Error: (11/04/2013 10:54:25 PM) (Source: mbamchameleon) (User: )

Description: \Device\HarddiskVolume2\PROGRAM FILES\MICROSOFT SECURITY CLIENT\MSSECES.EXE

Error: (11/04/2013 10:54:23 PM) (Source: mbamchameleon) (User: )

Description: \Device\HarddiskVolume2\PROGRAM FILES\MICROSOFT SECURITY CLIENT\MSMPENG.EXE

Error: (11/04/2013 10:52:16 PM) (Source: mbamchameleon) (User: )

Description: \Device\HarddiskVolume2\PROGRAM FILES\MICROSOFT SECURITY CLIENT\MPCMDRUN.EXE

Error: (11/04/2013 10:52:16 PM) (Source: mbamchameleon) (User: )

Description: \??\c:\Program Files\Microsoft Security Client\MpCmdRun.exe

Error: (11/04/2013 10:52:16 PM) (Source: mbamchameleon) (User: )

Description: \Device\HarddiskVolume2\PROGRAM FILES\MICROSOFT SECURITY CLIENT\MPCMDRUN.EXE

Error: (11/04/2013 10:52:16 PM) (Source: mbamchameleon) (User: )

Description: \??\c:\Program Files\Microsoft Security Client\MpCmdRun.exe

Error: (11/04/2013 10:50:52 PM) (Source: DCOM) (User: AUTORIDADE NT)

Description: Específico do aplicativoLocalIniciar{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)

Microsoft Office Sessions:

=========================

Error: (11/04/2013 10:19:42 PM) (Source: NvStreamSvc)(User: )

Description: NvStreamSvcNvVAD initialization failed [6]

Error: (11/04/2013 10:19:42 PM) (Source: NvStreamSvc)(User: )

Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (11/04/2013 10:18:56 PM) (Source: Microsoft-Windows-EapHost)(User: AUTORIDADE NT)

Description: Eap method DLL path name43900

Error: (11/04/2013 10:18:56 PM) (Source: Microsoft-Windows-EapHost)(User: AUTORIDADE NT)

Description: Eap method DLL path name25900

Error: (11/04/2013 10:18:56 PM) (Source: Microsoft-Windows-EapHost)(User: AUTORIDADE NT)

Description: Eap method DLL path name17900

Error: (11/04/2013 09:54:38 PM) (Source: VSS)(User: )

Description: CoCreateInstance0x8007043c, Não é possível compartilhar este serviço no modo de segurança

Operação:

Instanciando servidor VSS

Error: (11/04/2013 09:54:38 PM) (Source: VSS)(User: )

Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x8007043c, Não é possível compartilhar este serviço no modo de segurança

Operação:

Instanciando servidor VSS

Error: (11/04/2013 07:51:38 PM) (Source: NvStreamSvc)(User: )

Description: NvStreamSvcNvVAD initialization failed [6]

Error: (11/04/2013 07:51:38 PM) (Source: NvStreamSvc)(User: )

Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (11/04/2013 07:50:36 PM) (Source: Microsoft-Windows-EapHost)(User: AUTORIDADE NT)

Description: Eap method DLL path name43900

CodeIntegrity Errors:

===================================

Date: 2013-11-04 22:04:50.133

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-11-04 22:04:50.063

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-05-19 22:21:51.226

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\LG Software\LG Smart Care\UserIO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-05-19 22:21:51.179

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\LG Software\LG Smart Care\UserIO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-05-19 22:21:50.602

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\LG Software\LG Smart Care\UserIO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-05-19 22:21:50.571

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\LG Software\LG Smart Care\UserIO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-05-19 22:21:49.963

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\LG Software\LG Smart Care\UserIO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-05-19 22:21:49.931

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\LG Software\LG Smart Care\UserIO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-05-19 22:21:49.323

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\LG Software\LG Smart Care\UserIO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-05-19 22:21:49.292

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\LG Software\LG Smart Care\UserIO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Percentage of memory in use: 43%

Total physical RAM: 6077.86 MB

Available physical RAM: 3404.33 MB

Total Pagefile: 115076.04 MB

Available Pagefile: 111990.98 MB

Total Virtual: 8192 MB

Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297 GB) (Free:59.8 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive d: () (Fixed) (Total:297.67 GB) (Free:53.26 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (Size: 596 GB) (Disk ID: AF8D52F9)

Partition 1: (Not Active) - (Size=2 GB) - (Type=12)

Partition 2: (Active) - (Size=297 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Addition.txt

MrCharlie · November 5, 2013

I need to see the FRST.txt, you posted and attached the Addition.txt.

MrC

Lordados · November 5, 2013

Sorry XD

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013

Ran by W7 (administrator) on COM-PC on 04-11-2013 23:17:51

Running from C:\Users\W7\Downloads

Windows 7 Home Premium Service Pack 1 (X64) OS Language: Portuguese Brazilian

Internet Explorer Version 9

Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AuthenTec, Inc) C:\Program Files\TrueSuite\TrueSuite.Service.exe

(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\ATService.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe

(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe

(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(AuthenTec Inc.) C:\Program Files\TrueSuite\TrueSuite.TouchControl.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Microsoft Corporation) C:\Program Files\Microsoft LifeChat\LifeChat.exe

(LG Electronics Inc.) C:\Program Files\LG Software\LG OSD\HotKey.exe

(Microsoft Corporation) C:\Program Files\Microsoft Device Center\itype.exe

(Microsoft Corporation) C:\Program Files\Microsoft Device Center\ipoint.exe

(AuthenTec, Inc.) C:\Program Files\TrueSuite\x86\TrueSuite.ClientAppLogonExe.exe

(AuthenTec, Inc.) C:\Program Files\TrueSuite\TrueSuite.ClientAppLogonExe.exe

(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\ATSwpNav.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

(Google Inc.) C:\Users\W7\AppData\Local\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Google Inc.) C:\Users\W7\AppData\Local\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\system32\taskmgr.exe

() C:\Users\W7\Downloads\RogueKillerX64.exe

(Google Inc.) C:\Users\W7\AppData\Local\Google\Chrome\Application\chrome.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe

(Farbar) C:\Users\W7\Downloads\FRST64 (1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11725928 2010-12-23] (Realtek Semiconductor)

HKLM\...\Run: [LifeChat] - C:\Program Files\Microsoft LifeChat\LifeChat.exe [371712 2009-09-24] (Microsoft Corporation)

HKLM\...\Run: [KeybdUtility] - C:\Program Files\LG Software\LG OSD\HotKey.exe [3556352 2011-04-18] (LG Electronics Inc.)

HKLM\...\Run: [intelliType Pro] - C:\Program Files\Microsoft Device Center\itype.exe [1464928 2012-06-26] (Microsoft Corporation)

HKLM\...\Run: [intelliPoint] - C:\Program Files\Microsoft Device Center\ipoint.exe [2004584 2012-06-26] (Microsoft Corporation)

HKLM\...\Run: [ClientAppLogon32] - C:\Program Files\TrueSuite\x86\TrueSuite.ClientAppLogonExe.exe [307520 2010-07-21] (AuthenTec, Inc.)

HKLM\...\Run: [ClientAppLogon] - C:\Program Files\TrueSuite\TrueSuite.ClientAppLogonExe.exe [420672 2010-07-21] (AuthenTec, Inc.)

HKLM\...\Run: [ATSwpNav.exe] - C:\Program Files\Fingerprint Sensor\ATSwpNav.exe [172864 2010-06-25] (AuthenTec, Inc.)

HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-17] (NVIDIA Corporation)

HKLM\...\Run: [shadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-08-12] (Microsoft Corporation)

HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-12-24] ()

HKCU\...\Run: [Memory Improve Master] - C:\Program Files (x86)\Memory Improve Master\MemoryImproveMaster.exe [5095424 2009-03-16] (Memory Improve Master Studio)

HKCU\...\Run: [NVIDIA nTune] - "C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe" clear

HKCU\...\Policies\system: [LogonHoursAction] 2

HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

HKLM-x32\...\Run: [] - [x]

HKLM-x32\...\Run: [LG Media FUNtasia] - C:\Program Files (x86)\LG Software\LG Media FUNtasia\MediaFuntasiaStart.exe [220616 2010-11-23] ()

HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)

HKLM-x32\...\Run: [bDRegion] - C:\Program Files (x86)\CyberLink\Shared files\brs.exe [75048 2010-07-06] (cyberlink)

HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)

HKLM-x32\...\Run: [NCUpdateHelper] - C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe [528360 2013-11-03] (NCSOFT Corporation)

HKLM-x32\...\Run: [TrojanScanner] - C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1655568 2013-07-19] (Simply Super Software)

HKU\admin\...\Policies\system: [LogonHoursAction] 2

HKU\admin\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\Administrador\...\Policies\system: [LogonHoursAction] 2

HKU\Administrador\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\Marcelo P\...\Policies\system: [LogonHoursAction] 2

HKU\Marcelo P\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

Startup: C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe.lnk

ShortcutTarget: Adobe.lnk -> C:\Users\W7\AppData\Roaming\data\Adobe.vbe ()

Startup: C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PC App Store Uninstall 3.8.8.1435.lnk

ShortcutTarget: PC App Store Uninstall 3.8.8.1435.lnk -> C:\Users\W7\AppData\Roaming\Baidu Security\PC App Store\3.8.8.1435\Uninstall\PC App Store Uninstall\0\InstallUtility.dll", _OpenUrl -run "PC App Store Uninstall" -ini "OpenUrl.ini (No File)

Startup: C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Svchost.exe.lnk

ShortcutTarget: Svchost.exe.lnk -> C:\Users\W7\AppData\Local\Temp\RarSFX0\Svchost.exe ()

Startup: C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Usbsupply.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=082411CBF8E37197ED8884504810F025&tbp=homepage

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.hao123.com/?tn=bbl_pay_hp_02_hao123_br

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.hao123.com/?tn=incore_pay_hp_01_hao123_br

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchiseasy.info/?pid=625&r=2013/09/01&hid=5734058029627842397&lg=EN&cc=BR&unqvl=33

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDyDtDyEtC0F0B0AtAzytBtCtN0D0Tzu0StByDtAtN1L2XzutBtFtCtFtCtFtAtCtB&cr=593889077

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDyDtDyEtC0F0B0AtAzytBtCtN0D0Tzu0StByDtAtN1L2XzutBtFtCtFtCtFtAtCtB&cr=593889077

SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDyDtDyEtC0F0B0AtAzytBtCtN0D0Tzu0StByDtAtN1L2XzutBtFtCtFtCtFtAtCtB&cr=593889077

SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDyDtDyEtC0F0B0AtAzytBtCtN0D0Tzu0StByDtAtN1L2XzutBtFtCtFtCtFtAtCtB&cr=593889077

SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchiseasy.info/?l=1&q={searchTerms}&pid=625&r=2013/09/01&hid=5734058029627842397&lg=EN&cc=BR&unqvl=33

SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=C2C600FFE8B8E3DA&affID=121565&tsp=5014

SearchScopes: HKCU - Backup.Old.DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=C2C600FFE8B8E3DA&affID=121565&tsp=5014

SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDyDtDyEtC0F0B0AtAzytBtCtN0D0Tzu0StByDtAtN1L2XzutBtFtCtFtCtFtAtCtB&cr=593889077

SearchScopes: HKCU - {59571355-E6BF-3756-86C8-1F912A7C5F43} URL = http://blekko.com/ws/?source=c3348dd4&tbp=rbox&toolbarid=blekkotb_031&u=082411CBF8E37197ED8884504810F025&q={searchTerms}

SearchScopes: HKCU - {B02EE1FB-1C87-49B4-B667-F420108A0448} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=ct3067892

SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://mp3tubetoolbarsearch.com/?tmp=nemo_results_removelink2&keywords={searchTerms}

SearchScopes: HKCU - {ED2F04DE-8D56-41BE-9DEB-CAE5A5D684B7} URL = http://mp3tubetoolbar.com/?tmp=toolbar_sb_results&prt=pinballtbfour01ie&Keywords={searchTerms}&clid=dd7d41b811fd4d8c9b6b3d3260537805

BHO: TrueSuite WebStore - {5cb2b77d-c8ca-44db-af20-a7a4df462a12} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)

BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\TrueSuite\TrueSuite.IEBHO.dll (AuthenTec Inc.)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO: No Name - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No File

BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)

BHO-x32: TrueSuite WebStore - {5cb2b77d-c8ca-44db-af20-a7a4df462a12} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\TrueSuite\x86\TrueSuite.IEBHO.dll (AuthenTec Inc.)

BHO-x32: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)

Toolbar: HKLM-x32 - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Winsock: Catalog5 11 C:\Windows\SysWOW64\PrxerNsp.dll [56424] ()

Winsock: Catalog9 01 C:\Windows\SysWOW64\PrxerDrv.dll [70248] (Initex)

Winsock: Catalog9 02 C:\Windows\SysWOW64\PrxerDrv.dll [70248] (Initex)

Winsock: Catalog9 03 C:\Windows\SysWOW64\PrxerDrv.dll [70248] (Initex)

Winsock: Catalog9 04 C:\Windows\SysWOW64\PrxerDrv.dll [70248] (Initex)

Winsock: Catalog9 16 C:\Windows\SysWOW64\PrxerDrv.dll [70248] (Initex)

Winsock: Catalog5-x64 11 %SystemRoot%\system32\PrxerNsp.dll [57448] ()

Winsock: Catalog9-x64 01 %SystemRoot%\system32\PrxerDrv.dll [76392] (Initex)

Winsock: Catalog9-x64 02 %SystemRoot%\system32\PrxerDrv.dll [76392] (Initex)

Winsock: Catalog9-x64 03 %SystemRoot%\system32\PrxerDrv.dll [76392] (Initex)

Winsock: Catalog9-x64 04 %SystemRoot%\system32\PrxerDrv.dll [76392] (Initex)

Winsock: Catalog9-x64 16 %SystemRoot%\system32\PrxerDrv.dll [76392] (Initex)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.2

Chrome:

=======

CHR Plugin: (Shockwave Flash) - C:\Users\W7\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll No File

CHR Plugin: (Shockwave Flash) - C:\Users\W7\AppData\Local\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll No File

CHR Plugin: (Remoting Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Users\W7\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Users\W7\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll ()

CHR Plugin: (Babylon ToolBar) - C:\Users\W7\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll No File

CHR Plugin: (Skype Click to Call) - C:\Users\W7\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\npSkypeChromePlugin.dll No File

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File

CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll No File

CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No File

CHR Plugin: (Java Platform SE 7 U5) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\SysWOW64\npDeployJava1.dll No File

CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Happy Cloud Plugin) - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll No File

CHR Plugin: (Google Update) - C:\Users\W7\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File

CHR Extension: (HP Product Detection Plugin) - C:\Users\W7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp\2.0.5.6_0

CHR Extension: (AdBlock) - C:\Users\W7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.11_0

CHR Extension: (IDM Integration Module) - C:\Users\W7\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.18.2_0

CHR Extension: (Google Wallet) - C:\Users\W7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0

CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\W7\AppData\Local\funmoods.crx

CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\W7\AppData\Local\funmoods-speeddial.crx

CHR HKLM-x32\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx

CHR HKLM-x32\...\Chrome\Extension: [gnlaniokgfckpjblpafbfchhghecmifi] - C:\Users\W7\AppData\Local\CRE\gnlaniokgfckpjblpafbfchhghecmifi.crx

CHR HKLM-x32\...\Chrome\Extension: [jbpkiefagocgkmemidfngdkamloieekf] - C:\Program Files (x86)\TornTV.com\torn11.crx

CHR StartMenuInternet: Google Chrome - C:\Users\W7\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

S4 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [246256 2010-07-06] (CyberLink)

R2 FPLService; C:\Program Files\TrueSuite\TrueSuite.Service.exe [288064 2010-07-21] (AuthenTec, Inc)

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-08-12] (Microsoft Corporation)

S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-08-12] (Microsoft Corporation)

S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4554640 2013-08-21] (INCA Internet Co., Ltd.)

S4 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [180224 2007-09-04] (NVIDIA)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-17] (NVIDIA Corporation)

S4 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [18360 2013-01-02] (Overwolf Ltd)

S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [746392 2013-03-20] (Tunngle.net GmbH)

==================== Drivers (Whitelisted) ====================

S3 1394hub; C:\Windows\System32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)

S3 1394hub; C:\Windows\SysWow64\svchost.exe [20992 2009-07-13] (Microsoft Corporation)

R1 CLBStor; C:\Windows\System32\DRIVERS\CLBStor.sys [24560 2009-10-07] (Cyberlink Co.,Ltd.)

R2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [376304 2009-10-07] (CyberLink Corporation.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-15] (DT Soft Ltd)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)

S3 NPPTNT2; C:\Windows\SysWow64\npptNT2.sys [4682 2005-01-04] (INCA Internet Co., Ltd.)

R3 nvoclk64; C:\Windows\System32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)

S3 NVR0Dev; C:\Windows\nvoclk64.sys [39968 2007-09-04] (NVidia Corp.)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-27] (NVIDIA Corporation)

R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)

S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-01-10] (Anchorfree Inc.)

S3 TrojanKillerDriver; C:\Windows\System32\DRIVERS\gtkdrv.sys [16640 2013-10-11] (Windows ® Win 7 DDK provider)

S3 ALSysIO; \??\C:\Users\W7\AppData\Local\Temp\ALSysIO64.sys [x]

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)

S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [x]

S3 catchme; \??\C:\ComboFix\catchme.sys [x]

S3 dk; \??\C:\AeriaGames\DKOnline\avital\dkol64.sys [x]

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]

S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\3.7.0.0\PCFApiUtil64.sys [x]

S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-11-04 23:17 - 2013-11-04 23:17 - 01957098 _____ (Farbar) C:\Users\W7\Downloads\FRST64 (1).exe

2013-11-04 23:05 - 2013-11-04 23:05 - 00004088 _____ C:\Users\W7\Desktop\RKreport[0]_S_11042013_230539.txt

2013-11-04 22:55 - 2013-11-04 22:55 - 00025191 _____ C:\Users\W7\Desktop\dds.txt

2013-11-04 22:55 - 2013-11-04 22:55 - 00012347 _____ C:\Users\W7\Desktop\attach.txt

2013-11-04 22:54 - 2013-11-04 22:54 - 04012032 _____ C:\Users\W7\Downloads\RogueKillerX64.exe

2013-11-04 22:52 - 2013-11-04 22:52 - 00688992 ____R (Swearware) C:\Users\W7\Downloads\dds.scr

2013-11-04 22:31 - 2013-11-04 22:54 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes' Anti-Malware (portable)

2013-11-04 22:31 - 2013-11-04 22:54 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2013-11-04 22:31 - 2013-11-04 22:31 - 00116440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2013-11-04 22:28 - 2013-11-04 22:28 - 00000204 _____ C:\Users\W7\Downloads\Search.txt

2013-11-04 22:27 - 2013-11-04 22:54 - 00000000 ____D C:\Users\W7\Desktop\mbar

2013-11-04 22:27 - 2013-11-04 22:27 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2013-11-04 22:27 - 2013-11-04 22:27 - 00000000 ____D C:\FRST

2013-11-04 22:26 - 2013-11-04 22:27 - 12576792 _____ (Malwarebytes Corp.) C:\Users\W7\Downloads\mbar-1.07.0.1007.exe

2013-11-04 22:24 - 2013-11-04 22:24 - 01957098 _____ (Farbar) C:\Users\W7\Downloads\FRST64.exe

2013-11-04 22:20 - 2013-11-04 22:20 - 00000000 ____D C:\Users\W7\AppData\Roaming\data

2013-11-04 22:16 - 2013-11-04 23:05 - 00000000 ____D C:\Users\W7\Desktop\RK_Quarantine

2013-11-04 22:16 - 2013-11-04 22:17 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\W7\Desktop\tdsskiller.exe

2013-11-04 22:15 - 2013-11-04 22:16 - 03538944 _____ C:\Users\W7\Downloads\RogueKiller.exe

2013-11-04 22:14 - 2013-11-04 22:14 - 00891184 _____ C:\Users\W7\Downloads\SecurityCheck.exe

2013-11-04 22:08 - 2013-11-04 22:08 - 00036348 _____ C:\ComboFix.txt

2013-11-04 20:19 - 2013-11-04 20:19 - 00013119 _____ C:\Users\W7\Downloads\hijackthis.log

2013-11-04 20:18 - 2013-11-04 20:18 - 00388608 _____ (Trend Micro Inc.) C:\Users\W7\Downloads\HijackThis.exe

2013-11-04 19:51 - 2013-11-04 19:51 - 00095248 _____ C:\Users\W7\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-04 16:14 - 2013-11-04 16:21 - 00010362 _____ C:\Windows\IE10_main.log

2013-11-04 16:06 - 2013-11-04 16:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2013-11-04 16:06 - 2013-11-04 16:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2013-11-04 15:47 - 2013-11-04 15:50 - 00000000 ____D C:\Windows\system32\MRT

2013-11-04 15:30 - 2011-06-26 04:45 - 00256000 _____ C:\Windows\PEV.exe

2013-11-04 15:30 - 2010-11-07 15:20 - 00208896 _____ C:\Windows\MBR.exe

2013-11-04 15:30 - 2009-04-20 02:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2013-11-04 15:30 - 2000-08-30 22:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2013-11-04 15:30 - 2000-08-30 22:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2013-11-04 15:30 - 2000-08-30 22:00 - 00098816 _____ C:\Windows\sed.exe

2013-11-04 15:30 - 2000-08-30 22:00 - 00080412 _____ C:\Windows\grep.exe

2013-11-04 15:30 - 2000-08-30 22:00 - 00068096 _____ C:\Windows\zip.exe

2013-11-04 15:29 - 2013-11-04 22:08 - 00000000 ____D C:\Qoobox

2013-11-04 15:29 - 2013-11-04 22:06 - 00000000 ____D C:\Windows\erdnt

2013-11-04 15:28 - 2013-11-04 21:51 - 05143677 ____R (Swearware) C:\Users\W7\Downloads\ComboFix.exe

2013-11-04 15:27 - 2013-11-04 15:27 - 00000000 ____D C:\Users\Todos os Usuários\Licenses

2013-11-04 15:27 - 2013-11-04 15:27 - 00000000 ____D C:\ProgramData\Licenses

2013-11-04 15:21 - 2013-11-04 15:21 - 00000000 ____D C:\Users\W7\Documents\Simply Super Software

2013-11-04 15:21 - 2013-11-04 15:21 - 00000000 ____D C:\Users\W7\AppData\Roaming\Simply Super Software

2013-11-04 15:20 - 2013-11-04 15:21 - 00000000 ____D C:\Program Files (x86)\Trojan Remover

2013-11-04 15:20 - 2013-11-04 15:20 - 00000000 ____D C:\Users\Todos os Usuários\Simply Super Software

2013-11-04 15:20 - 2013-11-04 15:20 - 00000000 ____D C:\ProgramData\Simply Super Software

2013-11-04 15:17 - 2013-11-04 15:20 - 27084152 _____ (Simply Super Software ) C:\Users\W7\Downloads\trjsetup688.exe

2013-11-04 14:58 - 2013-11-04 14:58 - 00000944 _____ C:\Users\Public\Desktop\Trojan Killer.lnk

2013-11-04 14:57 - 2013-11-04 15:12 - 00000000 ____D C:\Program Files\GridinSoft Trojan Killer

2013-11-04 14:40 - 2013-11-04 14:54 - 55954968 _____ (GridinSoft LLC) C:\Users\W7\Downloads\gtk-2.1.9.4-setup.exe

2013-11-04 14:06 - 2013-11-04 14:06 - 00078353 _____ C:\Users\W7\Downloads\[kickass.to]18onlygirls.erotic.splash.guerlain.1080p.wmv (2).torrent

2013-11-04 14:06 - 2013-11-04 14:06 - 00034127 _____ C:\Users\W7\Downloads\[kickass.to]18onlygirls.erotic.splash.guerlain.720p.mp4 (3).torrent

2013-11-04 13:30 - 2013-11-04 22:18 - 00025432 _____ C:\Windows\PFRO.log

2013-11-04 13:25 - 2013-04-09 21:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2013-11-04 13:25 - 2013-04-02 20:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2013-11-04 13:03 - 2013-11-04 13:03 - 00000000 ____D C:\Users\W7\AppData\Roaming\Malwarebytes

2013-11-04 13:02 - 2013-11-04 13:02 - 00001073 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-11-04 13:02 - 2013-11-04 13:02 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes

2013-11-04 13:02 - 2013-11-04 13:02 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-11-04 13:02 - 2013-11-04 13:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-11-04 13:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2013-11-04 13:01 - 2013-11-04 13:02 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\W7\Downloads\mbam-setup-1.75.0.1300.exe

2013-11-04 13:00 - 2013-08-27 23:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll

2013-11-04 12:47 - 2013-11-04 12:47 - 00095248 _____ C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT

2013-11-04 12:44 - 2013-11-04 22:19 - 00001400 _____ C:\Windows\setupact.log

2013-11-04 12:44 - 2013-11-04 12:44 - 00370544 _____ C:\Windows\system32\FNTCACHE.DAT

2013-11-04 12:44 - 2013-11-04 12:44 - 00000000 _____ C:\Windows\setuperr.log

2013-11-03 23:45 - 2013-11-03 23:45 - 00000000 ____D C:\AdwCleaner

2013-11-03 23:41 - 2013-11-03 23:41 - 01073258 _____ C:\Users\W7\Downloads\adwcleaner.exe

2013-11-03 23:34 - 2013-11-03 23:34 - 00000000 ____D C:\Program Files\Microsoft Security Client

2013-11-03 23:34 - 2013-11-03 23:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client

2013-11-03 23:33 - 2013-11-03 23:33 - 13833400 _____ (Microsoft Corporation) C:\Users\W7\Downloads\mseinstall (2).exe

2013-11-03 23:33 - 2013-11-03 23:33 - 11255120 _____ (Microsoft Corporation) C:\Users\W7\Downloads\mseinstall (1).exe

2013-11-03 23:31 - 2013-11-04 22:48 - 01385579 _____ C:\Windows\WindowsUpdate.log

2013-11-03 23:31 - 2013-11-03 23:31 - 00000000 ____D C:\Windows\TempEEF6705C-55FF-B850-1078-C5F9C07523FB-Signatures

2013-11-03 23:30 - 2013-11-03 23:30 - 13833400 _____ (Microsoft Corporation) C:\Users\W7\Downloads\mseinstall.exe

2013-11-03 23:16 - 2013-11-03 23:16 - 04379048 _____ (Piriform Ltd) C:\Users\W7\Downloads\ccsetup407.exe

2013-11-03 19:41 - 2013-11-03 19:41 - 00645729 _____ (WDS Team) C:\Users\W7\Downloads\windirstat1_1_2_setup (1).exe

2013-11-03 19:34 - 2013-11-03 19:42 - 00000000 ____D C:\Program Files (x86)\WinDirStat

2013-11-03 19:34 - 2013-11-03 19:34 - 00000995 _____ C:\Users\W7\Desktop\WinDirStat.lnk

2013-11-03 19:34 - 2013-11-03 19:34 - 00000995 _____ C:\Users\UpdatusUser\Desktop\WinDirStat.lnk

2013-11-03 19:34 - 2013-11-03 19:34 - 00000995 _____ C:\Users\Marcelo P\Desktop\WinDirStat.lnk

2013-11-03 19:34 - 2013-11-03 19:34 - 00000995 _____ C:\Users\Administrador\Desktop\WinDirStat.lnk

2013-11-03 19:34 - 2013-11-03 19:34 - 00000995 _____ C:\Users\admin\Desktop\WinDirStat.lnk

2013-11-03 19:34 - 2013-11-03 19:34 - 00000000 ____D C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat

2013-11-03 19:33 - 2013-11-03 19:33 - 00645729 _____ (WDS Team) C:\Users\W7\Downloads\windirstat1_1_2_setup.exe

2013-11-03 13:01 - 2013-11-03 13:01 - 00000000 ____D C:\Program Files (x86)\NCWest

2013-11-03 12:48 - 2013-11-03 13:02 - 00002180 _____ C:\Users\Public\Desktop\Aion.lnk

2013-11-03 12:48 - 2013-11-03 12:48 - 00000000 ____D C:\Program Files (x86)\NCSOFT

2013-11-03 12:47 - 2013-11-03 12:47 - 05003264 _____ (NC Interactive, LLC) C:\Users\W7\Downloads\AionInstaller.exe

2013-11-03 11:22 - 2013-11-03 11:22 - 00000000 ____D C:\Program Files (x86)\Blade and Soul

2013-11-03 05:35 - 2013-11-03 05:35 - 00013825 _____ C:\Users\W7\Downloads\Blade__amp__Soul_(Atomix)_[Dec-4_Update].6920870.TPB (1).torrent

2013-11-03 04:56 - 2013-11-03 11:09 - 00000000 ____D C:\Users\W7\Downloads\Blade & Soul (Atomix) [Dec-4 Update]

2013-11-03 04:56 - 2013-11-03 04:56 - 02191154 _____ C:\Users\W7\Downloads\Atomix_Blade_and_Soul_Launcher.rar

2013-11-03 04:55 - 2013-11-03 04:55 - 00013825 _____ C:\Users\W7\Downloads\Blade__amp__Soul_(Atomix)_[Dec-4_Update].6920870.TPB.torrent

2013-11-03 03:52 - 2013-11-03 03:52 - 00000994 _____ C:\Users\Public\Desktop\Age of Wushu.lnk

2013-11-03 03:52 - 2013-11-03 03:52 - 00000000 ____D C:\Program Files (x86)\Snail Games USA

2013-11-02 19:35 - 2013-11-02 19:35 - 00001301 _____ C:\Users\W7\Desktop\AgeofWushu_downloader.lnk

2013-11-02 18:55 - 2013-11-02 19:00 - 91662048 _____ C:\Users\W7\Downloads\sexx..rar

2013-11-01 21:33 - 2013-11-01 21:33 - 00002571 _____ C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online.lnk

2013-11-01 21:33 - 2013-11-01 21:33 - 00002541 _____ C:\Users\W7\Desktop\DC Universe Online.lnk

2013-11-01 15:38 - 2013-11-01 15:38 - 00000000 ____D C:\Program Files (x86)\Grinding Gear Games

2013-10-31 17:08 - 2013-10-31 17:08 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk

2013-10-31 17:08 - 2013-10-31 17:08 - 00000000 ____D C:\Program Files (x86)\QuickTime

2013-10-31 17:06 - 2013-10-31 17:06 - 00000000 ____D C:\Program Files (x86)\WinRAR

2013-10-30 00:19 - 2013-10-30 00:19 - 00002152 _____ C:\Users\W7\Downloads\[kickass.to]the.red.hot.chilli.peppers.snow.hey.oh.torrent

2013-10-30 00:13 - 2013-10-30 00:13 - 00016462 _____ C:\Users\W7\Downloads\[kickass.to]red.hot.chili.peppers.greatest.hits (3).torrent

2013-10-30 00:13 - 2013-10-30 00:13 - 00016462 _____ C:\Users\W7\Downloads\[kickass.to]red.hot.chili.peppers.greatest.hits (2).torrent

2013-10-29 17:51 - 2013-10-29 17:51 - 00000398 _____ C:\fraglist.luar

2013-10-29 17:50 - 2013-10-29 17:52 - 00000000 ____D C:\Program Files (x86)\baidu

2013-10-29 17:50 - 2013-10-29 17:51 - 00000047 _____ C:\Archive.ini

2013-10-28 14:53 - 2013-10-28 14:53 - 00060371 _____ C:\Users\W7\Downloads\pink-floyd-comfortably_numb_ver2.gp3

2013-10-28 14:52 - 2013-10-28 14:52 - 00047034 _____ C:\Users\W7\Downloads\pink-floyd-comfortably-numb (2).gp3

2013-10-28 14:51 - 2013-10-28 14:51 - 00047034 _____ C:\Users\W7\Downloads\pink-floyd-comfortably-numb (1).gp3

2013-10-28 14:48 - 2013-10-30 00:21 - 00000000 ____D C:\Users\W7\AppData\Roaming\Guitar Pro 6

2013-10-28 14:48 - 2013-10-28 14:48 - 00000000 ____D C:\Users\Todos os Usuários\Guitar Pro 6

2013-10-28 14:48 - 2013-10-28 14:48 - 00000000 ____D C:\ProgramData\Guitar Pro 6

2013-10-28 14:41 - 2013-10-28 14:41 - 00001351 _____ C:\Users\Public\Desktop\GeForce Experience.lnk

2013-10-28 14:41 - 2013-10-17 23:36 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll

2013-10-28 14:41 - 2013-10-17 23:36 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll

2013-10-28 14:40 - 2013-10-28 14:40 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini

2013-10-28 14:40 - 2013-10-28 14:40 - 00000000 _SHDL C:\Users\UpdatusUser\Modelos

2013-10-28 14:40 - 2013-10-28 14:40 - 00000000 _SHDL C:\Users\UpdatusUser\Meus documentos

2013-10-28 14:40 - 2013-10-28 14:40 - 00000000 _SHDL C:\Users\UpdatusUser\Menu Iniciar

2013-10-28 14:40 - 2013-10-28 14:40 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Minhas músicas

2013-10-28 14:40 - 2013-10-28 14:40 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Minhas imagens

2013-10-28 14:40 - 2013-10-28 14:40 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Meus vídeos

2013-10-28 14:40 - 2013-10-28 14:40 - 00000000 _SHDL C:\Users\UpdatusUser\Dados de aplicativos

2013-10-28 14:40 - 2013-10-28 14:40 - 00000000 _SHDL C:\Users\UpdatusUser\Configurações locais

2013-10-28 14:40 - 2013-10-28 14:40 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programas

2013-10-28 14:40 - 2013-10-28 14:40 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Histórico

2013-10-28 14:40 - 2013-10-28 14:40 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Dados de aplicativos

2013-10-28 14:40 - 2013-10-28 14:40 - 00000000 _SHDL C:\Users\UpdatusUser\Ambiente de rede

2013-10-28 14:40 - 2013-10-28 14:40 - 00000000 _SHDL C:\Users\UpdatusUser\Ambiente de impressão

2013-10-28 14:40 - 2013-03-04 14:49 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Smart Recovery

2013-10-28 14:40 - 2013-03-04 14:49 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite

2013-10-28 14:40 - 2012-04-22 04:11 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Microsoft Help

2013-10-28 14:40 - 2009-07-14 02:54 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-10-28 14:40 - 2009-07-14 02:49 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-10-28 14:36 - 2013-10-28 14:36 - 00047034 _____ C:\Users\W7\Downloads\pink-floyd-comfortably-numb.gp3

2013-10-28 14:36 - 2013-10-23 08:30 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2013-10-28 14:36 - 2013-10-23 08:30 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2013-10-28 14:36 - 2013-10-23 08:30 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2013-10-28 14:36 - 2013-10-23 08:30 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll

2013-10-28 14:36 - 2013-10-23 08:30 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll

2013-10-28 14:36 - 2013-10-23 08:30 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2013-10-28 14:36 - 2013-10-23 08:30 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2013-10-28 14:36 - 2013-10-23 08:30 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2013-10-28 14:36 - 2013-10-23 08:30 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2013-10-28 14:36 - 2013-10-23 08:30 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2013-10-28 14:36 - 2013-10-23 08:30 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2013-10-28 14:36 - 2013-10-23 08:30 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2013-10-28 14:36 - 2013-10-23 08:30 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll

2013-10-28 14:36 - 2013-10-23 08:30 - 03067560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll

2013-10-28 14:36 - 2013-10-23 08:30 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2013-10-28 14:36 - 2013-10-23 08:30 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll

2013-10-28 14:36 - 2013-10-23 08:30 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll

2013-10-28 14:36 - 2013-10-23 08:30 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll

2013-10-28 14:36 - 2013-10-23 08:30 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2013-10-28 14:36 - 2013-10-23 08:30 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2013-10-28 14:36 - 2013-10-23 08:30 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2013-10-28 14:36 - 2013-10-23 08:30 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2013-10-28 14:36 - 2013-09-27 21:01 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys

2013-10-28 14:36 - 2013-09-27 21:01 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll

2013-10-28 14:36 - 2013-09-27 21:01 - 00028960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll

2013-10-28 14:36 - 2013-01-29 06:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll

2013-10-28 14:23 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-10-28 14:23 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2013-10-28 14:23 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2013-10-28 14:23 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2013-10-28 14:22 - 2013-10-28 14:23 - 00004269 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log

2013-10-26 03:10 - 2013-10-26 03:10 - 00028255 _____ C:\Users\W7\Downloads\[kickass.to]bang.bus.43.xxx.dvdrip.x264.pr0nstars.torrent

2013-10-25 13:19 - 2013-10-25 13:19 - 00001533 _____ C:\Users\W7\Desktop\Batman Arkham Origins.lnk

2013-10-25 12:52 - 2013-10-25 13:19 - 00000000 ____D C:\Program Files (x86)\Batman Arkham Origins

2013-10-25 01:07 - 2013-10-25 01:07 - 00044966 _____ C:\Users\W7\Downloads\[kickass.to]batman.arkham.origins.2013.pc.rip.от.xatab (1).torrent

2013-10-25 00:49 - 2013-10-25 00:50 - 00078353 _____ C:\Users\W7\Downloads\[kickass.to]18onlygirls.erotic.splash.guerlain.1080p.wmv (1).torrent

2013-10-25 00:48 - 2013-10-25 00:48 - 00000846 _____ C:\Users\W7\Desktop\µTorrent.lnk

2013-10-25 00:48 - 2013-10-25 00:48 - 00000826 _____ C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk

2013-10-25 00:19 - 2013-10-25 00:20 - 00095157 _____ C:\Users\W7\Downloads\[kickass.to]batman.arkham.origins.reloaded.torrent

2013-10-25 00:19 - 2013-10-25 00:19 - 00044966 _____ C:\Users\W7\Downloads\[kickass.to]batman.arkham.origins.2013.pc.rip.от.xatab.torrent

2013-10-25 00:19 - 2013-10-25 00:19 - 00034127 _____ C:\Users\W7\Downloads\[kickass.to]18onlygirls.erotic.splash.guerlain.720p.mp4 (2).torrent

2013-10-25 00:19 - 2013-10-25 00:19 - 00017629 _____ C:\Users\W7\Downloads\[kickass.to]wowgirls.guerlain.erotic.splash (1).torrent

2013-10-25 00:16 - 2013-10-25 00:16 - 00078353 _____ C:\Users\W7\Downloads\[kickass.to]18onlygirls.erotic.splash.guerlain.1080p.wmv.torrent

2013-10-25 00:14 - 2013-10-25 00:14 - 00034127 _____ C:\Users\W7\Downloads\[kickass.to]18onlygirls.erotic.splash.guerlain.720p.mp4 (1).torrent

2013-10-24 18:38 - 2013-10-24 18:38 - 00034127 _____ C:\Users\W7\Downloads\[kickass.to]18onlygirls.erotic.splash.guerlain.720p.mp4.torrent

2013-10-24 18:33 - 2013-10-24 18:33 - 00017629 _____ C:\Users\W7\Downloads\[kickass.to]wowgirls.guerlain.erotic.splash.torrent

2013-10-24 13:03 - 2013-10-24 13:03 - 00018522 _____ C:\Users\W7\Downloads\[kickass.to]megadeth.rust.in.peace.remastered.mp3.256.torrent

2013-10-24 12:55 - 2013-10-24 12:55 - 00016462 _____ C:\Users\W7\Downloads\[kickass.to]red.hot.chili.peppers.greatest.hits (1).torrent

2013-10-24 12:46 - 2013-10-24 12:46 - 00019623 _____ C:\Users\W7\Downloads\[kickass.to]nirvana.greatest.hits.2002.320.vtwin88cube.torrent

2013-10-24 12:45 - 2013-10-24 12:45 - 00016462 _____ C:\Users\W7\Downloads\[kickass.to]red.hot.chili.peppers.greatest.hits.torrent

2013-10-18 20:32 - 2013-10-18 20:32 - 00000000 ____D C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AP Tuner 3.08

2013-10-18 20:32 - 2013-10-18 20:32 - 00000000 ____D C:\Program Files (x86)\AP Tuner

2013-10-18 00:17 - 2013-10-18 00:17 - 00034150 _____ C:\Users\W7\Downloads\[kickass.to]anthrax.discography.torrent

2013-10-18 00:16 - 2013-10-18 00:16 - 00044029 _____ C:\Users\W7\Downloads\[kickass.to]slayer.discography.torrent

2013-10-17 20:17 - 2013-10-17 20:17 - 00015353 _____ C:\Users\W7\Downloads\[kickass.to]motorhead.the.best.of.2000.2.discs.torrent

2013-10-17 20:17 - 2013-10-17 20:17 - 00013546 _____ C:\Users\W7\Downloads\[kickass.to]deep.purple.greatest.hits.1990.torrent

2013-10-17 19:04 - 2013-10-17 19:04 - 00010499 _____ C:\Users\W7\Downloads\[kickass.to]lexi.belle.mia.malkova.pretty.babies.x.art.2013.hd.torrent

2013-10-17 18:58 - 2013-10-17 18:58 - 00013068 _____ C:\Users\W7\Downloads\[kickass.to]2chickssametime.lexi.belle.mia.malkova.15905.03.22.2013.torrent

2013-10-17 18:53 - 2013-10-17 18:53 - 00015206 _____ C:\Users\W7\Downloads\[kickass.to]pawg.mia.malkova.torrent

2013-10-17 18:52 - 2013-10-17 18:52 - 00023146 _____ C:\Users\W7\Downloads\[kickass.to]miamalkovapornstar.mia.malkova.get.wet.poolside.with.mia.and.torrent

2013-10-17 18:51 - 2013-10-17 18:51 - 00021219 _____ C:\Users\W7\Downloads\[kickass.to]hollyrandall.mia.malkova.nighttime.desires.10.11.2013.torrent

2013-10-17 18:50 - 2013-10-17 18:50 - 00053996 _____ C:\Users\W7\Downloads\[kickass.to]pornstarspa.mia.malkova.massaging.a.goddess.10.03.2013.torrent

2013-10-17 18:18 - 2013-10-17 18:18 - 00025529 _____ C:\Users\W7\Downloads\[kickass.to]dont.you.wish.your.girlfriend.was.hot.like.me.abella.anderson.wmv.torrent

2013-10-17 18:16 - 2013-10-17 18:16 - 00086794 _____ C:\Users\W7\Downloads\[kickass.to]bangbus.ashton.pierce.shy.amateur.brunette.gets.censoreded.on.the.new.september.18.2013.torrent

2013-10-17 18:11 - 2013-10-17 18:11 - 00044655 _____ C:\Users\W7\Downloads\[kickass.to]assparade.abella.anderson.bella.reese.ridin.dirty.torrent

2013-10-17 15:52 - 2013-10-17 15:52 - 00018427 _____ C:\Users\W7\Downloads\[kickass.to]mother.daughter.lesbian.lessions.xxx.dvdrip.x264.swe6rus.torrent

2013-10-17 15:52 - 2013-10-17 15:52 - 00014701 _____ C:\Users\W7\Downloads\[kickass.to]real.wife.stories.christy.mack.one.night.stand.october.14.2013.sd.torrent

2013-10-17 15:51 - 2013-10-17 15:51 - 00014358 _____ C:\Users\W7\Downloads\[kickass.to]i.kiss.girls.3.lesbian.confidential.new.2013.girlfriends.films.torrent

2013-10-17 15:50 - 2013-10-17 15:50 - 00125163 _____ C:\Users\W7\Downloads\[kickass.to]hot.lesbian.love.xxx.new.2013.split.scenes.torrent

2013-10-17 15:48 - 2013-10-17 15:48 - 00042806 _____ C:\Users\W7\Downloads\[kickass.to]bangbus.daisy.summers.brick.falls.in.love.with.daisy.summers.new.october.16.2013.torrent

2013-10-17 15:25 - 2013-10-17 15:25 - 00107444 _____ C:\Users\W7\Downloads\[kickass.to]mother.daughter.lesbian.lessons.forbidden.fruits.films.web.dl.2013.torrent

2013-10-17 15:03 - 2013-10-17 15:03 - 00013983 _____ C:\Users\W7\Downloads\[kickass.to]sexoenpublico.naomi.torrent

2013-10-16 21:41 - 2013-10-16 21:41 - 00003150 _____ C:\Windows\System32\Tasks\{3AEEA17C-DCD2-459A-8D68-24E8E2816083}

2013-10-14 16:26 - 2013-10-14 16:26 - 00019883 _____ C:\Users\W7\Downloads\[kickass.to]anthrax.madhouse.greatest.hits.bubanee.torrent

2013-10-14 16:24 - 2013-10-14 16:24 - 00029631 _____ C:\Users\W7\Downloads\[kickass.to]metallica.discography.1983.2011.itunes.rip.theleak.torrent

2013-10-14 16:24 - 2013-10-14 16:24 - 00020516 _____ C:\Users\W7\Downloads\[kickass.to]metallica.through.the.never.2013.2cd.metal.320kbps.cbr.mp3.vx.p2pdl.torrent

2013-10-13 23:05 - 2013-10-13 23:05 - 00000000 _____ C:\Windows\system32\RAIHVDump.dmp

2013-10-13 22:33 - 2013-11-02 19:58 - 00000022 _____ C:\Windows\SysWOW64\.zip

2013-10-11 09:06 - 2013-10-11 09:06 - 00016640 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\gtkdrv.sys

2013-10-09 01:20 - 2013-03-03 02:20 - 00002053 _____ C:\Users\Public\Desktop\Darksiders II.lnk

2013-10-09 01:20 - 2013-02-27 19:31 - 00001675 _____ C:\Users\Public\Desktop\skse_loader - Atalho.lnk

2013-10-09 00:38 - 2013-10-09 00:38 - 00000000 ____D C:\Users\Todos os Usuários\Baidu

2013-10-09 00:38 - 2013-10-09 00:38 - 00000000 ____D C:\ProgramData\Baidu

2013-10-08 18:16 - 2013-10-08 18:16 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk

2013-10-08 18:15 - 2013-10-08 18:16 - 00000000 ____D C:\Program Files\iTunes

2013-10-08 18:15 - 2013-10-08 18:16 - 00000000 ____D C:\Program Files (x86)\iTunes

2013-10-08 18:15 - 2013-10-08 18:15 - 00000000 ____D C:\Program Files\iPod

==================== One Month Modified Files and Folders =======

2013-11-04 23:17 - 2013-11-04 23:17 - 01957098 _____ (Farbar) C:\Users\W7\Downloads\FRST64 (1).exe

2013-11-04 23:17 - 2012-04-21 15:20 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1169240536-2603080374-1045579868-1004UA.job

2013-11-04 23:05 - 2013-11-04 23:05 - 00004088 _____ C:\Users\W7\Desktop\RKreport[0]_S_11042013_230539.txt

2013-11-04 23:05 - 2013-11-04 22:16 - 00000000 ____D C:\Users\W7\Desktop\RK_Quarantine

2013-11-04 23:04 - 2012-04-21 16:01 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-11-04 23:00 - 2009-07-14 02:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-11-04 23:00 - 2009-07-14 02:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-11-04 22:55 - 2013-11-04 22:55 - 00025191 _____ C:\Users\W7\Desktop\dds.txt

2013-11-04 22:55 - 2013-11-04 22:55 - 00012347 _____ C:\Users\W7\Desktop\attach.txt

2013-11-04 22:54 - 2013-11-04 22:54 - 04012032 _____ C:\Users\W7\Downloads\RogueKillerX64.exe

2013-11-04 22:54 - 2013-11-04 22:31 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes' Anti-Malware (portable)

2013-11-04 22:54 - 2013-11-04 22:31 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2013-11-04 22:54 - 2013-11-04 22:27 - 00000000 ____D C:\Users\W7\Desktop\mbar

2013-11-04 22:52 - 2013-11-04 22:52 - 00688992 ____R (Swearware) C:\Users\W7\Downloads\dds.scr

2013-11-04 22:48 - 2013-11-03 23:31 - 01385579 _____ C:\Windows\WindowsUpdate.log

2013-11-04 22:31 - 2013-11-04 22:31 - 00116440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2013-11-04 22:28 - 2013-11-04 22:28 - 00000204 _____ C:\Users\W7\Downloads\Search.txt

2013-11-04 22:27 - 2013-11-04 22:27 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2013-11-04 22:27 - 2013-11-04 22:27 - 00000000 ____D C:\FRST

2013-11-04 22:27 - 2013-11-04 22:26 - 12576792 _____ (Malwarebytes Corp.) C:\Users\W7\Downloads\mbar-1.07.0.1007.exe

2013-11-04 22:24 - 2013-11-04 22:24 - 01957098 _____ (Farbar) C:\Users\W7\Downloads\FRST64.exe

2013-11-04 22:20 - 2013-11-04 22:20 - 00000000 ____D C:\Users\W7\AppData\Roaming\data

2013-11-04 22:20 - 2012-04-14 22:17 - 00000000 ___RD C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-11-04 22:19 - 2013-11-04 12:44 - 00001400 _____ C:\Windows\setupact.log

2013-11-04 22:19 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-11-04 22:18 - 2013-11-04 13:30 - 00025432 _____ C:\Windows\PFRO.log

2013-11-04 22:17 - 2013-11-04 22:16 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\W7\Desktop\tdsskiller.exe

2013-11-04 22:16 - 2013-11-04 22:15 - 03538944 _____ C:\Users\W7\Downloads\RogueKiller.exe

2013-11-04 22:14 - 2013-11-04 22:14 - 00891184 _____ C:\Users\W7\Downloads\SecurityCheck.exe

2013-11-04 22:08 - 2013-11-04 22:08 - 00036348 _____ C:\ComboFix.txt

2013-11-04 22:08 - 2013-11-04 15:29 - 00000000 ____D C:\Qoobox

2013-11-04 22:08 - 2009-07-14 01:20 - 00000000 __RHD C:\Users\Default

2013-11-04 22:06 - 2013-11-04 15:29 - 00000000 ____D C:\Windows\erdnt

2013-11-04 22:05 - 2009-07-14 00:34 - 00000215 _____ C:\Windows\system.ini

2013-11-04 21:51 - 2013-11-04 15:28 - 05143677 ____R (Swearware) C:\Users\W7\Downloads\ComboFix.exe

2013-11-04 20:19 - 2013-11-04 20:19 - 00013119 _____ C:\Users\W7\Downloads\hijackthis.log

2013-11-04 20:18 - 2013-11-04 20:18 - 00388608 _____ (Trend Micro Inc.) C:\Users\W7\Downloads\HijackThis.exe

2013-11-04 19:53 - 2012-04-21 16:13 - 00000000 ____D C:\Users\W7\AppData\Local\PMB Files

2013-11-04 19:51 - 2013-11-04 19:51 - 00095248 _____ C:\Users\W7\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-04 16:46 - 2012-02-10 11:49 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help

2013-11-04 16:46 - 2012-02-10 11:49 - 00000000 ____D C:\ProgramData\Microsoft Help

2013-11-04 16:45 - 2012-04-21 15:20 - 01626494 _____ C:\Windows\SysWOW64\PerfStringBackup.INI

2013-11-04 16:45 - 2009-07-14 15:55 - 00713448 _____ C:\Windows\system32\prfh0416.dat

2013-11-04 16:45 - 2009-07-14 15:55 - 00151780 _____ C:\Windows\system32\prfc0416.dat

2013-11-04 16:44 - 2009-07-14 03:13 - 01626494 _____ C:\Windows\system32\PerfStringBackup.INI

2013-11-04 16:21 - 2013-11-04 16:14 - 00010362 _____ C:\Windows\IE10_main.log

2013-11-04 16:06 - 2013-11-04 16:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2013-11-04 16:06 - 2013-11-04 16:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2013-11-04 15:50 - 2013-11-04 15:47 - 00000000 ____D C:\Windows\system32\MRT

2013-11-04 15:27 - 2013-11-04 15:27 - 00000000 ____D C:\Users\Todos os Usuários\Licenses

2013-11-04 15:27 - 2013-11-04 15:27 - 00000000 ____D C:\ProgramData\Licenses

2013-11-04 15:21 - 2013-11-04 15:21 - 00000000 ____D C:\Users\W7\Documents\Simply Super Software

2013-11-04 15:21 - 2013-11-04 15:21 - 00000000 ____D C:\Users\W7\AppData\Roaming\Simply Super Software

2013-11-04 15:21 - 2013-11-04 15:20 - 00000000 ____D C:\Program Files (x86)\Trojan Remover

2013-11-04 15:20 - 2013-11-04 15:20 - 00000000 ____D C:\Users\Todos os Usuários\Simply Super Software

2013-11-04 15:20 - 2013-11-04 15:20 - 00000000 ____D C:\ProgramData\Simply Super Software

2013-11-04 15:20 - 2013-11-04 15:17 - 27084152 _____ (Simply Super Software ) C:\Users\W7\Downloads\trjsetup688.exe

2013-11-04 15:12 - 2013-11-04 14:57 - 00000000 ____D C:\Program Files\GridinSoft Trojan Killer

2013-11-04 14:58 - 2013-11-04 14:58 - 00000944 _____ C:\Users\Public\Desktop\Trojan Killer.lnk

2013-11-04 14:54 - 2013-11-04 14:40 - 55954968 _____ (GridinSoft LLC) C:\Users\W7\Downloads\gtk-2.1.9.4-setup.exe

2013-11-04 14:29 - 2009-07-14 03:08 - 00032602 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2013-11-04 14:06 - 2013-11-04 14:06 - 00078353 _____ C:\Users\W7\Downloads\[kickass.to]18onlygirls.erotic.splash.guerlain.1080p.wmv (2).torrent

2013-11-04 14:06 - 2013-11-04 14:06 - 00034127 _____ C:\Users\W7\Downloads\[kickass.to]18onlygirls.erotic.splash.guerlain.720p.mp4 (3).torrent

2013-11-04 13:29 - 2012-08-17 23:37 - 00000000 ____D C:\Users\W7\AppData\Roaming\Skype

2013-11-04 13:03 - 2013-11-04 13:03 - 00000000 ____D C:\Users\W7\AppData\Roaming\Malwarebytes

2013-11-04 13:02 - 2013-11-04 13:02 - 00001073 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-11-04 13:02 - 2013-11-04 13:02 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes

2013-11-04 13:02 - 2013-11-04 13:02 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-11-04 13:02 - 2013-11-04 13:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-11-04 13:02 - 2013-11-04 13:01 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\W7\Downloads\mbam-setup-1.75.0.1300.exe

2013-11-04 12:47 - 2013-11-04 12:47 - 00095248 _____ C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT

2013-11-04 12:44 - 2013-11-04 12:44 - 00370544 _____ C:\Windows\system32\FNTCACHE.DAT

2013-11-04 12:44 - 2013-11-04 12:44 - 00000000 _____ C:\Windows\setuperr.log

2013-11-03 23:45 - 2013-11-03 23:45 - 00000000 ____D C:\AdwCleaner

2013-11-03 23:41 - 2013-11-03 23:41 - 01073258 _____ C:\Users\W7\Downloads\adwcleaner.exe

2013-11-03 23:34 - 2013-11-03 23:34 - 00000000 ____D C:\Program Files\Microsoft Security Client

2013-11-03 23:34 - 2013-11-03 23:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client

2013-11-03 23:34 - 2012-04-21 15:23 - 00001912 _____ C:\Windows\epplauncher.mif

2013-11-03 23:33 - 2013-11-03 23:33 - 13833400 _____ (Microsoft Corporation) C:\Users\W7\Downloads\mseinstall (2).exe

2013-11-03 23:33 - 2013-11-03 23:33 - 11255120 _____ (Microsoft Corporation) C:\Users\W7\Downloads\mseinstall (1).exe

2013-11-03 23:31 - 2013-11-03 23:31 - 00000000 ____D C:\Windows\TempEEF6705C-55FF-B850-1078-C5F9C07523FB-Signatures

2013-11-03 23:30 - 2013-11-03 23:30 - 13833400 _____ (Microsoft Corporation) C:\Users\W7\Downloads\mseinstall.exe

2013-11-03 23:29 - 2012-09-26 19:28 - 00095248 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT

2013-11-03 23:26 - 2013-03-29 20:05 - 00000000 ____D C:\Users\W7\AppData\Roaming\BitTorrent

2013-11-03 23:26 - 2013-03-07 15:23 - 00000000 ____D C:\Users\Todos os Usuários\Electronic Arts

2013-11-03 23:26 - 2013-03-07 15:23 - 00000000 ____D C:\ProgramData\Electronic Arts

2013-11-03 23:25 - 2013-09-21 19:25 - 00000000 ____D C:\Program Files (x86)\dont_starve

2013-11-03 23:25 - 2013-01-15 00:56 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin

2013-11-03 23:20 - 2013-02-22 14:16 - 00000000 ____D C:\Program Files (x86)\Steam

2013-11-03 23:18 - 2012-09-05 01:25 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk

2013-11-03 23:18 - 2012-09-05 01:25 - 00000000 ____D C:\Program Files\CCleaner

2013-11-03 23:16 - 2013-11-03 23:16 - 04379048 _____ (Piriform Ltd) C:\Users\W7\Downloads\ccsetup407.exe

2013-11-03 23:10 - 2013-01-19 05:08 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab

2013-11-03 22:56 - 2012-06-03 09:17 - 00000123 _____ C:\Users\W7\Documents\aionmemo_c452b1f6.dat

2013-11-03 21:09 - 2012-04-21 15:33 - 00000000 ____D C:\Users\W7\Desktop\XXX

2013-11-03 19:47 - 2013-01-09 23:44 - 00000000 ____D C:\Games

2013-11-03 19:47 - 2012-04-21 21:17 - 00000000 ____D C:\Level Up! Games

2013-11-03 19:45 - 2013-02-26 18:33 - 00000000 ____D C:\Program Files (x86)\Bethesda Softworks

2013-11-03 19:42 - 2013-11-03 19:34 - 00000000 ____D C:\Program Files (x86)\WinDirStat

2013-11-03 19:41 - 2013-11-03 19:41 - 00645729 _____ (WDS Team) C:\Users\W7\Downloads\windirstat1_1_2_setup (1).exe

2013-11-03 19:36 - 2012-04-23 22:20 - 00000000 ____D C:\Users\W7\Documents\My Games

2013-11-03 19:34 - 2013-11-03 19:34 - 00000995 _____ C:\Users\W7\Desktop\WinDirStat.lnk

2013-11-03 19:34 - 2013-11-03 19:34 - 00000995 _____ C:\Users\UpdatusUser\Desktop\WinDirStat.lnk

2013-11-03 19:34 - 2013-11-03 19:34 - 00000995 _____ C:\Users\Marcelo P\Desktop\WinDirStat.lnk

2013-11-03 19:34 - 2013-11-03 19:34 - 00000995 _____ C:\Users\Administrador\Desktop\WinDirStat.lnk

2013-11-03 19:34 - 2013-11-03 19:34 - 00000995 _____ C:\Users\admin\Desktop\WinDirStat.lnk

2013-11-03 19:34 - 2013-11-03 19:34 - 00000000 ____D C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat

2013-11-03 19:33 - 2013-11-03 19:33 - 00645729 _____ (WDS Team) C:\Users\W7\Downloads\windirstat1_1_2_setup.exe

2013-11-03 19:33 - 2011-08-17 11:24 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2013-11-03 18:17 - 2012-04-21 15:20 - 00001014 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1169240536-2603080374-1045579868-1004Core.job

2013-11-03 13:02 - 2013-11-03 12:48 - 00002180 _____ C:\Users\Public\Desktop\Aion.lnk

2013-11-03 13:01 - 2013-11-03 13:01 - 00000000 ____D C:\Program Files (x86)\NCWest

2013-11-03 12:59 - 2013-05-05 01:34 - 00000000 ____D C:\Users\W7\Desktop\Games

2013-11-03 12:48 - 2013-11-03 12:48 - 00000000 ____D C:\Program Files (x86)\NCSOFT

2013-11-03 12:47 - 2013-11-03 12:47 - 05003264 _____ (NC Interactive, LLC) C:\Users\W7\Downloads\AionInstaller.exe

2013-11-03 11:22 - 2013-11-03 11:22 - 00000000 ____D C:\Program Files (x86)\Blade and Soul

2013-11-03 11:09 - 2013-11-03 04:56 - 00000000 ____D C:\Users\W7\Downloads\Blade & Soul (Atomix) [Dec-4 Update]

2013-11-03 05:35 - 2013-11-03 05:35 - 00013825 _____ C:\Users\W7\Downloads\Blade__amp__Soul_(Atomix)_[Dec-4_Update].6920870.TPB (1).torrent

2013-11-03 05:21 - 2013-02-22 14:25 - 00000000 ____D C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2013-11-03 04:56 - 2013-11-03 04:56 - 02191154 _____ C:\Users\W7\Downloads\Atomix_Blade_and_Soul_Launcher.rar

2013-11-03 04:55 - 2013-11-03 04:55 - 00013825 _____ C:\Users\W7\Downloads\Blade__amp__Soul_(Atomix)_[Dec-4_Update].6920870.TPB.torrent

2013-11-03 03:52 - 2013-11-03 03:52 - 00000994 _____ C:\Users\Public\Desktop\Age of Wushu.lnk

2013-11-03 03:52 - 2013-11-03 03:52 - 00000000 ____D C:\Program Files (x86)\Snail Games USA

2013-11-03 01:30 - 2012-04-21 16:13 - 00000000 ____D C:\Users\Todos os Usuários\PMB Files

2013-11-03 01:30 - 2012-04-21 16:13 - 00000000 ____D C:\ProgramData\PMB Files

2013-11-02 19:58 - 2013-10-13 22:33 - 00000022 _____ C:\Windows\SysWOW64\.zip

2013-11-02 19:47 - 2013-01-29 06:08 - 00000000 ____D C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2013-11-02 19:35 - 2013-11-02 19:35 - 00001301 _____ C:\Users\W7\Desktop\AgeofWushu_downloader.lnk

2013-11-02 19:00 - 2013-11-02 18:55 - 91662048 _____ C:\Users\W7\Downloads\sexx..rar

2013-11-01 21:33 - 2013-11-01 21:33 - 00002571 _____ C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online.lnk

2013-11-01 21:33 - 2013-11-01 21:33 - 00002541 _____ C:\Users\W7\Desktop\DC Universe Online.lnk

2013-11-01 21:33 - 2012-07-07 06:52 - 00000000 ____D C:\Windows\SysWOW64\directx

2013-11-01 15:38 - 2013-11-01 15:38 - 00000000 ____D C:\Program Files (x86)\Grinding Gear Games

2013-10-31 17:08 - 2013-10-31 17:08 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk

2013-10-31 17:08 - 2013-10-31 17:08 - 00000000 ____D C:\Program Files (x86)\QuickTime

2013-10-31 17:06 - 2013-10-31 17:06 - 00000000 ____D C:\Program Files (x86)\WinRAR

2013-10-31 17:06 - 2012-04-21 15:45 - 00000000 ____D C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2013-10-31 15:02 - 2012-04-21 15:21 - 00000000 ____D C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome

2013-10-31 13:09 - 2012-06-08 19:47 - 00000000 ____D C:\Users\W7\AppData\Local\Apple Computer

2013-10-30 00:21 - 2013-10-28 14:48 - 00000000 ____D C:\Users\W7\AppData\Roaming\Guitar Pro 6

2013-10-30 00:21 - 2013-09-22 13:43 - 00000000 ____D C:\Program Files (x86)\Saints Row IV

2013-10-30 00:19 - 2013-10-30 00:19 - 00002152 _____ C:\Users\W7\Downloads\[kickass.to]the.red.hot.chilli.peppers.snow.hey.oh.torrent

2013-10-30 00:13 - 2013-10-30 00:13 - 00016462 _____ C:\Users\W7\Downloads\[kickass.to]red.hot.chili.peppers.greatest.hits (3).torrent

2013-10-30 00:13 - 2013-10-30 00:13 - 00016462 _____ C:\Users\W7\Downloads\[kickass.to]red.hot.chili.peppers.greatest.hits (2).torrent

2013-10-29 17:52 - 2013-10-29 17:50 - 00000000 ____D C:\Program Files (x86)\baidu

2013-10-29 17:51 - 2013-10-29 17:51 - 00000398 _____ C:\fraglist.luar

2013-10-29 17:51 - 2013-10-29 17:50 - 00000047 _____ C:\Archive.ini

2013-10-29 13:44 - 2012-09-17 13:55 - 00000000 ____D C:\Users\W7\Documents\Youcam

2013-10-28 14:53 - 2013-10-28 14:53 - 00060371 _____ C:\Users\W7\Downloads\pink-floyd-comfortably_numb_ver2.gp3

2013-10-28 14:52 - 2013-10-28 14:52 - 00047034 _____ C:\Users\W7\Downloads\pink-floyd-comfortably-numb (2).gp3

2013-10-28 14:51 - 2013-10-28 14:51 - 00047034 _____ C:\Users\W7\Downloads\pink-floyd-comfortably-numb (1).gp3

2013-10-28 14:48 - 2013-10-28 14:48 - 00000000 ____D C:\Users\Todos os Usuários\Guitar Pro 6

2013-10-28 14:48 - 2013-10-28 14:48 - 00000000 ____D C:\ProgramData\Guitar Pro 6

2013-10-28 14:43 - 2013-02-27 21:33 - 00000000 ____D C:\Users\W7\AppData\Local\NVIDIA

2013-10-28 14:41 - 2013-10-28 14:41 - 00001351 _____ C:\Users\Public\Desktop\GeForce Experience.lnk

2013-10-28 14:41 - 2011-08-17 13:08 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA Corporation

2013-10-28 14:41 - 2011-08-17 13:08 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2013-10-28 14:41 - 2011-08-17 13:08 - 00000000 ____D C:\Program Files\NVIDIA Corporation

2013-10-28 14:41 - 2011-08-17 13:08 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation