Jump to content

nqij.exe , cant install any antivirus !


Recommended Posts

Hi , yesterday i was browsing through the internet when suddenly i noticed my mouse stopped working , afterwards i check my device manager , everything was still installed , but i wanted to be sure , so i checked my antivirus ( avast ) , but it was unninstalled .. also my windows firewall is disabled , my restore point ( i dont know if its said like that ) isnt a executable file ..

so i tried to install avast , and it gave me an error ( picture below ) .

 

Then i installed a program called trojan remover and it showed me that i had a trojan called nqij.exe , and everytime i tried to remove it my computer restarts .. ( picture below as well )

 

Hope you can help me and if you need anything else to do so , just say it !

 

Thank you , Pedro Agrela .

 

2w3dj76.png

Link to post
Share on other sites

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Kevin...

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:11-05-2014 01

Ran by Insys (administrator) on INSYS-PC on 13-05-2014 21:32:03

Running from C:\Users\Insys\Desktop

Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: Portuguese Standard

Internet Explorer Version 11

Boot Mode: Normal

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(Google Inc.) C:\Program Files\Google\Update\1.3.23.9\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe,userinit.exe

HKLM\...\Policies\Explorer: [NoToolbarCustomize] 0

HKLM\...\Policies\Explorer: [NoBandCustomize] 0

HKU\.DEFAULT\...\RunOnce: [sPReview] - C:\Windows\System32\SPReview\SPReview.exe [280576 2013-09-09] (Microsoft Corporation)

HKU\S-1-5-21-1446833926-4087065971-51131571-1001\...\Policies\Explorer: [NoToolbarCustomize] 0

HKU\S-1-5-21-1446833926-4087065971-51131571-1001\...\Policies\Explorer: [NoBandCustomize] 0

HKU\S-1-5-21-1446833926-4087065971-51131571-1001\...\Winlogon: [shell] C:\Windows\explorer.exe [2616320 2011-02-25] (Microsoft Corporation) <==== ATTENTION 

AppInit_DLLs: c:\progra~1\sn0310~1.boo => C:\Program Files\SN.Booster [4296192 2014-04-26] ()

IFEO\AvastSvc.exe: [Debugger] nqij.exe

IFEO\AvastUI.exe: [Debugger] nqij.exe

IFEO\avcenter.exe: [Debugger] nqij.exe

IFEO\avconfig.exe: [Debugger] nqij.exe

IFEO\avgcsrvx.exe: [Debugger] nqij.exe

IFEO\avgidsagent.exe: [Debugger] nqij.exe

IFEO\avgnt.exe: [Debugger] nqij.exe

IFEO\avgrsx.exe: [Debugger] nqij.exe

IFEO\avguard.exe: [Debugger] nqij.exe

IFEO\avgui.exe: [Debugger] nqij.exe

IFEO\avgwdsvc.exe: [Debugger] nqij.exe

IFEO\avp.exe: [Debugger] nqij.exe

IFEO\avscan.exe: [Debugger] nqij.exe

IFEO\bdagent.exe: [Debugger] nqij.exe

IFEO\ccuac.exe: [Debugger] nqij.exe

IFEO\ComboFix.exe: [Debugger] nqij.exe

IFEO\egui.exe: [Debugger] nqij.exe

IFEO\hijackthis.exe: [Debugger] nqij.exe

IFEO\instup.exe: [Debugger] nqij.exe

IFEO\keyscrambler.exe: [Debugger] nqij.exe

IFEO\mbam.exe: [Debugger] nqij.exe

IFEO\mbamgui.exe: [Debugger] nqij.exe

IFEO\mbampt.exe: [Debugger] nqij.exe

IFEO\mbamscheduler.exe: [Debugger] nqij.exe

IFEO\mbamservice.exe: [Debugger] nqij.exe

IFEO\MpCmdRun.exe: [Debugger] nqij.exe

IFEO\MSASCui.exe: [Debugger] nqij.exe

IFEO\MsMpEng.exe: [Debugger] nqij.exe

IFEO\msseces.exe: [Debugger] nqij.exe

IFEO\rstrui.exe: [Debugger] nqij.exe

IFEO\spybotsd.exe: [Debugger] nqij.exe

IFEO\wireshark.exe: [Debugger] nqij.exe

IFEO\zlclient.exe: [Debugger] nqij.exe

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://pt.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x257DB7D783AECE01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-PT

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch


HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

SearchScopes: HKLM - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=233&r=2014/04/26&hid=11410117755029885341&lg=EN&cc=PT&unqvl=51

SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 

SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1394993558&from=cor&uid=FUJITSUXMHZ2320BHXG1_K60AT8928E95T8928E95X&q={searchTerms}

SearchScopes: HKLM - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=233&r=2014/04/26&hid=11410117755029885341&lg=EN&cc=PT&unqvl=51



SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear

BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO: SNT - {4FE6DD1D-2F72-EDDD-9549-982A3341B515} - C:\Program Files\SNT\T.dll ()

BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

BHO: YoutubeAdblocker - {BD4CD860-DB9F-735A-84A7-B7887C75B861} - C:\Program Files\YoutubeAdblocker\RJAy.dll ()

BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()

FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)

FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Insys\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn

FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-03-11]

 

Chrome: 

=======


CHR Extension: (Google Translate) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-04-12]

CHR Extension: (wareztuga.tv streamer) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajnommifabkikkfaponcacapkfaghkcj [2007-10-30]

CHR Extension: (Google Drive) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-05]

CHR Extension: (Turn Off the Lights) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2014-03-05]

CHR Extension: (YouTube) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-05]

CHR Extension: (Pesquisa do Google) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-05]

CHR Extension: (AdBlock) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-04]

CHR Extension: (Arcane Legends) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibmlkgieigeddcedpbijnpojheoddido [2014-04-21]

CHR Extension: (Super Animes - Fate Zero - Einzbern) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngnmipnamnakggdpmkfkbampjbhhloeb [2014-03-05]

CHR Extension: (Google Wallet) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-05]

CHR Extension: (Gmail) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-05]

CHR HKLM\...\Chrome\Extension: [ehkebkalogplefdncmdccimnhgecojcj] - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\chrome.crx [2014-04-26]

CHR HKLM\...\Chrome\Extension: [lpmhiipjeomjecdgkkgpmeogahbilpmp] - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\face.crx [2014-04-26]

CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-03-16]

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

========================== Services (Whitelisted) =================

 

R2 916e5338; C:\Program Files\SNSvc.dll [174928 2014-04-26] ()

S2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [0 2014-04-14] ()

S2 QHActiveDefense; C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe [607560 2014-04-30] ()

S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [0 2014-04-10] ()

S2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [0 2014-04-10] ()

 

==================== Drivers (Whitelisted) ====================

 

S3 Cam5607; C:\Windows\System32\Drivers\BisonC07.sys [1182320 2009-07-25] (Bison Electronics. Inc. )

S3 HWHandSet; C:\Windows\System32\DRIVERS\hw_quusbmdm.sys [195200 2011-10-24] (Huawei Technologies Co., Ltd.)

R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [45968 2011-11-03] (Rovi Corporation)

R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [379904 2010-03-31] (Realtek Semiconductor Corporation                           )

R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [114408 2014-03-11] (Power Software Ltd)

S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2011-10-24] (Huawei Technologies Co., Ltd.)

S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]

S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]

S3 tsusbhub; system32\drivers\tsusbhub.sys [X]

S3 VGPU; System32\drivers\rdvgkmd.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-05-13 21:32 - 2014-05-13 21:32 - 00012706 _____ () C:\Users\Insys\Desktop\FRST.txt

2014-05-13 21:31 - 2014-05-13 21:28 - 01056256 _____ (Farbar) C:\Users\Insys\Desktop\FRST.exe

2014-05-13 21:29 - 2014-05-13 21:32 - 00000000 ____D () C:\FRST

2014-05-13 21:27 - 2014-05-13 21:28 - 01056256 _____ (Farbar) C:\Users\Insys\Downloads\FRST.exe

2014-05-13 21:26 - 2014-03-16 02:53 - 00000860 _____ () C:\Windows\system32\Drivers\etc\hosts.trb

2014-05-13 21:05 - 2014-05-13 21:05 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Insys\Downloads\mbam-setup-2.0.1.1004.exe

2014-05-13 20:55 - 2014-05-13 20:55 - 04796856 _____ (AVAST Software) C:\Users\Insys\Downloads\avast_free_antivirus_setup_online.exe

2014-05-13 20:39 - 2014-05-13 20:39 - 00001109 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk

2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\Users\Insys\Documents\Simply Super Software

2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\ProgramData\Simply Super Software

2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover

2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\ProgramData\Licenses

2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\Program Files\Trojan Remover

2014-05-13 20:38 - 2014-05-13 20:38 - 18058688 _____ (Simply Super Software ) C:\Users\Insys\Downloads\trjsetup.exe

2014-05-12 22:38 - 2014-05-12 22:38 - 00000000 ____D () C:\d6bfc0a25fc0a372e506cbfb3ea4f6

2014-05-12 22:34 - 2014-05-13 06:02 - 00000000 _____ () C:\Users\Insys\Downloads\Windows-KB890830-V5.11.exe

2014-05-12 22:31 - 2014-05-12 22:31 - 05697760 _____ () C:\Users\Insys\Downloads\bitdefender_isecurity_[quickscan].exe

2014-05-12 22:31 - 2014-05-12 22:31 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender

2014-05-12 22:28 - 2014-05-12 22:29 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\QuickScan

2014-05-12 22:25 - 2014-05-12 22:25 - 02055784 _____ (Trend Micro Inc.) C:\Users\Insys\Downloads\HousecallLauncher.exe

2014-05-12 22:25 - 2014-05-12 22:25 - 00000036 _____ () C:\Users\Insys\AppData\Local\housecall.guid.cache

2014-05-12 22:23 - 2014-05-12 22:23 - 08326064 _____ (McAfee, Inc.) C:\Users\Insys\Downloads\SecurityScan_Release.exe

2014-05-12 22:23 - 2014-05-12 22:23 - 00000000 ____D () C:\ProgramData\McAfee

2014-05-12 22:20 - 2014-05-12 22:20 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\tzszwgxf.sys

2014-05-12 22:19 - 2014-05-12 22:20 - 88882192 _____ (AVAST Software) C:\Users\Insys\Downloads\avast_free_antivirus_setup.exe

2014-05-12 21:59 - 2014-05-12 21:59 - 01243655 _____ () C:\Users\Insys\Downloads\ProcessExplorer.zip

2014-05-12 21:06 - 2014-05-12 21:06 - 00052822 _____ () C:\Users\Insys\Downloads\Extras.Txt

2014-05-12 21:05 - 2014-05-12 21:05 - 00163214 _____ () C:\Users\Insys\Downloads\OTL.Txt

2014-05-12 20:47 - 2014-05-12 20:47 - 11519096 _____ (OPSWAT, Inc.) C:\Users\Insys\Downloads\AppRemover.exe

2014-05-12 20:45 - 2014-05-12 20:45 - 00602112 _____ (OldTimer Tools) C:\Users\Insys\Downloads\OTL.exe

2014-05-12 20:43 - 2014-05-12 20:43 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-05-12 20:42 - 2014-05-12 20:42 - 01440846 _____ () C:\Users\Insys\Downloads\mbam-chameleon-1.62.1.1000.zip

2014-05-12 20:39 - 2014-05-12 20:39 - 04768528 _____ (AVAST Software) C:\Users\Insys\Downloads\avast_pro_antivirus_setup_online.exe

2014-05-12 20:33 - 2014-05-12 20:33 - 04436952 _____ () C:\Users\Insys\Desktop\avg_free_stb_all_2014_4259_softonic.exe

2014-05-12 20:29 - 2014-05-12 20:29 - 00386904 _____ (Softonic ) C:\Users\Insys\Downloads\SoftonicDownloader_para_avg-antivirus-free-2014.exe

2014-05-12 20:29 - 2014-05-12 20:29 - 00386904 _____ (Softonic ) C:\Users\Insys\Downloads\SoftonicDownloader_para_avg-antivirus-free-2014 (1).exe

2014-05-10 23:04 - 2014-05-10 23:04 - 00921512 _____ (Oracle Corporation) C:\Users\Insys\Downloads\chromeinstall-7u55.exe

2014-05-10 15:02 - 2014-05-10 15:04 - 00000000 ____D () C:\Users\Insys\Desktop\juventude e trabalho

2014-05-06 23:05 - 2014-05-06 23:05 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-05-06 22:04 - 2014-05-06 22:04 - 00001107 _____ () C:\Users\Insys\Desktop\360 Total Security.lnk

2014-05-06 22:04 - 2014-05-06 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center

2014-05-06 22:04 - 2014-05-06 22:04 - 00000000 ____D () C:\Program Files\360

2014-05-06 22:03 - 2014-04-14 03:11 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-05-06 22:03 - 2014-04-14 03:07 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-05-06 21:57 - 2014-05-06 21:57 - 22607176 _____ () C:\Users\Insys\Downloads\360TS_Setup.exe

2014-05-04 15:51 - 2014-05-04 15:54 - 320867494 _____ () C:\Users\Insys\Downloads\Counter-Strike 1.6 No Steam.rar

2014-05-04 15:29 - 2014-05-04 15:29 - 00000000 ____D () C:\Program Files\AellCheapPrIIce

2014-05-04 01:37 - 2014-05-04 01:37 - 00000000 ____D () C:\Users\Insys\AppData\Local\Blizzard

2014-05-04 01:33 - 2014-05-04 15:31 - 00000000 ____D () C:\Program Files\Hearthstone

2014-05-04 01:24 - 2014-05-04 01:38 - 00000000 ____D () C:\Users\Insys\AppData\Local\Battle.net

2014-05-04 01:24 - 2014-05-04 01:32 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\Battle.net

2014-05-04 01:24 - 2014-05-04 01:24 - 00000000 ____D () C:\Users\Insys\AppData\Local\Blizzard Entertainment

2014-05-04 01:23 - 2014-05-04 15:31 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment

2014-05-04 01:23 - 2014-05-04 01:24 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment

2014-05-04 01:20 - 2014-05-04 01:20 - 00000000 ____D () C:\ProgramData\Battle.net

2014-05-04 01:19 - 2014-05-04 01:19 - 07094224 _____ (Blizzard Entertainment) C:\Users\Insys\Downloads\Hearthstone-Setup-ptBR.exe

2014-05-03 23:46 - 2014-05-03 23:46 - 00018575 _____ () C:\Users\Insys\Downloads\squarefont.zip

2014-05-01 22:57 - 2014-05-01 22:57 - 00000000 ____D () C:\Users\Insys\Documents\Klei

2014-05-01 22:50 - 2014-05-01 22:55 - 155860495 _____ () C:\Users\Insys\Downloads\Dont Starve .rar

2014-05-01 22:49 - 2014-05-01 22:50 - 11822248 _____ (Elex do Brasil Participações Ltda) C:\Users\Insys\Downloads\yet_another_cleaner_ava.exe

2014-04-29 20:03 - 2014-04-29 20:03 - 17435168 _____ () C:\Users\Insys\Downloads\SwiftKey_Keyboard_v4.4.2.254.apk

2014-04-28 20:23 - 2014-04-28 20:23 - 02741951 _____ () C:\Users\Insys\Downloads\AIVC (Alice) - Pro Version v3.1 apkmania.com.rar

2014-04-27 09:12 - 2014-04-27 09:12 - 00000000 ____D () C:\Users\Insys\AppData\Local\GIZMO2

2014-04-27 02:12 - 2014-04-27 02:12 - 00000000 ___HD () C:\Windows\msdownld.tmp

2014-04-27 02:11 - 2014-04-27 02:12 - 00000000 ____D () C:\Windows\system32\directx

2014-04-27 00:21 - 2014-04-27 00:21 - 00003442 _____ () C:\Users\Pedro\Downloads\37E792D91449F1337D5FA52635356B88CB5A7A96.torrent

2014-04-27 00:20 - 2014-04-27 01:24 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\tixati

2014-04-27 00:20 - 2014-04-27 00:20 - 00057051 _____ () C:\Users\Pedro\Downloads\CDB1D4052D61A3BF5D0FF2FD2C083163C0CA8A54.torrent

2014-04-27 00:20 - 2014-04-27 00:20 - 00040472 _____ () C:\Users\Pedro\Downloads\E75ED20D538971366FE4B8D5EB35947CDE6AA712.torrent

2014-04-27 00:20 - 2014-04-27 00:20 - 00040472 _____ () C:\Users\Pedro\Downloads\7BAC0B2A5171336DA7DE1EA05EF9D5E03DE0254D.torrent

2014-04-27 00:20 - 2014-04-27 00:20 - 00040372 _____ () C:\Users\Pedro\Downloads\E7190945010711F731BD6A3FD1B3FB3EAFDD2B52.torrent

2014-04-26 23:20 - 2014-04-26 23:20 - 00000000 ____D () C:\Users\Pedro\AppData\Local\GIZMO2

2014-04-26 23:18 - 2014-04-26 23:19 - 100300522 _____ (UNIQLO CO., LTD.) C:\Users\Pedro\Downloads\UNIQLO_SCREENSAVER_setup.exe

2014-04-26 23:05 - 2014-04-26 23:05 - 04296192 _____ () C:\Program Files\SN.Booster

2014-04-26 23:05 - 2014-04-26 23:05 - 00174928 _____ () C:\Program Files\SNSvc.dll

2014-04-26 23:05 - 2014-04-26 23:05 - 00000432 ____H () C:\Windows\Tasks\SN.Booster-S-482248051.job

2014-04-26 23:05 - 2014-04-26 23:05 - 00000000 ____D () C:\ProgramData\YoutubeAdblocker

2014-04-26 23:05 - 2014-04-26 23:05 - 00000000 ____D () C:\ProgramData\SNT

2014-04-26 23:05 - 2014-04-26 23:05 - 00000000 ____D () C:\Program Files\YoutubeAdblocker

2014-04-26 23:05 - 2014-04-26 23:05 - 00000000 ____D () C:\Program Files\SNT

2014-04-26 23:04 - 2014-05-12 22:17 - 00000000 ____D () C:\ProgramData\Save Niet

2014-04-26 23:04 - 2014-05-12 22:15 - 00000000 ____D () C:\ProgramData\cc813dae40a4cea1

2014-04-26 23:04 - 2014-05-12 22:15 - 00000000 ____D () C:\Program Files\Save Niet

2014-04-26 23:04 - 2014-04-26 23:04 - 00323888 _____ (MyApps) C:\Users\Pedro\Downloads\Download_Manager-l4d2_2013_nosTEAM.zip.exe

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Torch

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Comodo

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Insys\AppData\Local\Torch

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Insys\AppData\Local\Comodo

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\HomeGroupUser$

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Convidado\AppData\Local\Torch

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Convidado\AppData\Local\Google

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Convidado\AppData\Local\Comodo

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Convidado

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Torch

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Google

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Comodo

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Administrador

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\ProgramData\InstallMate

2014-04-26 23:01 - 2014-04-26 23:01 - 00002135 _____ () C:\Users\Pedro\Desktop\FLV Player.lnk

2014-04-26 23:01 - 2014-04-26 23:01 - 00000324 _____ () C:\Windows\Tasks\SomotoUpdateCheckerAutoStart.job

2014-04-26 23:01 - 2014-04-26 23:01 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player

2014-04-26 23:01 - 2014-04-26 23:01 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker

2014-04-26 23:01 - 2014-04-26 23:01 - 00000000 ____D () C:\Users\Pedro\AppData\Local\WebPlayer

2014-04-26 23:01 - 2014-04-26 23:01 - 00000000 ____D () C:\Users\Pedro\AppData\Local\FilesFrog Update Checker

2014-04-26 22:58 - 2014-04-26 22:58 - 00236952 _____ () C:\Users\Pedro\Downloads\ClickHeretoDownloadSetup-4a8bR5ZD.exe

2014-04-26 22:52 - 2014-04-26 22:52 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2014-04-26 10:22 - 2014-04-26 10:22 - 02108416 _____ () C:\Users\Pedro\AppData\Roaming\machine32.exe

2014-04-26 10:22 - 2014-04-26 10:22 - 01067583 _____ () C:\Users\Pedro\AppData\Roaming\machine64.exe

2014-04-26 10:22 - 2014-04-26 10:22 - 00000007 _____ () C:\Users\Pedro\AppData\Roaming\v1291.txt

2014-04-26 10:22 - 2014-04-26 10:22 - 00000000 __SHD () C:\Users\Pedro\lWj61Ma

2014-04-26 10:21 - 2014-04-26 10:21 - 01016261 _____ () C:\Users\Pedro\Downloads\Visualizador_Contatos.exe

2014-04-26 10:21 - 2014-04-26 10:21 - 00000000 __SHD () C:\Users\Pedro\jZb72An

2014-04-25 23:12 - 2014-04-25 23:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox

2014-04-25 23:09 - 2014-04-25 23:09 - 00067067 _____ () C:\Users\Pedro\Downloads\wareztugatv-streamer.crx

2014-04-25 22:30 - 2014-04-25 22:30 - 10486864 _____ (BlueStack Systems Inc.) C:\Users\Pedro\Downloads\BlueStacks-SplitInstaller_native (1).exe

2014-04-25 22:25 - 2014-04-25 22:29 - 535085536 _____ () C:\Users\Pedro\Downloads\adt-bundle-windows-x86-20140321.zip

2014-04-25 22:15 - 2014-04-25 23:10 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Genymobile

2014-04-25 22:15 - 2014-04-25 22:32 - 00000000 ____D () C:\Users\Pedro\.VirtualBox

2014-04-25 22:14 - 2014-04-25 22:14 - 00001076 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk

2014-04-25 22:14 - 2014-04-25 22:14 - 00000000 ____D () C:\Program Files\Oracle

2014-04-25 22:14 - 2013-04-12 12:33 - 00188176 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys

2014-04-25 22:14 - 2013-04-12 12:33 - 00094480 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys

2014-04-25 22:12 - 2014-04-25 22:12 - 00000000 ____D () C:\Program Files\Genymobile

2014-04-25 22:11 - 2014-04-25 22:12 - 123486848 _____ (Genymobile ) C:\Users\Pedro\Downloads\genymotion-2.2.0-vbox.exe

2014-04-25 21:55 - 2014-04-25 21:55 - 10486864 _____ (BlueStack Systems Inc.) C:\Users\Pedro\Downloads\BlueStacks-SplitInstaller_native.exe

2014-04-25 21:55 - 2014-04-25 21:55 - 00065984 _____ () C:\Users\Pedro\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-25 21:55 - 2014-04-25 21:55 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Bluestacks

2014-04-25 21:18 - 2014-02-10 20:34 - 00000121 _____ () C:\Users\Pedro\Downloads\Games Android Hvga.url

2014-04-25 21:09 - 2014-04-25 21:11 - 209715200 _____ () C:\Users\Pedro\Downloads\Data TASA v1.1.9 gamesandroidhvga.com.part2.rar

2014-04-25 21:09 - 2014-04-25 21:11 - 153089373 _____ () C:\Users\Pedro\Downloads\Data TASA v1.1.9 gamesandroidhvga.com.part3.rar

2014-04-25 21:08 - 2013-09-01 19:16 - 00000000 ____D () C:\Users\Pedro\Downloads\com.gameloft.android.ANMP.GloftAMHM

2014-04-25 21:06 - 2014-04-25 21:07 - 209715200 _____ () C:\Users\Pedro\Downloads\Data TASA v1.1.9 gamesandroidhvga.com.part1.rar

2014-04-25 21:06 - 2014-04-25 21:06 - 15483326 _____ () C:\Users\Pedro\Downloads\TASA v1.1.9 gamesandroidhvga.com.apk

2014-04-25 10:53 - 2014-04-25 10:53 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

2014-04-24 21:32 - 2014-04-24 21:32 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\WinRAR

2014-04-24 20:49 - 2014-04-24 20:49 - 02428889 _____ () C:\Users\Pedro\Desktop\Light Flow Lite - LED Control.apk

2014-04-21 12:51 - 2014-04-21 12:51 - 02537944 _____ () C:\Users\Insys\Downloads\HeroesAndGenerals-setup-86736.exe

2014-04-21 10:37 - 2014-04-21 10:38 - 05520368 _____ () C:\Users\Insys\Downloads\IMG_4756.MOV

2014-04-21 10:08 - 2014-04-21 10:08 - 00033269 _____ () C:\Users\Insys\Downloads\carlosagrela1978615771.xml

2014-04-18 16:03 - 2014-04-18 16:03 - 00023157 _____ () C:\Users\Insys\Downloads\[www.CsWorldx.Blogspot.Com] R-Aimbot v1.0.rar

2014-04-18 15:57 - 2014-04-18 15:58 - 00000000 ____D () C:\Users\Insys\Downloads\[cheat-project.com] MP-Hacks ESP v5.0 2009-02-24

2014-04-18 15:56 - 2014-04-18 15:57 - 00075357 _____ () C:\Users\Insys\Downloads\[cheat-project.com] MP-Hacks ESP v5.0 2009-02-24.rar

2014-04-18 15:54 - 2014-04-18 15:54 - 00075357 _____ () C:\Users\Insys\Downloads\MP-Hacks_ESP_v5.0.rar

2014-04-18 15:48 - 2014-04-18 15:48 - 00899845 _____ () C:\Users\Insys\Downloads\Cd hack 5 and Xiter Cs injector.rar

2014-04-16 23:28 - 2014-04-16 23:28 - 02572648 _____ () C:\Users\Insys\Downloads\Hack + Software v10.2 2014.zip

2014-04-16 23:26 - 2014-04-16 23:26 - 00727552 _____ () C:\Users\Insys\Downloads\Ayakashi Ghost Guild Cheats.exe

2014-04-14 20:58 - 2014-04-14 21:52 - 1852812405 _____ () C:\Users\Insys\Downloads\Install Half-Life 2.exe

2014-04-14 20:23 - 2014-04-14 20:23 - 00909976 _____ () C:\Users\Insys\Downloads\cleaner_ava (1).exe

2014-04-14 19:25 - 2014-04-14 19:25 - 00000000 ____D () C:\Users\Insys\AppData\Local\id Software

2014-04-14 19:24 - 2014-04-14 19:24 - 06024320 _____ () C:\Users\Insys\Downloads\QuakeLiveSetup_841.exe

2014-04-14 19:16 - 2014-04-14 19:16 - 01141680 _____ () C:\Users\Insys\Downloads\SteamSetup.exe

2014-04-14 17:32 - 2014-04-14 17:32 - 00000000 ____D () C:\Users\Insys\AppData\Local\Howei

2014-04-14 17:09 - 2014-04-14 17:09 - 00090624 _____ (Howei) C:\Users\Insys\Downloads\hInjector.exe

2014-04-14 17:07 - 2014-04-14 17:07 - 00079846 _____ () C:\Users\Insys\Downloads\WTFAOS_mpgh.net.rar

2014-04-14 17:04 - 2014-04-14 17:04 - 00075739 _____ () C:\Users\Insys\Downloads\Pwned_AOS.rar

2014-04-14 17:04 - 2014-04-14 17:04 - 00075739 _____ () C:\Users\Insys\Downloads\Pwned_AOS (1).rar

2014-04-14 16:38 - 2014-04-14 16:38 - 00644480 _____ () C:\Users\Insys\Downloads\G36C(2).zip

2014-04-14 16:38 - 2014-04-14 16:38 - 00617557 _____ () C:\Users\Insys\Downloads\Modding Challenge (M110).zip

2014-04-14 16:37 - 2014-04-14 16:37 - 00426072 _____ () C:\Users\Insys\Downloads\Stakeout.zip

2014-04-13 02:50 - 2014-04-13 02:50 - 00009532 _____ () C:\Users\Insys\Downloads\[kickass.to]half.life.2.no.steam.no.crack.no.keygen.install.and.play.torrent

2014-04-13 02:40 - 2014-04-13 02:40 - 07054336 _____ () C:\Users\Insys\Downloads\xnafx40_redist.msi

2014-04-13 02:28 - 2014-04-13 02:29 - 00000000 ____D () C:\Users\Insys\Desktop\Aceofspades hack

2014-04-13 02:28 - 2014-04-13 02:28 - 00136641 _____ () C:\Users\Insys\Downloads\Aceofspades hack.zip

2014-04-13 02:28 - 2014-04-13 02:28 - 00136641 _____ () C:\Users\Insys\Downloads\Aceofspades hack (1).zip

2014-04-13 00:35 - 2014-04-13 00:35 - 00001014 _____ () C:\Users\Pedro\Desktop\Build and Shoot Launcher.lnk

2014-04-13 00:35 - 2014-04-13 00:35 - 00001014 _____ () C:\Users\Insys\Desktop\Build and Shoot Launcher.lnk

2014-04-13 00:35 - 2014-04-13 00:35 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Build and Shoot

2014-04-13 00:35 - 2014-04-13 00:35 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\Build and Shoot

2014-04-13 00:35 - 2014-04-13 00:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Build and Shoot

2014-04-13 00:35 - 2014-04-13 00:35 - 00000000 ____D () C:\Program Files\Build and Shoot

2014-04-13 00:34 - 2014-04-13 00:34 - 00673002 _____ () C:\Users\Insys\Downloads\Build and Shoot 1.2 Setup.exe

2014-04-13 00:20 - 2014-04-13 00:26 - 257425680 _____ (Infernum Productions AG ) C:\Users\Insys\Downloads\BrickForceSetup_EN.exe

2014-04-13 00:18 - 2014-04-13 00:18 - 10022366 _____ () C:\Users\Insys\Downloads\PokeMMO-Client.zip

 

==================== One Month Modified Files and Folders =======

 

2014-05-13 21:32 - 2014-05-13 21:32 - 00012706 _____ () C:\Users\Insys\Desktop\FRST.txt

2014-05-13 21:32 - 2014-05-13 21:29 - 00000000 ____D () C:\FRST

2014-05-13 21:28 - 2014-05-13 21:31 - 01056256 _____ (Farbar) C:\Users\Insys\Desktop\FRST.exe

2014-05-13 21:28 - 2014-05-13 21:27 - 01056256 _____ (Farbar) C:\Users\Insys\Downloads\FRST.exe

2014-05-13 21:05 - 2014-05-13 21:05 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Insys\Downloads\mbam-setup-2.0.1.1004.exe

2014-05-13 20:59 - 2009-07-14 05:34 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-05-13 20:59 - 2009-07-14 05:34 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-05-13 20:57 - 2013-10-05 21:55 - 00648070 _____ () C:\Windows\system32\perfh01F.dat

2014-05-13 20:57 - 2013-10-05 21:55 - 00139452 _____ () C:\Windows\system32\perfc01F.dat

2014-05-13 20:57 - 2013-09-07 17:00 - 02441302 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-05-13 20:57 - 2009-07-14 09:31 - 00720406 _____ () C:\Windows\system32\prfh0816.dat

2014-05-13 20:57 - 2009-07-14 09:31 - 00152358 _____ () C:\Windows\system32\prfc0816.dat

2014-05-13 20:55 - 2014-05-13 20:55 - 04796856 _____ (AVAST Software) C:\Users\Insys\Downloads\avast_free_antivirus_setup_online.exe

2014-05-13 20:55 - 2013-09-07 16:52 - 01388674 _____ () C:\Windows\WindowsUpdate.log

2014-05-13 20:52 - 2014-04-09 21:34 - 00011446 _____ () C:\Windows\setupact.log

2014-05-13 20:46 - 2014-04-10 00:27 - 00011562 _____ () C:\Windows\PFRO.log

2014-05-13 20:46 - 2013-09-07 16:57 - 00000000 ____D () C:\Users\Insys

2014-05-13 20:41 - 2014-03-16 01:55 - 00000000 ____D () C:\ProgramData\WPM

2014-05-13 20:41 - 2014-03-16 01:55 - 00000000 ____D () C:\ProgramData\IePluginService

2014-05-13 20:40 - 2014-04-10 22:52 - 00000000 __SHD () C:\Windows\system32\Windows Firewall

2014-05-13 20:39 - 2014-05-13 20:39 - 00001109 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk

2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\Users\Insys\Documents\Simply Super Software

2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\ProgramData\Simply Super Software

2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover

2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\ProgramData\Licenses

2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\Program Files\Trojan Remover

2014-05-13 20:39 - 2014-04-10 22:52 - 00818880 _____ () C:\Users\Insys\AppData\Roaming\msconfig.ini

2014-05-13 20:38 - 2014-05-13 20:38 - 18058688 _____ (Simply Super Software ) C:\Users\Insys\Downloads\trjsetup.exe

2014-05-13 06:02 - 2014-05-12 22:34 - 00000000 _____ () C:\Users\Insys\Downloads\Windows-KB890830-V5.11.exe

2014-05-12 22:38 - 2014-05-12 22:38 - 00000000 ____D () C:\d6bfc0a25fc0a372e506cbfb3ea4f6

2014-05-12 22:31 - 2014-05-12 22:31 - 05697760 _____ () C:\Users\Insys\Downloads\bitdefender_isecurity_[quickscan].exe

2014-05-12 22:31 - 2014-05-12 22:31 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender

2014-05-12 22:29 - 2014-05-12 22:28 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\QuickScan

2014-05-12 22:25 - 2014-05-12 22:25 - 02055784 _____ (Trend Micro Inc.) C:\Users\Insys\Downloads\HousecallLauncher.exe

2014-05-12 22:25 - 2014-05-12 22:25 - 00000036 _____ () C:\Users\Insys\AppData\Local\housecall.guid.cache

2014-05-12 22:23 - 2014-05-12 22:23 - 08326064 _____ (McAfee, Inc.) C:\Users\Insys\Downloads\SecurityScan_Release.exe

2014-05-12 22:23 - 2014-05-12 22:23 - 00000000 ____D () C:\ProgramData\McAfee

2014-05-12 22:20 - 2014-05-12 22:20 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\tzszwgxf.sys

2014-05-12 22:20 - 2014-05-12 22:19 - 88882192 _____ (AVAST Software) C:\Users\Insys\Downloads\avast_free_antivirus_setup.exe

2014-05-12 22:17 - 2014-04-26 23:04 - 00000000 ____D () C:\ProgramData\Save Niet

2014-05-12 22:15 - 2014-04-26 23:04 - 00000000 ____D () C:\ProgramData\cc813dae40a4cea1

2014-05-12 22:15 - 2014-04-26 23:04 - 00000000 ____D () C:\Program Files\Save Niet

2014-05-12 22:02 - 2009-07-14 03:04 - 00002577 _____ () C:\Windows\system32\config.nt

2014-05-12 21:59 - 2014-05-12 21:59 - 01243655 _____ () C:\Users\Insys\Downloads\ProcessExplorer.zip

2014-05-12 21:06 - 2014-05-12 21:06 - 00052822 _____ () C:\Users\Insys\Downloads\Extras.Txt

2014-05-12 21:05 - 2014-05-12 21:05 - 00163214 _____ () C:\Users\Insys\Downloads\OTL.Txt

2014-05-12 20:55 - 2014-04-03 23:19 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\tixati

2014-05-12 20:47 - 2014-05-12 20:47 - 11519096 _____ (OPSWAT, Inc.) C:\Users\Insys\Downloads\AppRemover.exe

2014-05-12 20:45 - 2014-05-12 20:45 - 00602112 _____ (OldTimer Tools) C:\Users\Insys\Downloads\OTL.exe

2014-05-12 20:43 - 2014-05-12 20:43 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-05-12 20:42 - 2014-05-12 20:42 - 01440846 _____ () C:\Users\Insys\Downloads\mbam-chameleon-1.62.1.1000.zip

2014-05-12 20:39 - 2014-05-12 20:39 - 04768528 _____ (AVAST Software) C:\Users\Insys\Downloads\avast_pro_antivirus_setup_online.exe

2014-05-12 20:33 - 2014-05-12 20:33 - 04436952 _____ () C:\Users\Insys\Desktop\avg_free_stb_all_2014_4259_softonic.exe

2014-05-12 20:29 - 2014-05-12 20:29 - 00386904 _____ (Softonic ) C:\Users\Insys\Downloads\SoftonicDownloader_para_avg-antivirus-free-2014.exe

2014-05-12 20:29 - 2014-05-12 20:29 - 00386904 _____ (Softonic ) C:\Users\Insys\Downloads\SoftonicDownloader_para_avg-antivirus-free-2014 (1).exe

2014-05-10 23:04 - 2014-05-10 23:04 - 00921512 _____ (Oracle Corporation) C:\Users\Insys\Downloads\chromeinstall-7u55.exe

2014-05-10 17:12 - 2014-02-09 04:17 - 00000000 ____D () C:\ProgramData\Adobe

2014-05-10 17:12 - 2013-09-11 10:51 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\Adobe

2014-05-10 17:09 - 2013-09-07 17:18 - 00000000 ____D () C:\Users\Insys\Desktop\Nadia

2014-05-10 15:04 - 2014-05-10 15:02 - 00000000 ____D () C:\Users\Insys\Desktop\juventude e trabalho

2014-05-06 23:05 - 2014-05-06 23:05 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-05-06 22:04 - 2014-05-06 22:04 - 00001107 _____ () C:\Users\Insys\Desktop\360 Total Security.lnk

2014-05-06 22:04 - 2014-05-06 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center

2014-05-06 22:04 - 2014-05-06 22:04 - 00000000 ____D () C:\Program Files\360

2014-05-06 21:57 - 2014-05-06 21:57 - 22607176 _____ () C:\Users\Insys\Downloads\360TS_Setup.exe

2014-05-04 15:54 - 2014-05-04 15:51 - 320867494 _____ () C:\Users\Insys\Downloads\Counter-Strike 1.6 No Steam.rar

2014-05-04 15:42 - 2014-04-12 01:21 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\TS3Client

2014-05-04 15:31 - 2014-05-04 01:33 - 00000000 ____D () C:\Program Files\Hearthstone

2014-05-04 15:31 - 2014-05-04 01:23 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment

2014-05-04 15:29 - 2014-05-04 15:29 - 00000000 ____D () C:\Program Files\AellCheapPrIIce

2014-05-04 01:38 - 2014-05-04 01:24 - 00000000 ____D () C:\Users\Insys\AppData\Local\Battle.net

2014-05-04 01:37 - 2014-05-04 01:37 - 00000000 ____D () C:\Users\Insys\AppData\Local\Blizzard

2014-05-04 01:32 - 2014-05-04 01:24 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\Battle.net

2014-05-04 01:24 - 2014-05-04 01:24 - 00000000 ____D () C:\Users\Insys\AppData\Local\Blizzard Entertainment

2014-05-04 01:24 - 2014-05-04 01:23 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment

2014-05-04 01:20 - 2014-05-04 01:20 - 00000000 ____D () C:\ProgramData\Battle.net

2014-05-04 01:19 - 2014-05-04 01:19 - 07094224 _____ (Blizzard Entertainment) C:\Users\Insys\Downloads\Hearthstone-Setup-ptBR.exe

2014-05-03 23:46 - 2014-05-03 23:46 - 00018575 _____ () C:\Users\Insys\Downloads\squarefont.zip

2014-05-01 22:57 - 2014-05-01 22:57 - 00000000 ____D () C:\Users\Insys\Documents\Klei

2014-05-01 22:55 - 2014-05-01 22:50 - 155860495 _____ () C:\Users\Insys\Downloads\Dont Starve .rar

2014-05-01 22:50 - 2014-05-01 22:49 - 11822248 _____ (Elex do Brasil Participações Ltda) C:\Users\Insys\Downloads\yet_another_cleaner_ava.exe

2014-04-29 20:03 - 2014-04-29 20:03 - 17435168 _____ () C:\Users\Insys\Downloads\SwiftKey_Keyboard_v4.4.2.254.apk

2014-04-28 20:23 - 2014-04-28 20:23 - 02741951 _____ () C:\Users\Insys\Downloads\AIVC (Alice) - Pro Version v3.1 apkmania.com.rar

2014-04-27 09:16 - 2013-09-08 19:13 - 00000000 ____D () C:\Games

2014-04-27 09:12 - 2014-04-27 09:12 - 00000000 ____D () C:\Users\Insys\AppData\Local\GIZMO2

2014-04-27 02:12 - 2014-04-27 02:12 - 00000000 ___HD () C:\Windows\msdownld.tmp

2014-04-27 02:12 - 2014-04-27 02:11 - 00000000 ____D () C:\Windows\system32\directx

2014-04-27 01:24 - 2014-04-27 00:20 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\tixati

2014-04-27 00:21 - 2014-04-27 00:21 - 00003442 _____ () C:\Users\Pedro\Downloads\37E792D91449F1337D5FA52635356B88CB5A7A96.torrent

2014-04-27 00:20 - 2014-04-27 00:20 - 00057051 _____ () C:\Users\Pedro\Downloads\CDB1D4052D61A3BF5D0FF2FD2C083163C0CA8A54.torrent

2014-04-27 00:20 - 2014-04-27 00:20 - 00040472 _____ () C:\Users\Pedro\Downloads\E75ED20D538971366FE4B8D5EB35947CDE6AA712.torrent

2014-04-27 00:20 - 2014-04-27 00:20 - 00040472 _____ () C:\Users\Pedro\Downloads\7BAC0B2A5171336DA7DE1EA05EF9D5E03DE0254D.torrent

2014-04-27 00:20 - 2014-04-27 00:20 - 00040372 _____ () C:\Users\Pedro\Downloads\E7190945010711F731BD6A3FD1B3FB3EAFDD2B52.torrent

2014-04-26 23:20 - 2014-04-26 23:20 - 00000000 ____D () C:\Users\Pedro\AppData\Local\GIZMO2

2014-04-26 23:19 - 2014-04-26 23:18 - 100300522 _____ (UNIQLO CO., LTD.) C:\Users\Pedro\Downloads\UNIQLO_SCREENSAVER_setup.exe

2014-04-26 23:05 - 2014-04-26 23:05 - 04296192 _____ () C:\Program Files\SN.Booster

2014-04-26 23:05 - 2014-04-26 23:05 - 00174928 _____ () C:\Program Files\SNSvc.dll

2014-04-26 23:05 - 2014-04-26 23:05 - 00000432 ____H () C:\Windows\Tasks\SN.Booster-S-482248051.job

2014-04-26 23:05 - 2014-04-26 23:05 - 00000000 ____D () C:\ProgramData\YoutubeAdblocker

2014-04-26 23:05 - 2014-04-26 23:05 - 00000000 ____D () C:\ProgramData\SNT

2014-04-26 23:05 - 2014-04-26 23:05 - 00000000 ____D () C:\Program Files\YoutubeAdblocker

2014-04-26 23:05 - 2014-04-26 23:05 - 00000000 ____D () C:\Program Files\SNT

2014-04-26 23:04 - 2014-04-26 23:04 - 00323888 _____ (MyApps) C:\Users\Pedro\Downloads\Download_Manager-l4d2_2013_nosTEAM.zip.exe

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Torch

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Comodo

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Insys\AppData\Local\Torch

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Insys\AppData\Local\Comodo

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\HomeGroupUser$

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Convidado\AppData\Local\Torch

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Convidado\AppData\Local\Google

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Convidado\AppData\Local\Comodo

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Convidado

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Torch

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Google

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Comodo

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Administrador

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\ProgramData\InstallMate

2014-04-26 23:04 - 2014-04-12 17:04 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Google

2014-04-26 23:04 - 2013-09-07 17:12 - 00000000 ____D () C:\Users\Insys\AppData\Local\Google

2014-04-26 23:01 - 2014-04-26 23:01 - 00002135 _____ () C:\Users\Pedro\Desktop\FLV Player.lnk

2014-04-26 23:01 - 2014-04-26 23:01 - 00000324 _____ () C:\Windows\Tasks\SomotoUpdateCheckerAutoStart.job

2014-04-26 23:01 - 2014-04-26 23:01 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player

2014-04-26 23:01 - 2014-04-26 23:01 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker

2014-04-26 23:01 - 2014-04-26 23:01 - 00000000 ____D () C:\Users\Pedro\AppData\Local\WebPlayer

2014-04-26 23:01 - 2014-04-26 23:01 - 00000000 ____D () C:\Users\Pedro\AppData\Local\FilesFrog Update Checker

2014-04-26 22:58 - 2014-04-26 22:58 - 00236952 _____ () C:\Users\Pedro\Downloads\ClickHeretoDownloadSetup-4a8bR5ZD.exe

2014-04-26 22:52 - 2014-04-26 22:52 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2014-04-26 10:22 - 2014-04-26 10:22 - 02108416 _____ () C:\Users\Pedro\AppData\Roaming\machine32.exe

2014-04-26 10:22 - 2014-04-26 10:22 - 01067583 _____ () C:\Users\Pedro\AppData\Roaming\machine64.exe

2014-04-26 10:22 - 2014-04-26 10:22 - 00000007 _____ () C:\Users\Pedro\AppData\Roaming\v1291.txt

2014-04-26 10:22 - 2014-04-26 10:22 - 00000000 __SHD () C:\Users\Pedro\lWj61Ma

2014-04-26 10:22 - 2014-04-12 17:01 - 00000000 ____D () C:\Users\Pedro

2014-04-26 10:21 - 2014-04-26 10:21 - 01016261 _____ () C:\Users\Pedro\Downloads\Visualizador_Contatos.exe

2014-04-26 10:21 - 2014-04-26 10:21 - 00000000 __SHD () C:\Users\Pedro\jZb72An

2014-04-25 23:12 - 2014-04-25 23:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox

2014-04-25 23:12 - 2013-09-09 00:36 - 00000000 ____D () C:\Windows\system32\appmgmt

2014-04-25 23:10 - 2014-04-25 22:15 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Genymobile

2014-04-25 23:10 - 2014-04-12 15:04 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\dll-files.com

2014-04-25 23:09 - 2014-04-25 23:09 - 00067067 _____ () C:\Users\Pedro\Downloads\wareztugatv-streamer.crx

2014-04-25 22:35 - 2014-04-12 23:43 - 00000000 ____D () C:\Program Files\Altitude

2014-04-25 22:32 - 2014-04-25 22:15 - 00000000 ____D () C:\Users\Pedro\.VirtualBox

2014-04-25 22:30 - 2014-04-25 22:30 - 10486864 _____ (BlueStack Systems Inc.) C:\Users\Pedro\Downloads\BlueStacks-SplitInstaller_native (1).exe

2014-04-25 22:29 - 2014-04-25 22:25 - 535085536 _____ () C:\Users\Pedro\Downloads\adt-bundle-windows-x86-20140321.zip

2014-04-25 22:14 - 2014-04-25 22:14 - 00001076 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk

2014-04-25 22:14 - 2014-04-25 22:14 - 00000000 ____D () C:\Program Files\Oracle

2014-04-25 22:12 - 2014-04-25 22:12 - 00000000 ____D () C:\Program Files\Genymobile

2014-04-25 22:12 - 2014-04-25 22:11 - 123486848 _____ (Genymobile ) C:\Users\Pedro\Downloads\genymotion-2.2.0-vbox.exe

2014-04-25 21:55 - 2014-04-25 21:55 - 10486864 _____ (BlueStack Systems Inc.) C:\Users\Pedro\Downloads\BlueStacks-SplitInstaller_native.exe

2014-04-25 21:55 - 2014-04-25 21:55 - 00065984 _____ () C:\Users\Pedro\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-25 21:55 - 2014-04-25 21:55 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Bluestacks

2014-04-25 21:11 - 2014-04-25 21:09 - 209715200 _____ () C:\Users\Pedro\Downloads\Data TASA v1.1.9 gamesandroidhvga.com.part2.rar

2014-04-25 21:11 - 2014-04-25 21:09 - 153089373 _____ () C:\Users\Pedro\Downloads\Data TASA v1.1.9 gamesandroidhvga.com.part3.rar

2014-04-25 21:07 - 2014-04-25 21:06 - 209715200 _____ () C:\Users\Pedro\Downloads\Data TASA v1.1.9 gamesandroidhvga.com.part1.rar

2014-04-25 21:06 - 2014-04-25 21:06 - 15483326 _____ () C:\Users\Pedro\Downloads\TASA v1.1.9 gamesandroidhvga.com.apk

2014-04-25 10:53 - 2014-04-25 10:53 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

2014-04-24 21:32 - 2014-04-24 21:32 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\WinRAR

2014-04-24 20:49 - 2014-04-24 20:49 - 02428889 _____ () C:\Users\Pedro\Desktop\Light Flow Lite - LED Control.apk

2014-04-21 12:51 - 2014-04-21 12:51 - 02537944 _____ () C:\Users\Insys\Downloads\HeroesAndGenerals-setup-86736.exe

2014-04-21 10:38 - 2014-04-21 10:37 - 05520368 _____ () C:\Users\Insys\Downloads\IMG_4756.MOV

2014-04-21 10:08 - 2014-04-21 10:08 - 00033269 _____ () C:\Users\Insys\Downloads\carlosagrela1978615771.xml

2014-04-18 16:03 - 2014-04-18 16:03 - 00023157 _____ () C:\Users\Insys\Downloads\[www.CsWorldx.Blogspot.Com] R-Aimbot v1.0.rar

2014-04-18 15:58 - 2014-04-18 15:57 - 00000000 ____D () C:\Users\Insys\Downloads\[cheat-project.com] MP-Hacks ESP v5.0 2009-02-24

2014-04-18 15:57 - 2014-04-18 15:56 - 00075357 _____ () C:\Users\Insys\Downloads\[cheat-project.com] MP-Hacks ESP v5.0 2009-02-24.rar

2014-04-18 15:54 - 2014-04-18 15:54 - 00075357 _____ () C:\Users\Insys\Downloads\MP-Hacks_ESP_v5.0.rar

2014-04-18 15:48 - 2014-04-18 15:48 - 00899845 _____ () C:\Users\Insys\Downloads\Cd hack 5 and Xiter Cs injector.rar

2014-04-16 23:28 - 2014-04-16 23:28 - 02572648 _____ () C:\Users\Insys\Downloads\Hack + Software v10.2 2014.zip

2014-04-16 23:26 - 2014-04-16 23:26 - 00727552 _____ () C:\Users\Insys\Downloads\Ayakashi Ghost Guild Cheats.exe

2014-04-14 21:52 - 2014-04-14 20:58 - 1852812405 _____ () C:\Users\Insys\Downloads\Install Half-Life 2.exe

2014-04-14 20:23 - 2014-04-14 20:23 - 00909976 _____ () C:\Users\Insys\Downloads\cleaner_ava (1).exe

2014-04-14 19:25 - 2014-04-14 19:25 - 00000000 ____D () C:\Users\Insys\AppData\Local\id Software

2014-04-14 19:24 - 2014-04-14 19:24 - 06024320 _____ () C:\Users\Insys\Downloads\QuakeLiveSetup_841.exe

2014-04-14 19:16 - 2014-04-14 19:16 - 01141680 _____ () C:\Users\Insys\Downloads\SteamSetup.exe

2014-04-14 17:32 - 2014-04-14 17:32 - 00000000 ____D () C:\Users\Insys\AppData\Local\Howei

2014-04-14 17:09 - 2014-04-14 17:09 - 00090624 _____ (Howei) C:\Users\Insys\Downloads\hInjector.exe

2014-04-14 17:07 - 2014-04-14 17:07 - 00079846 _____ () C:\Users\Insys\Downloads\WTFAOS_mpgh.net.rar

2014-04-14 17:04 - 2014-04-14 17:04 - 00075739 _____ () C:\Users\Insys\Downloads\Pwned_AOS.rar

2014-04-14 17:04 - 2014-04-14 17:04 - 00075739 _____ () C:\Users\Insys\Downloads\Pwned_AOS (1).rar

2014-04-14 16:38 - 2014-04-14 16:38 - 00644480 _____ () C:\Users\Insys\Downloads\G36C(2).zip

2014-04-14 16:38 - 2014-04-14 16:38 - 00617557 _____ () C:\Users\Insys\Downloads\Modding Challenge (M110).zip

2014-04-14 16:37 - 2014-04-14 16:37 - 00426072 _____ () C:\Users\Insys\Downloads\Stakeout.zip

2014-04-14 03:11 - 2014-05-06 22:03 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-04-14 03:07 - 2014-05-06 22:03 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-04-13 02:50 - 2014-04-13 02:50 - 00009532 _____ () C:\Users\Insys\Downloads\[kickass.to]half.life.2.no.steam.no.crack.no.keygen.install.and.play.torrent

2014-04-13 02:40 - 2014-04-13 02:40 - 07054336 _____ () C:\Users\Insys\Downloads\xnafx40_redist.msi

2014-04-13 02:29 - 2014-04-13 02:28 - 00000000 ____D () C:\Users\Insys\Desktop\Aceofspades hack

2014-04-13 02:28 - 2014-04-13 02:28 - 00136641 _____ () C:\Users\Insys\Downloads\Aceofspades hack.zip

2014-04-13 02:28 - 2014-04-13 02:28 - 00136641 _____ () C:\Users\Insys\Downloads\Aceofspades hack (1).zip

2014-04-13 00:35 - 2014-04-13 00:35 - 00001014 _____ () C:\Users\Pedro\Desktop\Build and Shoot Launcher.lnk

2014-04-13 00:35 - 2014-04-13 00:35 - 00001014 _____ () C:\Users\Insys\Desktop\Build and Shoot Launcher.lnk

2014-04-13 00:35 - 2014-04-13 00:35 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Build and Shoot

2014-04-13 00:35 - 2014-04-13 00:35 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\Build and Shoot

2014-04-13 00:35 - 2014-04-13 00:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Build and Shoot

2014-04-13 00:35 - 2014-04-13 00:35 - 00000000 ____D () C:\Program Files\Build and Shoot

2014-04-13 00:34 - 2014-04-13 00:34 - 00673002 _____ () C:\Users\Insys\Downloads\Build and Shoot 1.2 Setup.exe

2014-04-13 00:26 - 2014-04-13 00:20 - 257425680 _____ (Infernum Productions AG ) C:\Users\Insys\Downloads\BrickForceSetup_EN.exe

2014-04-13 00:18 - 2014-04-13 00:18 - 10022366 _____ () C:\Users\Insys\Downloads\PokeMMO-Client.zip

 

Files to move or delete:

====================

C:\Users\Insys\AppData\Roaming\msconfig.ini

C:\Users\Public\SteamSetup.exe

 

 

Some content of TEMP:

====================

C:\Users\Insys\AppData\Local\Temp\6_Offer_5.exe

C:\Users\Insys\AppData\Local\Temp\dll_installer.exe

C:\Users\Insys\AppData\Local\Temp\DownloadManager.exe

C:\Users\Insys\AppData\Local\Temp\htmlayout.dll

C:\Users\Insys\AppData\Local\Temp\instruct.exe

C:\Users\Insys\AppData\Local\Temp\nsrABA4.exe

C:\Users\Insys\AppData\Local\Temp\nsrB8A7.exe

C:\Users\Insys\AppData\Local\Temp\nsuA77C.exe

C:\Users\Insys\AppData\Local\Temp\nsyBD0D.exe

C:\Users\Insys\AppData\Local\Temp\SearchProtectINT.exe

C:\Users\Insys\AppData\Local\Temp\setup.exe

C:\Users\Insys\AppData\Local\Temp\SPSetup.exe

C:\Users\Insys\AppData\Local\Temp\SRLDetectionLibrary7063002515749441071.dll

C:\Users\Insys\AppData\Local\Temp\tmpA776.exe

C:\Users\Insys\AppData\Local\Temp\vlc-2.1.3-win32.exe

C:\Users\Pedro\AppData\Local\Temp\FLVPlayerSetup.exe

C:\Users\Pedro\AppData\Local\Temp\MoviesToolbarSetup_Somoto.exe

C:\Users\Pedro\AppData\Local\Temp\nsq24F0.exe

C:\Users\Pedro\AppData\Local\Temp\SRLDetectionLibrary3892236062887494915.dll

C:\Users\Pedro\AppData\Local\Temp\Tsu825C34E2.dll

C:\Users\Pedro\AppData\Local\Temp\UpdateCheckerSetup.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\system32\winlogon.exe => MD5 is legit

C:\Windows\system32\wininit.exe => MD5 is legit

C:\Windows\system32\svchost.exe => MD5 is legit

C:\Windows\system32\services.exe => MD5 is legit

C:\Windows\system32\User32.dll => MD5 is legit

C:\Windows\system32\userinit.exe => MD5 is legit

C:\Windows\system32\rpcss.dll => MD5 is legit

C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2014-04-04 15:06

 

==================== End Of Log ============================

Addition.txt

Link to post
Share on other sites

In order to adhere to forum protocol make sure you remove all illegal software, Keygens, P2P software etc etc, As advised in opening reply...

 

Next,

 

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

 

Next,

 

Please download Malwarebytes Anti-Malware to your desktop.


Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to the following:
Launch Malwarebytes Anti-Malware
A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
Click Finish.
On the Dashboard, click the 'Update Now >>' link
After the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.
If an update is available, click the Update Now button.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.

 

How to get logs:

(Export log to save as txt)

 


After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the scan log which shows the Date and time of the scan just performed.
Click 'Export'.
Click 'Text file (*.txt)'
In the Save File dialog box which appears, click on Desktop.
In the File name: box type a name for your scan log.
A message box named 'File Saved' should appear stating "Your file has been successfully exported".
Click Ok
Attach that saved log to your next reply.

 

Next,

 

Download CKScanner from here: http://downloads.malwareremoval.com/CKScanner.exe

Important - Save it to your desktop.

Doubleclick CKScanner.exe (Right click and "Run as administrator" in Vista/Win7).

Give permission if necessary, and click Search For Files.

After a very short time, when the cursor hourglass disappears, click Save List To File.

A message box will verify the file saved. Please run the program once only.

Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

 

Let me see those logs....

 

Kevin

 

 

 

fixlist.txt

Link to post
Share on other sites

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:11-05-2014 01

Ran by Insys at 2014-05-13 22:23:30 Run:1

Running from C:\Users\Insys\Desktop

Boot Mode: Normal

 

==============================================

 

Content of fixlist:

*****************

Start

HKU\S-1-5-21-1446833926-4087065971-51131571-1001\...\Winlogon: [shell] C:\Windows\explorer.exe [2616320 2011-02-25] (Microsoft Corporation) <==== ATTENTION 

AppInit_DLLs: c:\progra~1\sn0310~1.boo => C:\Program Files\SN.Booster [4296192 2014-04-26] ()

C:\Program Files\SN.Booster

IFEO\AvastSvc.exe: [Debugger] nqij.exe

IFEO\AvastUI.exe: [Debugger] nqij.exe

IFEO\avcenter.exe: [Debugger] nqij.exe

IFEO\avconfig.exe: [Debugger] nqij.exe

IFEO\avgcsrvx.exe: [Debugger] nqij.exe

IFEO\avgidsagent.exe: [Debugger] nqij.exe

IFEO\avgnt.exe: [Debugger] nqij.exe

IFEO\avgrsx.exe: [Debugger] nqij.exe

IFEO\avguard.exe: [Debugger] nqij.exe

IFEO\avgui.exe: [Debugger] nqij.exe

IFEO\avgwdsvc.exe: [Debugger] nqij.exe

IFEO\avp.exe: [Debugger] nqij.exe

IFEO\avscan.exe: [Debugger] nqij.exe

IFEO\bdagent.exe: [Debugger] nqij.exe

IFEO\ccuac.exe: [Debugger] nqij.exe

IFEO\ComboFix.exe: [Debugger] nqij.exe

IFEO\egui.exe: [Debugger] nqij.exe

IFEO\hijackthis.exe: [Debugger] nqij.exe

IFEO\instup.exe: [Debugger] nqij.exe

IFEO\keyscrambler.exe: [Debugger] nqij.exe

IFEO\mbam.exe: [Debugger] nqij.exe

IFEO\mbamgui.exe: [Debugger] nqij.exe

IFEO\mbampt.exe: [Debugger] nqij.exe

IFEO\mbamscheduler.exe: [Debugger] nqij.exe

IFEO\mbamservice.exe: [Debugger] nqij.exe

IFEO\MpCmdRun.exe: [Debugger] nqij.exe

IFEO\MSASCui.exe: [Debugger] nqij.exe

IFEO\MsMpEng.exe: [Debugger] nqij.exe

IFEO\msseces.exe: [Debugger] nqij.exe

IFEO\rstrui.exe: [Debugger] nqij.exe

IFEO\spybotsd.exe: [Debugger] nqij.exe

IFEO\wireshark.exe: [Debugger] nqij.exe

IFEO\zlclient.exe: [Debugger] nqij.exe

SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-pag...E95T8928E95X&q={searchTerms}

SearchScopes: HKLM - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://search.condui...5BFD78D826A7&q={searchTerms}&SSPV=

SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...5BFD78D826A7&q={searchTerms}&SSPV=

BHO: SNT - {4FE6DD1D-2F72-EDDD-9549-982A3341B515} - C:\Program Files\SNT\T.dll ()

C:\Program Files\SNT

CHR Extension: (wareztuga.tv streamer) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajnommifabkikkfaponcacapkfaghkcj [2007-10-30]

C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajnommifabkikkfaponcacapkfaghkcj

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

2014-04-26 10:22 - 2014-04-26 10:22 - 00000000 __SHD () C:\Users\Pedro\lWj61Ma

2014-04-26 10:21 - 2014-04-26 10:21 - 01016261 _____ () C:\Users\Pedro\Downloads\Visualizador_Contatos.exe

2014-04-26 10:21 - 2014-04-26 10:21 - 00000000 __SHD () C:\Users\Pedro\jZb72An

2014-04-25 23:09 - 2014-04-25 23:09 - 00067067 _____ () C:\Users\Pedro\Downloads\wareztugatv-streamer.crx

C:\Users\Insys\AppData\Roaming\msconfig.ini

C:\Users\Public\SteamSetup.exe

C:\Users\Insys\AppData\Local\Temp\6_Offer_5.exe

C:\Users\Insys\AppData\Local\Temp\dll_installer.exe

C:\Users\Insys\AppData\Local\Temp\DownloadManager.exe

C:\Users\Insys\AppData\Local\Temp\htmlayout.dll

C:\Users\Insys\AppData\Local\Temp\instruct.exe

C:\Users\Insys\AppData\Local\Temp\nsrABA4.exe

C:\Users\Insys\AppData\Local\Temp\nsrB8A7.exe

C:\Users\Insys\AppData\Local\Temp\nsuA77C.exe

C:\Users\Insys\AppData\Local\Temp\nsyBD0D.exe

C:\Users\Insys\AppData\Local\Temp\SearchProtectINT.exe

C:\Users\Insys\AppData\Local\Temp\setup.exe

C:\Users\Insys\AppData\Local\Temp\SPSetup.exe

C:\Users\Insys\AppData\Local\Temp\SRLDetectionLibrary7063002515749441071.dll

C:\Users\Insys\AppData\Local\Temp\tmpA776.exe

C:\Users\Insys\AppData\Local\Temp\vlc-2.1.3-win32.exe

C:\Users\Pedro\AppData\Local\Temp\FLVPlayerSetup.exe

C:\Users\Pedro\AppData\Local\Temp\MoviesToolbarSetup_Somoto.exe

C:\Users\Pedro\AppData\Local\Temp\nsq24F0.exe

C:\Users\Pedro\AppData\Local\Temp\SRLDetectionLibrary3892236062887494915.dll

C:\Users\Pedro\AppData\Local\Temp\Tsu825C34E2.dll

C:\Users\Pedro\AppData\Local\Temp\UpdateCheckerSetup.exe

Task: {1E0EB5B7-BC64-4142-8413-BCA58DEFA9C4} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION

Task: C:\Windows\Tasks\PileFile reminder.job => C:\Users\Insys\AppData\Local\Temp\SteamKeygen2014Download_A179\SteamKeygen2014_Downloader.exe

AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9

HKU\S-1-5-21-1446833926-4087065971-51131571-1001\Software\Classes\.exe: exefile =>  <===== ATTENTION!

HKU\S-1-5-21-1446833926-4087065971-51131571-1001\Software\Classes\exefile:  <===== ATTENTION!

End

*****************

 

HKU\S-1-5-21-1446833926-4087065971-51131571-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.

"c:\progra~1\sn0310~1.boo" => Value Data removed successfully.

C:\Program Files\SN.Booster => Moved successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AvastSvc.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AvastUI.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avcenter.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avconfig.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgcsrvx.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgidsagent.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgnt.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgrsx.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avguard.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgui.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgwdsvc.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avp.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avscan.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bdagent.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ccuac.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ComboFix.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\egui.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\hijackthis.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\instup.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\keyscrambler.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbam.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbamgui.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbampt.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbamscheduler.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbamservice.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MpCmdRun.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MSASCui.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MsMpEng.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\msseces.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rstrui.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\spybotsd.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\wireshark.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\zlclient.exe => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully.

HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key deleted successfully.

HKCR\Wow6432Node\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key not found.

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key deleted successfully.

HKCR\Wow6432Node\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key not found.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4FE6DD1D-2F72-EDDD-9549-982A3341B515} => Key deleted successfully.

HKCR\CLSID\{4FE6DD1D-2F72-EDDD-9549-982A3341B515} => Key deleted successfully.

C:\Program Files\SNT => Moved successfully.

C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajnommifabkikkfaponcacapkfaghkcj => Moved successfully.

"C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajnommifabkikkfaponcacapkfaghkcj" => File/Directory not found.

HKLM\SOFTWARE\Policies\Google => Key deleted successfully.

C:\Users\Pedro\lWj61Ma => Moved successfully.

C:\Users\Pedro\Downloads\Visualizador_Contatos.exe => Moved successfully.

C:\Users\Pedro\jZb72An => Moved successfully.

C:\Users\Pedro\Downloads\wareztugatv-streamer.crx => Moved successfully.

C:\Users\Insys\AppData\Roaming\msconfig.ini => Moved successfully.

C:\Users\Public\SteamSetup.exe => Moved successfully.

C:\Users\Insys\AppData\Local\Temp\6_Offer_5.exe => Moved successfully.

C:\Users\Insys\AppData\Local\Temp\dll_installer.exe => Moved successfully.

C:\Users\Insys\AppData\Local\Temp\DownloadManager.exe => Moved successfully.

C:\Users\Insys\AppData\Local\Temp\htmlayout.dll => Moved successfully.

C:\Users\Insys\AppData\Local\Temp\instruct.exe => Moved successfully.

C:\Users\Insys\AppData\Local\Temp\nsrABA4.exe => Moved successfully.

C:\Users\Insys\AppData\Local\Temp\nsrB8A7.exe => Moved successfully.

C:\Users\Insys\AppData\Local\Temp\nsuA77C.exe => Moved successfully.

C:\Users\Insys\AppData\Local\Temp\nsyBD0D.exe => Moved successfully.

C:\Users\Insys\AppData\Local\Temp\SearchProtectINT.exe => Moved successfully.

C:\Users\Insys\AppData\Local\Temp\setup.exe => Moved successfully.

C:\Users\Insys\AppData\Local\Temp\SPSetup.exe => Moved successfully.

C:\Users\Insys\AppData\Local\Temp\SRLDetectionLibrary7063002515749441071.dll => Moved successfully.

C:\Users\Insys\AppData\Local\Temp\tmpA776.exe => Moved successfully.

C:\Users\Insys\AppData\Local\Temp\vlc-2.1.3-win32.exe => Moved successfully.

C:\Users\Pedro\AppData\Local\Temp\FLVPlayerSetup.exe => Moved successfully.

C:\Users\Pedro\AppData\Local\Temp\MoviesToolbarSetup_Somoto.exe => Moved successfully.

C:\Users\Pedro\AppData\Local\Temp\nsq24F0.exe => Moved successfully.

C:\Users\Pedro\AppData\Local\Temp\SRLDetectionLibrary3892236062887494915.dll => Moved successfully.

C:\Users\Pedro\AppData\Local\Temp\Tsu825C34E2.dll => Moved successfully.

C:\Users\Pedro\AppData\Local\Temp\UpdateCheckerSetup.exe => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1E0EB5B7-BC64-4142-8413-BCA58DEFA9C4} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E0EB5B7-BC64-4142-8413-BCA58DEFA9C4} => Key deleted successfully.

C:\Windows\System32\Tasks\YourFile DownloaderUpdate => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YourFile DownloaderUpdate => Key deleted successfully.

C:\Windows\Tasks\PileFile reminder.job => Moved successfully.

C:\ProgramData\TEMP => ":CB0AACC9" ADS removed successfully.

HKU\S-1-5-21-1446833926-4087065971-51131571-1001\Software\Classes\exefile => Key deleted successfully.

HKU\S-1-5-21-1446833926-4087065971-51131571-1001\Software\Classes\.exe => Key deleted successfully.

HKU\S-1-5-21-1446833926-4087065971-51131571-1001\Software\Classes\exefile => Key not found.

 

==== End of Fixlog ====

Link to post
Share on other sites

See if this will run, if so try Malwarebytes when complete...

 

Download Services Repair tool, available here - http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe and Save it to your Desktop. Right click on it and select Run As Administrator, follow the prompts. It should reboot when it finishes. If not reboot it yourself.

Link to post
Share on other sites

Please download GrantPerms and save it to your desktop.

Select GrantPerms.exe (32bit system) or GrantPerms64.exe (64bit system)

Unzip to your Desktop, open the folder and run the tool.

Copy and paste the following in the edit box:
 

C:\\

Click List Permissions and post the result (Perms.txt) that pops up. A copy of Perms.txt will be saved in the same directory the tool is run.

post-3601-0-00401100-1400101526_thumb.jp

Link to post
Share on other sites

GrantPerms by Farbar 

Ran by Insys (administrator) at 2014-05-14 22:36:51

 

===============================================

\\?\C:\

 

   Owner: NT SERVICE\TrustedInstaller

 

   DACL(P)(AI):

   BUILTIN\Administradores   FULL   ALLOW   (NI)

   BUILTIN\Administradores   FULL   ALLOW   (CI)(OI)(IO)

   NT AUTHORITY\SYSTEM   FULL   ALLOW   (NI)

   NT AUTHORITY\SYSTEM   FULL   ALLOW   (CI)(OI)(IO)

   BUILTIN\Utilizadores   READ/EXECUTE   ALLOW   (CI)(OI)

   NT AUTHORITY\Utilizadores Autenticados   change   ALLOW   (CI)(OI)(IO)

   NT AUTHORITY\Utilizadores Autenticados   ADD SUBDIRECTORY   ALLOW   (NI)
Link to post
Share on other sites

THAT , is my problem , i do not have any security on ! i have :

  • Windows Firewall disabled , and cant turn it on ;
  • An infected antivirus , that doesnt do anything ;
  • Windows Defender also disabled , and once again , cant be turned on .. ;
  • A Trojan inside my computer that doesnt allow me to connect any new devices via USB , or install a new antivirus software .
Link to post
Share on other sites

Run Grantperms one more time

Copy and paste the following in the edit box:

C:\\

Click Unlock. When it is done click "OK".

Click List Permissions and post the result (Perms.txt) that pops up. A copy of Perms.txt will be saved in the same directory the tool is run.

 

Next,

 

Download Farbar Service Scanner from here: http://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/ and run it on the computer with the issue.

Make sure the following options are checked:

 


Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update
Windows Defender

 


Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

Link to post
Share on other sites

GrantPerms by Farbar 

Ran by Insys (administrator) at 2014-05-16 00:33:03

 

===============================================

\\?\C:\

 

   Owner: BUILTIN\Administradores

 

   DACL(P)(AI):

   BUILTIN\Administradores   FULL   ALLOW   (CI)(OI)

   NT AUTHORITY\SYSTEM   FULL   ALLOW   (CI)(OI)

   BUILTIN\Utilizadores   READ/EXECUTE   ALLOW   (CI)(OI)
Link to post
Share on other sites

Farbar Service Scanner Version: 14-05-2014

Ran by Insys (administrator) on 16-05-2014 at 00:33:48

Running from "C:\Users\Insys\Downloads"

Microsoft Windows 7 Ultimate  Service Pack 1 (X86)

Boot Mode: Normal

****************************************************************

 

Internet Services:

============

 

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo.com is accessible.

 

 

Windows Firewall:

=============

 

Firewall Disabled Policy: 

==================

 

 

System Restore:

============

 

System Restore Disabled Policy: 

========================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR"=DWORD:1

 

 

Action Center:

============

 

 

Windows Update:

============

 

Windows Autoupdate Disabled Policy: 

============================

 

 

Windows Defender:

==============

WinDefend Service is not running. Checking service configuration:

The start type of WinDefend service is OK.

The ImagePath of WinDefend service is OK.

The ServiceDll of WinDefend service is OK.

 

 

Other Services:

==============

 

 

File Check:

========

C:\Windows\system32\nsisvc.dll => MD5 is legit

C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit

C:\Windows\system32\dhcpcore.dll => MD5 is legit

C:\Windows\system32\Drivers\afd.sys

[2014-02-09 04:08] - [2014-02-09 04:08] - 0338944 ____A (Microsoft Corporation) F81BB7E487EDCEAB630A7EE66CF23913

 

C:\Windows\system32\Drivers\tdx.sys => MD5 is legit

C:\Windows\system32\Drivers\tcpip.sys

[2014-02-09 04:08] - [2014-02-09 04:08] - 1294272 ____A (Microsoft Corporation) CA59F7C570AF70BC174F477CFE2D9EE3

 

C:\Windows\system32\dnsrslvr.dll => MD5 is legit

C:\Windows\system32\mpssvc.dll => MD5 is legit

C:\Windows\system32\bfe.dll => MD5 is legit

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit

C:\Windows\system32\SDRSVC.dll => MD5 is legit

C:\Windows\system32\vssvc.exe => MD5 is legit

C:\Windows\system32\wscsvc.dll => MD5 is legit

C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\system32\wuaueng.dll => MD5 is legit

C:\Windows\system32\qmgr.dll => MD5 is legit

C:\Windows\system32\es.dll => MD5 is legit

C:\Windows\system32\cryptsvc.dll

[2013-09-10 12:25] - [2013-07-09 05:46] - 0140288 ____A (Microsoft Corporation) 7CA1BECEA5DE2643ADDAD32670E7A4C9

 

C:\Program Files\Windows Defender\MpSvc.dll

[2013-09-10 12:22] - [2013-05-27 05:57] - 0680960 ____A (Microsoft Corporation) 082CF481F659FAE0DE51AD060881EB47

 

C:\Windows\system32\svchost.exe => MD5 is legit

C:\Windows\system32\rpcss.dll => MD5 is legit

 

 

**** End of log ****

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-05-2014

Ran by Insys (administrator) on INSYS-PC on 16-05-2014 22:20:00

Running from C:\Users\Insys\Desktop

Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: Portuguese Standard

Internet Explorer Version 11

Boot Mode: Normal

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

() C:\Program Files\Comodo\Dragon\dragon_updater.exe

(Client Connect LTD) C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe

(Google Inc.) C:\Program Files\Google\Update\1.3.24.7\GoogleCrashHandler.exe

(Client Connect LTD) C:\Program Files\SearchProtect\SearchProtect\bin\cltmng.exe

(Client Connect LTD) C:\Program Files\SearchProtect\UI\bin\cltmngui.exe

(MyPCBackup.com) C:\Program Files\MyPC Backup\MyPC Backup.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Sony Creative Software Inc.) C:\Program Files\Sony\Vegas Pro 11.0\vegas110.exe

(Sony Creative Software Inc.) C:\Program Files\Sony\Vegas Pro 11.0\ErrorReportLauncher.exe

(Microsoft Corporation) C:\Windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe,userinit.exe

HKLM\...\Policies\Explorer: [NoToolbarCustomize] 0

HKLM\...\Policies\Explorer: [NoBandCustomize] 0

HKU\.DEFAULT\...\RunOnce: [sPReview] - C:\Windows\System32\SPReview\SPReview.exe [280576 2013-09-09] (Microsoft Corporation)

HKU\S-1-5-21-1446833926-4087065971-51131571-1001\...\Policies\Explorer: [NoToolbarCustomize] 0

HKU\S-1-5-21-1446833926-4087065971-51131571-1001\...\Policies\Explorer: [NoBandCustomize] 0

AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [171840 2014-05-03] (Client Connect LTD)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk

ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\System32\C2MP\UpdateChecker.exe ()

Startup: C:\Users\Insys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk

ShortcutTarget: MyPC Backup.lnk -> C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://pt.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x257DB7D783AECE01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-PT

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch


HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

SearchScopes: HKLM - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = 

SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 

SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear

BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

BHO: YoutubeAdblocker - {BD4CD860-DB9F-735A-84A7-B7887C75B861} - C:\Program Files\YoutubeAdblocker\RJAy.dll ()

BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()

FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)

FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Insys\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn

FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-03-11]

 

Chrome: 

=======

CHR HomePage: hxxp://search.conduit.com/?gd=&ctid=CT3323885&octid=EB_ORIGINAL_CTID&ISID=M88949B72-4A57-4E67-A110-1B190465F0C1&SearchSource=55&CUI=&UM=5&UP=SPC3A912B7-1FFA-4E0E-8CE5-B497D2B0A8B6&SSPV=

CHR StartupUrls: "hxxp://www.trovi.com/?gd=&ctid=CT3320133&octid=EB_ORIGINAL_CTID&ISID=MEDA66BFC-55B0-4E89-83F6-CBB8A99651AF&SearchSource=55&CUI=&UM=5&UP=SPC3A912B7-1FFA-4E0E-8CE5-B497D2B0A8B6&SSPV="

CHR DefaultSearchKeyword: trovi.search

CHR DefaultSearchProvider: Trovi search

CHR Extension: (Google Translate) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-04-12]

CHR Extension: (Google Drive) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-05]

CHR Extension: (Turn Off the Lights) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2014-03-05]

CHR Extension: (YouTube) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-05]

CHR Extension: (Pesquisa do Google) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-05]

CHR Extension: (AdBlock) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-04]

CHR Extension: (Arcane Legends) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibmlkgieigeddcedpbijnpojheoddido [2014-04-21]

CHR Extension: (Super Animes - Fate Zero - Einzbern) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngnmipnamnakggdpmkfkbampjbhhloeb [2014-03-05]

CHR Extension: (Google Wallet) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-05]

CHR Extension: (Gmail) - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-05]

CHR HKLM\...\Chrome\Extension: [ehkebkalogplefdncmdccimnhgecojcj] - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\chrome.crx [2014-04-26]

CHR HKLM\...\Chrome\Extension: [lpmhiipjeomjecdgkkgpmeogahbilpmp] - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\face.crx [2014-04-26]

CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Insys\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-03-16]

 

========================== Services (Whitelisted) =================

 

S2 916e5338; C:\Program Files\SNSvc.dll [174928 2014-04-26] ()

S2 BackupStack; C:\Program Files\MyPC Backup\BackupStack.exe [36392 2014-03-14] (Just Develop It)

R2 CltMngSvc; C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe [2496320 2014-05-03] (Client Connect LTD)

R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2135232 2014-03-20] ()

S2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [0 2014-04-14] ()

S2 QHActiveDefense; C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe [607560 2014-04-30] ()

S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [0 2014-04-10] ()

S2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [0 2014-04-10] ()

 

==================== Drivers (Whitelisted) ====================

 

S3 Cam5607; C:\Windows\System32\Drivers\BisonC07.sys [1182320 2009-07-25] (Bison Electronics. Inc. )

S3 HWHandSet; C:\Windows\System32\DRIVERS\hw_quusbmdm.sys [195200 2011-10-24] (Huawei Technologies Co., Ltd.)

R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [45968 2011-11-03] (Rovi Corporation)

R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [379904 2010-03-31] (Realtek Semiconductor Corporation                           )

R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [114408 2014-03-11] (Power Software Ltd)

S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2011-10-24] (Huawei Technologies Co., Ltd.)

S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]

S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]

S3 tsusbhub; system32\drivers\tsusbhub.sys [X]

S3 VGPU; System32\drivers\rdvgkmd.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-05-16 22:19 - 2014-05-16 22:19 - 00000000 ____D () C:\Users\Insys\Desktop\FRST-OlderVersion

2014-05-16 22:09 - 2010-02-17 15:41 - 00000000 ____D () C:\Users\Insys\Desktop\Adobe After Effects CS4 Crack

2014-05-16 22:06 - 2014-05-16 22:06 - 00979038 _____ () C:\Users\Insys\Downloads\Adobe-After-Effects-CS4-Crack.rar

2014-05-16 21:57 - 2014-02-28 21:46 - 00000000 ____D () C:\Users\Insys\Desktop\AFTER EFFECTS CS6

2014-05-16 21:52 - 2014-05-16 21:53 - 1243758966 _____ () C:\Users\Insys\Downloads\AFTER EFFECTS CS6.zip

2014-05-16 00:33 - 2014-05-16 00:33 - 00002682 _____ () C:\Users\Insys\Downloads\FSS.txt

2014-05-16 00:32 - 2014-05-16 00:33 - 00409088 _____ (Farbar) C:\Users\Insys\Downloads\FSS.exe

2014-05-16 00:31 - 2014-05-16 00:37 - 01179648 _____ () C:\Users\Insys\Documents\Untitled.mxf

2014-05-16 00:13 - 2014-02-16 11:50 - 00000000 ____D () C:\Users\Insys\Desktop\Clips + Smooths

2014-05-16 00:09 - 2014-05-16 00:09 - 00000000 ____D () C:\Users\Insys\Desktop\Twixtor Sony Vegas Pro 11

2014-05-16 00:08 - 2014-05-16 00:09 - 14544990 _____ () C:\Users\Insys\Downloads\Twixtor Pro Sony Vegas -Drips-.zip

2014-05-16 00:04 - 2014-05-16 00:06 - 94735068 _____ () C:\Users\Insys\Desktop\Aelius Editing Contest Week 1.rar

2014-05-15 23:48 - 2014-05-15 23:48 - 00646780 _____ () C:\Users\Insys\Desktop\Ichigo vs Kenpachi   Full Fight   (English Dub).part

2014-05-15 22:57 - 2014-05-15 22:59 - 00435016 _____ () C:\Users\Insys\Desktop\Mt Eden Dubstep   Sierra Leone [HD].mp3.sfk

2014-05-15 22:55 - 2012-09-02 17:08 - 00051310 _____ () C:\Users\Insys\Desktop\Preset pack 4 (CC Mega pack).sfpreset

2014-05-15 22:27 - 2014-05-15 22:27 - 00002024 _____ () C:\Users\Insys\Desktop\Ichigo vs Byakuya Full Fight (English Dub   Ganesh N).avi-14996648333-14347667-0.sfk

2014-05-15 22:26 - 2014-05-15 22:27 - 00011664 _____ () C:\Users\Insys\Desktop\Ichigo vs Byakuya Full Fight (English Dub   Ganesh N).avi-14912564333-84084000-0.sfk

2014-05-15 21:50 - 2014-05-15 21:50 - 00000074 _____ () C:\Users\Insys\Desktop\bleach.mxf.sfl

2014-05-15 21:17 - 2014-05-15 21:50 - 1365967160 _____ () C:\Users\Insys\Desktop\bleach.mxf

2014-05-15 21:15 - 2014-05-15 21:16 - 13328352 _____ (Sony Creative Software Inc.) C:\Users\Insys\Downloads\presetmngr20k.exe

2014-05-15 21:15 - 2014-05-15 21:15 - 00005258 _____ () C:\Users\Insys\Desktop\Preset pack 4 (CC Mega Pack).rar

2014-05-15 19:39 - 2014-05-15 19:39 - 00000992 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf706dd9b94f0.job

2014-05-15 19:29 - 2014-05-15 19:29 - 00468480 _____ () C:\Users\Insys\Desktop\CKScanner.exe

2014-05-14 23:08 - 2014-05-14 23:08 - 00000000 ____D () C:\37d6d7e46f68fc165f38f736e1e3ca38

2014-05-14 23:06 - 2014-05-15 22:32 - 00030800 _____ () C:\Users\Insys\Desktop\inacabado bleach.veg

2014-05-14 23:06 - 2014-05-15 21:15 - 00035744 _____ () C:\Users\Insys\Desktop\inacabado bleach.veg.bak

2014-05-14 23:06 - 2014-05-14 23:06 - 00016280 _____ () C:\Users\Insys\Documents\inacabado bleach.veg

2014-05-14 22:46 - 2014-05-14 22:47 - 00286016 _____ () C:\Users\Insys\Desktop\♬ Two Door Cinema Club   What You Know (Feed Me Dubstep Cover) [HD].mp3.sfk

2014-05-14 22:45 - 2014-05-14 22:47 - 02594440 _____ () C:\Users\Insys\Desktop\Ichigo vs Byakuya Full Fight (English Dub   Ganesh N).avi.sfk

2014-05-14 22:44 - 2014-05-14 22:45 - 00000000 ____D () C:\Windows\system32\C2MP

2014-05-14 22:44 - 2014-05-14 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack

2014-05-14 22:44 - 2014-05-14 22:44 - 21916168 _____ (Windows 7 - Codec Pack) C:\Users\Insys\Downloads\windows.7.codec.pack.v4.0.8.setup.exe

2014-05-14 22:36 - 2014-05-16 00:33 - 00000000 ____D () C:\Users\Insys\Desktop\GrantPerms

2014-05-14 22:36 - 2014-05-14 22:36 - 00453083 _____ () C:\Users\Insys\Downloads\GrantPerms.zip

2014-05-14 20:22 - 2014-05-14 20:37 - 300351122 _____ () C:\Users\Insys\Desktop\Ichigo vs Byakuya Full Fight (English Dub   Ganesh N).avi

2014-05-14 20:18 - 2014-05-14 20:48 - 307514917 _____ () C:\Users\Insys\Desktop\Ichigo vs Byakuya Full Fight (English Dub   Ganesh N)[1].mp4

2014-05-14 20:14 - 2014-05-14 20:18 - 265008856 _____ () C:\Users\Insys\Desktop\BEST FREE KICKS MONTAGE VOL29 by freekickerz.avi

2014-05-14 19:47 - 2014-05-14 19:47 - 00048392 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll

2014-05-14 19:47 - 2014-05-14 19:47 - 00001074 _____ () C:\Users\Public\Desktop\Comodo Dragon.lnk

2014-05-14 19:47 - 2014-05-14 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo

2014-05-14 19:46 - 2014-05-14 19:46 - 00002070 _____ () C:\Users\Public\Desktop\Video Search.lnk

2014-05-14 19:46 - 2014-05-14 19:46 - 00001144 _____ () C:\Users\Public\Desktop\aTube Catcher.lnk

2014-05-14 19:46 - 2014-05-14 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher

2014-05-14 19:46 - 2014-05-14 19:46 - 00000000 ____D () C:\Program Files\DsNET Corp

2014-05-14 19:46 - 2014-05-14 19:46 - 00000000 ____D () C:\Program Files\Comodo

2014-05-14 19:43 - 2014-05-14 19:43 - 00001915 _____ () C:\Users\Insys\Desktop\Sync Folder.lnk

2014-05-14 19:42 - 2014-05-14 19:42 - 17109800 _____ (DsNET Corp) C:\Users\Insys\Downloads\222-aTubeCatcher.exe

2014-05-14 19:42 - 2014-05-14 19:42 - 00001045 _____ () C:\Users\Insys\Desktop\MyPC Backup.lnk

2014-05-14 19:42 - 2014-05-14 19:42 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup

2014-05-14 19:42 - 2014-05-14 19:42 - 00000000 ____D () C:\Program Files\MyPC Backup

2014-05-14 18:49 - 2014-05-14 18:49 - 00623504 _____ () C:\Users\Insys\Downloads\atube-catcher-387955-32-bits.exe

2014-05-14 18:44 - 2014-05-14 18:44 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\Publish Providers

2014-05-14 18:43 - 2014-05-14 18:43 - 00002492 _____ () C:\Users\Insys\Desktop\Register Vegas Pro.htm

2014-05-14 18:39 - 2012-03-25 19:18 - 00000000 ____D () C:\Users\Insys\Desktop\SonyVegasProCrack

2014-05-14 18:37 - 2014-05-09 08:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-05-14 18:37 - 2014-05-09 08:04 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-05-14 18:37 - 2014-04-12 03:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2014-05-14 18:37 - 2014-04-12 03:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2014-05-14 18:37 - 2014-04-12 03:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2014-05-14 18:37 - 2014-04-12 03:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2014-05-14 18:37 - 2014-04-12 03:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2014-05-14 18:37 - 2014-04-12 03:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-05-14 18:37 - 2014-04-12 03:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2014-05-14 18:37 - 2014-03-04 10:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe

2014-05-14 18:37 - 2014-03-04 10:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2014-05-14 18:37 - 2014-03-04 10:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-05-14 18:37 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll

2014-05-14 18:37 - 2014-03-04 10:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe

2014-05-14 18:37 - 2014-03-04 10:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2014-05-14 18:37 - 2014-03-04 10:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-05-14 18:37 - 2014-03-04 10:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-05-14 18:37 - 2014-03-04 10:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-05-14 18:37 - 2014-03-04 10:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-05-14 18:37 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll

2014-05-14 18:37 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll

2014-05-14 18:37 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll

2014-05-14 18:37 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll

2014-05-14 18:37 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll

2014-05-14 18:37 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll

2014-05-14 18:37 - 2014-03-04 10:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-05-14 18:36 - 2014-05-15 22:55 - 00000000 ____D () C:\Program Files\Sony

2014-05-14 18:36 - 2014-05-15 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony

2014-05-14 18:36 - 2014-05-14 18:41 - 00000000 ____D () C:\Users\Insys\AppData\Local\Sony

2014-05-14 18:36 - 2014-05-14 18:36 - 00001038 _____ () C:\Users\Public\Desktop\Vegas Pro 11.0.lnk

2014-05-14 18:36 - 2014-05-14 18:36 - 00000000 ____D () C:\ProgramData\Sony

2014-05-14 18:36 - 2014-03-25 03:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-05-14 18:34 - 2014-05-16 21:26 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\Sony

2014-05-14 18:33 - 2014-05-14 18:34 - 213003208 _____ (Sony Creative Software Inc.) C:\Users\Insys\Desktop\vegaspro11.0.682_32bit.exe

2014-05-14 18:32 - 2014-05-14 18:32 - 00076771 _____ () C:\Users\Insys\Desktop\VegasProCrack.rar

2014-05-14 18:32 - 2014-05-14 18:32 - 00000000 ____D () C:\Users\Insys\AppData\Local\SearchProtect

2014-05-14 18:31 - 2014-05-14 18:31 - 00000000 ____D () C:\Program Files\SearchProtect

2014-05-14 18:29 - 2014-05-14 18:29 - 00509144 _____ (A-installer) C:\Users\Insys\Downloads\Vegas Pro.exe

2014-05-14 18:21 - 2014-05-14 18:21 - 00001517 _____ () C:\Users\Insys\Desktop\ServicesRepair - Atalho.lnk

2014-05-14 18:21 - 2014-05-14 18:21 - 00000000 ____D () C:\Users\Public\Desktop\CC Support

2014-05-14 18:20 - 2014-05-14 18:21 - 04009167 _____ () C:\Users\Insys\Downloads\ServicesRepair.exe

2014-05-13 22:23 - 2014-05-13 22:24 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Insys\Downloads\mbam-setup-2.0.1.1004 (1).exe

2014-05-13 21:40 - 2014-05-13 21:40 - 00023347 _____ () C:\Users\Insys\Downloads\Addition.txt

2014-05-13 21:32 - 2014-05-16 22:20 - 00012111 _____ () C:\Users\Insys\Desktop\FRST.txt

2014-05-13 21:32 - 2014-05-13 21:35 - 00023347 _____ () C:\Users\Insys\Desktop\Addition.txt

2014-05-13 21:29 - 2014-05-16 22:20 - 00000000 ____D () C:\FRST

2014-05-13 21:27 - 2014-05-16 22:19 - 01056768 _____ (Farbar) C:\Users\Insys\Desktop\FRST.exe

2014-05-13 21:26 - 2014-03-16 02:53 - 00000860 _____ () C:\Windows\system32\Drivers\etc\hosts.trb

2014-05-13 21:05 - 2014-05-13 21:05 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Insys\Downloads\mbam-setup-2.0.1.1004.exe

2014-05-13 20:55 - 2014-05-13 20:55 - 04796856 _____ (AVAST Software) C:\Users\Insys\Downloads\avast_free_antivirus_setup_online.exe

2014-05-13 20:39 - 2014-05-13 20:39 - 00001109 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk

2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\Users\Insys\Documents\Simply Super Software

2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\ProgramData\Simply Super Software

2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover

2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\ProgramData\Licenses

2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\Program Files\Trojan Remover

2014-05-13 20:38 - 2014-05-13 20:38 - 18058688 _____ (Simply Super Software ) C:\Users\Insys\Downloads\trjsetup.exe

2014-05-12 22:38 - 2014-05-12 22:38 - 00000000 ____D () C:\d6bfc0a25fc0a372e506cbfb3ea4f6

2014-05-12 22:34 - 2014-05-13 06:02 - 00000000 _____ () C:\Users\Insys\Downloads\Windows-KB890830-V5.11.exe

2014-05-12 22:31 - 2014-05-12 22:31 - 05697760 _____ () C:\Users\Insys\Downloads\bitdefender_isecurity_[quickscan].exe

2014-05-12 22:31 - 2014-05-12 22:31 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender

2014-05-12 22:28 - 2014-05-12 22:29 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\QuickScan

2014-05-12 22:25 - 2014-05-12 22:25 - 02055784 _____ (Trend Micro Inc.) C:\Users\Insys\Downloads\HousecallLauncher.exe

2014-05-12 22:25 - 2014-05-12 22:25 - 00000036 _____ () C:\Users\Insys\AppData\Local\housecall.guid.cache

2014-05-12 22:23 - 2014-05-12 22:23 - 08326064 _____ (McAfee, Inc.) C:\Users\Insys\Downloads\SecurityScan_Release.exe

2014-05-12 22:23 - 2014-05-12 22:23 - 00000000 ____D () C:\ProgramData\McAfee

2014-05-12 22:20 - 2014-05-12 22:20 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\tzszwgxf.sys

2014-05-12 22:19 - 2014-05-12 22:20 - 88882192 _____ (AVAST Software) C:\Users\Insys\Downloads\avast_free_antivirus_setup.exe

2014-05-12 21:59 - 2014-05-12 21:59 - 01243655 _____ () C:\Users\Insys\Downloads\ProcessExplorer.zip

2014-05-12 21:06 - 2014-05-12 21:06 - 00052822 _____ () C:\Users\Insys\Downloads\Extras.Txt

2014-05-12 21:05 - 2014-05-12 21:05 - 00163214 _____ () C:\Users\Insys\Downloads\OTL.Txt

2014-05-12 20:47 - 2014-05-12 20:47 - 11519096 _____ (OPSWAT, Inc.) C:\Users\Insys\Downloads\AppRemover.exe

2014-05-12 20:45 - 2014-05-12 20:45 - 00602112 _____ (OldTimer Tools) C:\Users\Insys\Downloads\OTL.exe

2014-05-12 20:43 - 2014-05-12 20:43 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-05-12 20:42 - 2014-05-12 20:42 - 01440846 _____ () C:\Users\Insys\Downloads\mbam-chameleon-1.62.1.1000.zip

2014-05-12 20:39 - 2014-05-12 20:39 - 04768528 _____ (AVAST Software) C:\Users\Insys\Downloads\avast_pro_antivirus_setup_online.exe

2014-05-12 20:33 - 2014-05-12 20:33 - 04436952 _____ () C:\Users\Insys\Desktop\avg_free_stb_all_2014_4259_softonic.exe

2014-05-12 20:29 - 2014-05-12 20:29 - 00386904 _____ (Softonic ) C:\Users\Insys\Downloads\SoftonicDownloader_para_avg-antivirus-free-2014.exe

2014-05-12 20:29 - 2014-05-12 20:29 - 00386904 _____ (Softonic ) C:\Users\Insys\Downloads\SoftonicDownloader_para_avg-antivirus-free-2014 (1).exe

2014-05-10 23:04 - 2014-05-10 23:04 - 00921512 _____ (Oracle Corporation) C:\Users\Insys\Downloads\chromeinstall-7u55.exe

2014-05-10 15:02 - 2014-05-10 15:04 - 00000000 ____D () C:\Users\Insys\Desktop\juventude e trabalho

2014-05-06 23:05 - 2014-05-16 00:37 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-05-06 22:04 - 2014-05-06 22:04 - 00001107 _____ () C:\Users\Insys\Desktop\360 Total Security.lnk

2014-05-06 22:04 - 2014-05-06 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center

2014-05-06 22:04 - 2014-05-06 22:04 - 00000000 ____D () C:\Program Files\360

2014-05-06 21:57 - 2014-05-06 21:57 - 22607176 _____ () C:\Users\Insys\Downloads\360TS_Setup.exe

2014-05-04 15:51 - 2014-05-04 15:54 - 320867494 _____ () C:\Users\Insys\Downloads\Counter-Strike 1.6 No Steam.rar

2014-05-04 15:29 - 2014-05-04 15:29 - 00000000 ____D () C:\Program Files\AellCheapPrIIce

2014-05-04 01:37 - 2014-05-04 01:37 - 00000000 ____D () C:\Users\Insys\AppData\Local\Blizzard

2014-05-04 01:33 - 2014-05-04 15:31 - 00000000 ____D () C:\Program Files\Hearthstone

2014-05-04 01:24 - 2014-05-04 01:38 - 00000000 ____D () C:\Users\Insys\AppData\Local\Battle.net

2014-05-04 01:24 - 2014-05-04 01:32 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\Battle.net

2014-05-04 01:24 - 2014-05-04 01:24 - 00000000 ____D () C:\Users\Insys\AppData\Local\Blizzard Entertainment

2014-05-04 01:23 - 2014-05-04 15:31 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment

2014-05-04 01:23 - 2014-05-04 01:24 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment

2014-05-04 01:20 - 2014-05-04 01:20 - 00000000 ____D () C:\ProgramData\Battle.net

2014-05-04 01:19 - 2014-05-04 01:19 - 07094224 _____ (Blizzard Entertainment) C:\Users\Insys\Downloads\Hearthstone-Setup-ptBR.exe

2014-05-03 23:46 - 2014-05-03 23:46 - 00018575 _____ () C:\Users\Insys\Downloads\squarefont.zip

2014-05-01 22:57 - 2014-05-01 22:57 - 00000000 ____D () C:\Users\Insys\Documents\Klei

2014-05-01 22:50 - 2014-05-01 22:55 - 155860495 _____ () C:\Users\Insys\Downloads\Dont Starve .rar

2014-05-01 22:49 - 2014-05-01 22:50 - 11822248 _____ (Elex do Brasil Participações Ltda) C:\Users\Insys\Downloads\yet_another_cleaner_ava.exe

2014-04-29 20:03 - 2014-04-29 20:03 - 17435168 _____ () C:\Users\Insys\Downloads\SwiftKey_Keyboard_v4.4.2.254.apk

2014-04-28 20:23 - 2014-04-28 20:23 - 02741951 _____ () C:\Users\Insys\Downloads\AIVC (Alice) - Pro Version v3.1 apkmania.com.rar

2014-04-27 09:12 - 2014-04-27 09:12 - 00000000 ____D () C:\Users\Insys\AppData\Local\GIZMO2

2014-04-27 02:12 - 2014-04-27 02:12 - 00000000 ___HD () C:\Windows\msdownld.tmp

2014-04-27 02:11 - 2014-04-27 02:12 - 00000000 ____D () C:\Windows\system32\directx

2014-04-27 00:21 - 2014-04-27 00:21 - 00003442 _____ () C:\Users\Pedro\Downloads\37E792D91449F1337D5FA52635356B88CB5A7A96.torrent

2014-04-27 00:20 - 2014-04-27 01:24 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\tixati

2014-04-27 00:20 - 2014-04-27 00:20 - 00057051 _____ () C:\Users\Pedro\Downloads\CDB1D4052D61A3BF5D0FF2FD2C083163C0CA8A54.torrent

2014-04-27 00:20 - 2014-04-27 00:20 - 00040472 _____ () C:\Users\Pedro\Downloads\E75ED20D538971366FE4B8D5EB35947CDE6AA712.torrent

2014-04-27 00:20 - 2014-04-27 00:20 - 00040472 _____ () C:\Users\Pedro\Downloads\7BAC0B2A5171336DA7DE1EA05EF9D5E03DE0254D.torrent

2014-04-27 00:20 - 2014-04-27 00:20 - 00040372 _____ () C:\Users\Pedro\Downloads\E7190945010711F731BD6A3FD1B3FB3EAFDD2B52.torrent

2014-04-26 23:20 - 2014-04-26 23:20 - 00000000 ____D () C:\Users\Pedro\AppData\Local\GIZMO2

2014-04-26 23:18 - 2014-04-26 23:19 - 100300522 _____ (UNIQLO CO., LTD.) C:\Users\Pedro\Downloads\UNIQLO_SCREENSAVER_setup.exe

2014-04-26 23:05 - 2014-04-26 23:05 - 00174928 _____ () C:\Program Files\SNSvc.dll

2014-04-26 23:05 - 2014-04-26 23:05 - 00000432 ____H () C:\Windows\Tasks\SN.Booster-S-482248051.job

2014-04-26 23:05 - 2014-04-26 23:05 - 00000000 ____D () C:\ProgramData\YoutubeAdblocker

2014-04-26 23:05 - 2014-04-26 23:05 - 00000000 ____D () C:\ProgramData\SNT

2014-04-26 23:05 - 2014-04-26 23:05 - 00000000 ____D () C:\Program Files\YoutubeAdblocker

2014-04-26 23:04 - 2014-05-12 22:17 - 00000000 ____D () C:\ProgramData\Save Niet

2014-04-26 23:04 - 2014-05-12 22:15 - 00000000 ____D () C:\ProgramData\cc813dae40a4cea1

2014-04-26 23:04 - 2014-05-12 22:15 - 00000000 ____D () C:\Program Files\Save Niet

2014-04-26 23:04 - 2014-04-26 23:04 - 00323888 _____ (MyApps) C:\Users\Pedro\Downloads\Download_Manager-l4d2_2013_nosTEAM.zip.exe

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Torch

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Comodo

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Insys\AppData\Local\Torch

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Insys\AppData\Local\Comodo

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\HomeGroupUser$

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Convidado\AppData\Local\Torch

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Convidado\AppData\Local\Google

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Convidado\AppData\Local\Comodo

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Convidado

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Torch

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Google

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Comodo

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Administrador

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\ProgramData\InstallMate

2014-04-26 23:01 - 2014-04-26 23:01 - 00002135 _____ () C:\Users\Pedro\Desktop\FLV Player.lnk

2014-04-26 23:01 - 2014-04-26 23:01 - 00000324 _____ () C:\Windows\Tasks\SomotoUpdateCheckerAutoStart.job

2014-04-26 23:01 - 2014-04-26 23:01 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player

2014-04-26 23:01 - 2014-04-26 23:01 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker

2014-04-26 23:01 - 2014-04-26 23:01 - 00000000 ____D () C:\Users\Pedro\AppData\Local\WebPlayer

2014-04-26 23:01 - 2014-04-26 23:01 - 00000000 ____D () C:\Users\Pedro\AppData\Local\FilesFrog Update Checker

2014-04-26 22:58 - 2014-04-26 22:58 - 00236952 _____ () C:\Users\Pedro\Downloads\ClickHeretoDownloadSetup-4a8bR5ZD.exe

2014-04-26 22:52 - 2014-04-26 22:52 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2014-04-26 10:22 - 2014-04-26 10:22 - 02108416 _____ () C:\Users\Pedro\AppData\Roaming\machine32.exe

2014-04-26 10:22 - 2014-04-26 10:22 - 01067583 _____ () C:\Users\Pedro\AppData\Roaming\machine64.exe

2014-04-26 10:22 - 2014-04-26 10:22 - 00000007 _____ () C:\Users\Pedro\AppData\Roaming\v1291.txt

2014-04-25 23:12 - 2014-04-25 23:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox

2014-04-25 22:30 - 2014-04-25 22:30 - 10486864 _____ (BlueStack Systems Inc.) C:\Users\Pedro\Downloads\BlueStacks-SplitInstaller_native (1).exe

2014-04-25 22:25 - 2014-04-25 22:29 - 535085536 _____ () C:\Users\Pedro\Downloads\adt-bundle-windows-x86-20140321.zip

2014-04-25 22:15 - 2014-04-25 23:10 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Genymobile

2014-04-25 22:15 - 2014-04-25 22:32 - 00000000 ____D () C:\Users\Pedro\.VirtualBox

2014-04-25 22:14 - 2014-04-25 22:14 - 00001076 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk

2014-04-25 22:14 - 2014-04-25 22:14 - 00000000 ____D () C:\Program Files\Oracle

2014-04-25 22:14 - 2013-04-12 12:33 - 00188176 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys

2014-04-25 22:14 - 2013-04-12 12:33 - 00094480 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys

2014-04-25 22:12 - 2014-04-25 22:12 - 00000000 ____D () C:\Program Files\Genymobile

2014-04-25 22:11 - 2014-04-25 22:12 - 123486848 _____ (Genymobile ) C:\Users\Pedro\Downloads\genymotion-2.2.0-vbox.exe

2014-04-25 21:55 - 2014-04-25 21:55 - 10486864 _____ (BlueStack Systems Inc.) C:\Users\Pedro\Downloads\BlueStacks-SplitInstaller_native.exe

2014-04-25 21:55 - 2014-04-25 21:55 - 00065984 _____ () C:\Users\Pedro\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-25 21:55 - 2014-04-25 21:55 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Bluestacks

2014-04-25 21:18 - 2014-02-10 20:34 - 00000121 _____ () C:\Users\Pedro\Downloads\Games Android Hvga.url

2014-04-25 21:09 - 2014-04-25 21:11 - 209715200 _____ () C:\Users\Pedro\Downloads\Data TASA v1.1.9 gamesandroidhvga.com.part2.rar

2014-04-25 21:09 - 2014-04-25 21:11 - 153089373 _____ () C:\Users\Pedro\Downloads\Data TASA v1.1.9 gamesandroidhvga.com.part3.rar

2014-04-25 21:08 - 2013-09-01 19:16 - 00000000 ____D () C:\Users\Pedro\Downloads\com.gameloft.android.ANMP.GloftAMHM

2014-04-25 21:06 - 2014-04-25 21:07 - 209715200 _____ () C:\Users\Pedro\Downloads\Data TASA v1.1.9 gamesandroidhvga.com.part1.rar

2014-04-25 21:06 - 2014-04-25 21:06 - 15483326 _____ () C:\Users\Pedro\Downloads\TASA v1.1.9 gamesandroidhvga.com.apk

2014-04-25 10:53 - 2014-04-25 10:53 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

2014-04-24 21:32 - 2014-04-24 21:32 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\WinRAR

2014-04-24 20:49 - 2014-04-24 20:49 - 02428889 _____ () C:\Users\Pedro\Desktop\Light Flow Lite - LED Control.apk

2014-04-21 12:51 - 2014-04-21 12:51 - 02537944 _____ () C:\Users\Insys\Downloads\HeroesAndGenerals-setup-86736.exe

2014-04-21 10:37 - 2014-04-21 10:38 - 05520368 _____ () C:\Users\Insys\Downloads\IMG_4756.MOV

2014-04-21 10:08 - 2014-04-21 10:08 - 00033269 _____ () C:\Users\Insys\Downloads\carlosagrela1978615771.xml

2014-04-18 16:03 - 2014-04-18 16:03 - 00023157 _____ () C:\Users\Insys\Downloads\[www.CsWorldx.Blogspot.Com] R-Aimbot v1.0.rar

2014-04-18 15:57 - 2014-04-18 15:58 - 00000000 ____D () C:\Users\Insys\Downloads\[cheat-project.com] MP-Hacks ESP v5.0 2009-02-24

2014-04-18 15:56 - 2014-04-18 15:57 - 00075357 _____ () C:\Users\Insys\Downloads\[cheat-project.com] MP-Hacks ESP v5.0 2009-02-24.rar

2014-04-18 15:54 - 2014-04-18 15:54 - 00075357 _____ () C:\Users\Insys\Downloads\MP-Hacks_ESP_v5.0.rar

2014-04-18 15:48 - 2014-04-18 15:48 - 00899845 _____ () C:\Users\Insys\Downloads\Cd hack 5 and Xiter Cs injector.rar

2014-04-16 23:28 - 2014-04-16 23:28 - 02572648 _____ () C:\Users\Insys\Downloads\Hack + Software v10.2 2014.zip

2014-04-16 23:26 - 2014-04-16 23:26 - 00727552 _____ () C:\Users\Insys\Downloads\Ayakashi Ghost Guild Cheats.exe

 

==================== One Month Modified Files and Folders =======

 

2014-05-16 22:20 - 2014-05-13 21:32 - 00012111 _____ () C:\Users\Insys\Desktop\FRST.txt

2014-05-16 22:20 - 2014-05-13 21:29 - 00000000 ____D () C:\FRST

2014-05-16 22:19 - 2014-05-16 22:19 - 00000000 ____D () C:\Users\Insys\Desktop\FRST-OlderVersion

2014-05-16 22:19 - 2014-05-13 21:27 - 01056768 _____ (Farbar) C:\Users\Insys\Desktop\FRST.exe

2014-05-16 22:10 - 2013-09-07 16:52 - 01637475 _____ () C:\Windows\WindowsUpdate.log

2014-05-16 22:06 - 2014-05-16 22:06 - 00979038 _____ () C:\Users\Insys\Downloads\Adobe-After-Effects-CS4-Crack.rar

2014-05-16 22:01 - 2014-04-09 21:34 - 00012006 _____ () C:\Windows\setupact.log

2014-05-16 21:53 - 2014-05-16 21:52 - 1243758966 _____ () C:\Users\Insys\Downloads\AFTER EFFECTS CS6.zip

2014-05-16 21:26 - 2014-05-14 18:34 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\Sony

2014-05-16 21:01 - 2009-07-14 05:34 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-05-16 21:01 - 2009-07-14 05:34 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-05-16 00:37 - 2014-05-16 00:31 - 01179648 _____ () C:\Users\Insys\Documents\Untitled.mxf

2014-05-16 00:37 - 2014-05-06 23:05 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-05-16 00:37 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\tr-TR

2014-05-16 00:37 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pt-PT

2014-05-16 00:33 - 2014-05-16 00:33 - 00002682 _____ () C:\Users\Insys\Downloads\FSS.txt

2014-05-16 00:33 - 2014-05-16 00:32 - 00409088 _____ (Farbar) C:\Users\Insys\Downloads\FSS.exe

2014-05-16 00:33 - 2014-05-14 22:36 - 00000000 ____D () C:\Users\Insys\Desktop\GrantPerms

2014-05-16 00:09 - 2014-05-16 00:09 - 00000000 ____D () C:\Users\Insys\Desktop\Twixtor Sony Vegas Pro 11

2014-05-16 00:09 - 2014-05-16 00:08 - 14544990 _____ () C:\Users\Insys\Downloads\Twixtor Pro Sony Vegas -Drips-.zip

2014-05-16 00:06 - 2014-05-16 00:04 - 94735068 _____ () C:\Users\Insys\Desktop\Aelius Editing Contest Week 1.rar

2014-05-15 23:48 - 2014-05-15 23:48 - 00646780 _____ () C:\Users\Insys\Desktop\Ichigo vs Kenpachi   Full Fight   (English Dub).part

2014-05-15 22:59 - 2014-05-15 22:57 - 00435016 _____ () C:\Users\Insys\Desktop\Mt Eden Dubstep   Sierra Leone [HD].mp3.sfk

2014-05-15 22:55 - 2014-05-14 18:36 - 00000000 ____D () C:\Program Files\Sony

2014-05-15 22:47 - 2014-04-04 00:48 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\vlc

2014-05-15 22:32 - 2014-05-14 23:06 - 00030800 _____ () C:\Users\Insys\Desktop\inacabado bleach.veg

2014-05-15 22:27 - 2014-05-15 22:27 - 00002024 _____ () C:\Users\Insys\Desktop\Ichigo vs Byakuya Full Fight (English Dub   Ganesh N).avi-14996648333-14347667-0.sfk

2014-05-15 22:27 - 2014-05-15 22:26 - 00011664 _____ () C:\Users\Insys\Desktop\Ichigo vs Byakuya Full Fight (English Dub   Ganesh N).avi-14912564333-84084000-0.sfk

2014-05-15 21:50 - 2014-05-15 21:50 - 00000074 _____ () C:\Users\Insys\Desktop\bleach.mxf.sfl

2014-05-15 21:50 - 2014-05-15 21:17 - 1365967160 _____ () C:\Users\Insys\Desktop\bleach.mxf

2014-05-15 21:20 - 2014-05-14 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony

2014-05-15 21:16 - 2014-05-15 21:15 - 13328352 _____ (Sony Creative Software Inc.) C:\Users\Insys\Downloads\presetmngr20k.exe

2014-05-15 21:15 - 2014-05-15 21:15 - 00005258 _____ () C:\Users\Insys\Desktop\Preset pack 4 (CC Mega Pack).rar

2014-05-15 21:15 - 2014-05-14 23:06 - 00035744 _____ () C:\Users\Insys\Desktop\inacabado bleach.veg.bak

2014-05-15 19:39 - 2014-05-15 19:39 - 00000992 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf706dd9b94f0.job

2014-05-15 19:36 - 2013-10-05 20:38 - 00000000 ____D () C:\Windows\system32\MRT

2014-05-15 19:33 - 2013-10-05 20:38 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-05-15 19:29 - 2014-05-15 19:29 - 00468480 _____ () C:\Users\Insys\Desktop\CKScanner.exe

2014-05-14 23:08 - 2014-05-14 23:08 - 00000000 ____D () C:\37d6d7e46f68fc165f38f736e1e3ca38

2014-05-14 23:06 - 2014-05-14 23:06 - 00016280 _____ () C:\Users\Insys\Documents\inacabado bleach.veg

2014-05-14 22:47 - 2014-05-14 22:46 - 00286016 _____ () C:\Users\Insys\Desktop\♬ Two Door Cinema Club   What You Know (Feed Me Dubstep Cover) [HD].mp3.sfk

2014-05-14 22:47 - 2014-05-14 22:45 - 02594440 _____ () C:\Users\Insys\Desktop\Ichigo vs Byakuya Full Fight (English Dub   Ganesh N).avi.sfk

2014-05-14 22:45 - 2014-05-14 22:44 - 00000000 ____D () C:\Windows\system32\C2MP

2014-05-14 22:45 - 2014-05-14 22:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack

2014-05-14 22:44 - 2014-05-14 22:44 - 21916168 _____ (Windows 7 - Codec Pack) C:\Users\Insys\Downloads\windows.7.codec.pack.v4.0.8.setup.exe

2014-05-14 22:36 - 2014-05-14 22:36 - 00453083 _____ () C:\Users\Insys\Downloads\GrantPerms.zip

2014-05-14 20:48 - 2014-05-14 20:18 - 307514917 _____ () C:\Users\Insys\Desktop\Ichigo vs Byakuya Full Fight (English Dub   Ganesh N)[1].mp4

2014-05-14 20:37 - 2014-05-14 20:22 - 300351122 _____ () C:\Users\Insys\Desktop\Ichigo vs Byakuya Full Fight (English Dub   Ganesh N).avi

2014-05-14 20:18 - 2014-05-14 20:14 - 265008856 _____ () C:\Users\Insys\Desktop\BEST FREE KICKS MONTAGE VOL29 by freekickerz.avi

2014-05-14 19:47 - 2014-05-14 19:47 - 00048392 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll

2014-05-14 19:47 - 2014-05-14 19:47 - 00001074 _____ () C:\Users\Public\Desktop\Comodo Dragon.lnk

2014-05-14 19:47 - 2014-05-14 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo

2014-05-14 19:46 - 2014-05-14 19:46 - 00002070 _____ () C:\Users\Public\Desktop\Video Search.lnk

2014-05-14 19:46 - 2014-05-14 19:46 - 00001144 _____ () C:\Users\Public\Desktop\aTube Catcher.lnk

2014-05-14 19:46 - 2014-05-14 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher

2014-05-14 19:46 - 2014-05-14 19:46 - 00000000 ____D () C:\Program Files\DsNET Corp

2014-05-14 19:46 - 2014-05-14 19:46 - 00000000 ____D () C:\Program Files\Comodo

2014-05-14 19:43 - 2014-05-14 19:43 - 00001915 _____ () C:\Users\Insys\Desktop\Sync Folder.lnk

2014-05-14 19:42 - 2014-05-14 19:42 - 17109800 _____ (DsNET Corp) C:\Users\Insys\Downloads\222-aTubeCatcher.exe

2014-05-14 19:42 - 2014-05-14 19:42 - 00001045 _____ () C:\Users\Insys\Desktop\MyPC Backup.lnk

2014-05-14 19:42 - 2014-05-14 19:42 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup

2014-05-14 19:42 - 2014-05-14 19:42 - 00000000 ____D () C:\Program Files\MyPC Backup

2014-05-14 18:49 - 2014-05-14 18:49 - 00623504 _____ () C:\Users\Insys\Downloads\atube-catcher-387955-32-bits.exe

2014-05-14 18:44 - 2014-05-14 18:44 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\Publish Providers

2014-05-14 18:43 - 2014-05-14 18:43 - 00002492 _____ () C:\Users\Insys\Desktop\Register Vegas Pro.htm

2014-05-14 18:41 - 2014-05-14 18:36 - 00000000 ____D () C:\Users\Insys\AppData\Local\Sony

2014-05-14 18:36 - 2014-05-14 18:36 - 00001038 _____ () C:\Users\Public\Desktop\Vegas Pro 11.0.lnk

2014-05-14 18:36 - 2014-05-14 18:36 - 00000000 ____D () C:\ProgramData\Sony

2014-05-14 18:34 - 2014-05-14 18:33 - 213003208 _____ (Sony Creative Software Inc.) C:\Users\Insys\Desktop\vegaspro11.0.682_32bit.exe

2014-05-14 18:32 - 2014-05-14 18:32 - 00076771 _____ () C:\Users\Insys\Desktop\VegasProCrack.rar

2014-05-14 18:32 - 2014-05-14 18:32 - 00000000 ____D () C:\Users\Insys\AppData\Local\SearchProtect

2014-05-14 18:31 - 2014-05-14 18:31 - 00000000 ____D () C:\Program Files\SearchProtect

2014-05-14 18:29 - 2014-05-14 18:29 - 00509144 _____ (A-installer) C:\Users\Insys\Downloads\Vegas Pro.exe

2014-05-14 18:21 - 2014-05-14 18:21 - 00001517 _____ () C:\Users\Insys\Desktop\ServicesRepair - Atalho.lnk

2014-05-14 18:21 - 2014-05-14 18:21 - 00000000 ____D () C:\Users\Public\Desktop\CC Support

2014-05-14 18:21 - 2014-05-14 18:20 - 04009167 _____ () C:\Users\Insys\Downloads\ServicesRepair.exe

2014-05-13 22:24 - 2014-05-13 22:23 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Insys\Downloads\mbam-setup-2.0.1.1004 (1).exe

2014-05-13 22:23 - 2014-04-12 17:01 - 00000000 ____D () C:\Users\Pedro

2014-05-13 22:23 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public

2014-05-13 21:40 - 2014-05-13 21:40 - 00023347 _____ () C:\Users\Insys\Downloads\Addition.txt

2014-05-13 21:35 - 2014-05-13 21:32 - 00023347 _____ () C:\Users\Insys\Desktop\Addition.txt

2014-05-13 21:05 - 2014-05-13 21:05 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Insys\Downloads\mbam-setup-2.0.1.1004.exe

2014-05-13 20:55 - 2014-05-13 20:55 - 04796856 _____ (AVAST Software) C:\Users\Insys\Downloads\avast_free_antivirus_setup_online.exe

2014-05-13 20:46 - 2013-09-07 16:57 - 00000000 ____D () C:\Users\Insys

2014-05-13 20:41 - 2014-03-16 01:55 - 00000000 ____D () C:\ProgramData\WPM

2014-05-13 20:41 - 2014-03-16 01:55 - 00000000 ____D () C:\ProgramData\IePluginService

2014-05-13 20:40 - 2014-04-10 22:52 - 00000000 __SHD () C:\Windows\system32\Windows Firewall

2014-05-13 20:39 - 2014-05-13 20:39 - 00001109 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk

2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\Users\Insys\Documents\Simply Super Software

2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\ProgramData\Simply Super Software

2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover

2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\ProgramData\Licenses

2014-05-13 20:39 - 2014-05-13 20:39 - 00000000 ____D () C:\Program Files\Trojan Remover

2014-05-13 20:38 - 2014-05-13 20:38 - 18058688 _____ (Simply Super Software ) C:\Users\Insys\Downloads\trjsetup.exe

2014-05-13 06:02 - 2014-05-12 22:34 - 00000000 _____ () C:\Users\Insys\Downloads\Windows-KB890830-V5.11.exe

2014-05-12 22:38 - 2014-05-12 22:38 - 00000000 ____D () C:\d6bfc0a25fc0a372e506cbfb3ea4f6

2014-05-12 22:31 - 2014-05-12 22:31 - 05697760 _____ () C:\Users\Insys\Downloads\bitdefender_isecurity_[quickscan].exe

2014-05-12 22:31 - 2014-05-12 22:31 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender

2014-05-12 22:29 - 2014-05-12 22:28 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\QuickScan

2014-05-12 22:25 - 2014-05-12 22:25 - 02055784 _____ (Trend Micro Inc.) C:\Users\Insys\Downloads\HousecallLauncher.exe

2014-05-12 22:25 - 2014-05-12 22:25 - 00000036 _____ () C:\Users\Insys\AppData\Local\housecall.guid.cache

2014-05-12 22:23 - 2014-05-12 22:23 - 08326064 _____ (McAfee, Inc.) C:\Users\Insys\Downloads\SecurityScan_Release.exe

2014-05-12 22:23 - 2014-05-12 22:23 - 00000000 ____D () C:\ProgramData\McAfee

2014-05-12 22:20 - 2014-05-12 22:20 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\tzszwgxf.sys

2014-05-12 22:20 - 2014-05-12 22:19 - 88882192 _____ (AVAST Software) C:\Users\Insys\Downloads\avast_free_antivirus_setup.exe

2014-05-12 22:17 - 2014-04-26 23:04 - 00000000 ____D () C:\ProgramData\Save Niet

2014-05-12 22:15 - 2014-04-26 23:04 - 00000000 ____D () C:\ProgramData\cc813dae40a4cea1

2014-05-12 22:15 - 2014-04-26 23:04 - 00000000 ____D () C:\Program Files\Save Niet

2014-05-12 22:02 - 2009-07-14 03:04 - 00002577 _____ () C:\Windows\system32\config.nt

2014-05-12 21:59 - 2014-05-12 21:59 - 01243655 _____ () C:\Users\Insys\Downloads\ProcessExplorer.zip

2014-05-12 21:06 - 2014-05-12 21:06 - 00052822 _____ () C:\Users\Insys\Downloads\Extras.Txt

2014-05-12 21:05 - 2014-05-12 21:05 - 00163214 _____ () C:\Users\Insys\Downloads\OTL.Txt

2014-05-12 20:55 - 2014-04-03 23:19 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\tixati

2014-05-12 20:47 - 2014-05-12 20:47 - 11519096 _____ (OPSWAT, Inc.) C:\Users\Insys\Downloads\AppRemover.exe

2014-05-12 20:45 - 2014-05-12 20:45 - 00602112 _____ (OldTimer Tools) C:\Users\Insys\Downloads\OTL.exe

2014-05-12 20:43 - 2014-05-12 20:43 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-05-12 20:42 - 2014-05-12 20:42 - 01440846 _____ () C:\Users\Insys\Downloads\mbam-chameleon-1.62.1.1000.zip

2014-05-12 20:39 - 2014-05-12 20:39 - 04768528 _____ (AVAST Software) C:\Users\Insys\Downloads\avast_pro_antivirus_setup_online.exe

2014-05-12 20:33 - 2014-05-12 20:33 - 04436952 _____ () C:\Users\Insys\Desktop\avg_free_stb_all_2014_4259_softonic.exe

2014-05-12 20:29 - 2014-05-12 20:29 - 00386904 _____ (Softonic ) C:\Users\Insys\Downloads\SoftonicDownloader_para_avg-antivirus-free-2014.exe

2014-05-12 20:29 - 2014-05-12 20:29 - 00386904 _____ (Softonic ) C:\Users\Insys\Downloads\SoftonicDownloader_para_avg-antivirus-free-2014 (1).exe

2014-05-10 23:04 - 2014-05-10 23:04 - 00921512 _____ (Oracle Corporation) C:\Users\Insys\Downloads\chromeinstall-7u55.exe

2014-05-10 17:12 - 2014-02-09 04:17 - 00000000 ____D () C:\ProgramData\Adobe

2014-05-10 17:12 - 2013-09-11 10:51 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\Adobe

2014-05-10 17:09 - 2013-09-07 17:18 - 00000000 ____D () C:\Users\Insys\Desktop\Nadia

2014-05-10 15:04 - 2014-05-10 15:02 - 00000000 ____D () C:\Users\Insys\Desktop\juventude e trabalho

2014-05-09 08:06 - 2014-05-14 18:37 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-05-09 08:04 - 2014-05-14 18:37 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-05-06 22:04 - 2014-05-06 22:04 - 00001107 _____ () C:\Users\Insys\Desktop\360 Total Security.lnk

2014-05-06 22:04 - 2014-05-06 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center

2014-05-06 22:04 - 2014-05-06 22:04 - 00000000 ____D () C:\Program Files\360

2014-05-06 21:57 - 2014-05-06 21:57 - 22607176 _____ () C:\Users\Insys\Downloads\360TS_Setup.exe

2014-05-04 15:54 - 2014-05-04 15:51 - 320867494 _____ () C:\Users\Insys\Downloads\Counter-Strike 1.6 No Steam.rar

2014-05-04 15:42 - 2014-04-12 01:21 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\TS3Client

2014-05-04 15:31 - 2014-05-04 01:33 - 00000000 ____D () C:\Program Files\Hearthstone

2014-05-04 15:31 - 2014-05-04 01:23 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment

2014-05-04 15:29 - 2014-05-04 15:29 - 00000000 ____D () C:\Program Files\AellCheapPrIIce

2014-05-04 01:38 - 2014-05-04 01:24 - 00000000 ____D () C:\Users\Insys\AppData\Local\Battle.net

2014-05-04 01:37 - 2014-05-04 01:37 - 00000000 ____D () C:\Users\Insys\AppData\Local\Blizzard

2014-05-04 01:32 - 2014-05-04 01:24 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\Battle.net

2014-05-04 01:24 - 2014-05-04 01:24 - 00000000 ____D () C:\Users\Insys\AppData\Local\Blizzard Entertainment

2014-05-04 01:24 - 2014-05-04 01:23 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment

2014-05-04 01:20 - 2014-05-04 01:20 - 00000000 ____D () C:\ProgramData\Battle.net

2014-05-04 01:19 - 2014-05-04 01:19 - 07094224 _____ (Blizzard Entertainment) C:\Users\Insys\Downloads\Hearthstone-Setup-ptBR.exe

2014-05-03 23:46 - 2014-05-03 23:46 - 00018575 _____ () C:\Users\Insys\Downloads\squarefont.zip

2014-05-01 22:57 - 2014-05-01 22:57 - 00000000 ____D () C:\Users\Insys\Documents\Klei

2014-05-01 22:55 - 2014-05-01 22:50 - 155860495 _____ () C:\Users\Insys\Downloads\Dont Starve .rar

2014-05-01 22:50 - 2014-05-01 22:49 - 11822248 _____ (Elex do Brasil Participações Ltda) C:\Users\Insys\Downloads\yet_another_cleaner_ava.exe

2014-04-29 20:03 - 2014-04-29 20:03 - 17435168 _____ () C:\Users\Insys\Downloads\SwiftKey_Keyboard_v4.4.2.254.apk

2014-04-28 20:23 - 2014-04-28 20:23 - 02741951 _____ () C:\Users\Insys\Downloads\AIVC (Alice) - Pro Version v3.1 apkmania.com.rar

2014-04-27 09:16 - 2013-09-08 19:13 - 00000000 ____D () C:\Games

2014-04-27 09:12 - 2014-04-27 09:12 - 00000000 ____D () C:\Users\Insys\AppData\Local\GIZMO2

2014-04-27 02:12 - 2014-04-27 02:12 - 00000000 ___HD () C:\Windows\msdownld.tmp

2014-04-27 02:12 - 2014-04-27 02:11 - 00000000 ____D () C:\Windows\system32\directx

2014-04-27 01:24 - 2014-04-27 00:20 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\tixati

2014-04-27 00:21 - 2014-04-27 00:21 - 00003442 _____ () C:\Users\Pedro\Downloads\37E792D91449F1337D5FA52635356B88CB5A7A96.torrent

2014-04-27 00:20 - 2014-04-27 00:20 - 00057051 _____ () C:\Users\Pedro\Downloads\CDB1D4052D61A3BF5D0FF2FD2C083163C0CA8A54.torrent

2014-04-27 00:20 - 2014-04-27 00:20 - 00040472 _____ () C:\Users\Pedro\Downloads\E75ED20D538971366FE4B8D5EB35947CDE6AA712.torrent

2014-04-27 00:20 - 2014-04-27 00:20 - 00040472 _____ () C:\Users\Pedro\Downloads\7BAC0B2A5171336DA7DE1EA05EF9D5E03DE0254D.torrent

2014-04-27 00:20 - 2014-04-27 00:20 - 00040372 _____ () C:\Users\Pedro\Downloads\E7190945010711F731BD6A3FD1B3FB3EAFDD2B52.torrent

2014-04-26 23:20 - 2014-04-26 23:20 - 00000000 ____D () C:\Users\Pedro\AppData\Local\GIZMO2

2014-04-26 23:19 - 2014-04-26 23:18 - 100300522 _____ (UNIQLO CO., LTD.) C:\Users\Pedro\Downloads\UNIQLO_SCREENSAVER_setup.exe

2014-04-26 23:05 - 2014-04-26 23:05 - 00174928 _____ () C:\Program Files\SNSvc.dll

2014-04-26 23:05 - 2014-04-26 23:05 - 00000432 ____H () C:\Windows\Tasks\SN.Booster-S-482248051.job

2014-04-26 23:05 - 2014-04-26 23:05 - 00000000 ____D () C:\ProgramData\YoutubeAdblocker

2014-04-26 23:05 - 2014-04-26 23:05 - 00000000 ____D () C:\ProgramData\SNT

2014-04-26 23:05 - 2014-04-26 23:05 - 00000000 ____D () C:\Program Files\YoutubeAdblocker

2014-04-26 23:04 - 2014-04-26 23:04 - 00323888 _____ (MyApps) C:\Users\Pedro\Downloads\Download_Manager-l4d2_2013_nosTEAM.zip.exe

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Torch

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Comodo

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Insys\AppData\Local\Torch

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Insys\AppData\Local\Comodo

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\HomeGroupUser$

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Convidado\AppData\Local\Torch

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Convidado\AppData\Local\Google

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Convidado\AppData\Local\Comodo

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Convidado

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Torch

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Google

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Comodo

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\Users\Administrador

2014-04-26 23:04 - 2014-04-26 23:04 - 00000000 ____D () C:\ProgramData\InstallMate

2014-04-26 23:04 - 2014-04-12 17:04 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Google

2014-04-26 23:04 - 2013-09-07 17:12 - 00000000 ____D () C:\Users\Insys\AppData\Local\Google

2014-04-26 23:01 - 2014-04-26 23:01 - 00002135 _____ () C:\Users\Pedro\Desktop\FLV Player.lnk

2014-04-26 23:01 - 2014-04-26 23:01 - 00000324 _____ () C:\Windows\Tasks\SomotoUpdateCheckerAutoStart.job

2014-04-26 23:01 - 2014-04-26 23:01 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player

2014-04-26 23:01 - 2014-04-26 23:01 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker

2014-04-26 23:01 - 2014-04-26 23:01 - 00000000 ____D () C:\Users\Pedro\AppData\Local\WebPlayer

2014-04-26 23:01 - 2014-04-26 23:01 - 00000000 ____D () C:\Users\Pedro\AppData\Local\FilesFrog Update Checker

2014-04-26 22:58 - 2014-04-26 22:58 - 00236952 _____ () C:\Users\Pedro\Downloads\ClickHeretoDownloadSetup-4a8bR5ZD.exe

2014-04-26 22:52 - 2014-04-26 22:52 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2014-04-26 10:22 - 2014-04-26 10:22 - 02108416 _____ () C:\Users\Pedro\AppData\Roaming\machine32.exe

2014-04-26 10:22 - 2014-04-26 10:22 - 01067583 _____ () C:\Users\Pedro\AppData\Roaming\machine64.exe

2014-04-26 10:22 - 2014-04-26 10:22 - 00000007 _____ () C:\Users\Pedro\AppData\Roaming\v1291.txt

2014-04-25 23:12 - 2014-04-25 23:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox

2014-04-25 23:12 - 2013-09-09 00:36 - 00000000 ____D () C:\Windows\system32\appmgmt

2014-04-25 23:10 - 2014-04-25 22:15 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Genymobile

2014-04-25 23:10 - 2014-04-12 15:04 - 00000000 ____D () C:\Users\Insys\AppData\Roaming\dll-files.com

2014-04-25 22:35 - 2014-04-12 23:43 - 00000000 ____D () C:\Program Files\Altitude

2014-04-25 22:32 - 2014-04-25 22:15 - 00000000 ____D () C:\Users\Pedro\.VirtualBox

2014-04-25 22:30 - 2014-04-25 22:30 - 10486864 _____ (BlueStack Systems Inc.) C:\Users\Pedro\Downloads\BlueStacks-SplitInstaller_native (1).exe

2014-04-25 22:29 - 2014-04-25 22:25 - 535085536 _____ () C:\Users\Pedro\Downloads\adt-bundle-windows-x86-20140321.zip

2014-04-25 22:14 - 2014-04-25 22:14 - 00001076 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk

2014-04-25 22:14 - 2014-04-25 22:14 - 00000000 ____D () C:\Program Files\Oracle

2014-04-25 22:12 - 2014-04-25 22:12 - 00000000 ____D () C:\Program Files\Genymobile

2014-04-25 22:12 - 2014-04-25 22:11 - 123486848 _____ (Genymobile ) C:\Users\Pedro\Downloads\genymotion-2.2.0-vbox.exe

2014-04-25 21:55 - 2014-04-25 21:55 - 10486864 _____ (BlueStack Systems Inc.) C:\Users\Pedro\Downloads\BlueStacks-SplitInstaller_native.exe

2014-04-25 21:55 - 2014-04-25 21:55 - 00065984 _____ () C:\Users\Pedro\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-25 21:55 - 2014-04-25 21:55 - 00000000 ____D () C:\Users\Pedro\AppData\Local\Bluestacks

2014-04-25 21:11 - 2014-04-25 21:09 - 209715200 _____ () C:\Users\Pedro\Downloads\Data TASA v1.1.9 gamesandroidhvga.com.part2.rar

2014-04-25 21:11 - 2014-04-25 21:09 - 153089373 _____ () C:\Users\Pedro\Downloads\Data TASA v1.1.9 gamesandroidhvga.com.part3.rar

2014-04-25 21:07 - 2014-04-25 21:06 - 209715200 _____ () C:\Users\Pedro\Downloads\Data TASA v1.1.9 gamesandroidhvga.com.part1.rar

2014-04-25 21:06 - 2014-04-25 21:06 - 15483326 _____ () C:\Users\Pedro\Downloads\TASA v1.1.9 gamesandroidhvga.com.apk

2014-04-25 10:53 - 2014-04-25 10:53 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

2014-04-24 21:32 - 2014-04-24 21:32 - 00000000 ____D () C:\Users\Pedro\AppData\Roaming\WinRAR

2014-04-24 20:49 - 2014-04-24 20:49 - 02428889 _____ () C:\Users\Pedro\Desktop\Light Flow Lite - LED Control.apk

2014-04-21 12:51 - 2014-04-21 12:51 - 02537944 _____ () C:\Users\Insys\Downloads\HeroesAndGenerals-setup-86736.exe

2014-04-21 10:38 - 2014-04-21 10:37 - 05520368 _____ () C:\Users\Insys\Downloads\IMG_4756.MOV

2014-04-21 10:08 - 2014-04-21 10:08 - 00033269 _____ () C:\Users\Insys\Downloads\carlosagrela1978615771.xml

2014-04-18 16:03 - 2014-04-18 16:03 - 00023157 _____ () C:\Users\Insys\Downloads\[www.CsWorldx.Blogspot.Com] R-Aimbot v1.0.rar

2014-04-18 15:58 - 2014-04-18 15:57 - 00000000 ____D () C:\Users\Insys\Downloads\[cheat-project.com] MP-Hacks ESP v5.0 2009-02-24

2014-04-18 15:57 - 2014-04-18 15:56 - 00075357 _____ () C:\Users\Insys\Downloads\[cheat-project.com] MP-Hacks ESP v5.0 2009-02-24.rar

2014-04-18 15:54 - 2014-04-18 15:54 - 00075357 _____ () C:\Users\Insys\Downloads\MP-Hacks_ESP_v5.0.rar

2014-04-18 15:48 - 2014-04-18 15:48 - 00899845 _____ () C:\Users\Insys\Downloads\Cd hack 5 and Xiter Cs injector.rar

2014-04-16 23:28 - 2014-04-16 23:28 - 02572648 _____ () C:\Users\Insys\Downloads\Hack + Software v10.2 2014.zip

2014-04-16 23:26 - 2014-04-16 23:26 - 00727552 _____ () C:\Users\Insys\Downloads\Ayakashi Ghost Guild Cheats.exe

 

Some content of TEMP:

====================

C:\Users\Insys\AppData\Local\Temp\BackupSetup.exe

C:\Users\Insys\AppData\Local\Temp\nsh3293.exe

C:\Users\Insys\AppData\Local\Temp\nsiC35C.exe

C:\Users\Insys\AppData\Local\Temp\vcredist_x86.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\system32\winlogon.exe

[2014-05-14 18:37] - [2014-03-04 10:17] - 0304128 ____A (Microsoft Corporation) 998507B046BA314CE8245364C686FA67

 

C:\Windows\system32\wininit.exe => MD5 is legit

C:\Windows\system32\svchost.exe => MD5 is legit

C:\Windows\system32\services.exe => MD5 is legit

C:\Windows\system32\User32.dll => MD5 is legit

C:\Windows\system32\userinit.exe => MD5 is legit

C:\Windows\system32\rpcss.dll => MD5 is legit

C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2014-04-04 15:06

 

==================== End Of Log ============================

Link to post
Share on other sites

They are ALL , greeb check marks

 

AVG

  20140516 Ad-Aware   20140516 AegisLab   20140516 Agnitum   20140516 AhnLab-V3   20140516 AntiVir   20140516 Antiy-AVL   20140516 Avast   20140517 Baidu-International   20140516 BitDefender   20140516 Bkav   20140516 ByteHero   20140517 CAT-QuickHeal   20140516 CMC   20140516 ClamAV   20140517 Commtouch   20140517 Comodo   20140516 DrWeb   20140516 ESET-NOD32   20140517 Emsisoft   20140516 F-Prot   20140516 F-Secure   20140516 Fortinet   20140516 GData   20140516 Ikarus   20140516 Jiangmin   20140516 K7AntiVirus   20140516 K7GW   20140516 Kaspersky   20140517 Kingsoft   20140517 Malwarebytes   20140517 McAfee   20140516 McAfee-GW-Edition   20140516 MicroWorld-eScan   20140516 Microsoft   20140516 NANO-Antivirus   20140516 Norman   20140516 Panda   20140516 Qihoo-360   20140517 Rising   20140507 SUPERAntiSpyware   20140516 Sophos   20140516 Symantec   20140516 Tencent   20140517 TheHacker   20140515 TotalDefense   20140516 TrendMicro   20140516 TrendMicro-HouseCall   20140516 VBA32   20140516 VIPRE   20140517 ViRobot   20140516 Zillya   20140516 nProtect   20140516
Link to post
Share on other sites

Download and save mbam-clean.exe and save to your desktop from the following:

 

http://www.malwarebytes.org/mbam-clean.exe

 

Now do the following:

 

  •   
       
  • Click on Start and select Control Panel
       
  • Open Uninstall a Program
       
  • Uninstall Malwarebytes' Anti-Malware
       
  • Restart your computer, very important to do that!!
       
  • Run mbam-clean.exe
       
  • It will ask to restart your computer, please allow it to do so, very important!!

 

Next,

 

Please download Malwarebytes Anti-Malware to your desktop.


Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to the following:
Launch Malwarebytes Anti-Malware
A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
Click Finish.
On the Dashboard, click the 'Update Now >>' link
After the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.
If an update is available, click the Update Now button.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.

 


After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the scan log which shows the Date and time of the scan just performed.
Click 'Copy to Clipboard'
Paste the contents of the clipboard into your reply.

 

Kevin....

Link to post
Share on other sites

Read the following link before we continue and run Combofix:

 

ComboFix usage, Questions, Help? - Look here

 

Next,

 

Delete any versions of Combofix that you may have on your Desktop, download a fresh copy from either of the following links :-

 

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

 

http://www.infospyware.net/antimalware/combofix/

 

  • Ensure that Combofix is saved directly to the Desktop <--- Very important
     
  • Disable all security programs as they will have a negative effect on Combofix, instructions available here  http://www.bleepingcomputer.com/forums/topic114351.html if required. Be aware the list may not have all programs listed, if you need more help please ask.
     
  • Close any open browsers and any other programs you might have running
     
  • Double click the combofix.gif icon to run the tool (Vista or Windows 7 users right click and select "Run as Administrator)
     
  • Instructions for running Combofix available here http://www.bleepingcomputer.com/combofix/how-to-use-combofix if required.
     
  • If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?" Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes.
     
  • When finished, it will produce a report for you. Please post the "C:\ComboFix.txt" for further review

 

****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

 

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.

Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read here  http://thespykiller.co.uk/index.php?page=20 why  disabling autoruns is recommended.

 

*EXTRA NOTES*


    If Combofix detects any Rootkit/Bootkit activity on your system it will give a warning and prompt for a reboot, you must allow it to do so.
    If Combofix reboot's due to a rootkit, the screen may stay black for several minutes on reboot, this is normal
    If after running Combofix you receive any type of warning message about registry key's being listed for deletion when trying to open certain items, reboot the system and this will fix the issue (Those items will not be deleted)

 

Post the log in next reply please...

 

Kevin

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.