Jump to content

HELP ME!


Recommended Posts

I think I've been infected with a virus. All of my desktop and start menu icons are hidden... Everything just disappeared.

I used MBAM to remove it, and I think it was removed. I installed unhide.exe to see if my icons appeared again, but they didn't.

Can someone help me please? I really don't know what to do.

Link to post
Share on other sites

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.


 
 
 
 
 Scan with aswMBR

Please download aswMBR ( 4.5MB ) to your desktop.

  • Double click the aswMBR.exe icon, and click Run.
  • There will be a short delay before the next dialog box comes up. Please just wait a minute or two.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.
  • Click the Scan button to start the scan once the update has finished downloading
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.


Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record).

Link to post
Share on other sites

Thanks for the help. Here it is the FRST.txt :

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01

Ran by daniel (administrator) on DANIEL on 08-07-2014 17:51:33

Running from C:\Users\daniel\Downloads

Platform: Windows 8 (X64) OS Language: Português (Portugal)

Internet Explorer Version 10

Boot Mode: Normal

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe

(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe

() C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe

() C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe

() C:\Program Files\TOSHIBA\Hotkey\Hotkey\TCrdKBB.exe

(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Akamai Technologies, Inc.) C:\Users\daniel\AppData\Local\Akamai\netsession_win.exe

(Akamai Technologies, Inc.) C:\Users\daniel\AppData\Local\Akamai\netsession_win.exe

(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe

(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe

(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe

(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe

(BitTorrent Inc.) C:\Users\daniel\Downloads\utorrent.exe

(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [] => [X]

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13261456 2012-11-29] (Realtek Semiconductor)

HKLM\...\Run: [sRS Premium Sound 3D] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-20] (SRS Labs, Inc.)

HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565544 2012-10-31] ()

HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation)

HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-04] (TOSHIBA Corporation)

HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()

HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon

HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)

HKLM\...\Run: [TosPU] => C:\Program Files\TOSHIBA\PasswordUtility\TosPU.exe [2374552 2012-08-27] (Copyright © TOSHIBA Corp. 2012)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2350880 2014-05-30] (NVIDIA Corporation)

HKLM\...\Run: [shadowPlay] => C:\windows\system32\nvspcap64.dll [1279480 2014-05-29] (NVIDIA Corporation)

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-28] (Synaptics Incorporated)

HKLM-x32\...\Run: [intel AppUp® center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-12-18] (Intel Corporation)

HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2012-07-21] (TOSHIBA CORPORATION)

HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-07-03] (Power Software Ltd)

HKLM-x32\...\Run: [tuto4pc_pt_18] => [X]

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5179408 2014-06-17] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)

Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)

HKLM\...\Policies\Explorer: [NoControlPanel] 0

HKU\S-1-5-21-3878485727-3170171642-3420939130-1002\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent

HKU\S-1-5-21-3878485727-3170171642-3420939130-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)

HKU\S-1-5-21-3878485727-3170171642-3420939130-1002\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe

HKU\S-1-5-21-3878485727-3170171642-3420939130-1002\...\Run: [Akamai NetSession Interface] => C:\Users\daniel\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)

HKU\S-1-5-21-3878485727-3170171642-3420939130-1002\...\Run: [spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1199576 2013-01-31] (Spotify Ltd)

HKU\S-1-5-21-3878485727-3170171642-3420939130-1002\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [1753280 2014-06-30] (Valve Corporation)

AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [247144 2012-10-03] (NVIDIA Corporation)

AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [202600 2012-10-03] (NVIDIA Corporation)

AppInit_DLLs-x32:  c:\progra~2\optimi~1\optpro~1.dll => "c:\progra~2\optimi~1\optpro~1.dll" File Not Found

ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

 

==================== Internet (Whitelisted) ====================

 


HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com


HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com

URLSearchHook: HKLM-x32 - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.)

URLSearchHook: HKCU - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.)

StartMenuInternet: IEXPLORE.EXE - iexplore.exe

SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM - {C62BF5D9-086A-4A9E-854B-70C0EF781786} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS

SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 - {C62BF5D9-086A-4A9E-854B-70C0EF781786} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS

SearchScopes: HKCU - DefaultScope {C62BF5D9-086A-4A9E-854B-70C0EF781786} URL = 

SearchScopes: HKCU - {C62BF5D9-086A-4A9E-854B-70C0EF781786} URL = 


BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.)

Toolbar: HKLM-x32 - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.)

Toolbar: HKCU - No Name - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} -  No File

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()

FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)

 

Chrome: 

=======

CHR HomePage: hxxp://isearch.omiga-plus.com/?type=hp&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S

CHR StartupUrls: "https://www.google.com/"

CHR Extension: (wareztuga.tv streamer) - C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajnommifabkikkfaponcacapkfaghkcj [2014-06-16]

CHR Extension: (AdBlock) - C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-27]

CHR Extension: (Into The Mist) - C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh [2014-07-07]

CHR Extension: (Google Wallet) - C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]

CHR StartMenuInternet: Google Chrome - chrome.exe

 

==================== Services (Whitelisted) =================

 

R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1417160 2014-06-17] (AVG Technologies CZ, s.r.o.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3241488 2014-06-27] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.)

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]

R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)

S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)

R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-12-05] (Realtek Semiconductor)

R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-18] (Toshiba Europe GmbH)

S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

 

==================== Drivers (Whitelisted) ====================

 

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-17] (AVG Technologies CZ, s.r.o.)

R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)

R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)

R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [274712 2014-05-14] (AVG Technologies CZ, s.r.o.)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)

R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-07-25] (Disc Soft Ltd)

S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)

S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-03] (Realtek Semiconductor Corp.)

R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [24208 2012-07-11] (Realtek Microelectronics)

R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1498256 2012-08-29] (Realtek Semiconductor Corporation                           )

R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31032 2012-11-30] (Synaptics Incorporated)

R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)

R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows ® Win 7 DDK provider)

U3 TrueSight; C:\Windows\SysWOW64\drivers\TrueSight.sys [29696 2014-07-07] ()

S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]

S3 xhunter1; \??\C:\windows\xhunter1.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-07-08 17:52 - 2014-07-08 17:52 - 00001484 _____ () C:\Users\daniel\Desktop\FRST64 - Atalho.lnk

2014-07-08 17:51 - 2014-07-08 17:52 - 00021371 _____ () C:\Users\daniel\Downloads\FRST.txt

2014-07-08 17:51 - 2014-07-08 17:51 - 00000000 ____D () C:\FRST

2014-07-08 17:50 - 2014-07-08 17:51 - 02084352 _____ (Farbar) C:\Users\daniel\Downloads\FRST64.exe

2014-07-08 16:11 - 2014-07-08 16:14 - 00001797 _____ () C:\Users\daniel\Desktop\chrome - Atalho.lnk

2014-07-08 16:03 - 2014-07-08 16:03 - 00000727 _____ () C:\Users\daniel\Desktop\play-TheForest - Atalho.lnk

2014-07-08 16:01 - 2014-07-08 16:01 - 00001187 _____ () C:\Users\daniel\Desktop\utorrent - Atalho.lnk

2014-07-07 18:49 - 2014-07-07 18:51 - 00001797 _____ () C:\Users\daniel\Desktop\fm.exe.lnk

2014-07-07 18:36 - 2014-07-07 18:36 - 00000000 ____D () C:\_OTL

2014-07-07 18:19 - 2014-07-07 18:19 - 00001132 _____ () C:\Users\daniel\Desktop\OTL.exe.lnk

2014-07-07 18:01 - 2014-07-07 18:02 - 00002186 _____ () C:\Users\daniel\Desktop\Rkill.txt

2014-07-07 18:00 - 2014-07-07 18:00 - 00001482 _____ () C:\Users\daniel\Downloads\iExplore.exe - Atalho.lnk

2014-07-07 17:59 - 2014-07-07 17:59 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\daniel\Downloads\iExplore.exe

2014-07-07 17:30 - 2014-07-07 17:30 - 00001210 _____ () C:\Users\daniel\Desktop\RogueKiller.exe.lnk

2014-07-07 17:25 - 2014-07-07 17:27 - 00001167 _____ () C:\Users\daniel\Desktop\unhide.exe.lnk

2014-07-07 16:12 - 2014-07-08 15:59 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-07 16:12 - 2014-07-07 16:12 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-07 16:12 - 2014-07-07 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-07 16:12 - 2014-07-07 16:12 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-07-07 16:12 - 2014-07-07 16:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-07-07 16:12 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys

2014-07-07 16:12 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys

2014-07-07 16:12 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys

2014-07-07 16:11 - 2014-07-07 16:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\daniel\Downloads\mbam-setup-2.0.2.1012.exe

2014-07-07 16:00 - 2014-07-07 16:00 - 00102128 _____ () C:\Users\daniel\Downloads\Extras.Txt

2014-07-07 15:57 - 2014-07-08 17:01 - 00107822 _____ () C:\Users\daniel\Downloads\OTL.Txt

2014-07-07 15:44 - 2014-07-07 15:44 - 00602112 _____ (OldTimer Tools) C:\Users\daniel\Downloads\OTL.exe

2014-07-07 15:33 - 2014-07-07 18:55 - 00029696 _____ () C:\windows\SysWOW64\Drivers\TrueSight.sys

2014-07-07 15:33 - 2014-07-07 15:33 - 04764760 _____ () C:\Users\daniel\Downloads\RogueKiller.exe

2014-07-07 15:33 - 2014-07-07 15:33 - 00000000 ____D () C:\ProgramData\RogueKiller

2014-07-07 14:34 - 2014-07-08 15:57 - 00002166 _____ () C:\Users\daniel\Desktop\unhide.txt

2014-07-07 14:34 - 2014-07-07 14:34 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\daniel\Downloads\unhide.exe

2014-07-07 14:07 - 2014-07-07 14:08 - 00000000 ____D () C:\Program Files (x86)\SupTab

2014-07-07 14:05 - 2014-07-07 14:10 - 00000000 ____D () C:\Program Files (x86)\globalUpdate

2014-07-07 14:05 - 2014-07-07 14:05 - 00000000 ____D () C:\Users\daniel\AppData\Local\globalUpdate

2014-07-07 01:04 - 2014-07-08 15:48 - 00000000 ____D () C:\Users\daniel\Downloads\Noah (2014) [1080p]

2014-07-07 01:00 - 2014-07-07 01:04 - 00000000 ____D () C:\Users\daniel\Downloads\3DMGAME-The.Forest.Public.Alpha.v0.03.Build.20140701.Cracked-3DM

2014-07-03 16:25 - 2014-07-03 18:18 - 00000000 ____D () C:\Program Files (x86)\Age of Mythology Extended Edition

2014-07-03 02:09 - 2014-07-03 02:09 - 00022234 _____ () C:\Users\daniel\Downloads\[kickass.to]age.of.mythology.extended.edition.reloaded.torrent

2014-06-29 23:44 - 2014-06-29 23:44 - 00681218 _____ () C:\Users\daniel\Downloads\EI_130221017_130221080.rar

2014-06-29 21:13 - 2014-06-29 21:30 - 00000000 ____D () C:\Users\daniel\Documents\JD GUI

2014-06-29 21:13 - 2014-06-29 21:13 - 00788580 _____ () C:\Users\daniel\Downloads\jd-gui-0.3.6.windows.zip

2014-06-26 23:20 - 2014-06-26 23:20 - 00503622 _____ () C:\Users\daniel\Downloads\Projeto MSI 2014 -Epoca de Recurso.zip

2014-06-24 11:52 - 2014-06-24 11:52 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf

2014-06-18 22:38 - 2014-06-18 22:38 - 05470664 _____ (Microsoft Corporation) C:\Users\daniel\Downloads\proofingtools_pt-pt-x86.exe

2014-06-18 22:38 - 2014-06-18 22:38 - 00000000 ____D () C:\Program Files (x86)\MSECache

2014-06-18 12:42 - 2014-06-18 12:43 - 00000000 ____D () C:\Users\daniel\Downloads\The Forest Early Access 0.02 PC game ^^nosTEAM^^

2014-06-17 20:21 - 2014-06-17 20:21 - 00012487 _____ () C:\Users\daniel\Documents\Cromos.xlsx

2014-06-17 16:21 - 2014-06-17 16:21 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx64.sys

2014-06-17 16:07 - 2014-06-17 16:07 - 00328984 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgloga.sys

2014-06-17 16:06 - 2014-06-17 16:06 - 00242968 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys

2014-06-17 16:06 - 2014-06-17 16:06 - 00190744 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsha.sys

2014-06-17 16:06 - 2014-06-17 16:06 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys

2014-06-17 16:06 - 2014-06-17 16:06 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx64.sys

2014-06-17 16:06 - 2014-06-17 16:06 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgrkx64.sys

2014-06-16 11:23 - 2014-06-16 11:23 - 00067067 _____ () C:\Users\daniel\Downloads\wareztugatv-streamer (4).crx

2014-06-16 10:45 - 2014-06-16 10:45 - 00183952 _____ () C:\Users\daniel\Downloads\Squash.zip

2014-06-11 19:32 - 2014-07-07 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2014-06-11 19:32 - 2014-06-24 11:52 - 00000399 _____ () C:\windows\setupact.log

2014-06-11 19:32 - 2014-06-11 19:52 - 00000000 ____D () C:\Users\daniel\AppData\Local\NVIDIA Corporation

2014-06-11 19:32 - 2014-06-11 19:52 - 00000000 ____D () C:\Users\daniel\AppData\Local\NVIDIA

2014-06-11 19:32 - 2014-06-11 19:32 - 00000000 _____ () C:\windows\setuperr.log

2014-06-11 19:32 - 2014-05-30 00:00 - 01291232 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll

2014-06-11 19:32 - 2014-05-30 00:00 - 01122312 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll

2014-06-11 19:32 - 2014-05-29 23:59 - 01715176 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll

2014-06-11 19:32 - 2014-05-29 23:59 - 01279480 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll

2014-06-11 19:32 - 2014-03-31 17:42 - 00040392 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys

2014-06-11 19:32 - 2014-03-31 17:42 - 00037320 _____ (NVIDIA Corporation) C:\windows\system32\nvaudcap64v.dll

2014-06-11 19:32 - 2014-03-31 17:42 - 00034760 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll

2014-06-11 19:31 - 2014-06-11 19:31 - 30000520 _____ (NVIDIA Corporation) C:\Users\daniel\Downloads\GeForce_Experience_v2.1.0.0.exe

2014-06-11 18:51 - 2014-07-07 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle

2014-06-11 18:51 - 2014-06-11 19:32 - 00000000 ____D () C:\ProgramData\Tunngle

2014-06-11 18:51 - 2014-06-11 18:51 - 00000000 ____D () C:\Users\Public\Documents\Tunngle

2014-06-11 18:51 - 2014-06-11 18:51 - 00000000 ____D () C:\Program Files (x86)\Tunngle

2014-06-11 18:51 - 2009-09-16 07:02 - 00031232 _____ (Tunngle.net) C:\windows\system32\Drivers\tap0901t.sys

2014-06-11 18:45 - 2014-06-11 18:52 - 00000000 _____ () C:\windows\SysWOW64\Access.dat

2014-06-11 18:44 - 2014-06-11 19:32 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Tunngle

2014-06-11 18:44 - 2014-06-11 18:44 - 00000000 ____D () C:\Users\daniel\Documents\Tunngle

2014-06-11 18:43 - 2014-06-11 18:43 - 04055968 _____ (Tunngle.net GmbH ) C:\Users\daniel\Downloads\Tunngle_Setup_v4.5.1.4b.exe

2014-06-11 17:12 - 2014-06-11 17:12 - 602894349 _____ () C:\Users\daniel\Downloads\The Stomping Land Fix Totem.rar

2014-06-11 10:08 - 2014-05-24 03:48 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe

2014-06-11 10:08 - 2014-05-24 03:47 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll

2014-06-11 10:08 - 2014-05-24 03:47 - 01366016 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll

2014-06-11 10:08 - 2014-05-24 03:47 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll

2014-06-11 10:08 - 2014-05-24 03:47 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll

2014-06-11 10:08 - 2014-05-24 03:46 - 19290112 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll

2014-06-11 10:08 - 2014-05-24 03:46 - 15368704 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll

2014-06-11 10:08 - 2014-05-24 03:46 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll

2014-06-11 10:08 - 2014-05-24 03:46 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll

2014-06-11 10:08 - 2014-05-24 03:46 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll

2014-06-11 10:08 - 2014-05-24 03:46 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll

2014-06-11 10:08 - 2014-05-24 03:46 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll

2014-06-11 10:08 - 2014-05-24 03:46 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll

2014-06-11 10:08 - 2014-05-24 03:46 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll

2014-06-11 10:08 - 2014-05-24 03:46 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll

2014-06-11 10:08 - 2014-05-24 03:45 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl

2014-06-11 10:08 - 2014-05-24 03:45 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll

2014-06-11 10:08 - 2014-05-24 03:45 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll

2014-06-11 10:08 - 2014-05-24 02:26 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll

2014-06-11 10:08 - 2014-05-24 02:26 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll

2014-06-11 10:08 - 2014-05-24 02:26 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll

2014-06-11 10:08 - 2014-05-24 02:26 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll

2014-06-11 10:08 - 2014-05-24 02:26 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll

2014-06-11 10:08 - 2014-05-24 02:25 - 13731328 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll

2014-06-11 10:08 - 2014-05-24 02:25 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl

2014-06-11 10:08 - 2014-05-24 02:25 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll

2014-06-11 10:08 - 2014-05-24 02:25 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll

2014-06-11 10:08 - 2014-05-24 02:25 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll

2014-06-11 10:08 - 2014-05-24 02:25 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll

2014-06-11 10:08 - 2014-05-24 02:25 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll

2014-06-11 10:08 - 2014-05-24 02:25 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll

2014-06-11 10:08 - 2014-05-24 02:09 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb

2014-06-11 10:08 - 2014-05-24 02:03 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb

2014-06-11 10:08 - 2014-05-23 23:37 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll

2014-06-11 10:08 - 2014-05-03 06:47 - 03246592 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll

2014-06-11 10:08 - 2014-05-03 04:34 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll

2014-06-11 10:08 - 2014-04-29 23:32 - 01301504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll

2014-06-11 10:08 - 2014-04-29 23:22 - 01023488 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll

2014-06-11 10:07 - 2014-05-24 03:46 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll

2014-06-11 10:07 - 2014-05-24 03:46 - 02650112 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll

2014-06-11 10:07 - 2014-05-24 02:26 - 14365696 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll

2014-06-11 10:07 - 2014-05-24 02:26 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll

2014-06-11 10:07 - 2014-05-24 02:25 - 02862080 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll

2014-06-11 10:07 - 2014-05-24 02:25 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll

2014-06-11 10:07 - 2014-05-24 02:25 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll

2014-06-11 10:07 - 2014-04-03 12:22 - 02233176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys

2014-06-11 10:07 - 2014-04-03 12:19 - 00328024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys

2014-06-11 10:07 - 2014-04-03 04:44 - 00619008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys

2014-06-11 10:07 - 2014-03-31 23:08 - 00387268 _____ () C:\windows\system32\ApnDatabase.xml

2014-06-11 10:07 - 2014-03-25 00:42 - 00305152 _____ (Microsoft Corporation) C:\windows\SysWOW64\wusa.exe

2014-06-11 10:07 - 2014-03-24 23:56 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\wusa.exe

2014-06-11 10:07 - 2014-03-07 01:47 - 01419264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll

2014-06-11 10:07 - 2014-03-07 01:08 - 01845760 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll

2014-06-10 18:30 - 2014-07-07 18:40 - 00089464 _____ () C:\windows\PFRO.log

2014-06-10 16:00 - 2014-06-10 18:00 - 00000000 ____D () C:\Program Files (x86)\Outlast Whistleblower

2014-06-09 23:13 - 2014-06-09 23:43 - 00000000 ____D () C:\Users\daniel\Downloads\The Forest Early Access 0.01b PC game ^^nosTEAM^^

2014-06-09 23:10 - 2014-06-09 23:10 - 00012300 _____ () C:\Users\daniel\Downloads\[kickass.to]the.forest.early.access.0.01b.pc.game.nosteam.torrent

2014-06-09 00:20 - 2014-06-09 22:44 - 664029124 _____ (Cat-A-Cat ) C:\Users\daniel\Downloads\The Forest.exe

2014-06-09 00:18 - 2014-06-09 00:18 - 00013191 _____ () C:\Users\daniel\Downloads\[kickass.to]the.forest.early.access.2014.pc.repack.torrent

 

==================== One Month Modified Files and Folders =======

 

2014-07-08 17:52 - 2014-07-08 17:52 - 00001484 _____ () C:\Users\daniel\Desktop\FRST64 - Atalho.lnk

2014-07-08 17:52 - 2014-07-08 17:51 - 00021371 _____ () C:\Users\daniel\Downloads\FRST.txt

2014-07-08 17:52 - 2013-09-26 00:24 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Skype

2014-07-08 17:51 - 2014-07-08 17:51 - 00000000 ____D () C:\FRST

2014-07-08 17:51 - 2014-07-08 17:50 - 02084352 _____ (Farbar) C:\Users\daniel\Downloads\FRST64.exe

2014-07-08 17:51 - 2013-07-18 22:27 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\uTorrent

2014-07-08 17:03 - 2013-07-18 22:15 - 00000000 ____D () C:\Users\daniel\AppData\Local\Packages

2014-07-08 17:03 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\AUInstallAgent

2014-07-08 17:01 - 2014-07-07 15:57 - 00107822 _____ () C:\Users\daniel\Downloads\OTL.Txt

2014-07-08 17:00 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\sru

2014-07-08 16:58 - 2013-07-18 22:21 - 00001022 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-07-08 16:42 - 2013-10-22 17:52 - 00000000 ____D () C:\ProgramData\MFAData

2014-07-08 16:20 - 2014-04-18 16:46 - 01128590 _____ () C:\windows\WindowsUpdate.log

2014-07-08 16:14 - 2014-07-08 16:11 - 00001797 _____ () C:\Users\daniel\Desktop\chrome - Atalho.lnk

2014-07-08 16:14 - 2013-10-31 01:35 - 00004966 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for DANIEL-daniel Daniel

2014-07-08 16:03 - 2014-07-08 16:03 - 00000727 _____ () C:\Users\daniel\Desktop\play-TheForest - Atalho.lnk

2014-07-08 16:01 - 2014-07-08 16:01 - 00001187 _____ () C:\Users\daniel\Desktop\utorrent - Atalho.lnk

2014-07-08 16:00 - 2013-11-12 23:54 - 00000000 ____D () C:\Program Files (x86)\Steam

2014-07-08 15:59 - 2014-07-07 16:12 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-08 15:59 - 2013-07-18 22:21 - 00001018 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-07-08 15:59 - 2012-07-26 08:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT

2014-07-08 15:58 - 2012-07-26 06:26 - 00262144 ___SH () C:\windows\system32\config\BBI

2014-07-08 15:57 - 2014-07-07 14:34 - 00002166 _____ () C:\Users\daniel\Desktop\unhide.txt

2014-07-08 15:48 - 2014-07-07 01:04 - 00000000 ____D () C:\Users\daniel\Downloads\Noah (2014) [1080p]

2014-07-08 15:29 - 2013-07-26 20:46 - 00000000 ____D () C:\Program Files (x86)\BS_Player_ControlBar

2014-07-08 00:14 - 2012-07-26 06:26 - 00262144 ___SH () C:\windows\system32\config\ELAM

2014-07-07 20:32 - 2012-08-02 02:24 - 00776694 _____ () C:\windows\system32\prfh0816.dat

2014-07-07 20:32 - 2012-08-02 02:24 - 00159974 _____ () C:\windows\system32\prfc0816.dat

2014-07-07 20:32 - 2012-07-26 08:28 - 01784926 _____ () C:\windows\system32\PerfStringBackup.INI

2014-07-07 18:55 - 2014-07-07 15:33 - 00029696 _____ () C:\windows\SysWOW64\Drivers\TrueSight.sys

2014-07-07 18:51 - 2014-07-07 18:49 - 00001797 _____ () C:\Users\daniel\Desktop\fm.exe.lnk

2014-07-07 18:40 - 2014-06-10 18:30 - 00089464 _____ () C:\windows\PFRO.log

2014-07-07 18:36 - 2014-07-07 18:36 - 00000000 ____D () C:\_OTL

2014-07-07 18:19 - 2014-07-07 18:19 - 00001132 _____ () C:\Users\daniel\Desktop\OTL.exe.lnk

2014-07-07 18:02 - 2014-07-07 18:01 - 00002186 _____ () C:\Users\daniel\Desktop\Rkill.txt

2014-07-07 18:00 - 2014-07-07 18:00 - 00001482 _____ () C:\Users\daniel\Downloads\iExplore.exe - Atalho.lnk

2014-07-07 17:59 - 2014-07-07 17:59 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\daniel\Downloads\iExplore.exe

2014-07-07 17:43 - 2013-07-18 22:25 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3878485727-3170171642-3420939130-1002

2014-07-07 17:30 - 2014-07-07 17:30 - 00001210 _____ () C:\Users\daniel\Desktop\RogueKiller.exe.lnk

2014-07-07 17:27 - 2014-07-07 17:25 - 00001167 _____ () C:\Users\daniel\Desktop\unhide.exe.lnk

2014-07-07 16:43 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\WinStore

2014-07-07 16:41 - 2013-08-11 10:27 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Movdap

2014-07-07 16:12 - 2014-07-07 16:12 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-07 16:12 - 2014-07-07 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-07 16:12 - 2014-07-07 16:12 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-07-07 16:12 - 2014-07-07 16:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-07-07 16:11 - 2014-07-07 16:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\daniel\Downloads\mbam-setup-2.0.2.1012.exe

2014-07-07 16:00 - 2014-07-07 16:00 - 00102128 _____ () C:\Users\daniel\Downloads\Extras.Txt

2014-07-07 15:44 - 2014-07-07 15:44 - 00602112 _____ (OldTimer Tools) C:\Users\daniel\Downloads\OTL.exe

2014-07-07 15:33 - 2014-07-07 15:33 - 04764760 _____ () C:\Users\daniel\Downloads\RogueKiller.exe

2014-07-07 15:33 - 2014-07-07 15:33 - 00000000 ____D () C:\ProgramData\RogueKiller

2014-07-07 15:27 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\SysWOW64\tr-TR

2014-07-07 15:01 - 2014-03-31 11:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-07-07 14:34 - 2014-07-07 14:34 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\daniel\Downloads\unhide.exe

2014-07-07 14:10 - 2014-07-07 14:05 - 00000000 ____D () C:\Program Files (x86)\globalUpdate

2014-07-07 14:09 - 2013-10-22 17:58 - 00000000 ____D () C:\ProgramData\AVG2014

2014-07-07 14:08 - 2014-07-07 14:07 - 00000000 ____D () C:\Program Files (x86)\SupTab

2014-07-07 14:08 - 2014-06-11 19:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2014-07-07 14:08 - 2014-06-11 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle

2014-07-07 14:08 - 2014-05-31 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames

2014-07-07 14:08 - 2014-05-29 13:53 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlagueInc 1.0

2014-07-07 14:08 - 2014-05-24 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-07-07 14:08 - 2014-04-20 23:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74

2014-07-07 14:08 - 2014-04-08 15:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Paradigm

2014-07-07 14:08 - 2014-03-21 01:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronics Workbench

2014-07-07 14:08 - 2014-03-07 00:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2014-07-07 14:08 - 2014-01-17 22:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy

2014-07-07 14:08 - 2013-11-17 21:44 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2014-07-07 14:08 - 2013-11-12 23:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

2014-07-07 14:08 - 2013-11-09 01:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps

2014-07-07 14:08 - 2013-10-27 23:05 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013

2014-07-07 14:08 - 2013-10-27 22:38 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2014-07-07 14:08 - 2013-10-27 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2014-07-07 14:08 - 2013-10-22 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans

2014-07-07 14:08 - 2013-10-22 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit

2014-07-07 14:08 - 2013-08-12 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio 2.7

2014-07-07 14:08 - 2013-07-26 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player

2014-07-07 14:08 - 2013-07-25 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro

2014-07-07 14:08 - 2013-07-25 13:17 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly

2014-07-07 14:08 - 2013-07-25 13:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer

2014-07-07 14:08 - 2013-07-20 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desura

2014-07-07 14:08 - 2013-07-18 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO

2014-07-07 14:08 - 2013-07-18 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-07-07 14:08 - 2013-07-18 22:13 - 00000000 ___RD () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-07-07 14:08 - 2013-07-18 22:13 - 00000000 ___RD () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-07-07 14:08 - 2013-07-18 22:13 - 00000000 ___RD () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-07-07 14:08 - 2013-04-10 16:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2014-07-07 14:08 - 2013-04-10 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRS Labs

2014-07-07 14:08 - 2013-04-10 16:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel

2014-07-07 14:08 - 2013-01-31 23:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp® center

2014-07-07 14:08 - 2013-01-31 23:35 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA

2014-07-07 14:08 - 2012-07-26 09:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools

2014-07-07 14:05 - 2014-07-07 14:05 - 00000000 ____D () C:\Users\daniel\AppData\Local\globalUpdate

2014-07-07 01:38 - 2013-09-09 14:07 - 00000000 ____D () C:\Games

2014-07-07 01:04 - 2014-07-07 01:00 - 00000000 ____D () C:\Users\daniel\Downloads\3DMGAME-The.Forest.Public.Alpha.v0.03.Build.20140701.Cracked-3DM

2014-07-04 18:25 - 2013-10-22 16:50 - 00000000 ____D () C:\Users\daniel\Documents\NetBeansProjects

2014-07-03 18:18 - 2014-07-03 16:25 - 00000000 ____D () C:\Program Files (x86)\Age of Mythology Extended Edition

2014-07-03 18:17 - 2013-11-19 17:57 - 00000000 ____D () C:\Program Files (x86)\Age of Empires II HD The Forgotten

2014-07-03 02:09 - 2014-07-03 02:09 - 00022234 _____ () C:\Users\daniel\Downloads\[kickass.to]age.of.mythology.extended.edition.reloaded.torrent

2014-06-29 23:44 - 2014-06-29 23:44 - 00681218 _____ () C:\Users\daniel\Downloads\EI_130221017_130221080.rar

2014-06-29 21:30 - 2014-06-29 21:13 - 00000000 ____D () C:\Users\daniel\Documents\JD GUI

2014-06-29 21:13 - 2014-06-29 21:13 - 00788580 _____ () C:\Users\daniel\Downloads\jd-gui-0.3.6.windows.zip

2014-06-28 18:57 - 2013-12-11 20:35 - 00000000 ____D () C:\netbeans

2014-06-27 23:41 - 2013-11-02 13:54 - 00755200 ___SH () C:\Users\daniel\Downloads\Thumbs.db

2014-06-26 23:20 - 2014-06-26 23:20 - 00503622 _____ () C:\Users\daniel\Downloads\Projeto MSI 2014 -Epoca de Recurso.zip

2014-06-26 20:00 - 2014-04-26 23:07 - 00101888 ___SH () C:\Users\daniel\Desktop\Thumbs.db

2014-06-25 20:00 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\rescache

2014-06-24 11:52 - 2014-06-24 11:52 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf

2014-06-24 11:52 - 2014-06-11 19:32 - 00000399 _____ () C:\windows\setupact.log

2014-06-21 15:53 - 2013-07-18 22:21 - 00003994 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-06-21 15:53 - 2013-07-18 22:21 - 00003758 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-06-20 18:32 - 2014-04-08 15:06 - 00000000 ____D () C:\Users\daniel\vpworkspace

2014-06-18 22:38 - 2014-06-18 22:38 - 05470664 _____ (Microsoft Corporation) C:\Users\daniel\Downloads\proofingtools_pt-pt-x86.exe

2014-06-18 22:38 - 2014-06-18 22:38 - 00000000 ____D () C:\Program Files (x86)\MSECache

2014-06-18 12:43 - 2014-06-18 12:42 - 00000000 ____D () C:\Users\daniel\Downloads\The Forest Early Access 0.02 PC game ^^nosTEAM^^

2014-06-17 20:21 - 2014-06-17 20:21 - 00012487 _____ () C:\Users\daniel\Documents\Cromos.xlsx

2014-06-17 19:51 - 2013-10-27 22:55 - 00000000 ____D () C:\Users\daniel\AppData\Local\Microsoft Help

2014-06-17 16:21 - 2014-06-17 16:21 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx64.sys

2014-06-17 16:07 - 2014-06-17 16:07 - 00328984 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgloga.sys

2014-06-17 16:06 - 2014-06-17 16:06 - 00242968 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys

2014-06-17 16:06 - 2014-06-17 16:06 - 00190744 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsha.sys

2014-06-17 16:06 - 2014-06-17 16:06 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys

2014-06-17 16:06 - 2014-06-17 16:06 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx64.sys

2014-06-17 16:06 - 2014-06-17 16:06 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgrkx64.sys

2014-06-16 11:23 - 2014-06-16 11:23 - 00067067 _____ () C:\Users\daniel\Downloads\wareztugatv-streamer (4).crx

2014-06-16 10:45 - 2014-06-16 10:45 - 00183952 _____ () C:\Users\daniel\Downloads\Squash.zip

2014-06-14 13:18 - 2013-10-27 22:55 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-06-13 16:56 - 2014-03-20 12:26 - 05198640 _____ () C:\windows\system32\FNTCACHE.DAT

2014-06-13 16:56 - 2013-04-10 16:04 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation

2014-06-12 19:21 - 2012-07-26 08:59 - 00000000 ____D () C:\windows\CbsTemp

2014-06-12 19:17 - 2013-08-02 20:35 - 00000000 ____D () C:\windows\system32\MRT

2014-06-12 19:13 - 2013-07-20 12:09 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

2014-06-11 19:52 - 2014-06-11 19:32 - 00000000 ____D () C:\Users\daniel\AppData\Local\NVIDIA Corporation

2014-06-11 19:52 - 2014-06-11 19:32 - 00000000 ____D () C:\Users\daniel\AppData\Local\NVIDIA

2014-06-11 19:32 - 2014-06-11 19:32 - 00000000 _____ () C:\windows\setuperr.log

2014-06-11 19:32 - 2014-06-11 18:51 - 00000000 ____D () C:\ProgramData\Tunngle

2014-06-11 19:32 - 2014-06-11 18:44 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Tunngle

2014-06-11 19:32 - 2013-04-10 16:04 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation

2014-06-11 19:32 - 2013-04-10 16:03 - 00000000 ____D () C:\Program Files\NVIDIA Corporation

2014-06-11 19:31 - 2014-06-11 19:31 - 30000520 _____ (NVIDIA Corporation) C:\Users\daniel\Downloads\GeForce_Experience_v2.1.0.0.exe

2014-06-11 18:52 - 2014-06-11 18:45 - 00000000 _____ () C:\windows\SysWOW64\Access.dat

2014-06-11 18:51 - 2014-06-11 18:51 - 00000000 ____D () C:\Users\Public\Documents\Tunngle

2014-06-11 18:51 - 2014-06-11 18:51 - 00000000 ____D () C:\Program Files (x86)\Tunngle

2014-06-11 18:44 - 2014-06-11 18:44 - 00000000 ____D () C:\Users\daniel\Documents\Tunngle

2014-06-11 18:43 - 2014-06-11 18:43 - 04055968 _____ (Tunngle.net GmbH ) C:\Users\daniel\Downloads\Tunngle_Setup_v4.5.1.4b.exe

2014-06-11 17:12 - 2014-06-11 17:12 - 602894349 _____ () C:\Users\daniel\Downloads\The Stomping Land Fix Totem.rar

2014-06-11 16:59 - 2014-04-20 23:51 - 00000000 ____D () C:\DOSBox-0.74

2014-06-10 18:00 - 2014-06-10 16:00 - 00000000 ____D () C:\Program Files (x86)\Outlast Whistleblower

2014-06-09 23:43 - 2014-06-09 23:13 - 00000000 ____D () C:\Users\daniel\Downloads\The Forest Early Access 0.01b PC game ^^nosTEAM^^

2014-06-09 23:10 - 2014-06-09 23:10 - 00012300 _____ () C:\Users\daniel\Downloads\[kickass.to]the.forest.early.access.0.01b.pc.game.nosteam.torrent

2014-06-09 22:44 - 2014-06-09 00:20 - 664029124 _____ (Cat-A-Cat ) C:\Users\daniel\Downloads\The Forest.exe

2014-06-09 00:18 - 2014-06-09 00:18 - 00013191 _____ () C:\Users\daniel\Downloads\[kickass.to]the.forest.early.access.2014.pc.repack.torrent

2014-06-08 22:23 - 2014-05-31 17:28 - 00000000 ____D () C:\AeriaGames

2014-06-08 22:20 - 2014-05-31 17:58 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames

 

Files to move or delete:

====================

C:\Users\daniel\AppData\Roaming\CamLayout.ini

C:\Users\daniel\AppData\Roaming\CamShapes.ini

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-07-02 14:37

 

==================== End Of Log ============================
Link to post
Share on other sites

And here the Addiction.txt:
 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01
Ran by daniel at 2014-07-08 17:52:43
Running from C:\Users\daniel\Downloads
Boot Mode: Normal
==========================================================


 
 
 
==================== Security Center ========================
 
AV: AVG Internet Security 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
 
==================== Installed Programs ======================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.3.1.29938 - BitTorrent Inc.)
Actualizações da NVIDIA 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.111 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Age of Empires II HD The Forgotten (HKLM-x32\...\QWdlb2ZFbXBpcmVzSUlIRFRoZUZvcmdvdHRlbg==_is1) (Version: 1 - )
Age of Mythology Gold Edition 1.00 (HKLM-x32\...\Age of Mythology Gold Edition 1.00) (Version:  - )
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4716 - AVG Technologies)
AVG 2014 (Version: 14.0.3986 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4716 - AVG Technologies) Hidden
Balsamiq Mockups For Desktop (HKLM-x32\...\BalsamiqMockupsForDesktop.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1) (Version: 2.2.21 - Balsamiq SRL)
Balsamiq Mockups For Desktop (x32 Version: 2.2.21 - Balsamiq SRL) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bizagi Process Modeler (HKLM-x32\...\InstallShield_{15F1B53E-973B-4147-A530-6D03D285931D}) (Version: 2.6.04 - Bizagi Limited)
Bizagi Process Modeler (Version: 2.6.04 - Bizagi Limited) Hidden
BS Player ControlBar Toolbar (HKLM-x32\...\BS_Player_ControlBar Toolbar) (Version: 6.14.0.28 - BS Player ControlBar)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.64.1073 - AB Team, d.o.o.)
Bundled software uninstaller (HKLM-x32\...\bi_uninstaller) (Version:  - ) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 4.07 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0335 - Disc Soft Ltd)
Dealply (HKCU\...\Dealply) (Version:  - ) <==== ATTENTION
DealPly (remove only) (HKLM-x32\...\DealPly) (Version: 4.8.7.2 - DealPly Technologies Ltd.) <==== ATTENTION
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6FBE07BA-4C6D-451A-90AB-05250B8F08F2}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{2BC398D2-11C8-43B1-AB84-675D33EB28C2}) (Version:  - Microsoft)
Desura (HKLM-x32\...\Desura) (Version: 100.53 - Desura)
Electronics Workbench V5.12 (HKLM-x32\...\Electronics_Workbench_V5) (Version:  - )
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
Ferramentas de Verificação do Microsoft Office 2013 - Português (HKLM-x32\...\{90150000-001F-0816-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Football Manager 2014 (HKLM-x32\...\Football Manager 2014_is1) (Version: Football Manager 2014 - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Galeria de Fotografias (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Intel AppUp® center (HKLM-x32\...\Intel AppUp® center 41663) (Version: 3.8.0.41663.61 - Intel)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2875 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware versão 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Access MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Word MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
My Game Long Name (HKLM\...\UDK-6d15850e-2822-4118-a23f-ea7b1ba58c8e) (Version:  - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-c9f71a33-59e4-4032-a926-a84ce892baf5) (Version:  - Epic Games, Inc.)
NetBeans IDE 7.4 (HKLM-x32\...\nbi-nb-base-7.4.0.0.201310111528) (Version: 7.4 - NetBeans.org)
NVIDIA Control Panel 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Optimizer Pro v3.0 (HKLM-x32\...\Optimizer Pro_is1) (Version: 3.0 - PC Utilities Pro) <==== ATTENTION
Os Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.631 - Electronic Arts)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Outlast: Whistleblower (HKLM-x32\...\T3V0bGFzdFdoaXN0bGVibG93ZXI=_is1) (Version: 1 - )
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PlagueInc 1.0 (HKLM-x32\...\PlagueInc 1.0) (Version: 1.0 - Cat-A-Cat)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.6 - Power Software Ltd)
Realtek Bluetooth Filter Driver Package (HKLM-x32\...\InstallShield_{0CC0980D-811D-43B8-A455-8D150EB5BC0D}) (Version: 12.24.2012.0802 - REALTEK Semiconductor Corp)
Realtek Bluetooth Filter Driver Package (x32 Version: 12.24.2012.0802 - REALTEK Semiconductor Corp) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6794 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
SRS Premium Sound Control Panel (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.5000 - SRS Labs, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Meat Boy v1.5 (HKLM-x32\...\Super Meat Boy v1.5_is1) (Version:  - Team Meat)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.21 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.08.6402 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6417 - Toshiba Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.51.8.2C - TOSHIBA CORPORATION)
TOSHIBA Flash Cards Support Utility (x32 Version: 1.51.8.2C - TOSHIBA CORPORATION) Hidden
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6626.6410 - Toshiba Corporation)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.5.1.1 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 1.0.0.5C - Toshiba Corporation)
TOSHIBA Password Utility (x32 Version: 1.0.0.5C - Toshiba Corporation) Hidden
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.1.54043006 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B8C8422F-01F1-4791-B084-047AAFF9BFCC}) (Version: 2.4.4 - TOSHIBA)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0015 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.1.0.21-A - Toshiba Corporation)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Update for Microsoft Excel 2013 (KB2760339) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0816-0000-0000000FF1CE}_Office15.PROPLUS_{5AF12BAD-24FF-4435-AD4D-028304D2C2CB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2760339) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0816-0000-0000000FF1CE}_Office15.PROPLUS_{5AF12BAD-24FF-4435-AD4D-028304D2C2CB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2760339) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0816-0000-0000000FF1CE}_Office15.PROPLUS_{5AF12BAD-24FF-4435-AD4D-028304D2C2CB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2760339) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0816-0000-0000000FF1CE}_Office15.PROPLUS_{5AF12BAD-24FF-4435-AD4D-028304D2C2CB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2760512) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0816-0000-0000000FF1CE}_Office15.PROPLUS_{111488AB-6858-4070-9E96-C897651BE6A2}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2760556) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4E4070FA-FD57-4525-B386-654E72B17AA3}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{AC57CF13-C24E-4C00-969F-5394DAE589C5}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{A4EACEBA-1944-45DB-B547-8967AA7926B9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4F307363-49DA-4AE7-9D9D-DAA1FF59274F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2752025) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{85BB7F80-F649-4890-83A5-BFB757DCC83F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2752094) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{3028DB10-7144-49CC-AC4E-86DDC0D80BC2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4F8AD68D-9F41-446E-AA81-C43BF88671BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760343) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{09745343-EFB5-47DB-A2A3-D6DAA2EDCD43}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7E8D777B-BD75-480D-AC03-AF9C3D83CDBF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767860) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{ED03CCD1-6F78-4F6E-B16E-195C33B37D7A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0816-0000-0000000FF1CE}_Office15.PROPLUS_{D34A8FB9-6058-422A-A73E-6F65CB064F54}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2810014) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{ACA66343-9133-4E28-92D6-2311210B80CC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2810017) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{DD93525B-9AD5-4349-B2A3-357730A2A8F4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2810017) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0816-0000-0000000FF1CE}_Office15.PROPLUS_{6F4C1B87-473E-422E-A83D-676CCF53E525}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2810018) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7039E7CD-C93C-4F4E-9394-206E5AF19B71}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{9BC5FF1D-9626-44D7-BC7F-EB44BD8BDB9F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2878313) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1FB43AFB-8112-41B9-B9A6-A43474F46123}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{06EF2BF7-7351-4D70-A0D5-588FCCF9808D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{3365FE58-896F-45DE-8051-E48F6D8069FD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{A2D4D766-14AE-46CA-BD99-801FB1523626}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0C0A-0000-0000000FF1CE}_Office15.PROPLUSR_{17F87C6D-FB2C-40BA-9228-5C49C9A27972}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0090-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2768011) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{C72E5FFA-67C2-4800-A004-23540A3ADE78}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2768011) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0816-0000-0000000FF1CE}_Office15.PROPLUS_{DDAA5F4A-303A-45D5-9750-5383ECB9D82D}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2810015) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{62B432E8-BE85-4EAA-ACCF-27746B25E566}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2810015) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0816-0000-0000000FF1CE}_Office15.PROPLUS_{1CBE1B29-EFE4-4C9A-A113-CF20DB95B019}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{90150000-0019-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2767865) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{16BCD4A9-864A-45ED-8C6B-1D91BA9B6428}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2810019) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0816-1000-0000000FF1CE}_Office15.PROPLUS_{A5EB6A93-71B1-4CB1-87F7-75F7F7D7D071}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2810019) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0816-0000-0000000FF1CE}_Office15.PROPLUS_{A5EB6A93-71B1-4CB1-87F7-75F7F7D7D071}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Utility Common Driver (x32 Version: 1.0.52.6 - TOSHIBA) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
Visual Paradigm for UML 11.0 (HKLM\...\1106-5897-7327-6550) (Version: 11.0 - Visual Paradigm International Ltd.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.10.25 - WildTangent) Hidden
WildTangent Games App (x32 Version: 4.0.11.2 - WildTangent) Hidden
Windows Driver Package - Realtek Semiconductor Corp. RtkBtFilter Bluetooth  (07/11/2012 2.3.13.3) (HKLM\...\57F58DC141BEB353704E041792E5B00606694FEA) (Version: 07/11/2012 2.3.13.3 - Realtek Semiconductor Corp.)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 4.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
 
==================== Restore Points  =========================
 
24-06-2014 10:49:48 Windows Update
07-07-2014 18:10:48 OTL Restore Point - 07/07/2014 19:10:42
 
==================== Hosts content: ==========================
 
2012-07-26 06:26 - 2014-07-07 19:09 - 00000098 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2C7ABEE4-8A25-4BD9-B9D9-ADFFDA701E05} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-18] (Google Inc.)
Task: {66A74AA8-E1F6-43B6-B7EF-F8A37B7B5578} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DANIEL-daniel Daniel => C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2014-04-08] (Microsoft Corporation)
Task: {7726CE94-9C02-4DA7-917A-83748E6BA5C2} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {88586A48-8C16-4D83-B9FE-BDB5792B0127} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-06-12] (Microsoft Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B629A875-F919-4117-AEB4-31AE9FDD5030} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-18] (Toshiba Europe GmbH)
Task: {C686ED9B-B851-40CF-9951-92DF32C58151} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2012-07-27] (TOSHIBA Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {DC14CDE2-D3E6-45CB-AE36-709881040B2E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-18] (Google Inc.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F71E98DF-3732-4671-B7B0-D9B4FF6E9FB3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-05-14 08:15 - 2014-05-14 08:15 - 08890536 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-01-31 23:49 - 2012-10-23 22:44 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-10-31 23:15 - 2012-10-31 23:15 - 02565544 _____ () C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
2012-07-19 02:38 - 2012-07-19 02:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2012-07-19 02:38 - 2012-07-19 02:38 - 00049064 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\FnZ.dll
2012-08-14 03:13 - 2012-08-14 03:13 - 00018344 _____ () C:\Program Files\TOSHIBA\Teco\TecoMUI.dll
2012-08-04 23:01 - 2012-08-04 23:01 - 00213136 _____ () C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe
2011-08-12 22:57 - 2011-08-12 22:57 - 00437632 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\TcrdKBB.exe
2014-06-12 19:13 - 2014-06-12 19:13 - 01179136 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.UI\cce138051887d83dccffdc206031b09f\Windows.UI.ni.dll
2014-06-12 19:13 - 2014-06-12 19:13 - 00351232 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Data\c355b610137057eab41db4660c5c19e1\Windows.Data.ni.dll
2014-02-20 15:15 - 2014-02-20 15:15 - 00295936 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\674a093211b1f8a3e570f640741e3b98\Windows.Foundation.ni.dll
2014-05-24 13:05 - 2014-05-31 02:27 - 01116672 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-05-24 13:05 - 2014-05-31 02:27 - 00399360 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-01-08 20:46 - 2014-05-31 02:27 - 00331264 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-04-23 10:37 - 2014-05-31 02:27 - 00438784 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2013-10-24 10:45 - 2014-06-26 23:40 - 00764416 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-24 13:05 - 2014-06-30 22:47 - 02139328 _____ () C:\Program Files (x86)\Steam\video.dll
2014-05-24 13:05 - 2014-04-29 01:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2013-10-30 12:25 - 2014-06-30 22:46 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-10-23 13:07 - 2014-05-02 00:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-06-14 16:49 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-06-14 16:49 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-06-14 16:49 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-04-10 16:04 - 2012-10-03 03:51 - 00004096 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-04-10 16:02 - 2012-06-26 01:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-06-12 15:55 - 2014-06-05 14:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-12 15:55 - 2014-06-05 14:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-12 15:55 - 2014-06-05 14:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-12 15:55 - 2014-06-05 14:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-12 15:55 - 2014-06-05 14:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
HKLM\...\StartupApproved\Run32: => "Aeria Ignite"
HKCU\...\StartupApproved\Run: => "uTorrent"
HKCU\...\StartupApproved\Run: => "DAEMON Tools Lite"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/08/2014 00:18:01 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
Error: (07/07/2014 08:36:27 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNetworkStreamService did not shut down when asked, terminating. [0]
 
Error: (07/07/2014 08:36:26 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to launch stream service as user [87]
 
Error: (07/07/2014 08:36:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Explorer.EXE versão 6.2.9200.16628 deixou de interagir com o Windows e foi fechado. Para verificar se existem mais informações disponíveis sobre o problema, consulte o histórico de problemas no painel de controlo do Centro de Ação.
 
ID do Processo: 15f0
 
Hora de Início: 01cf9a1218405a56
 
Hora de Cessação: 0
 
Caminho da Aplicação: C:\windows\Explorer.EXE
 
ID do Relatório: b54ef636-060d-11e4-beb1-2cd05ac29869
 
Nome completo do pacote com falha: 
 
ID da aplicação relativa ao pacote com falha:
 
Error: (07/07/2014 08:28:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DANIEL)
Description: A ativação da aplicação Microsoft.BingSports_8wekyb3d8bbwe!AppexSports falhou com o erro: -2147024865. Consulte o registo Microsoft-Windows-TWinUI/Operacional para obter informações adicionais.
 
Error: (07/07/2014 08:28:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DANIEL)
Description: A ativação da aplicação Microsoft.BingWeather_8wekyb3d8bbwe!App falhou com o erro: -2147024865. Consulte o registo Microsoft-Windows-TWinUI/Operacional para obter informações adicionais.
 
Error: (07/07/2014 02:09:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: regsvr32.exe, versão: 6.2.9200.16384, carimbo de data/hora: 0x5010a64a
Nome do módulo com falha: ntdll.dll, versão: 6.2.9200.16578, carimbo de data/hora: 0x515fac6e
Código de exceção: 0xc0000005
Desvio de falha: 0x00043672
ID do processo com falha: 0x3c
Hora de início da aplicação com falha: 0xregsvr32.exe0
Caminho da aplicação com falha: regsvr32.exe1
Caminho do módulo com falha: regsvr32.exe2
ID do Relatório: regsvr32.exe3
Nome completo do pacote com falha: regsvr32.exe4
ID da aplicação relativa ao pacote com falha: regsvr32.exe5
 
Error: (07/07/2014 02:09:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: regsvr32.exe, versão: 6.2.9200.16384, carimbo de data/hora: 0x5010a64a
Nome do módulo com falha: Torntv V9.0-bho.dll, versão: 1.0.0.1, carimbo de data/hora: 0x53b9c7a3
Código de exceção: 0xc00000fd
Desvio de falha: 0x0003d717
ID do processo com falha: 0x3c
Hora de início da aplicação com falha: 0xregsvr32.exe0
Caminho da aplicação com falha: regsvr32.exe1
Caminho do módulo com falha: regsvr32.exe2
ID do Relatório: regsvr32.exe3
Nome completo do pacote com falha: regsvr32.exe4
ID da aplicação relativa ao pacote com falha: regsvr32.exe5
 
Error: (07/07/2014 02:06:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: regsvr32.exe, versão: 6.2.9200.16384, carimbo de data/hora: 0x5010a64a
Nome do módulo com falha: ntdll.dll, versão: 6.2.9200.16578, carimbo de data/hora: 0x515fac6e
Código de exceção: 0xc0000005
Desvio de falha: 0x00043672
ID do processo com falha: 0xd44
Hora de início da aplicação com falha: 0xregsvr32.exe0
Caminho da aplicação com falha: regsvr32.exe1
Caminho do módulo com falha: regsvr32.exe2
ID do Relatório: regsvr32.exe3
Nome completo do pacote com falha: regsvr32.exe4
ID da aplicação relativa ao pacote com falha: regsvr32.exe5
 
Error: (07/07/2014 02:06:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: regsvr32.exe, versão: 6.2.9200.16384, carimbo de data/hora: 0x5010a64a
Nome do módulo com falha: Torntv V9.0-bho.dll, versão: 1.0.0.1, carimbo de data/hora: 0x53b9c7a3
Código de exceção: 0xc00000fd
Desvio de falha: 0x0003d717
ID do processo com falha: 0xd44
Hora de início da aplicação com falha: 0xregsvr32.exe0
Caminho da aplicação com falha: regsvr32.exe1
Caminho do módulo com falha: regsvr32.exe2
ID do Relatório: regsvr32.exe3
Nome completo do pacote com falha: regsvr32.exe4
ID da aplicação relativa ao pacote com falha: regsvr32.exe5
 
 
System errors:
=============
Error: (07/08/2014 04:14:59 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: O nome "WORKGROUP      :1d" não pode ser registado na interface com o endereço IP 192.168.1.73.
O computador com o endereço IP 192.168.1.253 não permitiu que o nome 
fosse reivindicado por este computador.
 
Error: (07/07/2014 08:28:15 PM) (Source: DCOM) (EventID: 10001) (User: DANIEL)
Description: "C:\windows\system32\backgroundTaskHost.exe" -ServerName:AppexSports.AppXpgfzkkax0p24b53pgd813d7zpchsy299.mca31AppexSports.AppXzwt95zf827jx8vevssdmkdacbwrgjgeb.mcaIndisponívelIndisponível
 
Error: (07/07/2014 08:28:15 PM) (Source: DCOM) (EventID: 10001) (User: DANIEL)
Description: "C:\windows\system32\backgroundTaskHost.exe" -ServerName:App.AppX42r8evwg359fn5xfrxhj5nv2n3dnya3e.mca31App.AppXckhq7ex47a0jh2z0wj5cd086mqkeegzy.mcaIndisponívelIndisponível
 
Error: (07/07/2014 06:55:42 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\SysWow64\drivers\TrueSight.sys
 
Error: (07/07/2014 05:56:05 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\SysWow64\drivers\TrueSight.sys
 
Error: (07/07/2014 03:33:19 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\SysWow64\drivers\TrueSight.sys
 
Error: (07/07/2014 03:32:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: O serviço Serviço DealPly Live (dealplylive) falhou o arranque devido ao seguinte erro: 
%%2
 
Error: (07/07/2014 02:13:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: O serviço Serviço DealPly Live (dealplylive) falhou o arranque devido ao seguinte erro: 
%%2
 
Error: (07/07/2014 02:08:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço WindowsMangerProtect Service terminou inesperadamente. Isto aconteceu 1 vez(es).
 
Error: (07/03/2014 06:53:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: O serviço Serviço DealPly Live (dealplylive) falhou o arranque devido ao seguinte erro: 
%%2
 
 
Microsoft Office Sessions:
=========================
Error: (07/08/2014 00:18:01 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
Error: (07/07/2014 08:36:27 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNetworkStreamService did not shut down when asked, terminating. [0]
 
Error: (07/07/2014 08:36:26 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to launch stream service as user [87]
 
Error: (07/07/2014 08:36:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.2.9200.1662815f001cf9a1218405a560C:\windows\Explorer.EXEb54ef636-060d-11e4-beb1-2cd05ac29869
 
Error: (07/07/2014 08:28:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DANIEL)
Description: Microsoft.BingSports_8wekyb3d8bbwe!AppexSports-2147024865
 
Error: (07/07/2014 08:28:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DANIEL)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2147024865
 
Error: (07/07/2014 02:09:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: regsvr32.exe6.2.9200.163845010a64antdll.dll6.2.9200.16578515fac6ec0000005000436723c01cf99e4a2d8cc16C:\windows\SysWOW64\regsvr32.exeC:\windows\SYSTEM32\ntdll.dlle1922f75-05d7-11e4-beab-2cd05ac29869
 
Error: (07/07/2014 02:09:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: regsvr32.exe6.2.9200.163845010a64aTorntv V9.0-bho.dll1.0.0.153b9c7a3c00000fd0003d7173c01cf99e4a2d8cc16C:\windows\SysWOW64\regsvr32.exeC:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho.dlle0b2a523-05d7-11e4-beab-2cd05ac29869
 
Error: (07/07/2014 02:06:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: regsvr32.exe6.2.9200.163845010a64antdll.dll6.2.9200.16578515fac6ec000000500043672d4401cf99e43287948bC:\windows\SysWOW64\regsvr32.exeC:\windows\SYSTEM32\ntdll.dll7422db6b-05d7-11e4-beab-2cd05ac29869
 
Error: (07/07/2014 02:06:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: regsvr32.exe6.2.9200.163845010a64aTorntv V9.0-bho.dll1.0.0.153b9c7a3c00000fd0003d717d4401cf99e43287948bC:\windows\SysWOW64\regsvr32.exeC:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho.dll723b7833-05d7-11e4-beab-2cd05ac29869
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 41%
Total physical RAM: 8081.68 MB
Available physical RAM: 4714.96 MB
Total Pagefile: 9297.68 MB
Available Pagefile: 6322.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
 
==================== Drives ================================
 
Drive c: (TI31049100A) (Fixed) (Total:918.63 GB) (Free:792.6 GB) NTFS
Drive d: (finalpor) (CDROM) (Total:0.17 GB) (Free:0 GB) CDFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================



And the aswMBR.txt:

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-07-08 17:56:12
-----------------------------
17:56:12.577    OS Version: Windows x64 6.2.9200 
17:56:12.577    Number of processors: 8 586 0x3A09
17:56:12.579    ComputerName: DANIEL  UserName: daniel
17:56:15.613    Initialize success
17:56:15.707    VM: initialized successfully
17:56:15.710    VM: Intel CPU supported 
17:56:58.491    VM: disk I/O iaStorA.sys
17:58:09.845    AVAST engine defs: 14070801
17:58:51.159    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000045
17:58:51.164    Disk 0 Vendor: TOSHIBA_MQ01ABD100 AX003M Size: 953869MB BusType: 11
17:58:51.306    Disk 0 MBR read successfully
17:58:51.312    Disk 0 MBR scan
17:58:51.319    Disk 0 unknown MBR code
17:58:51.325    Disk 0 Partition 1 00     EE          GPT           2097151 MB offset 1
17:58:51.475    Disk 0 scanning C:\windows\system32\drivers
17:59:05.134    Service scanning
17:59:53.703    Modules scanning
17:59:53.716    Disk 0 trace - called modules:
17:59:54.065    ntoskrnl.exe CLASSPNP.SYS disk.sys thpdrv.sys ACPI.sys storport.sys hal.dll iaStorA.sys 
17:59:54.074    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008dfa060]
17:59:54.082    3 CLASSPNP.SYS[fffff88000c01e0a] -> nt!IofCallDriver -> \Device\THPDRV1[0xfffffa8008dfb060]
17:59:54.090    5 thpdrv.sys[fffff880021e5b3b] -> nt!IofCallDriver -> [0xfffffa8007b21dd0]
17:59:54.098    7 ACPI.sys[fffff88001179a91] -> nt!IofCallDriver -> \Device\00000045[0xfffffa8007a9e060]
17:59:56.823    AVAST engine scan C:\windows
18:00:04.534    AVAST engine scan C:\windows\system32
18:04:27.368    AVAST engine scan C:\windows\system32\drivers
18:04:49.502    AVAST engine scan C:\Users\daniel
18:08:52.553    File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Desktop.OS.dll  **INFECTED** Win32:Webcake-A [Adw]
18:08:52.636    File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Dora.dat  **INFECTED** Win32:Webcake-A [Adw]
18:08:52.719    File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Maintain.dat  **INFECTED** Win32:Webcake-A [Adw]
18:08:52.771    File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Paladin.dat  **INFECTED** Win32:Webcake-A [Adw]
18:08:52.890    File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Phoenix.dat  **INFECTED** Win32:Webcake-A [Adw]
18:11:57.056    AVAST engine scan C:\ProgramData
18:13:16.368    Scan finished successfully
18:18:34.122    Disk 0 MBR has been saved successfully to "C:\Users\daniel\Desktop\MBR.dat"
18:18:34.127    The log file has been saved successfully to "C:\Users\daniel\Desktop\aswMBR.txt"
Link to post
Share on other sites

Your logs show obvious signs of having cracked software on your system. This is the main reason your computer is infected. Visiting cracksites/warezsites - and other questionable/illegal sites is always a risk.

Even a single click on the site can drop multiple forms of very serious malware, many of which disable your onboard protection, and System Restore.

If you install the cracked software, you are running executable files from these dubious, unknown sources. You are in effect giving these sources access to information on your hard disk, and potential control over the operation of your computer.

Additionally, cracked programs are illegal. Referring to the Forum Rules which you should have read at the time of Registering at this forum, this forum does not support illegal activity. As such, be advised that any request for assistance in removing malware may go unanswered, or may be discontinued, if the cracked (illegal) software is still present on the machine

Having said that we can help you clean your machine this time BUT this would be a ONCE ONLY offer on the understanding that all cracks are removed. This would apply not only here but at many other Malware Support forums if you were to appear again with cracks onboard, as many of us analysts work at multiple support sites. Please remove all cracked software and illegally obtained copyrighted material you have on the system so we may continue with the clean up.

Link to post
Share on other sites

Here it is the FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01

Ran by daniel (administrator) on DANIEL on 08-07-2014 18:59:34
Running from C:\Users\daniel\Downloads
Platform: Windows 8 (X64) OS Language: Português (Portugal)
Internet Explorer Version 10
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13261456 2012-11-29] (Realtek Semiconductor)
HKLM\...\Run: [sRS Premium Sound 3D] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-20] (SRS Labs, Inc.)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565544 2012-10-31] ()
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-04] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosPU] => C:\Program Files\TOSHIBA\PasswordUtility\TosPU.exe [2374552 2012-08-27] (Copyright © TOSHIBA Corp. 2012)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2350880 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [shadowPlay] => C:\windows\system32\nvspcap64.dll [1279480 2014-05-29] (NVIDIA Corporation)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [intel AppUp® center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-12-18] (Intel Corporation)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2012-07-21] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-07-03] (Power Software Ltd)
HKLM-x32\...\Run: [tuto4pc_pt_18] => [X]
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5179408 2014-06-17] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3878485727-3170171642-3420939130-1002\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-3878485727-3170171642-3420939130-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKU\S-1-5-21-3878485727-3170171642-3420939130-1002\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
HKU\S-1-5-21-3878485727-3170171642-3420939130-1002\...\Run: [Akamai NetSession Interface] => C:\Users\daniel\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3878485727-3170171642-3420939130-1002\...\Run: [spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1199576 2013-01-31] (Spotify Ltd)
HKU\S-1-5-21-3878485727-3170171642-3420939130-1002\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [1753280 2014-06-30] (Valve Corporation)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [247144 2012-10-03] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [202600 2012-10-03] (NVIDIA Corporation)
AppInit_DLLs-x32:  c:\progra~2\optimi~1\optpro~1.dll => "c:\progra~2\optimi~1\optpro~1.dll" File Not Found
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
URLSearchHook: HKLM-x32 - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.)
URLSearchHook: HKCU - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {C62BF5D9-086A-4A9E-854B-70C0EF781786} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {C62BF5D9-086A-4A9E-854B-70C0EF781786} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS
SearchScopes: HKCU - DefaultScope {C62BF5D9-086A-4A9E-854B-70C0EF781786} URL = 
SearchScopes: HKCU - {C62BF5D9-086A-4A9E-854B-70C0EF781786} URL = 
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.)
Toolbar: HKCU - No Name - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
 
Chrome: 
=======
CHR HomePage: hxxp://isearch.omiga-plus.com/?type=hp&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S
CHR StartupUrls: "https://www.google.com/"
CHR Extension: (wareztuga.tv streamer) - C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajnommifabkikkfaponcacapkfaghkcj [2014-06-16]
CHR Extension: (AdBlock) - C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-27]
CHR Extension: (Into The Mist) - C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh [2014-07-07]
CHR Extension: (Google Wallet) - C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR StartMenuInternet: Google Chrome - chrome.exe
 
==================== Services (Whitelisted) =================
 
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1417160 2014-06-17] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3241488 2014-06-27] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-12-05] (Realtek Semiconductor)
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-18] (Toshiba Europe GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [274712 2014-05-14] (AVG Technologies CZ, s.r.o.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-07-25] (Disc Soft Ltd)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-03] (Realtek Semiconductor Corp.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [24208 2012-07-11] (Realtek Microelectronics)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1498256 2012-08-29] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31032 2012-11-30] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows ® Win 7 DDK provider)
U3 TrueSight; C:\Windows\SysWOW64\drivers\TrueSight.sys [29696 2014-07-07] ()
S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]
S3 xhunter1; \??\C:\windows\xhunter1.sys [X]
U3 aswMBR; \??\C:\Users\daniel\AppData\Local\Temp\aswMBR.sys [X]
U3 aswVmm; \??\C:\Users\daniel\AppData\Local\Temp\aswVmm.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-07-08 18:18 - 2014-07-08 18:18 - 00002604 _____ () C:\Users\daniel\Desktop\aswMBR.txt
2014-07-08 18:18 - 2014-07-08 18:18 - 00000512 _____ () C:\Users\daniel\Desktop\MBR.dat
2014-07-08 17:52 - 2014-07-08 17:53 - 00052287 _____ () C:\Users\daniel\Downloads\Addition.txt
2014-07-08 17:52 - 2014-07-08 17:52 - 05185536 _____ (AVAST Software) C:\Users\daniel\Downloads\aswmbr.exe
2014-07-08 17:52 - 2014-07-08 17:52 - 00001484 _____ () C:\Users\daniel\Desktop\FRST64 - Atalho.lnk
2014-07-08 17:52 - 2014-07-08 17:52 - 00001484 _____ () C:\Users\daniel\Desktop\aswmbr - Atalho.lnk
2014-07-08 17:51 - 2014-07-08 19:00 - 00018561 _____ () C:\Users\daniel\Downloads\FRST.txt
2014-07-08 17:51 - 2014-07-08 18:59 - 00000000 ____D () C:\FRST
2014-07-08 17:50 - 2014-07-08 17:51 - 02084352 _____ (Farbar) C:\Users\daniel\Downloads\FRST64.exe
2014-07-08 16:11 - 2014-07-08 16:14 - 00001797 _____ () C:\Users\daniel\Desktop\chrome - Atalho.lnk
2014-07-08 16:03 - 2014-07-08 16:03 - 00000727 _____ () C:\Users\daniel\Desktop\play-TheForest - Atalho.lnk
2014-07-08 16:01 - 2014-07-08 16:01 - 00001187 _____ () C:\Users\daniel\Desktop\utorrent - Atalho.lnk
2014-07-07 18:49 - 2014-07-07 18:51 - 00001797 _____ () C:\Users\daniel\Desktop\fm.exe.lnk
2014-07-07 18:36 - 2014-07-07 18:36 - 00000000 ____D () C:\_OTL
2014-07-07 18:19 - 2014-07-07 18:19 - 00001132 _____ () C:\Users\daniel\Desktop\OTL.exe.lnk
2014-07-07 18:01 - 2014-07-07 18:02 - 00002186 _____ () C:\Users\daniel\Desktop\Rkill.txt
2014-07-07 18:00 - 2014-07-07 18:00 - 00001482 _____ () C:\Users\daniel\Downloads\iExplore.exe - Atalho.lnk
2014-07-07 17:59 - 2014-07-07 17:59 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\daniel\Downloads\iExplore.exe
2014-07-07 17:30 - 2014-07-07 17:30 - 00001210 _____ () C:\Users\daniel\Desktop\RogueKiller.exe.lnk
2014-07-07 17:25 - 2014-07-07 17:27 - 00001167 _____ () C:\Users\daniel\Desktop\unhide.exe.lnk
2014-07-07 16:12 - 2014-07-08 15:59 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-07 16:12 - 2014-07-07 16:12 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-07 16:12 - 2014-07-07 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-07 16:12 - 2014-07-07 16:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-07 16:12 - 2014-07-07 16:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-07 16:12 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-07-07 16:12 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-07-07 16:12 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-07-07 16:11 - 2014-07-07 16:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\daniel\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-07 16:00 - 2014-07-07 16:00 - 00102128 _____ () C:\Users\daniel\Downloads\Extras.Txt
2014-07-07 15:57 - 2014-07-08 17:01 - 00107822 _____ () C:\Users\daniel\Downloads\OTL.Txt
2014-07-07 15:44 - 2014-07-07 15:44 - 00602112 _____ (OldTimer Tools) C:\Users\daniel\Downloads\OTL.exe
2014-07-07 15:33 - 2014-07-07 18:55 - 00029696 _____ () C:\windows\SysWOW64\Drivers\TrueSight.sys
2014-07-07 15:33 - 2014-07-07 15:33 - 04764760 _____ () C:\Users\daniel\Downloads\RogueKiller.exe
2014-07-07 15:33 - 2014-07-07 15:33 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-07 14:34 - 2014-07-08 15:57 - 00002166 _____ () C:\Users\daniel\Desktop\unhide.txt
2014-07-07 14:34 - 2014-07-07 14:34 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\daniel\Downloads\unhide.exe
2014-07-07 14:07 - 2014-07-07 14:08 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-07 14:05 - 2014-07-07 14:10 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-07 14:05 - 2014-07-07 14:05 - 00000000 ____D () C:\Users\daniel\AppData\Local\globalUpdate
2014-07-07 01:04 - 2014-07-08 15:48 - 00000000 ____D () C:\Users\daniel\Downloads\Noah (2014) [1080p]
2014-07-07 01:00 - 2014-07-07 01:04 - 00000000 ____D () C:\Users\daniel\Downloads\forest 0.03
2014-07-03 16:25 - 2014-07-03 18:18 - 00000000 ____D () C:\Program Files (x86)\Age of Mythology Extended Edition
2014-07-03 02:09 - 2014-07-03 02:09 - 00022234 _____ () C:\Users\daniel\Downloads\[kickass.to]age.of.mythology.extended.edition.reloaded.torrent
2014-06-29 23:44 - 2014-06-29 23:44 - 00681218 _____ () C:\Users\daniel\Downloads\EI_130221017_130221080.rar
2014-06-29 21:13 - 2014-06-29 21:30 - 00000000 ____D () C:\Users\daniel\Documents\JD GUI
2014-06-29 21:13 - 2014-06-29 21:13 - 00788580 _____ () C:\Users\daniel\Downloads\jd-gui-0.3.6.windows.zip
2014-06-26 23:20 - 2014-06-26 23:20 - 00503622 _____ () C:\Users\daniel\Downloads\Projeto MSI 2014 -Epoca de Recurso.zip
2014-06-24 11:52 - 2014-06-24 11:52 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2014-06-18 22:38 - 2014-06-18 22:38 - 05470664 _____ (Microsoft Corporation) C:\Users\daniel\Downloads\proofingtools_pt-pt-x86.exe
2014-06-18 22:38 - 2014-06-18 22:38 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-06-18 12:42 - 2014-06-18 12:43 - 00000000 ____D () C:\Users\daniel\Downloads\The Forest Early Access 0.02 PC game ^^nosTEAM^^
2014-06-17 20:21 - 2014-06-17 20:21 - 00012487 _____ () C:\Users\daniel\Documents\Cromos.xlsx
2014-06-17 16:21 - 2014-06-17 16:21 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx64.sys
2014-06-17 16:07 - 2014-06-17 16:07 - 00328984 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgloga.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00242968 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00190744 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsha.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx64.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgrkx64.sys
2014-06-16 11:23 - 2014-06-16 11:23 - 00067067 _____ () C:\Users\daniel\Downloads\wareztugatv-streamer (4).crx
2014-06-16 10:45 - 2014-06-16 10:45 - 00183952 _____ () C:\Users\daniel\Downloads\Squash.zip
2014-06-11 19:32 - 2014-07-07 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-06-11 19:32 - 2014-06-24 11:52 - 00000399 _____ () C:\windows\setupact.log
2014-06-11 19:32 - 2014-06-11 19:52 - 00000000 ____D () C:\Users\daniel\AppData\Local\NVIDIA Corporation
2014-06-11 19:32 - 2014-06-11 19:52 - 00000000 ____D () C:\Users\daniel\AppData\Local\NVIDIA
2014-06-11 19:32 - 2014-06-11 19:32 - 00000000 _____ () C:\windows\setuperr.log
2014-06-11 19:32 - 2014-05-30 00:00 - 01291232 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll
2014-06-11 19:32 - 2014-05-30 00:00 - 01122312 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll
2014-06-11 19:32 - 2014-05-29 23:59 - 01715176 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll
2014-06-11 19:32 - 2014-05-29 23:59 - 01279480 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll
2014-06-11 19:32 - 2014-03-31 17:42 - 00040392 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys
2014-06-11 19:32 - 2014-03-31 17:42 - 00037320 _____ (NVIDIA Corporation) C:\windows\system32\nvaudcap64v.dll
2014-06-11 19:32 - 2014-03-31 17:42 - 00034760 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll
2014-06-11 19:31 - 2014-06-11 19:31 - 30000520 _____ (NVIDIA Corporation) C:\Users\daniel\Downloads\GeForce_Experience_v2.1.0.0.exe
2014-06-11 18:51 - 2014-07-08 18:57 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-06-11 18:51 - 2009-09-16 07:02 - 00031232 _____ (Tunngle.net) C:\windows\system32\Drivers\tap0901t.sys
2014-06-11 18:45 - 2014-06-11 18:52 - 00000000 _____ () C:\windows\SysWOW64\Access.dat
2014-06-11 18:44 - 2014-06-11 19:32 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Tunngle
2014-06-11 18:44 - 2014-06-11 18:44 - 00000000 ____D () C:\Users\daniel\Documents\Tunngle
2014-06-11 18:43 - 2014-06-11 18:43 - 04055968 _____ (Tunngle.net GmbH ) C:\Users\daniel\Downloads\Tunngle_Setup_v4.5.1.4b.exe
2014-06-11 17:12 - 2014-06-11 17:12 - 602894349 _____ () C:\Users\daniel\Downloads\The Stomping Land Fix Totem.rar
2014-06-11 10:08 - 2014-05-24 03:48 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-06-11 10:08 - 2014-05-24 03:47 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-06-11 10:08 - 2014-05-24 03:47 - 01366016 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-06-11 10:08 - 2014-05-24 03:47 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-06-11 10:08 - 2014-05-24 03:47 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-06-11 10:08 - 2014-05-24 03:46 - 19290112 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-06-11 10:08 - 2014-05-24 03:46 - 15368704 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-06-11 10:08 - 2014-05-24 03:46 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-06-11 10:08 - 2014-05-24 03:46 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-06-11 10:08 - 2014-05-24 03:46 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-06-11 10:08 - 2014-05-24 03:46 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-06-11 10:08 - 2014-05-24 03:46 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-06-11 10:08 - 2014-05-24 03:46 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-06-11 10:08 - 2014-05-24 03:46 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-06-11 10:08 - 2014-05-24 03:46 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-06-11 10:08 - 2014-05-24 03:45 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-06-11 10:08 - 2014-05-24 03:45 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-06-11 10:08 - 2014-05-24 03:45 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-06-11 10:08 - 2014-05-24 02:26 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-06-11 10:08 - 2014-05-24 02:26 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-06-11 10:08 - 2014-05-24 02:26 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-06-11 10:08 - 2014-05-24 02:26 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-06-11 10:08 - 2014-05-24 02:26 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-06-11 10:08 - 2014-05-24 02:25 - 13731328 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-06-11 10:08 - 2014-05-24 02:25 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-06-11 10:08 - 2014-05-24 02:25 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-06-11 10:08 - 2014-05-24 02:25 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-06-11 10:08 - 2014-05-24 02:25 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-06-11 10:08 - 2014-05-24 02:25 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-06-11 10:08 - 2014-05-24 02:25 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-06-11 10:08 - 2014-05-24 02:25 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-06-11 10:08 - 2014-05-24 02:09 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-06-11 10:08 - 2014-05-24 02:03 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-06-11 10:08 - 2014-05-23 23:37 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-06-11 10:08 - 2014-05-03 06:47 - 03246592 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-06-11 10:08 - 2014-05-03 04:34 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2014-06-11 10:08 - 2014-04-29 23:32 - 01301504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-06-11 10:08 - 2014-04-29 23:22 - 01023488 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-06-11 10:07 - 2014-05-24 03:46 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-06-11 10:07 - 2014-05-24 03:46 - 02650112 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-06-11 10:07 - 2014-05-24 02:26 - 14365696 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-06-11 10:07 - 2014-05-24 02:26 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-06-11 10:07 - 2014-05-24 02:25 - 02862080 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-06-11 10:07 - 2014-05-24 02:25 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-06-11 10:07 - 2014-05-24 02:25 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-06-11 10:07 - 2014-04-03 12:22 - 02233176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-06-11 10:07 - 2014-04-03 12:19 - 00328024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2014-06-11 10:07 - 2014-04-03 04:44 - 00619008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2014-06-11 10:07 - 2014-03-31 23:08 - 00387268 _____ () C:\windows\system32\ApnDatabase.xml
2014-06-11 10:07 - 2014-03-25 00:42 - 00305152 _____ (Microsoft Corporation) C:\windows\SysWOW64\wusa.exe
2014-06-11 10:07 - 2014-03-24 23:56 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\wusa.exe
2014-06-11 10:07 - 2014-03-07 01:47 - 01419264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-06-11 10:07 - 2014-03-07 01:08 - 01845760 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-06-10 18:30 - 2014-07-07 18:40 - 00089464 _____ () C:\windows\PFRO.log
2014-06-10 16:00 - 2014-06-10 18:00 - 00000000 ____D () C:\Program Files (x86)\Outlast Whistleblower
2014-06-09 23:13 - 2014-06-09 23:43 - 00000000 ____D () C:\Users\daniel\Downloads\The Forest Early Access 0.01b PC game ^^nosTEAM^^
2014-06-09 23:10 - 2014-06-09 23:10 - 00012300 _____ () C:\Users\daniel\Downloads\[kickass.to]the.forest.early.access.0.01b.pc.game.nosteam.torrent
2014-06-09 00:20 - 2014-06-09 22:44 - 664029124 _____ (Cat-A-Cat ) C:\Users\daniel\Downloads\The Forest.exe
2014-06-09 00:18 - 2014-06-09 00:18 - 00013191 _____ () C:\Users\daniel\Downloads\[kickass.to]the.forest.early.access.2014.pc.repack.torrent
 
==================== One Month Modified Files and Folders =======
 
2014-07-08 19:00 - 2014-07-08 17:51 - 00018561 _____ () C:\Users\daniel\Downloads\FRST.txt
2014-07-08 19:00 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\sru
2014-07-08 18:59 - 2014-07-08 17:51 - 00000000 ____D () C:\FRST
2014-07-08 18:58 - 2013-07-18 22:21 - 00001022 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-08 18:58 - 2013-01-31 23:35 - 00000000 ____D () C:\Program Files (x86)\InstallShield Installation Information
2014-07-08 18:57 - 2014-06-11 18:51 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-07-08 18:57 - 2013-11-12 23:54 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-08 18:57 - 2013-09-09 14:07 - 00000000 ____D () C:\Games
2014-07-08 18:57 - 2013-07-18 22:27 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\uTorrent
2014-07-08 18:42 - 2013-10-22 17:52 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-08 18:18 - 2014-07-08 18:18 - 00002604 _____ () C:\Users\daniel\Desktop\aswMBR.txt
2014-07-08 18:18 - 2014-07-08 18:18 - 00000512 _____ () C:\Users\daniel\Desktop\MBR.dat
2014-07-08 17:53 - 2014-07-08 17:52 - 00052287 _____ () C:\Users\daniel\Downloads\Addition.txt
2014-07-08 17:52 - 2014-07-08 17:52 - 05185536 _____ (AVAST Software) C:\Users\daniel\Downloads\aswmbr.exe
2014-07-08 17:52 - 2014-07-08 17:52 - 00001484 _____ () C:\Users\daniel\Desktop\FRST64 - Atalho.lnk
2014-07-08 17:52 - 2014-07-08 17:52 - 00001484 _____ () C:\Users\daniel\Desktop\aswmbr - Atalho.lnk
2014-07-08 17:52 - 2013-09-26 00:24 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Skype
2014-07-08 17:51 - 2014-07-08 17:50 - 02084352 _____ (Farbar) C:\Users\daniel\Downloads\FRST64.exe
2014-07-08 17:03 - 2013-07-18 22:15 - 00000000 ____D () C:\Users\daniel\AppData\Local\Packages
2014-07-08 17:03 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-07-08 17:01 - 2014-07-07 15:57 - 00107822 _____ () C:\Users\daniel\Downloads\OTL.Txt
2014-07-08 16:20 - 2014-04-18 16:46 - 01128590 _____ () C:\windows\WindowsUpdate.log
2014-07-08 16:14 - 2014-07-08 16:11 - 00001797 _____ () C:\Users\daniel\Desktop\chrome - Atalho.lnk
2014-07-08 16:14 - 2013-10-31 01:35 - 00004966 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for DANIEL-daniel Daniel
2014-07-08 16:03 - 2014-07-08 16:03 - 00000727 _____ () C:\Users\daniel\Desktop\play-TheForest - Atalho.lnk
2014-07-08 16:01 - 2014-07-08 16:01 - 00001187 _____ () C:\Users\daniel\Desktop\utorrent - Atalho.lnk
2014-07-08 15:59 - 2014-07-07 16:12 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-08 15:59 - 2013-07-18 22:21 - 00001018 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-08 15:59 - 2012-07-26 08:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-08 15:58 - 2012-07-26 06:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-07-08 15:57 - 2014-07-07 14:34 - 00002166 _____ () C:\Users\daniel\Desktop\unhide.txt
2014-07-08 15:48 - 2014-07-07 01:04 - 00000000 ____D () C:\Users\daniel\Downloads\Noah (2014) [1080p]
2014-07-08 15:29 - 2013-07-26 20:46 - 00000000 ____D () C:\Program Files (x86)\BS_Player_ControlBar
2014-07-08 00:14 - 2012-07-26 06:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-07-07 20:32 - 2012-08-02 02:24 - 00776694 _____ () C:\windows\system32\prfh0816.dat
2014-07-07 20:32 - 2012-08-02 02:24 - 00159974 _____ () C:\windows\system32\prfc0816.dat
2014-07-07 20:32 - 2012-07-26 08:28 - 01784926 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-07 18:55 - 2014-07-07 15:33 - 00029696 _____ () C:\windows\SysWOW64\Drivers\TrueSight.sys
2014-07-07 18:51 - 2014-07-07 18:49 - 00001797 _____ () C:\Users\daniel\Desktop\fm.exe.lnk
2014-07-07 18:40 - 2014-06-10 18:30 - 00089464 _____ () C:\windows\PFRO.log
2014-07-07 18:36 - 2014-07-07 18:36 - 00000000 ____D () C:\_OTL
2014-07-07 18:19 - 2014-07-07 18:19 - 00001132 _____ () C:\Users\daniel\Desktop\OTL.exe.lnk
2014-07-07 18:02 - 2014-07-07 18:01 - 00002186 _____ () C:\Users\daniel\Desktop\Rkill.txt
2014-07-07 18:00 - 2014-07-07 18:00 - 00001482 _____ () C:\Users\daniel\Downloads\iExplore.exe - Atalho.lnk
2014-07-07 17:59 - 2014-07-07 17:59 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\daniel\Downloads\iExplore.exe
2014-07-07 17:43 - 2013-07-18 22:25 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3878485727-3170171642-3420939130-1002
2014-07-07 17:30 - 2014-07-07 17:30 - 00001210 _____ () C:\Users\daniel\Desktop\RogueKiller.exe.lnk
2014-07-07 17:27 - 2014-07-07 17:25 - 00001167 _____ () C:\Users\daniel\Desktop\unhide.exe.lnk
2014-07-07 16:43 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\WinStore
2014-07-07 16:41 - 2013-08-11 10:27 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Movdap
2014-07-07 16:12 - 2014-07-07 16:12 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-07 16:12 - 2014-07-07 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-07 16:12 - 2014-07-07 16:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-07 16:12 - 2014-07-07 16:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-07 16:11 - 2014-07-07 16:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\daniel\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-07 16:00 - 2014-07-07 16:00 - 00102128 _____ () C:\Users\daniel\Downloads\Extras.Txt
2014-07-07 15:44 - 2014-07-07 15:44 - 00602112 _____ (OldTimer Tools) C:\Users\daniel\Downloads\OTL.exe
2014-07-07 15:33 - 2014-07-07 15:33 - 04764760 _____ () C:\Users\daniel\Downloads\RogueKiller.exe
2014-07-07 15:33 - 2014-07-07 15:33 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-07 15:27 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\SysWOW64\tr-TR
2014-07-07 15:01 - 2014-03-31 11:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-07-07 14:34 - 2014-07-07 14:34 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\daniel\Downloads\unhide.exe
2014-07-07 14:10 - 2014-07-07 14:05 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-07 14:09 - 2013-10-22 17:58 - 00000000 ____D () C:\ProgramData\AVG2014
2014-07-07 14:08 - 2014-07-07 14:07 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-07 14:08 - 2014-06-11 19:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-07-07 14:08 - 2014-05-31 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2014-07-07 14:08 - 2014-05-24 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-07 14:08 - 2014-04-20 23:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
2014-07-07 14:08 - 2014-04-08 15:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Paradigm
2014-07-07 14:08 - 2014-03-21 01:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronics Workbench
2014-07-07 14:08 - 2014-03-07 00:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-07-07 14:08 - 2014-01-17 22:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
2014-07-07 14:08 - 2013-11-17 21:44 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-07 14:08 - 2013-11-12 23:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-07 14:08 - 2013-11-09 01:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-07-07 14:08 - 2013-10-27 23:05 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-07-07 14:08 - 2013-10-27 22:38 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-07-07 14:08 - 2013-10-27 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-07-07 14:08 - 2013-10-22 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2014-07-07 14:08 - 2013-10-22 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-07-07 14:08 - 2013-08-12 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio 2.7
2014-07-07 14:08 - 2013-07-26 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
2014-07-07 14:08 - 2013-07-25 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro
2014-07-07 14:08 - 2013-07-25 13:17 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
2014-07-07 14:08 - 2013-07-25 13:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer
2014-07-07 14:08 - 2013-07-20 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desura
2014-07-07 14:08 - 2013-07-18 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2014-07-07 14:08 - 2013-07-18 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-07 14:08 - 2013-07-18 22:13 - 00000000 ___RD () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-07 14:08 - 2013-07-18 22:13 - 00000000 ___RD () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-07 14:08 - 2013-07-18 22:13 - 00000000 ___RD () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-07 14:08 - 2013-04-10 16:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-07 14:08 - 2013-04-10 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRS Labs
2014-07-07 14:08 - 2013-04-10 16:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-07-07 14:08 - 2013-01-31 23:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp® center
2014-07-07 14:08 - 2013-01-31 23:35 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2014-07-07 14:08 - 2012-07-26 09:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-07 14:05 - 2014-07-07 14:05 - 00000000 ____D () C:\Users\daniel\AppData\Local\globalUpdate
2014-07-07 01:04 - 2014-07-07 01:00 - 00000000 ____D () C:\Users\daniel\Downloads\forest 0.03
2014-07-04 18:25 - 2013-10-22 16:50 - 00000000 ____D () C:\Users\daniel\Documents\NetBeansProjects
2014-07-03 18:18 - 2014-07-03 16:25 - 00000000 ____D () C:\Program Files (x86)\Age of Mythology Extended Edition
2014-07-03 18:17 - 2013-11-19 17:57 - 00000000 ____D () C:\Program Files (x86)\Age of Empires II HD The Forgotten
2014-07-03 02:09 - 2014-07-03 02:09 - 00022234 _____ () C:\Users\daniel\Downloads\[kickass.to]age.of.mythology.extended.edition.reloaded.torrent
2014-06-29 23:44 - 2014-06-29 23:44 - 00681218 _____ () C:\Users\daniel\Downloads\EI_130221017_130221080.rar
2014-06-29 21:30 - 2014-06-29 21:13 - 00000000 ____D () C:\Users\daniel\Documents\JD GUI
2014-06-29 21:13 - 2014-06-29 21:13 - 00788580 _____ () C:\Users\daniel\Downloads\jd-gui-0.3.6.windows.zip
2014-06-28 18:57 - 2013-12-11 20:35 - 00000000 ____D () C:\netbeans
2014-06-27 23:41 - 2013-11-02 13:54 - 00755200 ___SH () C:\Users\daniel\Downloads\Thumbs.db
2014-06-26 23:20 - 2014-06-26 23:20 - 00503622 _____ () C:\Users\daniel\Downloads\Projeto MSI 2014 -Epoca de Recurso.zip
2014-06-26 20:00 - 2014-04-26 23:07 - 00101888 ___SH () C:\Users\daniel\Desktop\Thumbs.db
2014-06-25 20:00 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\rescache
2014-06-24 11:52 - 2014-06-24 11:52 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2014-06-24 11:52 - 2014-06-11 19:32 - 00000399 _____ () C:\windows\setupact.log
2014-06-21 15:53 - 2013-07-18 22:21 - 00003994 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-21 15:53 - 2013-07-18 22:21 - 00003758 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-20 18:32 - 2014-04-08 15:06 - 00000000 ____D () C:\Users\daniel\vpworkspace
2014-06-18 22:38 - 2014-06-18 22:38 - 05470664 _____ (Microsoft Corporation) C:\Users\daniel\Downloads\proofingtools_pt-pt-x86.exe
2014-06-18 22:38 - 2014-06-18 22:38 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-06-18 12:43 - 2014-06-18 12:42 - 00000000 ____D () C:\Users\daniel\Downloads\The Forest Early Access 0.02 PC game ^^nosTEAM^^
2014-06-17 20:21 - 2014-06-17 20:21 - 00012487 _____ () C:\Users\daniel\Documents\Cromos.xlsx
2014-06-17 19:51 - 2013-10-27 22:55 - 00000000 ____D () C:\Users\daniel\AppData\Local\Microsoft Help
2014-06-17 16:21 - 2014-06-17 16:21 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx64.sys
2014-06-17 16:07 - 2014-06-17 16:07 - 00328984 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgloga.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00242968 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00190744 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsha.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx64.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgrkx64.sys
2014-06-16 11:23 - 2014-06-16 11:23 - 00067067 _____ () C:\Users\daniel\Downloads\wareztugatv-streamer (4).crx
2014-06-16 10:45 - 2014-06-16 10:45 - 00183952 _____ () C:\Users\daniel\Downloads\Squash.zip
2014-06-14 13:18 - 2013-10-27 22:55 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-13 16:56 - 2014-03-20 12:26 - 05198640 _____ () C:\windows\system32\FNTCACHE.DAT
2014-06-13 16:56 - 2013-04-10 16:04 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-12 19:21 - 2012-07-26 08:59 - 00000000 ____D () C:\windows\CbsTemp
2014-06-12 19:17 - 2013-08-02 20:35 - 00000000 ____D () C:\windows\system32\MRT
2014-06-12 19:13 - 2013-07-20 12:09 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-06-11 19:52 - 2014-06-11 19:32 - 00000000 ____D () C:\Users\daniel\AppData\Local\NVIDIA Corporation
2014-06-11 19:52 - 2014-06-11 19:32 - 00000000 ____D () C:\Users\daniel\AppData\Local\NVIDIA
2014-06-11 19:32 - 2014-06-11 19:32 - 00000000 _____ () C:\windows\setuperr.log
2014-06-11 19:32 - 2014-06-11 18:44 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Tunngle
2014-06-11 19:32 - 2013-04-10 16:04 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-11 19:32 - 2013-04-10 16:03 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-11 19:31 - 2014-06-11 19:31 - 30000520 _____ (NVIDIA Corporation) C:\Users\daniel\Downloads\GeForce_Experience_v2.1.0.0.exe
2014-06-11 18:52 - 2014-06-11 18:45 - 00000000 _____ () C:\windows\SysWOW64\Access.dat
2014-06-11 18:44 - 2014-06-11 18:44 - 00000000 ____D () C:\Users\daniel\Documents\Tunngle
2014-06-11 18:43 - 2014-06-11 18:43 - 04055968 _____ (Tunngle.net GmbH ) C:\Users\daniel\Downloads\Tunngle_Setup_v4.5.1.4b.exe
2014-06-11 17:12 - 2014-06-11 17:12 - 602894349 _____ () C:\Users\daniel\Downloads\The Stomping Land Fix Totem.rar
2014-06-11 16:59 - 2014-04-20 23:51 - 00000000 ____D () C:\DOSBox-0.74
2014-06-10 18:00 - 2014-06-10 16:00 - 00000000 ____D () C:\Program Files (x86)\Outlast Whistleblower
2014-06-09 23:43 - 2014-06-09 23:13 - 00000000 ____D () C:\Users\daniel\Downloads\The Forest Early Access 0.01b PC game ^^nosTEAM^^
2014-06-09 23:10 - 2014-06-09 23:10 - 00012300 _____ () C:\Users\daniel\Downloads\[kickass.to]the.forest.early.access.0.01b.pc.game.nosteam.torrent
2014-06-09 22:44 - 2014-06-09 00:20 - 664029124 _____ (Cat-A-Cat ) C:\Users\daniel\Downloads\The Forest.exe
2014-06-09 00:18 - 2014-06-09 00:18 - 00013191 _____ () C:\Users\daniel\Downloads\[kickass.to]the.forest.early.access.2014.pc.repack.torrent
2014-06-08 22:23 - 2014-05-31 17:28 - 00000000 ____D () C:\AeriaGames
2014-06-08 22:20 - 2014-05-31 17:58 - 00000000 ____D () C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
 
Files to move or delete:
====================
C:\Users\daniel\AppData\Roaming\CamLayout.ini
C:\Users\daniel\AppData\Roaming\CamShapes.ini
 
 
Some content of TEMP:
====================
C:\Users\daniel\AppData\Local\Temp\Uninstall.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-02 14:37
 
==================== End Of Log ============================
Link to post
Share on other sites

Addition.txt: 
 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01
Ran by daniel at 2014-07-08 19:00:32
Running from C:\Users\daniel\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: AVG Internet Security 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
 
==================== Installed Programs ======================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.3.1.29938 - BitTorrent Inc.)
Actualizações da NVIDIA 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.111 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Age of Empires II HD The Forgotten (HKLM-x32\...\QWdlb2ZFbXBpcmVzSUlIRFRoZUZvcmdvdHRlbg==_is1) (Version: 1 - )
Age of Mythology Gold Edition 1.00 (HKLM-x32\...\Age of Mythology Gold Edition 1.00) (Version:  - )
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4716 - AVG Technologies)
AVG 2014 (Version: 14.0.3986 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4716 - AVG Technologies) Hidden
Balsamiq Mockups For Desktop (HKLM-x32\...\BalsamiqMockupsForDesktop.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1) (Version: 2.2.21 - Balsamiq SRL)
Balsamiq Mockups For Desktop (x32 Version: 2.2.21 - Balsamiq SRL) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bizagi Process Modeler (HKLM-x32\...\InstallShield_{15F1B53E-973B-4147-A530-6D03D285931D}) (Version: 2.6.04 - Bizagi Limited)
Bizagi Process Modeler (Version: 2.6.04 - Bizagi Limited) Hidden
BS Player ControlBar Toolbar (HKLM-x32\...\BS_Player_ControlBar Toolbar) (Version: 6.14.0.28 - BS Player ControlBar)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.64.1073 - AB Team, d.o.o.)
Bundled software uninstaller (HKLM-x32\...\bi_uninstaller) (Version:  - ) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 4.07 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0335 - Disc Soft Ltd)
Dealply (HKCU\...\Dealply) (Version:  - ) <==== ATTENTION
DealPly (remove only) (HKLM-x32\...\DealPly) (Version: 4.8.7.2 - DealPly Technologies Ltd.) <==== ATTENTION
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6FBE07BA-4C6D-451A-90AB-05250B8F08F2}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{2BC398D2-11C8-43B1-AB84-675D33EB28C2}) (Version:  - Microsoft)
Desura (HKLM-x32\...\Desura) (Version: 100.53 - Desura)
Electronics Workbench V5.12 (HKLM-x32\...\Electronics_Workbench_V5) (Version:  - )
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
Ferramentas de Verificação do Microsoft Office 2013 - Português (HKLM-x32\...\{90150000-001F-0816-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Football Manager 2014 (HKLM-x32\...\Football Manager 2014_is1) (Version: Football Manager 2014 - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Galeria de Fotografias (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Intel AppUp® center (HKLM-x32\...\Intel AppUp® center 41663) (Version: 3.8.0.41663.61 - Intel)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2875 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware versão 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Access MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Word MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
My Game Long Name (HKLM\...\UDK-c9f71a33-59e4-4032-a926-a84ce892baf5) (Version:  - Epic Games, Inc.)
NetBeans IDE 7.4 (HKLM-x32\...\nbi-nb-base-7.4.0.0.201310111528) (Version: 7.4 - NetBeans.org)
NVIDIA Control Panel 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Optimizer Pro v3.0 (HKLM-x32\...\Optimizer Pro_is1) (Version: 3.0 - PC Utilities Pro) <==== ATTENTION
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Outlast: Whistleblower (HKLM-x32\...\T3V0bGFzdFdoaXN0bGVibG93ZXI=_is1) (Version: 1 - )
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.6 - Power Software Ltd)
Realtek Bluetooth Filter Driver Package (HKLM-x32\...\InstallShield_{0CC0980D-811D-43B8-A455-8D150EB5BC0D}) (Version: 12.24.2012.0802 - REALTEK Semiconductor Corp)
Realtek Bluetooth Filter Driver Package (x32 Version: 12.24.2012.0802 - REALTEK Semiconductor Corp) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6794 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
SRS Premium Sound Control Panel (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.5000 - SRS Labs, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Meat Boy v1.5 (HKLM-x32\...\Super Meat Boy v1.5_is1) (Version:  - Team Meat)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.21 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.08.6402 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6417 - Toshiba Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.51.8.2C - TOSHIBA CORPORATION)
TOSHIBA Flash Cards Support Utility (x32 Version: 1.51.8.2C - TOSHIBA CORPORATION) Hidden
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6626.6410 - Toshiba Corporation)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.5.1.1 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 1.0.0.5C - Toshiba Corporation)
TOSHIBA Password Utility (x32 Version: 1.0.0.5C - Toshiba Corporation) Hidden
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.1.54043006 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B8C8422F-01F1-4791-B084-047AAFF9BFCC}) (Version: 2.4.4 - TOSHIBA)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0015 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.1.0.21-A - Toshiba Corporation)
Update for Microsoft Excel 2013 (KB2760339) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0816-0000-0000000FF1CE}_Office15.PROPLUS_{5AF12BAD-24FF-4435-AD4D-028304D2C2CB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2760339) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0816-0000-0000000FF1CE}_Office15.PROPLUS_{5AF12BAD-24FF-4435-AD4D-028304D2C2CB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2760339) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0816-0000-0000000FF1CE}_Office15.PROPLUS_{5AF12BAD-24FF-4435-AD4D-028304D2C2CB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2760339) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0816-0000-0000000FF1CE}_Office15.PROPLUS_{5AF12BAD-24FF-4435-AD4D-028304D2C2CB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2760512) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0816-0000-0000000FF1CE}_Office15.PROPLUS_{111488AB-6858-4070-9E96-C897651BE6A2}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2760556) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4E4070FA-FD57-4525-B386-654E72B17AA3}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{AC57CF13-C24E-4C00-969F-5394DAE589C5}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{A4EACEBA-1944-45DB-B547-8967AA7926B9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4F307363-49DA-4AE7-9D9D-DAA1FF59274F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2752025) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{85BB7F80-F649-4890-83A5-BFB757DCC83F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2752094) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{3028DB10-7144-49CC-AC4E-86DDC0D80BC2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4F8AD68D-9F41-446E-AA81-C43BF88671BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760343) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{09745343-EFB5-47DB-A2A3-D6DAA2EDCD43}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7E8D777B-BD75-480D-AC03-AF9C3D83CDBF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767860) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{ED03CCD1-6F78-4F6E-B16E-195C33B37D7A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0816-0000-0000000FF1CE}_Office15.PROPLUS_{D34A8FB9-6058-422A-A73E-6F65CB064F54}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2810014) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{ACA66343-9133-4E28-92D6-2311210B80CC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2810017) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{DD93525B-9AD5-4349-B2A3-357730A2A8F4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2810017) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0816-0000-0000000FF1CE}_Office15.PROPLUS_{6F4C1B87-473E-422E-A83D-676CCF53E525}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2810018) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7039E7CD-C93C-4F4E-9394-206E5AF19B71}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{9BC5FF1D-9626-44D7-BC7F-EB44BD8BDB9F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2878313) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1FB43AFB-8112-41B9-B9A6-A43474F46123}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{06EF2BF7-7351-4D70-A0D5-588FCCF9808D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{3365FE58-896F-45DE-8051-E48F6D8069FD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{A2D4D766-14AE-46CA-BD99-801FB1523626}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0C0A-0000-0000000FF1CE}_Office15.PROPLUSR_{17F87C6D-FB2C-40BA-9228-5C49C9A27972}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0090-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2768011) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{C72E5FFA-67C2-4800-A004-23540A3ADE78}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2768011) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0816-0000-0000000FF1CE}_Office15.PROPLUS_{DDAA5F4A-303A-45D5-9750-5383ECB9D82D}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2810015) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{62B432E8-BE85-4EAA-ACCF-27746B25E566}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2810015) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0816-0000-0000000FF1CE}_Office15.PROPLUS_{1CBE1B29-EFE4-4C9A-A113-CF20DB95B019}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{90150000-0019-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2767865) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{16BCD4A9-864A-45ED-8C6B-1D91BA9B6428}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2810019) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0816-1000-0000000FF1CE}_Office15.PROPLUS_{A5EB6A93-71B1-4CB1-87F7-75F7F7D7D071}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2810019) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0816-0000-0000000FF1CE}_Office15.PROPLUS_{A5EB6A93-71B1-4CB1-87F7-75F7F7D7D071}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Utility Common Driver (x32 Version: 1.0.52.6 - TOSHIBA) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
Visual Paradigm for UML 11.0 (HKLM\...\1106-5897-7327-6550) (Version: 11.0 - Visual Paradigm International Ltd.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.10.25 - WildTangent) Hidden
WildTangent Games App (x32 Version: 4.0.11.2 - WildTangent) Hidden
Windows Driver Package - Realtek Semiconductor Corp. RtkBtFilter Bluetooth  (07/11/2012 2.3.13.3) (HKLM\...\57F58DC141BEB353704E041792E5B00606694FEA) (Version: 07/11/2012 2.3.13.3 - Realtek Semiconductor Corp.)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 4.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
 
==================== Restore Points  =========================
 
24-06-2014 10:49:48 Windows Update
07-07-2014 18:10:48 OTL Restore Point - 07/07/2014 19:10:42
 
==================== Hosts content: ==========================
 
2012-07-26 06:26 - 2014-07-07 19:09 - 00000098 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2C7ABEE4-8A25-4BD9-B9D9-ADFFDA701E05} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-18] (Google Inc.)
Task: {66A74AA8-E1F6-43B6-B7EF-F8A37B7B5578} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DANIEL-daniel Daniel => C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2014-04-08] (Microsoft Corporation)
Task: {7726CE94-9C02-4DA7-917A-83748E6BA5C2} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {88586A48-8C16-4D83-B9FE-BDB5792B0127} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-06-12] (Microsoft Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B629A875-F919-4117-AEB4-31AE9FDD5030} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-18] (Toshiba Europe GmbH)
Task: {C686ED9B-B851-40CF-9951-92DF32C58151} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2012-07-27] (TOSHIBA Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {DC14CDE2-D3E6-45CB-AE36-709881040B2E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-18] (Google Inc.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F71E98DF-3732-4671-B7B0-D9B4FF6E9FB3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-05-14 08:15 - 2014-05-14 08:15 - 08890536 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-10-27 22:38 - 2011-03-02 13:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2013-07-19 23:36 - 2013-07-19 23:37 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-04-10 16:02 - 2012-06-26 01:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-06-12 15:55 - 2014-06-05 14:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-12 15:55 - 2014-06-05 14:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-12 15:55 - 2014-06-05 14:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-12 15:55 - 2014-06-05 14:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-12 15:55 - 2014-06-05 14:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-06-12 15:55 - 2014-06-05 14:58 - 14612296 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
HKLM\...\StartupApproved\Run32: => "Aeria Ignite"
HKCU\...\StartupApproved\Run: => "uTorrent"
HKCU\...\StartupApproved\Run: => "DAEMON Tools Lite"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/08/2014 00:18:01 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
Error: (07/07/2014 08:36:27 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNetworkStreamService did not shut down when asked, terminating. [0]
 
Error: (07/07/2014 08:36:26 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to launch stream service as user [87]
 
Error: (07/07/2014 08:36:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Explorer.EXE versão 6.2.9200.16628 deixou de interagir com o Windows e foi fechado. Para verificar se existem mais informações disponíveis sobre o problema, consulte o histórico de problemas no painel de controlo do Centro de Ação.
 
ID do Processo: 15f0
 
Hora de Início: 01cf9a1218405a56
 
Hora de Cessação: 0
 
Caminho da Aplicação: C:\windows\Explorer.EXE
 
ID do Relatório: b54ef636-060d-11e4-beb1-2cd05ac29869
 
Nome completo do pacote com falha: 
 
ID da aplicação relativa ao pacote com falha:
 
Error: (07/07/2014 08:28:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DANIEL)
Description: A ativação da aplicação Microsoft.BingSports_8wekyb3d8bbwe!AppexSports falhou com o erro: -2147024865. Consulte o registo Microsoft-Windows-TWinUI/Operacional para obter informações adicionais.
 
Error: (07/07/2014 08:28:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DANIEL)
Description: A ativação da aplicação Microsoft.BingWeather_8wekyb3d8bbwe!App falhou com o erro: -2147024865. Consulte o registo Microsoft-Windows-TWinUI/Operacional para obter informações adicionais.
 
Error: (07/07/2014 02:09:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: regsvr32.exe, versão: 6.2.9200.16384, carimbo de data/hora: 0x5010a64a
Nome do módulo com falha: ntdll.dll, versão: 6.2.9200.16578, carimbo de data/hora: 0x515fac6e
Código de exceção: 0xc0000005
Desvio de falha: 0x00043672
ID do processo com falha: 0x3c
Hora de início da aplicação com falha: 0xregsvr32.exe0
Caminho da aplicação com falha: regsvr32.exe1
Caminho do módulo com falha: regsvr32.exe2
ID do Relatório: regsvr32.exe3
Nome completo do pacote com falha: regsvr32.exe4
ID da aplicação relativa ao pacote com falha: regsvr32.exe5
 
Error: (07/07/2014 02:09:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: regsvr32.exe, versão: 6.2.9200.16384, carimbo de data/hora: 0x5010a64a
Nome do módulo com falha: Torntv V9.0-bho.dll, versão: 1.0.0.1, carimbo de data/hora: 0x53b9c7a3
Código de exceção: 0xc00000fd
Desvio de falha: 0x0003d717
ID do processo com falha: 0x3c
Hora de início da aplicação com falha: 0xregsvr32.exe0
Caminho da aplicação com falha: regsvr32.exe1
Caminho do módulo com falha: regsvr32.exe2
ID do Relatório: regsvr32.exe3
Nome completo do pacote com falha: regsvr32.exe4
ID da aplicação relativa ao pacote com falha: regsvr32.exe5
 
Error: (07/07/2014 02:06:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: regsvr32.exe, versão: 6.2.9200.16384, carimbo de data/hora: 0x5010a64a
Nome do módulo com falha: ntdll.dll, versão: 6.2.9200.16578, carimbo de data/hora: 0x515fac6e
Código de exceção: 0xc0000005
Desvio de falha: 0x00043672
ID do processo com falha: 0xd44
Hora de início da aplicação com falha: 0xregsvr32.exe0
Caminho da aplicação com falha: regsvr32.exe1
Caminho do módulo com falha: regsvr32.exe2
ID do Relatório: regsvr32.exe3
Nome completo do pacote com falha: regsvr32.exe4
ID da aplicação relativa ao pacote com falha: regsvr32.exe5
 
Error: (07/07/2014 02:06:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: regsvr32.exe, versão: 6.2.9200.16384, carimbo de data/hora: 0x5010a64a
Nome do módulo com falha: Torntv V9.0-bho.dll, versão: 1.0.0.1, carimbo de data/hora: 0x53b9c7a3
Código de exceção: 0xc00000fd
Desvio de falha: 0x0003d717
ID do processo com falha: 0xd44
Hora de início da aplicação com falha: 0xregsvr32.exe0
Caminho da aplicação com falha: regsvr32.exe1
Caminho do módulo com falha: regsvr32.exe2
ID do Relatório: regsvr32.exe3
Nome completo do pacote com falha: regsvr32.exe4
ID da aplicação relativa ao pacote com falha: regsvr32.exe5
 
 
System errors:
=============
Error: (07/08/2014 04:14:59 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: O nome "WORKGROUP      :1d" não pode ser registado na interface com o endereço IP 192.168.1.73.
O computador com o endereço IP 192.168.1.253 não permitiu que o nome 
fosse reivindicado por este computador.
 
Error: (07/07/2014 08:28:15 PM) (Source: DCOM) (EventID: 10001) (User: DANIEL)
Description: "C:\windows\system32\backgroundTaskHost.exe" -ServerName:AppexSports.AppXpgfzkkax0p24b53pgd813d7zpchsy299.mca31AppexSports.AppXzwt95zf827jx8vevssdmkdacbwrgjgeb.mcaIndisponívelIndisponível
 
Error: (07/07/2014 08:28:15 PM) (Source: DCOM) (EventID: 10001) (User: DANIEL)
Description: "C:\windows\system32\backgroundTaskHost.exe" -ServerName:App.AppX42r8evwg359fn5xfrxhj5nv2n3dnya3e.mca31App.AppXckhq7ex47a0jh2z0wj5cd086mqkeegzy.mcaIndisponívelIndisponível
 
Error: (07/07/2014 06:55:42 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\SysWow64\drivers\TrueSight.sys
 
Error: (07/07/2014 05:56:05 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\SysWow64\drivers\TrueSight.sys
 
Error: (07/07/2014 03:33:19 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\SysWow64\drivers\TrueSight.sys
 
Error: (07/07/2014 03:32:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: O serviço Serviço DealPly Live (dealplylive) falhou o arranque devido ao seguinte erro: 
%%2
 
Error: (07/07/2014 02:13:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: O serviço Serviço DealPly Live (dealplylive) falhou o arranque devido ao seguinte erro: 
%%2
 
Error: (07/07/2014 02:08:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço WindowsMangerProtect Service terminou inesperadamente. Isto aconteceu 1 vez(es).
 
Error: (07/03/2014 06:53:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: O serviço Serviço DealPly Live (dealplylive) falhou o arranque devido ao seguinte erro: 
%%2
 
 
Microsoft Office Sessions:
=========================
Error: (07/08/2014 00:18:01 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
Error: (07/07/2014 08:36:27 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNetworkStreamService did not shut down when asked, terminating. [0]
 
Error: (07/07/2014 08:36:26 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to launch stream service as user [87]
 
Error: (07/07/2014 08:36:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.2.9200.1662815f001cf9a1218405a560C:\windows\Explorer.EXEb54ef636-060d-11e4-beb1-2cd05ac29869
 
Error: (07/07/2014 08:28:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DANIEL)
Description: Microsoft.BingSports_8wekyb3d8bbwe!AppexSports-2147024865
 
Error: (07/07/2014 08:28:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DANIEL)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2147024865
 
Error: (07/07/2014 02:09:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: regsvr32.exe6.2.9200.163845010a64antdll.dll6.2.9200.16578515fac6ec0000005000436723c01cf99e4a2d8cc16C:\windows\SysWOW64\regsvr32.exeC:\windows\SYSTEM32\ntdll.dlle1922f75-05d7-11e4-beab-2cd05ac29869
 
Error: (07/07/2014 02:09:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: regsvr32.exe6.2.9200.163845010a64aTorntv V9.0-bho.dll1.0.0.153b9c7a3c00000fd0003d7173c01cf99e4a2d8cc16C:\windows\SysWOW64\regsvr32.exeC:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho.dlle0b2a523-05d7-11e4-beab-2cd05ac29869
 
Error: (07/07/2014 02:06:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: regsvr32.exe6.2.9200.163845010a64antdll.dll6.2.9200.16578515fac6ec000000500043672d4401cf99e43287948bC:\windows\SysWOW64\regsvr32.exeC:\windows\SYSTEM32\ntdll.dll7422db6b-05d7-11e4-beab-2cd05ac29869
 
Error: (07/07/2014 02:06:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: regsvr32.exe6.2.9200.163845010a64aTorntv V9.0-bho.dll1.0.0.153b9c7a3c00000fd0003d717d4401cf99e43287948bC:\windows\SysWOW64\regsvr32.exeC:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho.dll723b7833-05d7-11e4-beab-2cd05ac29869
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 39%
Total physical RAM: 8081.68 MB
Available physical RAM: 4886.12 MB
Total Pagefile: 9297.68 MB
Available Pagefile: 6314.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: (TI31049100A) (Fixed) (Total:918.63 GB) (Free:798.69 GB) NTFS
Drive d: (finalpor) (CDROM) (Total:0.17 GB) (Free:0 GB) CDFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
 
 
aswMBR.txt:

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-07-08 17:56:12
-----------------------------
17:56:12.577    OS Version: Windows x64 6.2.9200 
17:56:12.577    Number of processors: 8 586 0x3A09
17:56:12.579    ComputerName: DANIEL  UserName: daniel
17:56:15.613    Initialize success
17:56:15.707    VM: initialized successfully
17:56:15.710    VM: Intel CPU supported 
17:56:58.491    VM: disk I/O iaStorA.sys
17:58:09.845    AVAST engine defs: 14070801
17:58:51.159    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000045
17:58:51.164    Disk 0 Vendor: TOSHIBA_MQ01ABD100 AX003M Size: 953869MB BusType: 11
17:58:51.306    Disk 0 MBR read successfully
17:58:51.312    Disk 0 MBR scan
17:58:51.319    Disk 0 unknown MBR code
17:58:51.325    Disk 0 Partition 1 00     EE          GPT           2097151 MB offset 1
17:58:51.475    Disk 0 scanning C:\windows\system32\drivers
17:59:05.134    Service scanning
17:59:53.703    Modules scanning
17:59:53.716    Disk 0 trace - called modules:
17:59:54.065    ntoskrnl.exe CLASSPNP.SYS disk.sys thpdrv.sys ACPI.sys storport.sys hal.dll iaStorA.sys 
17:59:54.074    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008dfa060]
17:59:54.082    3 CLASSPNP.SYS[fffff88000c01e0a] -> nt!IofCallDriver -> \Device\THPDRV1[0xfffffa8008dfb060]
17:59:54.090    5 thpdrv.sys[fffff880021e5b3b] -> nt!IofCallDriver -> [0xfffffa8007b21dd0]
17:59:54.098    7 ACPI.sys[fffff88001179a91] -> nt!IofCallDriver -> \Device\00000045[0xfffffa8007a9e060]
17:59:56.823    AVAST engine scan C:\windows
18:00:04.534    AVAST engine scan C:\windows\system32
18:04:27.368    AVAST engine scan C:\windows\system32\drivers
18:04:49.502    AVAST engine scan C:\Users\daniel
18:08:52.553    File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Desktop.OS.dll  **INFECTED** Win32:Webcake-A [Adw]
18:08:52.636    File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Dora.dat  **INFECTED** Win32:Webcake-A [Adw]
18:08:52.719    File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Maintain.dat  **INFECTED** Win32:Webcake-A [Adw]
18:08:52.771    File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Paladin.dat  **INFECTED** Win32:Webcake-A [Adw]
18:08:52.890    File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Phoenix.dat  **INFECTED** Win32:Webcake-A [Adw]
18:11:57.056    AVAST engine scan C:\ProgramData
18:13:16.368    Scan finished successfully
18:18:34.122    Disk 0 MBR has been saved successfully to "C:\Users\daniel\Desktop\MBR.dat"
18:18:34.127    The log file has been saved successfully to "C:\Users\daniel\Desktop\aswMBR.txt"
 
 
aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-07-08 18:59:45
-----------------------------
18:59:45.308    OS Version: Windows x64 6.2.9200 
18:59:45.308    Number of processors: 8 586 0x3A09
18:59:45.308    ComputerName: DANIEL  UserName: daniel
18:59:51.949    Initialize success
18:59:51.949    VM: initialized successfully
18:59:52.188    VM: Intel CPU supported 
18:59:56.437    VM: disk I/O iaStorA.sys
19:00:33.887    AVAST engine defs: 14070801
19:00:51.673    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000045
19:00:51.677    Disk 0 Vendor: TOSHIBA_MQ01ABD100 AX003M Size: 953869MB BusType: 11
19:00:52.032    Disk 0 MBR read successfully
19:00:52.037    Disk 0 MBR scan
19:00:52.045    Disk 0 unknown MBR code
19:00:52.059    Disk 0 Partition 1 00     EE          GPT           2097151 MB offset 1
19:00:52.433    Disk 0 scanning C:\windows\system32\drivers
19:01:35.031    Service scanning
19:02:21.400    Modules scanning
19:02:21.412    Disk 0 trace - called modules:
19:02:21.813    ntoskrnl.exe CLASSPNP.SYS disk.sys thpdrv.sys ACPI.sys storport.sys hal.dll iaStorA.sys 
19:02:21.821    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008dfa060]
19:02:21.828    3 CLASSPNP.SYS[fffff88000c01e0a] -> nt!IofCallDriver -> \Device\THPDRV1[0xfffffa8008dfb060]
19:02:21.836    5 thpdrv.sys[fffff880021e5b3b] -> nt!IofCallDriver -> [0xfffffa8007b21dd0]
19:02:21.846    7 ACPI.sys[fffff88001179a91] -> nt!IofCallDriver -> \Device\00000045[0xfffffa8007a9e060]
19:02:24.212    AVAST engine scan C:\windows
19:03:17.757    AVAST engine scan C:\windows\system32
19:06:08.885    Scan stopped
19:06:11.926    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000045
19:06:11.934    Disk 0 Vendor: TOSHIBA_MQ01ABD100 AX003M Size: 953869MB BusType: 11
19:06:11.957    Disk 0 MBR read successfully
19:06:11.965    Disk 0 MBR scan
19:06:11.975    Disk 0 unknown MBR code
19:06:11.985    Disk 0 Partition 1 00     EE          GPT           2097151 MB offset 1
19:06:12.001    Disk 0 scanning C:\windows\system32\drivers
19:06:12.009    Service scanning
19:07:03.491    Modules scanning
19:07:03.505    Disk 0 trace - called modules:
19:07:03.548    ntoskrnl.exe CLASSPNP.SYS disk.sys thpdrv.sys hal.dll 
19:07:03.557    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008dfa060]
19:07:03.564    3 CLASSPNP.SYS[fffff88000c01e0a] -> nt!IofCallDriver -> \Device\THPDRV1[0xfffffa8008dfb060]
19:07:06.073    AVAST engine scan C:\windows
19:07:25.951    AVAST engine scan C:\windows\system32
19:12:14.831    AVAST engine scan C:\windows\system32\drivers
19:12:38.332    AVAST engine scan C:\Users\daniel
19:17:27.940    File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Desktop.OS.dll  **INFECTED** Win32:Webcake-A [Adw]
19:17:27.986    File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Dora.dat  **INFECTED** Win32:Webcake-A [Adw]
19:17:28.037    File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Maintain.dat  **INFECTED** Win32:Webcake-A [Adw]
19:17:28.090    File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Paladin.dat  **INFECTED** Win32:Webcake-A [Adw]
19:17:28.160    File: C:\Users\daniel\AppData\Roaming\Movdap\dat\Phoenix.dat  **INFECTED** Win32:Webcake-A [Adw]
19:20:22.830    AVAST engine scan C:\ProgramData
19:21:44.378    Scan finished successfully
19:21:57.917    Disk 0 MBR has been saved successfully to "C:\Users\daniel\Desktop\MBR.dat"
19:21:57.924    The log file has been saved successfully to "C:\Users\daniel\Desktop\aswMBR.txt"
Link to post
Share on other sites

Going over your logs I noticed that you have uTorrent installed.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall uTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.
If you wish to keep it, please do not use it until your computer is cleaned.

 

 

 

 

Add-/remove programms

Click on start-->control panel.

Vista/7: Open Programs and Features
XP: Open add/remove programs

Search for and remove the following programs
 

Optimizer Pro v3.0
DealPly (remove only)
Dealply
Bundled software uninstaller


Close the window.

 

 

 

 

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click the downloaded setup file and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

fixlist.txt

Link to post
Share on other sites

I removed those programms sucessfully, but in the next step (Fix with FRST) I can't put the fixlist.txt in the right place, because everytime I click in Fix, it is said "No fixlist.txt found.", but I think I put the file in the right place.

The program is in c:\
And the file is in c:\FRST

Am I doing it wrong?

Link to post
Share on other sites

I did it. Fixlog.txt:
 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-07-2014 01
Ran by daniel at 2014-07-09 13:03:29 Run:1
Running from C:\Users\daniel\Downloads
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
HKU\S-1-5-21-3878485727-3170171642-3420939130-1002\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
HKLM-x32\...\Run: [tuto4pc_pt_18] => [X]
AppInit_DLLs-x32:  c:\progra~2\optimi~1\optpro~1.dll => "c:\progra~2\optimi~1\optpro~1.dll" File Not Found
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga...q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga...q={searchTerms}
URLSearchHook: HKLM-x32 - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.)
URLSearchHook: HKCU - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.)
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {C62BF5D9-086A-4A9E-854B-70C0EF781786} URL = 
SearchScopes: HKCU - {C62BF5D9-086A-4A9E-854B-70C0EF781786} URL = 
SearchScopes: HKCU - {FF3A512A-7699-4A8F-B237-57A227D82FD4} URL = http://search.condui...8101886176&UM=1
BHO-x32: BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.)
Toolbar: HKCU - No Name - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} -  No File
CHR HomePage: hxxp://isearch.omiga-plus.com/?type=hp&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S
CHR Extension: (wareztuga.tv streamer) - C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajnommifabkikkfaponcacapkfaghkcj [2014-06-16]
 
C:\Program Files (x86)\BS_Player_ControlBar
C:\Program Files (x86)\Optimizer Pro
C:\Users\daniel\AppData\Roaming\CamLayout.ini
C:\Users\daniel\AppData\Roaming\CamShapes.ini
2014-07-07 14:07 - 2014-07-07 14:08 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-07 14:05 - 2014-07-07 14:10 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-07 14:05 - 2014-07-07 14:05 - 00000000 ____D () C:\Users\daniel\AppData\Local\globalUpdate
C:\Users\daniel\AppData\Roaming\Movdap
*****************
 
HKU\S-1-5-21-3878485727-3170171642-3420939130-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Optimizer Pro => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\tuto4pc_pt_18 => value deleted successfully.
" c:\progra~2\optimi~1\optpro~1.dll" => Value Data removed successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} => value deleted successfully.
'HKCR\Wow6432Node\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}' => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C62BF5D9-086A-4A9E-854B-70C0EF781786}' => Key deleted successfully.
'HKCR\CLSID\{C62BF5D9-086A-4A9E-854B-70C0EF781786}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FF3A512A-7699-4A8F-B237-57A227D82FD4}' => Key deleted successfully.
'HKCR\CLSID\{FF3A512A-7699-4A8F-B237-57A227D82FD4}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}'=> Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} => value deleted successfully.
'HKCR\Wow6432Node\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}'=> Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} => value deleted successfully.
'HKCR\CLSID\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}'=> Key not found.
CHR HomePage: hxxp://isearch.omiga-plus.com/?type=hp&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S ==> The Chrome "Settings" can be used to fix the entry.
C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajnommifabkikkfaponcacapkfaghkcj => Moved successfully.
C:\Program Files (x86)\BS_Player_ControlBar => Moved successfully.
"C:\Program Files (x86)\Optimizer Pro" => File/Directory not found.
C:\Users\daniel\AppData\Roaming\CamLayout.ini => Moved successfully.
C:\Users\daniel\AppData\Roaming\CamShapes.ini => Moved successfully.
C:\Program Files (x86)\SupTab => Moved successfully.
C:\Program Files (x86)\globalUpdate => Moved successfully.
C:\Users\daniel\AppData\Local\globalUpdate => Moved successfully.
"C:\Users\daniel\AppData\Roaming\Movdap" => File/Directory not found.
 
==== End of Fixlog ====
 
I clicked the "copy clipboard" but it did nothing, so I exported a .txt file and that's what I'm posting here:

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 09/07/2014
Scan Time: 13:05:39
Logfile: sadsa.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.07.09.03
Rootkit Database: v2014.07.07.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 8
CPU: x64
File System: NTFS
User: daniel
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 299000
Time Elapsed: 15 min, 32 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 1
PUP.Optional.ISearch.A, C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (   "homepage": "http://isearch.omiga-plus.com/?type=hp&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S",), Replaced,[c4b3cdd0f586b284e738daee2adae917]
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
Link to post
Share on other sites

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology

[*]Click Scan[*]Wait for the scan to finish[*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.

Link to post
Share on other sites

C:\FRST\Quarantine\C\Program Files (x86)\BS_Player_ControlBar\hk64tbBS_P.dll Win64/Toolbar.Conduit.A potentially unwanted application

C:\FRST\Quarantine\C\Program Files (x86)\BS_Player_ControlBar\hktbBS_P.dll Win32/Toolbar.Conduit.W potentially unwanted application

C:\FRST\Quarantine\C\Program Files (x86)\BS_Player_ControlBar\ldrtbBS_P.dll a variant of Win32/Toolbar.Conduit.P potentially unwanted application

C:\FRST\Quarantine\C\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll Win32/Toolbar.Conduit.W potentially unwanted application

C:\FRST\Quarantine\C\Program Files (x86)\BS_Player_ControlBar\tbBS_P.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application

C:\Users\daniel\AppData\LocalLow\BS_Player_ControlBar\hk64tbBS_0.dll Win64/Toolbar.Conduit.A potentially unwanted application

C:\Users\daniel\AppData\LocalLow\BS_Player_ControlBar\hk64tbBS_P.dll Win64/Toolbar.Conduit.A potentially unwanted application

C:\Users\daniel\AppData\LocalLow\BS_Player_ControlBar\hktbBS_0.dll Win32/Toolbar.Conduit.W potentially unwanted application

C:\Users\daniel\AppData\LocalLow\BS_Player_ControlBar\hktbBS_P.dll Win32/Toolbar.Conduit.W potentially unwanted application

C:\Users\daniel\AppData\LocalLow\BS_Player_ControlBar\ldrtbBS_0.dll a variant of Win32/Toolbar.Conduit.P potentially unwanted application

C:\Users\daniel\AppData\LocalLow\BS_Player_ControlBar\ldrtbBS_P.dll a variant of Win32/Toolbar.Conduit.P potentially unwanted application

C:\Users\daniel\AppData\LocalLow\BS_Player_ControlBar\tbBS_0.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application

C:\Users\daniel\AppData\LocalLow\BS_Player_ControlBar\tbBS_1.dll a variant of Win32/Toolbar.Conduit.Y potentially unwanted application

C:\Users\daniel\AppData\LocalLow\BS_Player_ControlBar\tbBS_P.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application

C:\Users\daniel\Downloads\ccsetup407.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
Link to post
Share on other sites

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[s1].txt also




Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.





SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK1 LINK2

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.

Link to post
Share on other sites

AdwCleaner:

 

# AdwCleaner v3.215 - Report created 11/07/2014 at 13:34:48

# Updated 09/07/2014 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : daniel - DANIEL
# Running from : C:\Users\daniel\Downloads\adwcleaner_3.215.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro
Folder Deleted : C:\Users\daniel\AppData\Local\Conduit
Folder Deleted : C:\Users\daniel\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\daniel\AppData\LocalLow\BS_Player_ControlBar
Folder Deleted : C:\Users\daniel\AppData\Roaming\Optimizer Pro
Folder Deleted : C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
File Deleted : C:\END
File Deleted : C:\windows\System32\roboot64.exe
File Deleted : C:\Users\daniel\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{055DD326-956C-4827-9467-A172509E81B3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{055DD326-956C-4827-9467-A172509E81B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE6CA869-2D87-4AC6-BB17-2CEE78BEF8F8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8D94DFB-2B31-41CF-90A9-6CF9A005178A}
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Nation Toolbar
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Tutorials
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player_ControlBar
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Nation Toolbar
Key Deleted : HKLM\Software\PriceMeterLiveUpdate
Key Deleted : HKLM\Software\BS_Player_ControlBar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player_ControlBar Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16921
 
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
 
-\\ Google Chrome v35.0.1916.153
 
[ File : C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Homepage] : hxxp://isearch.omiga-plus.com/?type=hp&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S
 
*************************
 
AdwCleaner[R0].txt - [4910 octets] - [11/07/2014 13:32:53]
AdwCleaner[s0].txt - [4477 octets] - [11/07/2014 13:34:48]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [4537 octets] ##########
 
 
JRT:
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by daniel on 11/07/2014 at 13:46:08,01
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\daniel\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Users\daniel\AppData\Roaming\thinstall"
Successfully deleted: [Folder] "C:\windows\syswow64\ai_recyclebin"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11/07/2014 at 14:01:14,38
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Going to reboot now
Link to post
Share on other sites

SecurityCheck:

 

Results of screen317's Security Check version 0.99.85  

   x64 (UAC is enabled)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
AVG Internet Security 2014   
Windows Defender             
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 55  
 Java SE Development Kit 7 Update 45 
 Java version out of Date! 
  Adobe Flash Player 11.9.900.152 Flash Player out of Date!  
 Google Chrome 35.0.1916.114  
 Google Chrome 35.0.1916.153  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 AVG avgwdsvc.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
Link to post
Share on other sites

Your system is clean now! :)

 

 

Internet Explorer out of date

Your version of Internet Explorer is outdated.

  1. Please download IE 11 from here
  2. Save it to your desktop.
  3. Double click on the file on your desktop to start the installation process.
  4. Reboot

 

 

 

Java runtime Environment out of date

Your Java runtime environment is outdated. We will fix this.

  • Get the actual JRE from here
  • Save jxpiinstall.exe to your desktop
  • Close all running programs, especially your browser(s)
  • Run jxpiinstall.exe. This will download the newest JRE installer and install the software
  • when finished, go to
    Start-->control panel-->add/remove programs and remove all older Java versions. (if existing)
  • When finished, reboot your computer.


After the reboot

  • Open control panel again and click the java symbol.
  • Click Settings under Temporary Internet Files.
    The Temporary Files Settings dialog box appears.
  • Click Delete Files.
    The Delete Temporary Files dialog box appears
  • Click OK on Delete Temporary Files window.
  • Click OK again.

 

 

 

 

Adobe Flash Player out of date

Your Adobe flash player is outdated. We will fix this.

  • Get the actual player from here. Important: Uncheck any optional software (for example Google Chrome, etc.) offered.
  • Click upon Start-->control panel-->add/remove programs.
  • Search for and remove any older reader versions.

 

 

 

 

Uninstall our tools using delfix

Please follow these steps in order:

  1. In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button.
  2. In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed.
  3. In any case please download delfix to your desktop.
    • Close all other programms and start delfix.
    • Please check all the boxes and run the tool.
    • delfix will now delete all found traces of our removal process

[*] If there is still something left please delete it manualy.





Delete System Restore Points

To ensure your System Restore Points are free of malware, we will delete all of them but the most recent or create a new one.

On Windows Vista: Please follow these instructions to delete all but the most common System Protection Restore Points.
On Windows 7/8: Please follow these instructions to delete all but the most common System Protection Restore Points.
On Windows XP: Please follow these instructions to delete all but the most common System Protection Restore Points.




Temp File Cleaner

We need to download Temp File Cleaner (TFC) by OldTimer:

  • Please download TFC.exe by Oldtimer at one of the two links: Link 1 Link 2
  • Save and close all running applications
  • Double-click on TFC.exe to run the program
  • Click on Start to begin the cleaning process note: this program may close running applications, make your screen disappear temporarily, or require a reboot of your PC - this is normal and part of the cleanup
  • When the scan is complete, if you were not asked to reboot the computer, please do so now

More Information can be found about the tool here: http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/

 

 

 

 

Recommendations: How to protect yourself

  • System Updates
    Please ensure to have automatic updates activated in your control panel.
    For further information and a tutorial, see this Microsoft Support article.
  • Protection
    What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly.
    Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free.
    • To keep your browser free of advertising, you may install the Adblock Plus browser extension.
      It will filter unwanted advertising out of the website´s content.
    • To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension.
      It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser.
      In addition, before accessing a dangerous classified web site, a warning screen is displayed.

    [*]Up to date Software
    Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check:

    [*]Backup
    Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system. [*]Behaviour
    The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough.

    • While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware.
    • Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything.
    • When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system.
    • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
      They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.



Link to post
Share on other sites

Unhide by Lawrence Abrams (Grinler)


Copyright 2008-2014 BleepingComputer.com

More Information about Unhide.exe can be found at this link:


 

Program started at: 07/11/2014 03:08:56 PM

Windows Version: Windows 8

 

Please be patient while your files are made visible again.

 

Processing the C:\ drive

Finished processing the C:\ drive. 285708 files processed.

 

The C:\Users\daniel\AppData\Local\Temp\smtmp\ folder does not exist!!

Unhide cannot restore your missing shortcuts!!

Please see this topic in order to learn how to restore default


 

Searching for Windows Registry changes made by FakeHDD rogues.

 - Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

 - Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System

  * DisableTaskMgr policy was found and deleted!

 - Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced

 

Program finished at: 07/11/2014 03:16:25 PM

Execution time: 0 hours(s), 7 minute(s), and 29 seconds(s)

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.