Jump to content

Malware website Traffagon.in


jpbenfica
 Share

Recommended Posts

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

If you have no internet access download the following on a spare PC, transfer and run on sick PC. Transfer logs back....

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Next,

 

Download Farbar Service Scanner from here: http://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/ and run it on the computer with the issue.

Make sure the following options are checked:

 


Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update
Windows Defender

 


Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

 

Kevin.....

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by SLB4eVeR (administrator) on SLB4EVER-PC on 15-09-2014 14:22:02
Running from C:\Users\SLB4eVeR\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Português (Portugal)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Enigma Software Group USA, LLC.) C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
(Enigma Software Group USA, LLC.) C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(G-Lock Software) C:\Program Files (x86)\G-Lock Software\G-Lock EasyMail 7\EasyMail7ServiceConsole.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Program Files (x86)\DFX\DFX.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
() C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ES-Computing) C:\Program Files (x86)\EditPlus 3\editplus.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5581888 2014-02-24] (ESET)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DFX] => C:\Program Files (x86)\DFX\DFX.exe [1269208 2014-06-19] ()
HKU\.DEFAULT\...\Run: [bitdefender Wallet Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\.DEFAULT\...\Run: [bitdefender Wallet] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\.DEFAULT\...\Run: [bitdefender Wallet Application Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
HKU\S-1-5-21-409513754-1586911125-4025370635-1000\...\Run: [expand] => "C:\Users\SLB4eVeR\AppData\Roaming\Microsoft\Windows\IEUpdate\expand.exe"
HKU\S-1-5-21-409513754-1586911125-4025370635-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-409513754-1586911125-4025370635-1000\...\Policies\Explorer: [Run] "C:\Users\SLB4eVeR\AppData\Roaming\Microsoft\Windows\IEUpdate\expand.exe"
HKU\S-1-5-21-409513754-1586911125-4025370635-1000\...\MountPoints2: F - F:\Launcher.exe
HKU\S-1-5-21-409513754-1586911125-4025370635-1000\...\MountPoints2: {224a6131-fdf7-11e3-b331-002622fd1a8d} - E:\AutoRun.exe
HKU\S-1-5-21-409513754-1586911125-4025370635-1000\...\MountPoints2: {d55f5863-b469-11e3-8286-87e519c569e8} - E:\AutoRun.exe
HKU\S-1-5-21-409513754-1586911125-4025370635-1000\...\Command Processor: "C:\Users\SLB4eVeR\AppData\Roaming\Microsoft\Windows\IEUpdate\expand.exe" <===== ATTENTION!
Startup: C:\Users\SLB4eVeR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\expand.lnk
ShortcutTarget: expand.lnk -> C:\Users\SLB4eVeR\AppData\Roaming\Microsoft\Windows\IEUpdate\expand.exe (No File)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: 1SecureIconsProvider -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll ()
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} =>  No File
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} =>  No File
ShellIconOverlayIdentifiers: SugarSyncRoot -> {39D54CC2-69CF-43b4-B167-577D25E7F496} =>  No File
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} =>  No File
ShellIconOverlayIdentifiers: SugarSyncSharedPending -> {F7395C2E-A5D8-4a32-9536-5C6A9F1DC450} =>  No File
BootExecute: autocheck autochk *  

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://pt.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA58B11FB5F2ACE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-PT
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.pt/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL =
SearchScopes: HKCU - {598904E2-526A-4F11-8953-632971213AB1} URL = http://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&fl=1&vl=lang_pt&ilc=12&type=800236&p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: livecall - No CLSID Value -
Handler: msnim - No CLSID Value -
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: livecall - No CLSID Value -
Handler-x32: msnim - No CLSID Value -
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{6261A43B-E351-4C42-894D-A17727DE7D75}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984
FF Homepage: hxxp://www.google.pt/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.1662 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.46 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Users\SLB4eVeR\AppData\Local\Citrix\Plugins\104\npappdetector.dll No File
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\SLB4eVeR\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\SLB4eVeR\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: {@alibaba.com/alisetup;version=1.0} -> C:\Users\SLB4eVeR\AppData\Local\Alibaba\AliSetup\0.1.0.52\npAliSetupOneClick.dll No File
FF user.js: detected! => C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nptrademanager.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwangwang.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Users\SLB4eVeR\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\SLB4eVeR\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\searchplugins\1337x-search.xml
FF SearchPlugin: C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\searchplugins\zonealarm.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\priberam.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sapo.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-ptpt.xml
FF Extension: Print pages to PDF - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\printPages2Pdf@reinhold.ripper [2013-09-25]
FF Extension: Corretor para Português de Portugal - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\pt-PT@dictionaries.addons.mozilla.org [2014-07-05]
FF Extension: FEBE - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2014-09-14]
FF Extension: Empty Cache Button - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f} [2014-09-07]
FF Extension: InFormEnter - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\{5546F97E-11A5-46b0-9082-32AD74AAA920} [2014-05-22]
FF Extension: Flash and Video Download - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-08-20]
FF Extension: Tweak Network - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\{DAD0F81A-CF67-4eed-98D6-26F6E47274CA} [2013-12-23]
FF Extension: Block site - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2013-12-13]
FF Extension: Memory Fox - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B} [2014-06-11]
FF Extension: 1 Click Image Download - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\1clickImageDownloadOverlay@final.ca.xpi [2014-01-08]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\adblockpopups@jessehakanen.net.xpi [2013-09-24]
FF Extension: FullRip.net Youtube Video Converter - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\admin@fullrip.net.xpi [2013-09-28]
FF Extension: New Add-on Bar - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\ausaddonbar@teo.pl.xpi [2014-05-22]
FF Extension: anonymoX - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\client@anonymox.net.xpi [2013-09-24]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\elemhidehelper@adblockplus.org.xpi [2013-09-24]
FF Extension: Firebug - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\firebug@software.joehewitt.com.xpi [2013-09-24]
FF Extension: MEGA EXTENSION - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\firefox@mega.co.nz.xpi [2013-12-27]
FF Extension: Imgur Uploader - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\giorgio@gilestro.tk.xpi [2013-09-24]
FF Extension: ImageBlock - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\imageblock@hemantvats.com.xpi [2013-12-13]
FF Extension: YouTube HD - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\jid0-HbNL9qqBkuuKRhJ9ncTonCky1HU@jetpack.xpi [2014-05-27]
FF Extension: YouTube MP3 Download - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\jid0-Z0Vu9hJlqV0fhIAPqPfmUCNubYQ@jetpack.xpi [2014-01-25]
FF Extension: Clear File Cache - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\jid1-BbTB68eOv9snFw@jetpack.xpi [2014-06-07]
FF Extension: YouTube Center - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\jid1-cwbvBTE216jjpg@jetpack.xpi [2014-05-27]
FF Extension: OSM! Adblocker - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\jid1-LAAbhyuB1z2LFA@jetpack.xpi [2014-05-04]
FF Extension: keyword.URL Hack! - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\keyword@evilpie.com.xpi [2013-11-21]
FF Extension: SmartVideo For YouTube - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\mytube@ashishmishra.in.xpi [2014-04-03]
FF Extension: source code view - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\sagaradaequare@gmail.com.xpi [2013-09-26]
FF Extension: view Html Tag Names - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\sagarsrinivas.p@gmail.com.xpi [2013-12-21]
FF Extension: Show Password - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\showpassword@pratikpoddar.xpi [2013-10-26]
FF Extension: Shrunked Image Resizer - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\shrunked@darktrojan.net.xpi [2014-02-07]
FF Extension: ThumbsDown - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\thumbsdown@mozdev.org.xpi [2014-01-08]
FF Extension: عارض PDF - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\uriloader@pdf.js.xpi [2013-10-24]
FF Extension: Wappalyzer - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\wappalyzer@crunchlabz.com.xpi [2014-03-22]
FF Extension: PDF Download - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi [2014-09-03]
FF Extension: Vyprázdnit vyrovnávací paměť - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\{563e4790-7e70-11da-a72b-0800200c9a66}.xpi [2014-07-19]
FF Extension: New Tab Homepage - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2013-09-24]
FF Extension: View Source Chart - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\{68836a21-fc7d-4ea1-a065-7efabd99d414}.xpi [2013-09-28]
FF Extension: Easy Youtube Video Downloader Express - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2014-01-27]
FF Extension: Download YouTube Videos as MP4 - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-01-27]
FF Extension: Web Developer - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2014-02-20]
FF Extension: Show my Password - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e}.xpi [2013-09-24]
FF Extension: Adblock Plus - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-04]
FF Extension: Greasemonkey - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-09-24]
FF Extension: Adblock Edge - C:\Users\SLB4eVeR\AppData\Roaming\Mozilla\Firefox\Profiles\6rs8d3zu.default-1380039557984\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2013-12-13]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-07-11]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-12-19]
FF HKLM-x32\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt
FF Extension: Wondershare Video Converter Ultimate - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt [2013-12-25]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-12-31]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] -
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt

Chrome:
=======
CHR HomePage: Profile 1 ->
CHR StartupUrls: Profile 1 -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Profile 1 -> C7E3A21BA9D058C85A0AD05FEB89681188A0C9895E3DD4D7B81FDB6C0ADDDFAF
CHR DefaultSearchURL: Profile 1 -> C82280647D503C21B37EEA86D5B66D2CEB635B07D656EFBEF2EAB9E2B7F3D532
CHR Profile: C:\Users\SLB4eVeR\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Allow Copy - Click to activate on this tab) - C:\Users\SLB4eVeR\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\abidndjnodakeaicodfpgcnlkpppapah [2014-07-12]
CHR Extension: (Google Docs) - C:\Users\SLB4eVeR\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-31]
CHR Extension: (Google Drive) - C:\Users\SLB4eVeR\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-31]
CHR Extension: (YouTube Center Developer Build) - C:\Users\SLB4eVeR\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bcegdpionpopahcglnfiiioapcclamdj [2014-07-10]
CHR Extension: (New Tabs At End) - C:\Users\SLB4eVeR\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bgogjfbkjgjhonhikkkflpkgpcpfljoa [2014-07-06]
CHR Extension: (YouTube) - C:\Users\SLB4eVeR\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-31]
CHR Extension: (ImprovedTube - YouTube Extension) - C:\Users\SLB4eVeR\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bnomihfieiccainjcjblhegjgglakjdd [2014-07-09]
CHR Extension: (Pesquisa do Google) - C:\Users\SLB4eVeR\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-31]
CHR Extension: (Tampermonkey) - C:\Users\SLB4eVeR\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-07-10]
CHR Extension: (Adobe Acrobat – Criar PDF) - C:\Users\SLB4eVeR\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-05-31]
CHR Extension: (AdBlock) - C:\Users\SLB4eVeR\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-04]
CHR Extension: (Imgur Uploader) - C:\Users\SLB4eVeR\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hgmpmjpekinnebjgnakcahjikbomnmlb [2014-07-12]
CHR Extension: (Enable right click) - C:\Users\SLB4eVeR\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hhojmcideegachlhfgfdhailpfhgknjm [2014-08-14]
CHR Extension: (Allow Right-Click) - C:\Users\SLB4eVeR\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hompjdfbfmmmgflfjdlnkohcplmboaeo [2014-07-12]
CHR Extension: (Skype Click to Call) - C:\Users\SLB4eVeR\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-08-03]
CHR Extension: (Image blocker) - C:\Users\SLB4eVeR\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mkhbghdfcdepfhgeklhdhlmdldiiaajp [2014-07-13]
CHR Extension: (Your Quality for YouTube™) - C:\Users\SLB4eVeR\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nfcilgimggemnogfigihdkmapdhhlbph [2014-07-09]
CHR Extension: (Save Image As PNG) - C:\Users\SLB4eVeR\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nkokmeaibnajheohncaamjggkanfbphi [2014-07-11]
CHR Extension: (Google Wallet) - C:\Users\SLB4eVeR\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-31]
CHR Extension: (Image Size Info) - C:\Users\SLB4eVeR\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oihdhfbfoagfkpcncinlbhfdgpegcigf [2014-07-06]
CHR Extension: (Eraser!) - C:\Users\SLB4eVeR\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\onjneekgegckbfgfneomkejgdboacofn [2014-07-10]
CHR Extension: (Magnet Links for Torrentz) - C:\Users\SLB4eVeR\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pgmaidhfoodebfiocgananbdfnankehm [2014-07-06]
CHR Extension: (Gmail) - C:\Users\SLB4eVeR\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-31]
CHR HKLM\...\Chrome\Extension: [doobfiogmfmpjnoofjhhgjehmlofngfp] - C:\Users\SLB4eVeR\AppData\Local\metacrawler_speedial_v9.0.2.crx []
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx []
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-12-21]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
S4 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43624 2012-08-14] (ArcSoft, Inc.)
S4 ASO3DiskOptimizer; C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe [264488 2013-04-18] (Systweak Software, (www.systweak.com))
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [723192 2013-11-14] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1343408 2014-02-24] (ESET)
S4 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S4 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 GLockEasyMail7Server; C:\Program Files (x86)\G-Lock Software\G-Lock EasyMail 7\EasyMail7Service.exe [6448288 2014-09-02] (G-Lock Software)
R2 GLockEasyMail7ServiceConsole; C:\Program Files (x86)\G-Lock Software\G-Lock EasyMail 7\EasyMail7ServiceConsole.exe [4188320 2014-09-02] (G-Lock Software)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-04-10] ()
R2 lhcp; C:\Windows\System32\lhcp.dll [1731584 2013-12-27] () [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2175264 2014-08-20] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S4 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-11-12] (Nitro PDF Software)
S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SpyHunter 4 Service; C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe [770432 2014-01-09] (Enigma Software Group USA, LLC.)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2014-07-07] (WiseCleaner.com)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
R3 bbcap; C:\Windows\System32\DRIVERS\bbcap.sys [4608 2013-05-30] (Windows ® Codename Longhorn DDK provider)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-07-01] (Glarysoft Ltd)
R1 BTOWSFF; C:\Windows\System32\Drivers\BTOWSFF.sys [33024 2014-07-26] (Toolwiz.com)
R0 BTOWSVF; C:\Windows\System32\Drivers\BTOWSVF.sys [52480 2014-07-26] (Toolwiz.com)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 CrystalSysInfo; C:\Program Files\MediaCoder\SysInfoX64.sys [18128 2007-09-25] ()
R3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows ® Win 7 DDK provider)
R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [29696 2014-02-11] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
R3 esgiguard; C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [14872 2014-01-07] ()
S3 EsgScanner; C:\Windows\SysWOW64\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()
S3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [126720 2012-03-28] (Gemalto)
R0 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2014-07-19] (Glarysoft Ltd)
S3 jakndis; C:\Windows\System32\DRIVERS\jakndis.sys [35648 2011-07-21] (Jaksta Technologies Pty Ltd)
R3 jakndisMP; C:\Windows\System32\DRIVERS\jakndis.sys [35648 2011-07-21] (Jaksta Technologies Pty Ltd)
R0 KSafeDISK; C:\Windows\System32\Drivers\KSafeDISK.sys [52992 2014-07-26] (Toolwiz.com)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 Passthru; C:\Windows\System32\DRIVERS\PPFlt.sys [28408 2013-12-23] ()
R3 PrivacyProtectorMP; C:\Windows\System32\DRIVERS\PPFlt.sys [28408 2013-12-23] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 TrojanKillerDriver; C:\Windows\System32\DRIVERS\gtkdrv.sys [16640 2014-08-30] (Windows ® Win 7 DDK provider)
S3 WsAudio_Device; C:\Windows\System32\drivers\VirtualAudio.sys [31080 2013-03-25] (Wondershare)
U0 Partizan; system32\drivers\Partizan.sys [X]
U2 TMAgent; No ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

NETSVC: lhcp -> C:\Windows\System32\lhcp.dll ()

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-15 14:22 - 2014-09-15 14:23 - 00040566 _____ () C:\Users\SLB4eVeR\Desktop\FRST.txt
2014-09-15 14:21 - 2014-09-15 14:22 - 00000000 ____D () C:\FRST
2014-09-15 14:20 - 2014-09-15 14:20 - 02105856 _____ (Farbar) C:\Users\SLB4eVeR\Desktop\FRST64.exe
2014-09-15 14:19 - 2014-09-15 14:19 - 00000461 _____ () C:\spyhunter.log
2014-09-15 13:36 - 2014-09-15 13:36 - 00134277 _____ () C:\Users\SLB4eVeR\Desktop\hosts.zip
2014-09-15 13:20 - 2014-09-15 13:20 - 00000127 _____ () C:\sh4_service.log
2014-09-15 13:09 - 2013-10-18 15:01 - 00285747 _____ () C:\shldr
2014-09-15 13:09 - 2013-10-18 15:01 - 00008192 _____ () C:\shldr.mbr
2014-09-15 12:59 - 2014-09-15 12:59 - 00388608 _____ (Trend Micro Inc.) C:\Users\SLB4eVeR\Documents\HijackThis.exe
2014-09-15 12:24 - 2014-09-15 12:24 - 00003356 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-09-15 12:23 - 2014-09-15 12:23 - 00002250 _____ () C:\Users\SLB4eVeR\Desktop\SpyHunter.lnk
2014-09-15 12:23 - 2014-09-15 12:23 - 00000000 ____D () C:\sh4ldr
2014-09-15 12:23 - 2014-09-15 12:23 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2014-09-15 12:22 - 2014-09-15 12:23 - 00000000 ____D () C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2014-09-15 12:18 - 2014-09-15 12:18 - 00000000 ____D () C:\Users\SLB4eVeR\Desktop\SpyHunter.Malware.Security.Suite.v4.17.6.4336.Multilingual-BG
2014-09-15 11:59 - 2014-09-15 12:01 - 43647026 _____ () C:\Users\SLB4eVeR\Desktop\SpyHunter.Malware.Security.Suite.v4.17.6.4336.Multilingual-BG.rar
2014-09-15 11:40 - 2014-09-15 13:30 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-09-15 04:22 - 2014-09-15 04:23 - 00000080 _____ () C:\Users\SLB4eVeR\Desktop\schema.ini
2014-09-15 04:05 - 2014-09-15 04:05 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\RapidSMTP
2014-09-15 03:58 - 2014-09-15 04:04 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\RapidSMTP.com
2014-09-15 03:58 - 2014-09-15 03:58 - 00002609 _____ () C:\Users\Public\Desktop\RapidSMTP.lnk
2014-09-15 03:58 - 2014-09-15 03:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RapidSMTP
2014-09-15 03:57 - 2014-09-15 03:57 - 00000000 ____D () C:\Program Files (x86)\RapidSMTP.com
2014-09-15 03:01 - 2014-09-15 03:21 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\e-Campaign
2014-09-15 03:01 - 2014-09-15 03:01 - 00001013 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\e-Campaign 10.lnk
2014-09-15 03:01 - 2014-09-15 03:01 - 00001007 _____ () C:\Users\Public\Desktop\e-Campaign 10.lnk
2014-09-15 03:01 - 2014-09-15 03:01 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\e-Campaign
2014-09-15 03:01 - 2014-09-15 03:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-Campaign 10
2014-09-15 03:00 - 2014-09-15 03:01 - 00000000 ____D () C:\Program Files (x86)\e-Campaign 10
2014-09-15 02:26 - 2014-09-15 02:26 - 00019680 _____ () C:\Users\SLB4eVeR\Desktop\mensagens de erro.txt
2014-09-14 23:51 - 2014-09-14 14:59 - 00294909 _____ () C:\Users\SLB4eVeR\Desktop\12000.txt.bak
2014-09-14 23:42 - 2014-09-15 02:56 - 01881804 _____ () C:\Users\SLB4eVeR\Desktop\1 editando os bons.txt.bak
2014-09-14 23:38 - 2014-09-14 23:38 - 18993227 _____ () C:\Users\SLB4eVeR\Desktop\Bulk Mailer 8.4.4682.17304.rar
2014-09-14 21:38 - 2014-09-14 21:37 - 00047646 _____ () C:\Users\SLB4eVeR\Desktop\1.html
2014-09-14 20:43 - 2014-09-14 20:43 - 00000000 ____D () C:\Users\SLB4eVeR\Desktop\2_ficheiros
2014-09-14 20:43 - 2014-09-14 20:39 - 00047735 _____ () C:\Users\SLB4eVeR\Desktop\2.htm
2014-09-14 19:33 - 2014-09-14 19:34 - 00000000 ____D () C:\Users\SLB4eVeR\Desktop\Bulk Mailer 8.4.4682.17304
2014-09-14 18:54 - 2014-09-14 19:35 - 00000000 ____D () C:\Program Files (x86)\Bulk Mailer
2014-09-14 18:54 - 2014-09-14 18:54 - 00001806 _____ () C:\Users\Public\Desktop\Bulk Mailer.lnk
2014-09-14 18:54 - 2014-09-14 18:54 - 00000000 __HDC () C:\ProgramData\{DAF8AA24-CF50-4D29-A5DC-E8AC5CDA395A}
2014-09-14 18:54 - 2014-09-14 18:54 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\PackageAware
2014-09-14 18:54 - 2014-09-14 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bulk Mailer
2014-09-14 18:21 - 2014-09-14 18:38 - 00000108 _____ () C:\Users\SLB4eVeR\Desktop\example_addresses.txt
2014-09-14 18:19 - 2014-09-14 18:38 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\TurboMailer
2014-09-14 16:26 - 2014-09-14 17:41 - 00000000 ____D () C:\Users\SLB4eVeR\Documents\ABBulkMailer
2014-09-14 16:26 - 2014-09-14 16:26 - 00003083 _____ () C:\Users\SLB4eVeR\Desktop\AB Bulk Mailer.lnk
2014-09-14 16:26 - 2014-09-14 16:26 - 00003037 _____ () C:\Users\SLB4eVeR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AB Bulk Mailer.lnk
2014-09-14 16:26 - 2014-09-14 16:26 - 00000000 ____D () C:\Program Files (x86)\ABO
2014-09-14 14:35 - 2014-09-14 23:51 - 00294887 _____ () C:\Users\SLB4eVeR\Desktop\12000.txt
2014-09-14 13:48 - 2014-09-14 14:08 - 00000000 ____D () C:\Users\SLB4eVeR\Desktop\odbg200
2014-09-14 12:44 - 2014-09-14 12:46 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\PE Explorer
2014-09-14 10:52 - 2014-09-14 10:52 - 00000140 _____ () C:\Users\SLB4eVeR\Desktop\credentials.csv
2014-09-14 10:20 - 2014-09-14 10:20 - 00001210 _____ () C:\Users\Public\Desktop\G-Lock EasyMail 6.lnk
2014-09-14 10:20 - 2014-09-14 10:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G-Lock EasyMail 6
2014-09-14 10:20 - 2010-09-21 09:29 - 00487936 _____ (AdminSystem Software Limited) C:\Windows\SysWOW64\GLOCKANPOP.dll
2014-09-14 10:20 - 2010-09-20 20:16 - 00360960 _____ (AdminSystem Software Limited) C:\Windows\SysWOW64\GLOCKAOSMTP.dll
2014-09-14 10:19 - 2014-09-14 10:19 - 00000000 ____D () C:\Users\SLB4eVeR\Documents\G-Lock Software
2014-09-14 10:05 - 2014-09-14 10:05 - 00000000 ____D () C:\Users\SLB4eVeR\Desktop\G-Lock.EasyMail.6.89.0.Build.2650
2014-09-13 23:20 - 2014-09-14 12:14 - 00007510 _____ () C:\Users\SLB4eVeR\Desktop\2.txt
2014-09-13 23:11 - 2014-09-13 23:11 - 00000000 ____D () C:\ProgramData\Lencom
2014-09-13 23:02 - 2014-09-13 23:40 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\Lencom
2014-09-13 23:02 - 2014-09-13 23:02 - 00003109 _____ () C:\Users\SLB4eVeR\Desktop\Fast Email Extractor.lnk
2014-09-13 23:02 - 2014-09-13 23:02 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lencom Software Inc
2014-09-13 23:01 - 2014-09-13 23:01 - 00000000 ____D () C:\Program Files (x86)\Lencom Software Inc
2014-09-13 17:45 - 2014-09-15 10:48 - 00951137 _____ () C:\Users\SLB4eVeR\Desktop\news.eml
2014-09-13 16:02 - 2014-09-13 16:13 - 32282541 _____ () C:\Users\SLB4eVeR\Desktop\G-Lock.EasyMail.6.89.0.Build.2650.rar
2014-09-13 15:58 - 2014-09-13 16:27 - 20411356 _____ () C:\Users\SLB4eVeR\Desktop\easymail.zip
2014-09-13 15:28 - 2014-09-14 02:07 - 01886819 _____ () C:\Users\SLB4eVeR\Desktop\1.txt.bak
2014-09-13 14:37 - 2014-09-14 14:59 - 01251130 _____ () C:\Users\SLB4eVeR\Desktop\1.xlsx
2014-09-13 14:26 - 2014-09-13 14:26 - 00000000 ____D () C:\Users\SLB4eVeR\.spamassassin
2014-09-13 14:26 - 2014-09-13 14:26 - 00000000 ____D () C:\Users\SLB4eVeR\.razor
2014-09-13 14:18 - 2014-08-19 19:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-13 14:18 - 2014-08-19 18:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-13 14:18 - 2014-08-19 00:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-13 14:18 - 2014-08-18 23:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-13 14:18 - 2014-08-18 23:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-13 14:18 - 2014-08-18 23:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-13 14:18 - 2014-08-18 23:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-13 14:18 - 2014-08-18 23:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-13 14:18 - 2014-08-18 23:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-13 14:18 - 2014-08-18 23:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-13 14:18 - 2014-08-18 23:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-13 14:18 - 2014-08-18 23:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-13 14:18 - 2014-08-18 23:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-13 14:18 - 2014-08-18 23:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-13 14:18 - 2014-08-18 23:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-13 14:18 - 2014-08-18 23:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-13 14:18 - 2014-08-18 23:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-13 14:18 - 2014-08-18 23:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-13 14:18 - 2014-08-18 23:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-13 14:18 - 2014-08-18 22:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-13 14:18 - 2014-08-18 22:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-13 14:18 - 2014-08-18 22:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-13 14:18 - 2014-08-18 22:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-13 14:18 - 2014-08-18 22:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-13 14:18 - 2014-08-18 22:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-13 14:18 - 2014-08-18 22:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-13 14:18 - 2014-08-18 22:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-13 14:18 - 2014-08-18 22:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-13 14:18 - 2014-08-18 22:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-13 14:18 - 2014-08-18 22:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-13 14:18 - 2014-08-18 22:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-13 14:18 - 2014-08-18 22:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-13 14:18 - 2014-08-18 22:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-13 14:18 - 2014-08-18 22:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-13 14:18 - 2014-08-18 22:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-13 14:18 - 2014-08-18 22:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-13 14:18 - 2014-08-18 22:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-13 14:18 - 2014-08-18 22:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-13 14:18 - 2014-08-18 22:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-13 14:18 - 2014-08-18 22:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-13 14:18 - 2014-08-18 22:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-13 14:18 - 2014-08-18 22:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-13 14:18 - 2014-08-18 22:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-13 14:18 - 2014-08-18 22:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-13 14:18 - 2014-08-18 22:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-13 14:18 - 2014-08-18 22:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-13 14:18 - 2014-08-18 22:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-13 14:18 - 2014-08-18 22:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-13 14:18 - 2014-08-18 22:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-13 14:18 - 2014-08-18 22:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-13 14:18 - 2014-08-18 22:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-13 14:18 - 2014-08-18 21:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-13 14:18 - 2014-08-18 21:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-13 14:18 - 2014-08-18 21:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-13 14:18 - 2014-08-18 21:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-13 14:18 - 2014-08-18 21:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-13 14:07 - 2014-09-13 14:08 - 07882320 _____ () C:\Users\SLB4eVeR\Desktop\best-bulk-email-software.zip
2014-09-13 14:07 - 2014-09-13 14:08 - 07340610 _____ () C:\Users\SLB4eVeR\Desktop\bbmail-email-extractor.zip
2014-09-13 14:01 - 2014-06-27 03:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-13 14:01 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-13 13:54 - 2014-07-07 03:06 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-13 13:54 - 2014-07-07 03:06 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-13 13:54 - 2014-07-07 03:06 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-09-13 13:54 - 2014-07-07 03:06 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-13 13:54 - 2014-07-07 02:40 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-13 13:54 - 2014-07-07 02:40 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-09-13 13:54 - 2014-07-07 02:40 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-09-13 13:54 - 2014-07-07 02:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-13 13:54 - 2014-07-07 02:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-13 13:53 - 2014-06-24 04:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-13 13:53 - 2014-06-24 03:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-13 13:52 - 2014-08-01 12:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-13 13:52 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-13 13:48 - 2014-09-05 03:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-13 13:48 - 2014-09-05 03:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-13 13:42 - 2014-09-13 13:42 - 00002661 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Validador de Emails.lnk
2014-09-13 13:42 - 2014-09-13 13:42 - 00002649 _____ () C:\Users\Public\Desktop\Validador de Emails.lnk
2014-09-13 13:42 - 2014-09-13 13:42 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\RAL Tecnologia
2014-09-13 08:45 - 2014-09-13 08:45 - 00024995 _____ () C:\Users\SLB4eVeR\Desktop\add.csv
2014-09-12 22:34 - 2014-09-12 22:34 - 00121218 _____ () C:\Users\SLB4eVeR\Desktop\3.1.csv
2014-09-12 22:33 - 2014-09-12 22:33 - 00083168 _____ () C:\Users\SLB4eVeR\Desktop\3.xlsx
2014-09-12 18:10 - 2014-09-12 18:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MailTester
2014-09-12 18:10 - 2014-09-12 18:10 - 00000000 ____D () C:\Program Files (x86)\MailTester
2014-09-12 17:51 - 2014-09-12 17:51 - 00001872 _____ () C:\Users\SLB4eVeR\Desktop\eMail Verifier.lnk
2014-09-12 17:51 - 2014-09-12 17:51 - 00000000 ____D () C:\Users\SLB4eVeR\Documents\Maxprog
2014-09-12 17:51 - 2014-09-12 17:51 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\Maxprog
2014-09-12 17:51 - 2014-09-12 17:51 - 00000000 ____D () C:\Program Files (x86)\eMail Verifier1
2014-09-12 17:29 - 2014-09-12 17:29 - 00001084 _____ () C:\Users\Public\Desktop\Advanced Email Verifier 8.lnk
2014-09-12 17:29 - 2014-09-12 17:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Email Verifier 8
2014-09-12 11:14 - 2014-09-12 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Email Verifier
2014-09-12 11:14 - 2014-09-12 11:14 - 00001848 _____ () C:\Users\Public\Desktop\Email Verifier.lnk
2014-09-12 01:00 - 2014-09-12 01:00 - 00000000 _____ () C:\Windows\install58632.log
2014-09-12 00:58 - 2014-09-14 10:19 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\G-Lock Software
2014-09-12 00:58 - 2014-09-12 00:58 - 00004882 _____ () C:\ProgramData\pgatahac.zmz
2014-09-12 00:58 - 2014-09-12 00:58 - 00001215 _____ () C:\Users\Public\Desktop\G-Lock EasyMail 7.lnk
2014-09-12 00:58 - 2014-09-12 00:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G-Lock EasyMail 7
2014-09-12 00:58 - 2014-09-12 00:58 - 00000000 ____D () C:\ProgramData\G-Lock Software
2014-09-12 00:53 - 2014-09-12 00:53 - 31103665 _____ () C:\Users\SLB4eVeR\Downloads\g-lock-easymail-7-1-0-build-300-32-bits [1].exe
2014-09-11 22:43 - 2014-05-06 20:59 - 00214973 _____ () C:\Users\SLB4eVeR\Desktop\emgoldex.eml
2014-09-11 22:12 - 2014-09-11 22:12 - 00001099 _____ () C:\Users\Public\Desktop\Arsyn Email Scraper.lnk
2014-09-11 22:12 - 2014-09-11 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arsyn Email Scraper
2014-09-11 22:12 - 2014-09-11 22:12 - 00000000 ____D () C:\Program Files (x86)\Arsyn Email Scraper
2014-09-11 21:31 - 2014-09-15 12:38 - 00016296 _____ () C:\Windows\PFRO.log
2014-09-11 21:01 - 2014-09-11 21:12 - 00000000 ____D () C:\emailextractor14
2014-09-11 20:47 - 2014-09-11 20:47 - 00000000 ____D () C:\Program Files (x86)\ChinaCompanyDatabase
2014-09-11 19:05 - 2013-09-24 18:10 - 01497936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100d.dll
2014-09-11 19:05 - 2013-09-24 18:10 - 01178112 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2014-09-11 19:05 - 2013-09-24 18:10 - 00265216 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2014-09-11 19:05 - 2013-09-24 18:10 - 00265216 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\libssl32.dll
2014-09-11 18:52 - 2014-09-15 12:23 - 00000000 ____D () C:\Users\SLB4eVeR\Desktop\100
2014-09-11 18:21 - 2014-09-11 18:21 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\FastStone
2014-09-11 16:21 - 2014-09-11 16:21 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\Foxit Advanced PDF Editor
2014-09-11 15:45 - 2014-09-11 15:45 - 05451882 _____ () C:\Users\SLB4eVeR\Desktop\FOX E-mail Extrator.rar
2014-09-11 14:51 - 2014-09-15 12:39 - 00323584 ___SH () C:\Users\SLB4eVeR\Desktop\Thumbs.db
2014-09-11 14:50 - 2014-09-15 13:20 - 00000504 _____ () C:\Windows\setupact.log
2014-09-11 14:50 - 2014-09-11 14:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-11 14:21 - 2014-09-11 14:21 - 00585099 _____ () C:\Users\SLB4eVeR\Desktop\Livro1.xlsx
2014-09-11 13:40 - 2014-09-11 14:29 - 01040987 _____ () C:\Users\SLB4eVeR\Desktop\8.xlsx
2014-09-11 13:20 - 2014-09-11 13:20 - 00005040 _____ () C:\ProgramData\xyjbeotp.nun
2014-09-10 22:12 - 2014-09-11 13:34 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\VecData
2014-09-10 22:09 - 2014-09-10 22:12 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\ASTGD
2014-09-10 22:09 - 2014-09-10 22:09 - 00003127 _____ () C:\Users\SLB4eVeR\Desktop\Valid Email Collector Advance.lnk
2014-09-10 22:09 - 2014-09-10 22:09 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Valid Email Collector
2014-09-10 22:09 - 2014-09-10 22:09 - 00000000 ____D () C:\Program Files (x86)\Valid Email Collector
2014-09-10 22:02 - 2014-09-10 22:02 - 00000000 ____D () C:\Users\SLB4eVeR\Google Maps Email Extractor
2014-09-10 21:36 - 2014-09-10 21:36 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Email Extractor Lux
2014-09-10 21:36 - 2014-09-10 21:36 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\Email Teleport
2014-09-10 20:56 - 2014-09-14 16:24 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\Downloaded Installations
2014-09-10 20:37 - 2014-09-10 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trial Tarantula
2014-09-10 20:37 - 2014-09-10 20:48 - 00000000 ____D () C:\Program Files (x86)\Trial Tarantula
2014-09-10 20:37 - 2014-09-10 20:37 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trial Tarantula
2014-09-10 20:37 - 2003-06-19 12:05 - 00286773 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.001
2014-09-10 20:37 - 2003-01-14 12:18 - 00401408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.002
2014-09-10 20:37 - 2003-01-14 12:18 - 00147456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.000
2014-09-10 20:18 - 2014-09-10 20:23 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\GSA Email Spider
2014-09-10 19:13 - 2014-09-14 18:54 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\LiveSoftware
2014-09-10 19:13 - 2014-09-12 11:45 - 00000000 ____D () C:\Program Files (x86)\Email Verifier
2014-09-10 19:12 - 2014-09-12 11:14 - 00000000 ___HD () C:\ProgramData\{36B7E4FF-9E7B-46F2-B3E9-D12C3B4B7F9B}
2014-09-10 19:03 - 2014-09-10 21:30 - 00013115 _____ () C:\Users\SLB4eVeR\Desktop\emails IOL Portugal.xlsx
2014-09-10 17:43 - 2014-09-11 00:13 - 00035079 _____ () C:\Users\SLB4eVeR\Desktop\emails hotmail portugal.xlsx
2014-09-10 16:03 - 2014-09-10 17:44 - 00016142 _____ () C:\Users\SLB4eVeR\Desktop\emails sapo portugal.xlsx
2014-09-10 14:48 - 2014-09-12 10:53 - 00000000 ____D () C:\Program Files (x86)\FOX E-mail Extrator
2014-09-10 14:48 - 2014-09-10 14:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FOX E-mail Extrator
2014-09-10 14:20 - 2014-09-10 14:20 - 00004872 _____ () C:\ProgramData\duavsiev.mnv
2014-09-10 14:18 - 2014-09-14 10:19 - 00000000 ____D () C:\Program Files (x86)\G-Lock Software
2014-09-10 14:09 - 2014-09-15 04:39 - 01881711 _____ () C:\Users\SLB4eVeR\Desktop\1 editando os bons.txt
2014-09-10 13:52 - 2014-09-11 13:21 - 00009596 _____ () C:\missing.ini
2014-09-10 13:41 - 2014-09-11 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EmEx3.com
2014-09-10 13:07 - 2014-09-10 13:07 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\Caphyon
2014-09-10 13:05 - 2014-09-10 14:15 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\EMMA Labs
2014-09-09 21:22 - 2014-09-09 21:22 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\Caesium
2014-09-09 16:16 - 2014-09-09 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-09-09 16:16 - 2014-09-09 16:16 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-09-07 20:34 - 2014-09-10 21:36 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\Deployment
2014-09-07 12:56 - 2014-09-07 12:58 - 03808407 _____ () C:\Users\SLB4eVeR\Desktop\evolve.3.0.3.zip
2014-09-07 11:24 - 2014-09-14 22:35 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\CrashDumps
2014-09-07 10:39 - 2014-09-07 15:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-09-07 09:40 - 2014-09-07 09:40 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\ATI
2014-09-07 09:39 - 2014-09-11 17:50 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\ToolwizCareFree
2014-09-06 17:42 - 2014-09-13 10:21 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\VirtualStore
2014-09-06 15:23 - 2014-09-06 15:24 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\Adobe
2014-09-06 15:03 - 2014-09-06 15:04 - 00000192 _____ () C:\Users\SLB4eVeR\Desktop\OLX.txt
2014-09-06 14:33 - 2014-09-06 14:33 - 00152512 _____ () C:\Users\SLB4eVeR\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-06 14:32 - 2014-09-10 22:14 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\Apps\2.0
2014-09-06 14:14 - 2014-09-06 14:14 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\ESET
2014-09-04 17:47 - 2014-09-09 22:22 - 00000000 ____D () C:\Users\SLB4eVeR\Desktop\Nova pasta
2014-09-01 19:03 - 2014-08-23 03:10 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-01 19:03 - 2014-08-23 02:45 - 00311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-01 19:03 - 2014-08-23 01:59 - 03166720 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-30 16:34 - 2014-08-30 16:34 - 00016640 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\gtkdrv.sys
2014-08-28 01:43 - 2014-08-28 01:43 - 00000096 _____ () C:\Users\SLB4eVeR\Desktop\Tema Iconic One Pro downloa(1).txt
2014-08-21 14:30 - 2014-08-21 14:30 - 00000000 ____D () C:\Users\Default\AppData\Roaming\ProductData
2014-08-21 14:30 - 2014-08-21 14:30 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\ProductData
2014-08-20 19:58 - 2014-08-20 19:58 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\ProductData
2014-08-20 19:57 - 2014-08-20 19:57 - 00002892 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2014-08-20 19:57 - 2014-08-20 19:57 - 00001212 _____ () C:\Users\SLB4eVeR\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-08-17 20:43 - 2014-08-17 20:43 - 00000050 _____ () C:\Users\SLB4eVeR\Desktop\GMX.txt
2014-08-17 08:29 - 2014-09-15 13:28 - 01153345 _____ () C:\Windows\WindowsUpdate.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-15 14:23 - 2014-09-15 14:22 - 00040566 _____ () C:\Users\SLB4eVeR\Desktop\FRST.txt
2014-09-15 14:22 - 2014-09-15 14:21 - 00000000 ____D () C:\FRST
2014-09-15 14:20 - 2014-09-15 14:20 - 02105856 _____ (Farbar) C:\Users\SLB4eVeR\Desktop\FRST64.exe
2014-09-15 14:19 - 2014-09-15 14:19 - 00000461 _____ () C:\spyhunter.log
2014-09-15 14:10 - 2014-02-28 12:32 - 00512001 _____ () C:\Windows\system32\Drivers\etc\hosts.bak
2014-09-15 14:07 - 2013-09-27 11:19 - 00001030 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-409513754-1586911125-4025370635-1000UA.job
2014-09-15 14:01 - 2014-06-04 21:56 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-15 13:56 - 2014-04-14 23:39 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-15 13:51 - 2013-03-27 02:19 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\EditPlus 3
2014-09-15 13:48 - 2013-04-14 21:56 - 00001012 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-15 13:36 - 2014-09-15 13:36 - 00134277 _____ () C:\Users\SLB4eVeR\Desktop\hosts.zip
2014-09-15 13:34 - 2009-07-14 05:45 - 00023168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-15 13:34 - 2009-07-14 05:45 - 00023168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-15 13:30 - 2014-09-15 11:40 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-09-15 13:28 - 2014-08-17 08:29 - 01153345 _____ () C:\Windows\WindowsUpdate.log
2014-09-15 13:27 - 2011-04-12 13:55 - 02274990 _____ () C:\Windows\system32\prfh0816.dat
2014-09-15 13:27 - 2011-04-12 13:55 - 01640964 _____ () C:\Windows\system32\prfc0816.dat
2014-09-15 13:27 - 2009-07-14 06:13 - 00006210 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-15 13:20 - 2014-09-15 13:20 - 00000127 _____ () C:\sh4_service.log
2014-09-15 13:20 - 2014-09-11 14:50 - 00000504 _____ () C:\Windows\setupact.log
2014-09-15 13:20 - 2014-07-12 11:41 - 00000031 _____ () C:\Windows\system32\bbcap.err
2014-09-15 13:20 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-15 13:09 - 2014-07-11 15:47 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\uTorrent
2014-09-15 12:59 - 2014-09-15 12:59 - 00388608 _____ (Trend Micro Inc.) C:\Users\SLB4eVeR\Documents\HijackThis.exe
2014-09-15 12:39 - 2014-09-11 14:51 - 00323584 ___SH () C:\Users\SLB4eVeR\Desktop\Thumbs.db
2014-09-15 12:38 - 2014-09-11 21:31 - 00016296 _____ () C:\Windows\PFRO.log
2014-09-15 12:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SchCache
2014-09-15 12:24 - 2014-09-15 12:24 - 00003356 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-09-15 12:23 - 2014-09-15 12:23 - 00002250 _____ () C:\Users\SLB4eVeR\Desktop\SpyHunter.lnk
2014-09-15 12:23 - 2014-09-15 12:23 - 00000000 ____D () C:\sh4ldr
2014-09-15 12:23 - 2014-09-15 12:23 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2014-09-15 12:23 - 2014-09-15 12:22 - 00000000 ____D () C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2014-09-15 12:23 - 2014-09-11 18:52 - 00000000 ____D () C:\Users\SLB4eVeR\Desktop\100
2014-09-15 12:23 - 2013-10-23 22:13 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-09-15 12:18 - 2014-09-15 12:18 - 00000000 ____D () C:\Users\SLB4eVeR\Desktop\SpyHunter.Malware.Security.Suite.v4.17.6.4336.Multilingual-BG
2014-09-15 12:01 - 2014-09-15 11:59 - 43647026 _____ () C:\Users\SLB4eVeR\Desktop\SpyHunter.Malware.Security.Suite.v4.17.6.4336.Multilingual-BG.rar
2014-09-15 10:48 - 2014-09-13 17:45 - 00951137 _____ () C:\Users\SLB4eVeR\Desktop\news.eml
2014-09-15 10:09 - 2013-12-05 11:30 - 00000000 ____D () C:\ProgramData\ProductData
2014-09-15 04:39 - 2014-09-10 14:09 - 01881711 _____ () C:\Users\SLB4eVeR\Desktop\1 editando os bons.txt
2014-09-15 04:39 - 2014-07-13 09:54 - 00000000 ____D () C:\Users\SLB4eVeR\Desktop\Newsletter
2014-09-15 04:23 - 2014-09-15 04:22 - 00000080 _____ () C:\Users\SLB4eVeR\Desktop\schema.ini
2014-09-15 04:05 - 2014-09-15 04:05 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\RapidSMTP
2014-09-15 04:04 - 2014-09-15 03:58 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\RapidSMTP.com
2014-09-15 03:58 - 2014-09-15 03:58 - 00002609 _____ () C:\Users\Public\Desktop\RapidSMTP.lnk
2014-09-15 03:58 - 2014-09-15 03:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RapidSMTP
2014-09-15 03:57 - 2014-09-15 03:57 - 00000000 ____D () C:\Program Files (x86)\RapidSMTP.com
2014-09-15 03:21 - 2014-09-15 03:01 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\e-Campaign
2014-09-15 03:01 - 2014-09-15 03:01 - 00001013 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\e-Campaign 10.lnk
2014-09-15 03:01 - 2014-09-15 03:01 - 00001007 _____ () C:\Users\Public\Desktop\e-Campaign 10.lnk
2014-09-15 03:01 - 2014-09-15 03:01 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\e-Campaign
2014-09-15 03:01 - 2014-09-15 03:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-Campaign 10
2014-09-15 03:01 - 2014-09-15 03:00 - 00000000 ____D () C:\Program Files (x86)\e-Campaign 10
2014-09-15 02:56 - 2014-09-14 23:42 - 01881804 _____ () C:\Users\SLB4eVeR\Desktop\1 editando os bons.txt.bak
2014-09-15 02:26 - 2014-09-15 02:26 - 00019680 _____ () C:\Users\SLB4eVeR\Desktop\mensagens de erro.txt
2014-09-14 23:51 - 2014-09-14 14:35 - 00294887 _____ () C:\Users\SLB4eVeR\Desktop\12000.txt
2014-09-14 23:38 - 2014-09-14 23:38 - 18993227 _____ () C:\Users\SLB4eVeR\Desktop\Bulk Mailer 8.4.4682.17304.rar
2014-09-14 22:35 - 2014-09-07 11:24 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\CrashDumps
2014-09-14 21:37 - 2014-09-14 21:38 - 00047646 _____ () C:\Users\SLB4eVeR\Desktop\1.html
2014-09-14 20:43 - 2014-09-14 20:43 - 00000000 ____D () C:\Users\SLB4eVeR\Desktop\2_ficheiros
2014-09-14 20:39 - 2014-09-14 20:43 - 00047735 _____ () C:\Users\SLB4eVeR\Desktop\2.htm
2014-09-14 20:17 - 2013-09-25 14:14 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\CoffeeCup Software
2014-09-14 20:06 - 2013-09-27 11:19 - 00000978 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-409513754-1586911125-4025370635-1000Core.job
2014-09-14 19:35 - 2014-09-14 18:54 - 00000000 ____D () C:\Program Files (x86)\Bulk Mailer
2014-09-14 19:34 - 2014-09-14 19:33 - 00000000 ____D () C:\Users\SLB4eVeR\Desktop\Bulk Mailer 8.4.4682.17304
2014-09-14 18:54 - 2014-09-14 18:54 - 00001806 _____ () C:\Users\Public\Desktop\Bulk Mailer.lnk
2014-09-14 18:54 - 2014-09-14 18:54 - 00000000 __HDC () C:\ProgramData\{DAF8AA24-CF50-4D29-A5DC-E8AC5CDA395A}
2014-09-14 18:54 - 2014-09-14 18:54 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\PackageAware
2014-09-14 18:54 - 2014-09-14 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bulk Mailer
2014-09-14 18:54 - 2014-09-10 19:13 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\LiveSoftware
2014-09-14 18:38 - 2014-09-14 18:21 - 00000108 _____ () C:\Users\SLB4eVeR\Desktop\example_addresses.txt
2014-09-14 18:38 - 2014-09-14 18:19 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\TurboMailer
2014-09-14 17:41 - 2014-09-14 16:26 - 00000000 ____D () C:\Users\SLB4eVeR\Documents\ABBulkMailer
2014-09-14 16:26 - 2014-09-14 16:26 - 00003083 _____ () C:\Users\SLB4eVeR\Desktop\AB Bulk Mailer.lnk
2014-09-14 16:26 - 2014-09-14 16:26 - 00003037 _____ () C:\Users\SLB4eVeR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AB Bulk Mailer.lnk
2014-09-14 16:26 - 2014-09-14 16:26 - 00000000 ____D () C:\Program Files (x86)\ABO
2014-09-14 16:24 - 2014-09-10 20:56 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\Downloaded Installations
2014-09-14 14:59 - 2014-09-14 23:51 - 00294909 _____ () C:\Users\SLB4eVeR\Desktop\12000.txt.bak
2014-09-14 14:59 - 2014-09-13 14:37 - 01251130 _____ () C:\Users\SLB4eVeR\Desktop\1.xlsx
2014-09-14 14:08 - 2014-09-14 13:48 - 00000000 ____D () C:\Users\SLB4eVeR\Desktop\odbg200
2014-09-14 12:46 - 2014-09-14 12:44 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\PE Explorer
2014-09-14 12:14 - 2014-09-13 23:20 - 00007510 _____ () C:\Users\SLB4eVeR\Desktop\2.txt
2014-09-14 10:52 - 2014-09-14 10:52 - 00000140 _____ () C:\Users\SLB4eVeR\Desktop\credentials.csv
2014-09-14 10:20 - 2014-09-14 10:20 - 00001210 _____ () C:\Users\Public\Desktop\G-Lock EasyMail 6.lnk
2014-09-14 10:20 - 2014-09-14 10:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G-Lock EasyMail 6
2014-09-14 10:19 - 2014-09-14 10:19 - 00000000 ____D () C:\Users\SLB4eVeR\Documents\G-Lock Software
2014-09-14 10:19 - 2014-09-12 00:58 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\G-Lock Software
2014-09-14 10:19 - 2014-09-10 14:18 - 00000000 ____D () C:\Program Files (x86)\G-Lock Software
2014-09-14 10:05 - 2014-09-14 10:05 - 00000000 ____D () C:\Users\SLB4eVeR\Desktop\G-Lock.EasyMail.6.89.0.Build.2650
2014-09-14 07:44 - 2009-07-14 06:08 - 00032568 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-14 07:42 - 2014-06-11 00:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-14 07:42 - 2013-03-26 22:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-14 02:07 - 2014-09-13 15:28 - 01886819 _____ () C:\Users\SLB4eVeR\Desktop\1.txt.bak
2014-09-13 23:40 - 2014-09-13 23:02 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\Lencom
2014-09-13 23:15 - 2011-06-27 16:57 - 00137349 _____ () C:\Users\SLB4eVeR\AppData\Roaming\se.txt
2014-09-13 23:11 - 2014-09-13 23:11 - 00000000 ____D () C:\ProgramData\Lencom
2014-09-13 23:02 - 2014-09-13 23:02 - 00003109 _____ () C:\Users\SLB4eVeR\Desktop\Fast Email Extractor.lnk
2014-09-13 23:02 - 2014-09-13 23:02 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lencom Software Inc
2014-09-13 23:01 - 2014-09-13 23:01 - 00000000 ____D () C:\Program Files (x86)\Lencom Software Inc
2014-09-13 16:27 - 2014-09-13 15:58 - 20411356 _____ () C:\Users\SLB4eVeR\Desktop\easymail.zip
2014-09-13 16:13 - 2014-09-13 16:02 - 32282541 _____ () C:\Users\SLB4eVeR\Desktop\G-Lock.EasyMail.6.89.0.Build.2650.rar
2014-09-13 14:26 - 2014-09-13 14:26 - 00000000 ____D () C:\Users\SLB4eVeR\.spamassassin
2014-09-13 14:26 - 2014-09-13 14:26 - 00000000 ____D () C:\Users\SLB4eVeR\.razor
2014-09-13 14:26 - 2013-03-26 20:54 - 00000000 ____D () C:\Users\SLB4eVeR
2014-09-13 14:16 - 2013-03-27 01:15 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-09-13 14:16 - 2013-03-27 01:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-13 14:08 - 2014-09-13 14:07 - 07882320 _____ () C:\Users\SLB4eVeR\Desktop\best-bulk-email-software.zip
2014-09-13 14:08 - 2014-09-13 14:07 - 07340610 _____ () C:\Users\SLB4eVeR\Desktop\bbmail-email-extractor.zip
2014-09-13 13:58 - 2014-04-23 17:50 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-13 13:42 - 2014-09-13 13:42 - 00002661 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Validador de Emails.lnk
2014-09-13 13:42 - 2014-09-13 13:42 - 00002649 _____ () C:\Users\Public\Desktop\Validador de Emails.lnk
2014-09-13 13:42 - 2014-09-13 13:42 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\RAL Tecnologia
2014-09-13 10:21 - 2014-09-06 17:42 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\VirtualStore
2014-09-13 08:45 - 2014-09-13 08:45 - 00024995 _____ () C:\Users\SLB4eVeR\Desktop\add.csv
2014-09-13 08:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Resources
2014-09-13 00:21 - 2014-03-25 09:29 - 00722877 _____ () C:\Users\SLB4eVeR\Desktop\Contactos de email.xlsx
2014-09-12 22:34 - 2014-09-12 22:34 - 00121218 _____ () C:\Users\SLB4eVeR\Desktop\3.1.csv
2014-09-12 22:33 - 2014-09-12 22:33 - 00083168 _____ () C:\Users\SLB4eVeR\Desktop\3.xlsx
2014-09-12 18:10 - 2014-09-12 18:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MailTester
2014-09-12 18:10 - 2014-09-12 18:10 - 00000000 ____D () C:\Program Files (x86)\MailTester
2014-09-12 17:51 - 2014-09-12 17:51 - 00001872 _____ () C:\Users\SLB4eVeR\Desktop\eMail Verifier.lnk
2014-09-12 17:51 - 2014-09-12 17:51 - 00000000 ____D () C:\Users\SLB4eVeR\Documents\Maxprog
2014-09-12 17:51 - 2014-09-12 17:51 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\Maxprog
2014-09-12 17:51 - 2014-09-12 17:51 - 00000000 ____D () C:\Program Files (x86)\eMail Verifier1
2014-09-12 17:51 - 2014-09-12 11:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Email Verifier
2014-09-12 17:29 - 2014-09-12 17:29 - 00001084 _____ () C:\Users\Public\Desktop\Advanced Email Verifier 8.lnk
2014-09-12 17:29 - 2014-09-12 17:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Email Verifier 8
2014-09-12 17:03 - 2014-06-22 22:09 - 00000000 ____D () C:\Program Files\GridinSoft Trojan Killer
2014-09-12 15:53 - 2013-03-27 15:32 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\PhotoScape
2014-09-12 11:56 - 2013-03-27 01:58 - 00000000 ____D () C:\Program Files (x86)\FileUploader
2014-09-12 11:45 - 2014-09-10 19:13 - 00000000 ____D () C:\Program Files (x86)\Email Verifier
2014-09-12 11:14 - 2014-09-12 11:14 - 00001848 _____ () C:\Users\Public\Desktop\Email Verifier.lnk
2014-09-12 11:14 - 2014-09-10 19:12 - 00000000 ___HD () C:\ProgramData\{36B7E4FF-9E7B-46F2-B3E9-D12C3B4B7F9B}
2014-09-12 10:53 - 2014-09-10 14:48 - 00000000 ____D () C:\Program Files (x86)\FOX E-mail Extrator
2014-09-12 01:00 - 2014-09-12 01:00 - 00000000 _____ () C:\Windows\install58632.log
2014-09-12 00:58 - 2014-09-12 00:58 - 00004882 _____ () C:\ProgramData\pgatahac.zmz
2014-09-12 00:58 - 2014-09-12 00:58 - 00001215 _____ () C:\Users\Public\Desktop\G-Lock EasyMail 7.lnk
2014-09-12 00:58 - 2014-09-12 00:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G-Lock EasyMail 7
2014-09-12 00:58 - 2014-09-12 00:58 - 00000000 ____D () C:\ProgramData\G-Lock Software
2014-09-12 00:53 - 2014-09-12 00:53 - 31103665 _____ () C:\Users\SLB4eVeR\Downloads\g-lock-easymail-7-1-0-build-300-32-bits [1].exe
2014-09-12 00:51 - 2014-08-05 21:38 - 00000000 ____D () C:\Users\SLB4eVeR\Downloads\Compressed
2014-09-11 22:12 - 2014-09-11 22:12 - 00001099 _____ () C:\Users\Public\Desktop\Arsyn Email Scraper.lnk
2014-09-11 22:12 - 2014-09-11 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arsyn Email Scraper
2014-09-11 22:12 - 2014-09-11 22:12 - 00000000 ____D () C:\Program Files (x86)\Arsyn Email Scraper
2014-09-11 21:28 - 2014-01-24 12:18 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\DMCache
2014-09-11 21:12 - 2014-09-11 21:01 - 00000000 ____D () C:\emailextractor14
2014-09-11 20:47 - 2014-09-11 20:47 - 00000000 ____D () C:\Program Files (x86)\ChinaCompanyDatabase
2014-09-11 20:05 - 2014-08-11 09:14 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\AtomPark
2014-09-11 18:21 - 2014-09-11 18:21 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\FastStone
2014-09-11 17:50 - 2014-09-07 09:39 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\ToolwizCareFree
2014-09-11 16:21 - 2014-09-11 16:21 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\Foxit Advanced PDF Editor
2014-09-11 16:21 - 2013-05-26 13:45 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\Nitro PDF
2014-09-11 15:45 - 2014-09-11 15:45 - 05451882 _____ () C:\Users\SLB4eVeR\Desktop\FOX E-mail Extrator.rar
2014-09-11 14:50 - 2014-09-11 14:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-11 14:47 - 2014-09-10 13:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EmEx3.com
2014-09-11 14:39 - 2013-03-27 12:43 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-11 14:38 - 2013-03-27 12:44 - 00000975 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-11 14:29 - 2014-09-11 13:40 - 01040987 _____ () C:\Users\SLB4eVeR\Desktop\8.xlsx
2014-09-11 14:21 - 2014-09-11 14:21 - 00585099 _____ () C:\Users\SLB4eVeR\Desktop\Livro1.xlsx
2014-09-11 13:34 - 2014-09-10 22:12 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\VecData
2014-09-11 13:21 - 2014-09-10 13:52 - 00009596 _____ () C:\missing.ini
2014-09-11 13:21 - 2013-03-27 11:56 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-11 13:20 - 2014-09-11 13:20 - 00005040 _____ () C:\ProgramData\xyjbeotp.nun
2014-09-11 11:05 - 2013-06-22 11:35 - 00000536 __RSH () C:\ProgramData\ntuser.pol
2014-09-11 00:13 - 2014-09-10 17:43 - 00035079 _____ () C:\Users\SLB4eVeR\Desktop\emails hotmail portugal.xlsx
2014-09-10 22:14 - 2014-09-06 14:32 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\Apps\2.0
2014-09-10 22:12 - 2014-09-10 22:09 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\ASTGD
2014-09-10 22:09 - 2014-09-10 22:09 - 00003127 _____ () C:\Users\SLB4eVeR\Desktop\Valid Email Collector Advance.lnk
2014-09-10 22:09 - 2014-09-10 22:09 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Valid Email Collector
2014-09-10 22:09 - 2014-09-10 22:09 - 00000000 ____D () C:\Program Files (x86)\Valid Email Collector
2014-09-10 22:02 - 2014-09-10 22:02 - 00000000 ____D () C:\Users\SLB4eVeR\Google Maps Email Extractor
2014-09-10 21:36 - 2014-09-10 21:36 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Email Extractor Lux
2014-09-10 21:36 - 2014-09-10 21:36 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\Email Teleport
2014-09-10 21:36 - 2014-09-07 20:34 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\Deployment
2014-09-10 21:30 - 2014-09-10 19:03 - 00013115 _____ () C:\Users\SLB4eVeR\Desktop\emails IOL Portugal.xlsx
2014-09-10 20:48 - 2014-09-10 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trial Tarantula
2014-09-10 20:48 - 2014-09-10 20:37 - 00000000 ____D () C:\Program Files (x86)\Trial Tarantula
2014-09-10 20:37 - 2014-09-10 20:37 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trial Tarantula
2014-09-10 20:23 - 2014-09-10 20:18 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\GSA Email Spider
2014-09-10 17:44 - 2014-09-10 16:03 - 00016142 _____ () C:\Users\SLB4eVeR\Desktop\emails sapo portugal.xlsx
2014-09-10 14:48 - 2014-09-10 14:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FOX E-mail Extrator
2014-09-10 14:20 - 2014-09-10 14:20 - 00004872 _____ () C:\ProgramData\duavsiev.mnv
2014-09-10 14:15 - 2014-09-10 13:05 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\EMMA Labs
2014-09-10 13:07 - 2014-09-10 13:07 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\Caphyon
2014-09-09 22:22 - 2014-09-04 17:47 - 00000000 ____D () C:\Users\SLB4eVeR\Desktop\Nova pasta
2014-09-09 21:22 - 2014-09-09 21:22 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\Caesium
2014-09-09 16:16 - 2014-09-09 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-09-09 16:16 - 2014-09-09 16:16 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-09-07 20:31 - 2013-05-05 14:33 - 00000000 ____D () C:\Users\SLB4eVeR\Desktop\AVI-Mux_GUI-1.17.8.3
2014-09-07 15:08 - 2014-09-07 10:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-09-07 12:58 - 2014-09-07 12:56 - 03808407 _____ () C:\Users\SLB4eVeR\Desktop\evolve.3.0.3.zip
2014-09-07 10:51 - 2014-06-22 22:09 - 00000944 _____ () C:\Users\Public\Desktop\Trojan Killer.lnk
2014-09-07 10:41 - 2013-10-24 12:09 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-09-07 09:40 - 2014-09-07 09:40 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\ATI
2014-09-06 22:05 - 2013-12-25 21:02 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2014-09-06 19:58 - 2013-04-06 22:15 - 00001169 _____ () C:\Users\SLB4eVeR\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2014-09-06 15:24 - 2014-09-06 15:23 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\Adobe
2014-09-06 15:04 - 2014-09-06 15:03 - 00000192 _____ () C:\Users\SLB4eVeR\Desktop\OLX.txt
2014-09-06 14:34 - 2013-06-12 18:38 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\ObviousIdea
2014-09-06 14:33 - 2014-09-06 14:33 - 00152512 _____ () C:\Users\SLB4eVeR\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-06 14:14 - 2014-09-06 14:14 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Local\ESET
2014-09-05 03:10 - 2014-09-13 13:48 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 03:05 - 2014-09-13 13:48 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-02 00:06 - 2009-07-14 05:45 - 00512032 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-01 16:16 - 2013-05-30 14:35 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\Skype
2014-09-01 14:07 - 2013-12-18 14:27 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-09-01 14:07 - 2013-12-18 14:27 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-08-30 16:34 - 2014-08-30 16:34 - 00016640 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\gtkdrv.sys
2014-08-28 01:43 - 2014-08-28 01:43 - 00000096 _____ () C:\Users\SLB4eVeR\Desktop\Tema Iconic One Pro downloa(1).txt
2014-08-26 15:52 - 2014-02-16 03:32 - 00000000 ____D () C:\Windows\Minidump
2014-08-25 06:53 - 2010-11-21 04:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-23 03:10 - 2014-09-01 19:03 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 02:45 - 2014-09-01 19:03 - 00311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 01:59 - 2014-09-01 19:03 - 03166720 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 14:30 - 2014-08-21 14:30 - 00000000 ____D () C:\Users\Default\AppData\Roaming\ProductData
2014-08-21 14:30 - 2014-08-21 14:30 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\ProductData
2014-08-21 00:38 - 2014-07-26 12:49 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\Wise Care 365
2014-08-21 00:37 - 2014-03-31 17:25 - 00000000 ____D () C:\ProgramData\iRX
2014-08-21 00:37 - 2013-10-23 18:09 - 00000000 ____D () C:\Users\SLB4eVeR\Documents\My CamStudio Temp Files
2014-08-21 00:37 - 2013-03-31 14:57 - 00000000 ____D () C:\Users\SLB4eVeR\Desktop\AVIAddXSub
2014-08-20 19:58 - 2014-08-20 19:58 - 00000000 ____D () C:\Users\SLB4eVeR\AppData\Roaming\ProductData
2014-08-20 19:57 - 2014-08-20 19:57 - 00002892 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2014-08-20 19:57 - 2014-08-20 19:57 - 00001212 _____ () C:\Users\SLB4eVeR\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-08-20 19:57 - 2014-02-23 15:18 - 00001188 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-08-20 12:20 - 2014-08-11 09:02 - 00000000 ____D () C:\Program Files (x86)\Email Extractor
2014-08-20 12:20 - 2013-08-21 16:24 - 00000000 ____D () C:\Program Files (x86)\Hard Disk Sentinel
2014-08-19 19:05 - 2014-09-13 14:18 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 18:39 - 2014-09-13 14:18 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-19 00:01 - 2014-09-13 14:18 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-18 23:29 - 2014-09-13 14:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-18 23:29 - 2014-09-13 14:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-18 23:26 - 2014-09-13 14:18 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-18 23:20 - 2014-09-13 14:18 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-18 23:19 - 2014-09-13 14:18 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-18 23:15 - 2014-09-13 14:18 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-18 23:15 - 2014-09-13 14:18 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-18 23:14 - 2014-09-13 14:18 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-18 23:14 - 2014-09-13 14:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-18 23:08 - 2014-09-13 14:18 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-18 23:08 - 2014-09-13 14:18 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-18 23:08 - 2014-09-13 14:18 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-18 23:05 - 2014-09-13 14:18 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-18 23:03 - 2014-09-13 14:18 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-18 23:03 - 2014-09-13 14:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-18 23:03 - 2014-09-13 14:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-18 22:57 - 2014-09-13 14:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-18 22:56 - 2014-09-13 14:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-18 22:51 - 2014-09-13 14:18 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-18 22:46 - 2014-09-13 14:18 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-18 22:45 - 2014-09-13 14:18 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 22:45 - 2014-09-13 14:18 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-18 22:44 - 2014-09-13 14:18 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-18 22:44 - 2014-09-13 14:18 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-18 22:42 - 2014-09-13 14:18 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-18 22:40 - 2014-09-13 14:18 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-18 22:39 - 2014-09-13 14:18 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-18 22:39 - 2014-09-13 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-18 22:39 - 2014-09-13 14:18 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-18 22:38 - 2014-09-13 14:18 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-18 22:37 - 2014-09-13 14:18 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-18 22:36 - 2014-09-13 14:18 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-18 22:35 - 2014-09-13 14:18 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-18 22:27 - 2014-09-13 14:18 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-18 22:25 - 2014-09-13 14:18 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-18 22:25 - 2014-09-13 14:18 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-18 22:23 - 2014-09-13 14:18 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-18 22:23 - 2014-09-13 14:18 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-18 22:22 - 2014-09-13 14:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-18 22:19 - 2014-09-13 14:18 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-18 22:17 - 2014-09-13 14:18 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-18 22:17 - 2014-09-13 14:18 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-18 22:16 - 2014-09-13 14:18 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-18 22:15 - 2014-09-13 14:18 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-18 22:15 - 2014-09-13 14:18 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-18 22:09 - 2014-09-13 14:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-18 22:08 - 2014-09-13 14:18 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-18 22:07 - 2014-09-13 14:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-18 21:55 - 2014-09-13 14:18 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-18 21:46 - 2014-09-13 14:18 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-18 21:38 - 2014-09-13 14:18 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-18 21:38 - 2014-09-13 14:18 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-18 21:36 - 2014-09-13 14:18 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-17 20:43 - 2014-08-17 20:43 - 00000050 _____ () C:\Users\SLB4eVeR\Desktop\GMX.txt
2014-08-17 18:51 - 2013-11-30 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

Files to move or delete:
====================
C:\ProgramData\DriverReviver.exe
C:\ProgramData\RegistryReviver.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 

Link to post
Share on other sites

Farbar Service Scanner Version: 21-07-2014
Ran by SLB4eVeR (administrator) on 15-09-2014 at 14:33:38
Running from "C:\Users\SLB4eVeR\Desktop"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is set to Disabled. The default start type is Auto.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.


Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

Addition.txt

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.