Konishi
Posts: 149 +0
I don't know exactly what's happening with my computer, so, sorry about the vague title.
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 13/07/2014
Scan Time: 04:14:46
Logfile: 01.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.07.13.01
Rootkit Database: v2014.07.09.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Konishi
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 311583
Time Elapsed: 10 min, 5 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 1
PUP.Optional.LinkSwift.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\odpccdgkmiicgocepijnaeihjnjnomca, Quarantined, [e81dacf396e52b0b785f25972cd6837d],
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 03/05/2012 16:39:41
System Uptime: 13/07/2014 04:11:10 (17 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | GA-78LMT-S2
Processor: AMD Athlon(tm) II X4 620 Processor | Socket M2 | 2600/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 109,56 GiB free.
D: is CDROM ()
E: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP151: 10/07/2014 23:42:59 - DirectX instalado
RP152: 12/07/2014 16:05:10 - DirectX instalado
RP153: 12/07/2014 16:06:01 - DirectX instalado
RP154: 12/07/2014 18:10:20 - Instalado NVIDIA PhysX (Legacy)
RP155: 13/07/2014 04:37:11 - avast! antivirus system restore point
RP156: 13/07/2014 16:48:59 - Installed STOPzilla
RP158: 13/07/2014 18:11:51 - DirectX instalado
RP159: 13/07/2014 18:41:13 - Revo Uninstaller's restore point - STOPzilla
RP160: 13/07/2014 18:41:34 - Removed STOPzilla
.
==== Installed Programs ======================
.
??????
100% Orange Juice
7-Zip 9.20
7-Zip 9.20 (x64 edition)
Action!
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 14 Plugin
AhnLab Online Security
avast! Free Antivirus
Bandisoft MPEG-1 Decoder
Battle.net
Battlefield 3?
Battlelog Web Plugins
BioShock
CCleaner
Cheat Engine 6.3
Child of Light
D3DX10
DAEMON Tools Lite
Daum PotPlayer 1.5.35491
Dino D-Day
Dolby Axon - 1.5.1.1
Dungeon Fighter Online
Dxtory version 2.0.125
ESET Online Scanner v3
ESN Sonar
Fallout: New Vegas
Foxit Reader
Fraps
Galeria de Fotografias
Galeria de Fotos
Google Chrome
Google Update Helper
HP Deskjet 1050 J410 series Ajuda
IrfanView (remove only)
IRPF2014 - Declaracao de Ajuste Anual, Final de Espolio e Saida Definitiva do Pais
League of Legends
LOLReplay
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft .NET Framework 4 Client Profile PTB Language Pack
Microsoft .NET Framework 4 Extended PTB Language Pack
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0 Refresh
Movie Maker
Mozilla Firefox 30.0 (x86 pt-BR)
Mozilla Maintenance Service
MSVCRT
MSVCRT110
MSVCRT110_amd64
Narcissu 1st & 2nd
NeoplePlugin
Nexon Game Manager
NirSoft BlueScreenView
NVIDIA PhysX
NVIDIA PhysX (Legacy)
Open Broadcaster Software
Origin
Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Portugues (Brasil)
Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Portugues (Brasil)
Pando Media Booster
PC DUAL SHOCK
Photo Common
Photo Gallery
PunkBuster Services
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Receitanet
Revo Uninstaller 1.95
RPG 2ic
Skype? 6.16
Software basico do dispositivo HP Deskjet 1050 J410 series
Steam
Theme Hospital
To the Moon
Tomb Raider
Tunngle beta
Tweaking.com - Windows Repair (All in One)
Ultima Online: Mondain's Legacy
Unity Web Player
Velvet Assassin
Vindictus
VLC media player 2.1.3
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinRAR 4.20 (64-bit)
WTFast 3.2
XSplit
μTorrent
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16866
Run by Konishi at 21:38:26 on 2014-07-13
Microsoft Windows 7 Ultimate 6.1.7601.1.932.81.1046.18.4094.816 [GMT -3:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\system32\inetsrv\inetinfo.exe
C:\Windows\system32\mqsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\system32\mqtgsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://df.nexon.com
uSearchAssistant = hxxp://www.google.com
BHO: Auxiliar de Conexao de Conta da Microsoft: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:181
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: SynchronousUserGroupPolicy = dword:0
mPolicies-System: SynchronousMachineGroupPolicy = dword:0
mPolicies-Windows\System: AllowBlockingAppsAtShutdown = dword:1
TCP: NameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{62CD1D53-5700-4E8C-94E5-90D084F3E76C} : DHCPNameServer = 7.254.254.254
TCP: Interfaces\{981F0BBA-5349-4220-96D0-D0C6278E59FF} : DHCPNameServer = 192.168.1.1 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [MsmqIntCert] regsvr32 /s mqrt.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Konishi\AppData\Roaming\Mozilla\Firefox\Profiles\te4j8cam.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: network.proxy.ftp - serv1.internet-proxy.eu
FF - prefs.js: network.proxy.ftp_port - 7891
FF - prefs.js: network.proxy.http - serv1.internet-proxy.eu
FF - prefs.js: network.proxy.http_port - 7891
FF - prefs.js: network.proxy.socks - serv1.internet-proxy.eu
FF - prefs.js: network.proxy.socks_port - 7891
FF - prefs.js: network.proxy.ssl - serv1.internet-proxy.eu
FF - prefs.js: network.proxy.ssl_port - 7891
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\AhnLab\ASP\Components\aosmgr\conflict_524\npaosmgr.dll
FF - plugin: C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\NeoplePlugin\npNeopleGameInstaller.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Users\Konishi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
.
---- FIREFOX POLICIES ----
FF - user.js: plugin.default.state - 2
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-10-13 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-10-13 224896]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2013-10-13 1041168]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2013-10-13 427360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-5-30 283200]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-5-9 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-10-13 79184]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-5-9 92008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-5-9 50344]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-7-13 1809720]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-7-13 860472]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-10-13 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-7-13 122584]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-7-13 63704]
R3 Mkd2Nadr;Mkd2Nadr;C:\Windows\System32\drivers\Mkd2Nadr.sys [2013-6-1 112888]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-5-3 565352]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\System32\drivers\tap0901t.sys [2013-5-10 31232]
RUnknown szkg5;szkg5; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2014-1-10 49152]
S3 DirectIP;DirectIP;C:\Users\Konishi\AppData\Local\Temp\Rar$EXa0.243\DirectIP\DirectIP.exe --> C:\Users\Konishi\AppData\Local\Temp\Rar$EXa0.243\DirectIP\DirectIP.exe [?]
S3 Mkd2Bthf;Mkd2Bthf;C:\Windows\System32\drivers\Mkd2BthF.sys [2013-6-1 98104]
S3 Mkd3kfNt;Mkd3kfNt;C:\Windows\System32\drivers\mkd3kfnt.sys [2013-6-1 169720]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-5-3 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-4-8 56832]
S3 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2013-5-10 754584]
S3 WatAdminSvc;Servico de Tecnologias de Ativacao do Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-5-3 1255736]
S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-8-18 238080]
SUnknown is3srv;is3srv; [x]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2014-07-13 21:13:43 -------- d-----w- C:\Users\Konishi\AppData\Local\FalloutNV
2014-07-13 07:40:03 43152 ----a-w- C:\Windows\avastSS.scr
2014-07-13 07:04:53 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-07-13 07:04:32 -------- d-----w- C:\Program Files (x86)\NOIR
2014-07-13 07:04:19 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-07-13 07:04:19 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-11 02:44:43 -------- d-----w- C:\Windows\81C42533F5A846CE9013ECF783A4CBD4.TMP
2014-07-08 18:46:55 315392 ----a-w- C:\Windows\SysWow64\DirectIP.dll
2014-07-08 18:03:35 -------- d-----w- C:\Program Files\Proxy Labs
2014-07-07 01:37:59 -------- d-----w- C:\Users\Konishi\AppData\Local\AAA_Internet_Publishing,_
2014-07-07 01:37:34 79464 ----a-w- C:\Windows\System32\WTFastDrv.dll
2014-07-07 01:37:34 72296 ----a-w- C:\Windows\SysWow64\WTFastDrv.dll
2014-07-07 01:37:33 -------- d-----w- C:\Program Files (x86)\WTFast
2014-07-06 19:05:12 380416 ----a-w- C:\Windows\System32\sbcrreag.dll
2014-07-06 19:01:30 331776 ----a-w- C:\Windows\SysWow64\sbcrreag.dll
2014-07-06 16:43:31 -------- d-----w- C:\ProgramData\Nexon
2014-07-06 03:14:20 -------- d-----w- C:\Program Files (x86)\BandiMPEG1
2014-07-06 03:05:44 -------- d-----w- C:\Nexon
2014-07-06 02:46:38 -------- d-----w- C:\ProgramData\NexonUS
2014-06-27 03:01:58 -------- d-----w- C:\Users\Konishi\AppData\Roaming\Siggy Holiday - Freebird Games
2014-06-24 20:41:47 -------- d-----w- C:\Users\Konishi\AppData\Roaming\To the Moon - Freebird Games
2014-06-17 23:36:34 -------- d-----w- C:\Program Files (x86)\Razor
2014-06-16 13:58:12 -------- d-----w- C:\Users\Konishi\AppData\Roaming\Razor
2014-06-14 22:14:06 -------- d-----w- C:\Program Files (x86)\EA Games
.
==================== Find3M ====================
.
2014-07-13 07:40:04 92008 ----a-w- C:\Windows\System32\drivers\aswstm.sys
2014-07-13 07:40:04 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-07-13 07:40:04 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-07-13 07:40:04 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-07-13 07:40:04 224896 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-07-13 07:40:04 1041168 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
2014-07-13 07:40:03 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-07-12 17:31:37 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-12 17:31:37 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-12 10:26:00 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-12 10:25:56 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-04-29 20:58:05 21504 ----a-w- C:\Windows\jestertb.dll
.
============= FINISH: 21:39:59,57 ===============
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 13/07/2014
Scan Time: 04:14:46
Logfile: 01.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.07.13.01
Rootkit Database: v2014.07.09.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Konishi
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 311583
Time Elapsed: 10 min, 5 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 1
PUP.Optional.LinkSwift.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\odpccdgkmiicgocepijnaeihjnjnomca, Quarantined, [e81dacf396e52b0b785f25972cd6837d],
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 03/05/2012 16:39:41
System Uptime: 13/07/2014 04:11:10 (17 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | GA-78LMT-S2
Processor: AMD Athlon(tm) II X4 620 Processor | Socket M2 | 2600/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 109,56 GiB free.
D: is CDROM ()
E: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP151: 10/07/2014 23:42:59 - DirectX instalado
RP152: 12/07/2014 16:05:10 - DirectX instalado
RP153: 12/07/2014 16:06:01 - DirectX instalado
RP154: 12/07/2014 18:10:20 - Instalado NVIDIA PhysX (Legacy)
RP155: 13/07/2014 04:37:11 - avast! antivirus system restore point
RP156: 13/07/2014 16:48:59 - Installed STOPzilla
RP158: 13/07/2014 18:11:51 - DirectX instalado
RP159: 13/07/2014 18:41:13 - Revo Uninstaller's restore point - STOPzilla
RP160: 13/07/2014 18:41:34 - Removed STOPzilla
.
==== Installed Programs ======================
.
??????
100% Orange Juice
7-Zip 9.20
7-Zip 9.20 (x64 edition)
Action!
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 14 Plugin
AhnLab Online Security
avast! Free Antivirus
Bandisoft MPEG-1 Decoder
Battle.net
Battlefield 3?
Battlelog Web Plugins
BioShock
CCleaner
Cheat Engine 6.3
Child of Light
D3DX10
DAEMON Tools Lite
Daum PotPlayer 1.5.35491
Dino D-Day
Dolby Axon - 1.5.1.1
Dungeon Fighter Online
Dxtory version 2.0.125
ESET Online Scanner v3
ESN Sonar
Fallout: New Vegas
Foxit Reader
Fraps
Galeria de Fotografias
Galeria de Fotos
Google Chrome
Google Update Helper
HP Deskjet 1050 J410 series Ajuda
IrfanView (remove only)
IRPF2014 - Declaracao de Ajuste Anual, Final de Espolio e Saida Definitiva do Pais
League of Legends
LOLReplay
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft .NET Framework 4 Client Profile PTB Language Pack
Microsoft .NET Framework 4 Extended PTB Language Pack
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0 Refresh
Movie Maker
Mozilla Firefox 30.0 (x86 pt-BR)
Mozilla Maintenance Service
MSVCRT
MSVCRT110
MSVCRT110_amd64
Narcissu 1st & 2nd
NeoplePlugin
Nexon Game Manager
NirSoft BlueScreenView
NVIDIA PhysX
NVIDIA PhysX (Legacy)
Open Broadcaster Software
Origin
Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Portugues (Brasil)
Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Portugues (Brasil)
Pando Media Booster
PC DUAL SHOCK
Photo Common
Photo Gallery
PunkBuster Services
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Receitanet
Revo Uninstaller 1.95
RPG 2ic
Skype? 6.16
Software basico do dispositivo HP Deskjet 1050 J410 series
Steam
Theme Hospital
To the Moon
Tomb Raider
Tunngle beta
Tweaking.com - Windows Repair (All in One)
Ultima Online: Mondain's Legacy
Unity Web Player
Velvet Assassin
Vindictus
VLC media player 2.1.3
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinRAR 4.20 (64-bit)
WTFast 3.2
XSplit
μTorrent
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16866
Run by Konishi at 21:38:26 on 2014-07-13
Microsoft Windows 7 Ultimate 6.1.7601.1.932.81.1046.18.4094.816 [GMT -3:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\system32\inetsrv\inetinfo.exe
C:\Windows\system32\mqsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\system32\mqtgsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://df.nexon.com
uSearchAssistant = hxxp://www.google.com
BHO: Auxiliar de Conexao de Conta da Microsoft: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:181
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: SynchronousUserGroupPolicy = dword:0
mPolicies-System: SynchronousMachineGroupPolicy = dword:0
mPolicies-Windows\System: AllowBlockingAppsAtShutdown = dword:1
TCP: NameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{62CD1D53-5700-4E8C-94E5-90D084F3E76C} : DHCPNameServer = 7.254.254.254
TCP: Interfaces\{981F0BBA-5349-4220-96D0-D0C6278E59FF} : DHCPNameServer = 192.168.1.1 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [MsmqIntCert] regsvr32 /s mqrt.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Konishi\AppData\Roaming\Mozilla\Firefox\Profiles\te4j8cam.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: network.proxy.ftp - serv1.internet-proxy.eu
FF - prefs.js: network.proxy.ftp_port - 7891
FF - prefs.js: network.proxy.http - serv1.internet-proxy.eu
FF - prefs.js: network.proxy.http_port - 7891
FF - prefs.js: network.proxy.socks - serv1.internet-proxy.eu
FF - prefs.js: network.proxy.socks_port - 7891
FF - prefs.js: network.proxy.ssl - serv1.internet-proxy.eu
FF - prefs.js: network.proxy.ssl_port - 7891
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\AhnLab\ASP\Components\aosmgr\conflict_524\npaosmgr.dll
FF - plugin: C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\NeoplePlugin\npNeopleGameInstaller.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Users\Konishi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
.
---- FIREFOX POLICIES ----
FF - user.js: plugin.default.state - 2
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-10-13 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-10-13 224896]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2013-10-13 1041168]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2013-10-13 427360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-5-30 283200]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-5-9 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-10-13 79184]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-5-9 92008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-5-9 50344]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-7-13 1809720]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-7-13 860472]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-10-13 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-7-13 122584]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-7-13 63704]
R3 Mkd2Nadr;Mkd2Nadr;C:\Windows\System32\drivers\Mkd2Nadr.sys [2013-6-1 112888]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-5-3 565352]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\System32\drivers\tap0901t.sys [2013-5-10 31232]
RUnknown szkg5;szkg5; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2014-1-10 49152]
S3 DirectIP;DirectIP;C:\Users\Konishi\AppData\Local\Temp\Rar$EXa0.243\DirectIP\DirectIP.exe --> C:\Users\Konishi\AppData\Local\Temp\Rar$EXa0.243\DirectIP\DirectIP.exe [?]
S3 Mkd2Bthf;Mkd2Bthf;C:\Windows\System32\drivers\Mkd2BthF.sys [2013-6-1 98104]
S3 Mkd3kfNt;Mkd3kfNt;C:\Windows\System32\drivers\mkd3kfnt.sys [2013-6-1 169720]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-5-3 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-4-8 56832]
S3 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2013-5-10 754584]
S3 WatAdminSvc;Servico de Tecnologias de Ativacao do Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-5-3 1255736]
S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-8-18 238080]
SUnknown is3srv;is3srv; [x]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2014-07-13 21:13:43 -------- d-----w- C:\Users\Konishi\AppData\Local\FalloutNV
2014-07-13 07:40:03 43152 ----a-w- C:\Windows\avastSS.scr
2014-07-13 07:04:53 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-07-13 07:04:32 -------- d-----w- C:\Program Files (x86)\NOIR
2014-07-13 07:04:19 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-07-13 07:04:19 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-11 02:44:43 -------- d-----w- C:\Windows\81C42533F5A846CE9013ECF783A4CBD4.TMP
2014-07-08 18:46:55 315392 ----a-w- C:\Windows\SysWow64\DirectIP.dll
2014-07-08 18:03:35 -------- d-----w- C:\Program Files\Proxy Labs
2014-07-07 01:37:59 -------- d-----w- C:\Users\Konishi\AppData\Local\AAA_Internet_Publishing,_
2014-07-07 01:37:34 79464 ----a-w- C:\Windows\System32\WTFastDrv.dll
2014-07-07 01:37:34 72296 ----a-w- C:\Windows\SysWow64\WTFastDrv.dll
2014-07-07 01:37:33 -------- d-----w- C:\Program Files (x86)\WTFast
2014-07-06 19:05:12 380416 ----a-w- C:\Windows\System32\sbcrreag.dll
2014-07-06 19:01:30 331776 ----a-w- C:\Windows\SysWow64\sbcrreag.dll
2014-07-06 16:43:31 -------- d-----w- C:\ProgramData\Nexon
2014-07-06 03:14:20 -------- d-----w- C:\Program Files (x86)\BandiMPEG1
2014-07-06 03:05:44 -------- d-----w- C:\Nexon
2014-07-06 02:46:38 -------- d-----w- C:\ProgramData\NexonUS
2014-06-27 03:01:58 -------- d-----w- C:\Users\Konishi\AppData\Roaming\Siggy Holiday - Freebird Games
2014-06-24 20:41:47 -------- d-----w- C:\Users\Konishi\AppData\Roaming\To the Moon - Freebird Games
2014-06-17 23:36:34 -------- d-----w- C:\Program Files (x86)\Razor
2014-06-16 13:58:12 -------- d-----w- C:\Users\Konishi\AppData\Roaming\Razor
2014-06-14 22:14:06 -------- d-----w- C:\Program Files (x86)\EA Games
.
==================== Find3M ====================
.
2014-07-13 07:40:04 92008 ----a-w- C:\Windows\System32\drivers\aswstm.sys
2014-07-13 07:40:04 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-07-13 07:40:04 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-07-13 07:40:04 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-07-13 07:40:04 224896 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-07-13 07:40:04 1041168 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
2014-07-13 07:40:03 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-07-12 17:31:37 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-12 17:31:37 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-12 10:26:00 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-12 10:25:56 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-04-29 20:58:05 21504 ----a-w- C:\Windows\jestertb.dll
.
============= FINISH: 21:39:59,57 ===============