Hello Buddierdl, thank you very much for your help.
Both OSs are installed on the same hard drive.
This post is about OS1. File Addition OS1 is attached.
Here's the FRST log:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-08-2013
Ran by User (administrator) on 08-08-2013 14:54:02
Running from C:\Documents and Settings\User\Os meus documentos\Downloads
Microsoft Windows XP Home Edition Service Pack 2 (X86) OS Language: Portuguese Standard
Internet Explorer Version 6
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Programas\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\mdm.exe
() C:\Programas\CDBurnerXP\NMSAccessU.exe
(HP) C:\WINDOWS\system32\HPZipm12.exe
(Microsoft Corporation) C:\Programas\Microsoft Security Client\msseces.exe
(Polenter - Software Solutions) C:\Programas\Desktop-Reminder 2\DesktopReminder2.exe
(Stoic Joker's Network) E:\Comet\Vários\T-Clock 2010 (build 95)\T-Clock 2010 (build X - Release to DC)\Win32\Clock.exe
(Igor Nys) E:\Comet\Comet\Vários\trayit_4_6_5_5\TrayIt!.exe
(Microsoft Corporation) C:\Programas\MSN Messenger\msnmsgr.exe
() C:\Documents and Settings\User\Ambiente de trabalho\pyload\dist\pyLoadGui.exe
() C:\Documents and Settings\User\Ambiente de trabalho\pyload\dist\pyLoadGui.exe
(Mozilla Corporation) C:\Programas\Mozilla Thunderbird\thunderbird.exe
(SUPERAntiSpyware.com) C:\Programas\SUPERAntiSpyware\SASCORE.EXE
(SUPERAntiSpyware.com) C:\Programas\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Mozilla Corporation) C:\Programas\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Programas\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\WINDOWS\system32\ntvdm.exe
(BitTorrent, Inc.) C:\Programas\uTorrent\uTorrent.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Cmaudio] - RunDll32 cmicnfg.cpl,CMICtrlWnd [x]
HKLM\...\Run: [MSC] - C:\Programas\Microsoft Security Client\msseces.exe [947152 2013-01-27] (Microsoft Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Programas\QuickTime\qttask.exe [417792 2009-12-16] (Apple Inc.)
HKLM\...\Run: [Malwarebytes Anti-Malware (reboot)] - C:\Programas\Malwarebytes' Anti-Malware\mbam.exe [887432 2013-04-04] (Malwarebytes Corporation)
HKLM\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Programas\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKCU\...\Run: [DesktopReminder2ByPolenter] - C:\Programas\Desktop-Reminder 2\DesktopReminder2.exe [2743344 2013-01-06] (Polenter - Software Solutions)
HKCU\...\Run: [SUPERAntiSpyware] - C:\Programas\SUPERAntiSpyware\SUPERAntiSpyware.exe [4760816 2013-05-15] (SUPERAntiSpyware.com)
MountPoints2: {10d90476-dcad-11dd-a490-000b6ade1288} - G:\AutoRun.exe
MountPoints2: {20c63fb0-e132-11dc-a3f0-000b6ade1288} - H:\LaunchU3.exe
MountPoints2: {5d9e18a8-4e55-11e0-93ed-adefcbcf1a35} - H:\AutoRun.exe
MountPoints2: {af55f23e-ec32-11dc-a3f6-000b6ade1288} - G:\AutoRun.exe
HKU\Administrador\...\RunOnce: [NeroHomeFirstStart] - C:\Programas\Ficheiros comuns\Ahead\Lib\NMFirstStart.exe [ 2005-09-08] (Nero AG)
HKU\Default User\...\RunOnce: [] - [x]
HKU\Default User\...\RunOnce: [tscuninstall] - C:\Windows\system32\tscupgrd.exe [ 2006-03-02] (Microsoft Corporation)
Startup: C:\Documents and Settings\User\Menu Iniciar\Programas\Arranque\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Programas\Ficheiros comuns\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Documents and Settings\User\Menu Iniciar\Programas\Arranque\Stoic Joker's T-Clock 2010.lnk
ShortcutTarget: Stoic Joker's T-Clock 2010.lnk -> E:\Comet\Vários\T-Clock 2010 (build 95)\T-Clock 2010 (build X - Release to DC)\Win32\Clock.exe (Stoic Joker's Network)
Startup: C:\Documents and Settings\User\Menu Iniciar\Programas\Arranque\TrayIt!.lnk
ShortcutTarget: TrayIt!.lnk -> E:\Comet\Comet\Vários\trayit_4_6_5_5\TrayIt!.exe (Igor Nys)
BootExecute: autocheck autochk /r \??\J:autocheck autochk *
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://search.msn.com/spbasic.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.microsoft...er=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://ie.search.msn...st/srchasst.htm
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
http://search.live.c...ferrer:source?}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
http://search.live.c...ferrer:source?}
SearchScopes: HKCU - DefaultScope {A32CBC16-0B81-4A77-B7F8-7FBCECA4BB68} URL =
http://www.google.pt...1I7GGLJ_enPT259
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {A32CBC16-0B81-4A77-B7F8-7FBCECA4BB68} URL =
http://www.google.pt...1I7GGLJ_enPT259
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKCU -&Endereço - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU -&Hiperligações - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
http://appldnld.appl...ex/qtplugin.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}
http://download.micr.../OGAControl.cab
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC}
https://h20436.www2....re/HPDEXAXO.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...r/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.m...ash/swflash.cab
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044}
http://mehamn.axisca...activex/AMC.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab
Handler: ipp - No CLSID Value -
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programas\Ficheiros comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\msgrapp.dll (Microsoft Corporation)
ShellExecuteHooks: Rotina de controlo exec de URL - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll [8424960 2006-03-02] (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programas\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Tcpip\..\Interfaces\{06D9C5E2-E0FB-422E-962E-D68E3DA1A208}: [NameServer]10.0.0.138
FireFox:
========
FF ProfilePath: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\wba6db1d.default
FF Homepage: about:home
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Programas\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/JavaPlugin - C:\Programas\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Programas\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programas\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programas\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @veetle.com/vbp;version=0.9.17 - C:\Programas\Veetle\VLCBroadcast\npvbp.dll No File
FF SearchPlugin: C:\Programas\mozilla firefox\searchplugins\fcmdSrch.xml
FF Extension: No Name - C:\Documents and Settings\User\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\wba6db1d.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: No Name - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\wba6db1d.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
FF Extension: No Name - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\wba6db1d.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\wba6db1d.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF Extension: No Name - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\wba6db1d.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: Default - C:\Programas\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [
[email protected]] C:\Programas\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Programas\Java\jre6\lib\deploy\jqs\ff
Chrome:
=======
CHR HomePage: about:home
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Programas\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Programas\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Programas\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Programas\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Programas\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java Platform SE 6 U30) - C:\Programas\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Programas\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Programas\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft\u00AE DRM) - C:\Programas\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Programas\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Programas\Google\Update\1.3.21.129\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll No File
CHR Extension: (Google Docs) - C:\DOCUME~1\User\DEFINI~1\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\DOCUME~1\User\DEFINI~1\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\DOCUME~1\User\DEFINI~1\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\DOCUME~1\User\DEFINI~1\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Wes Craven) - C:\DOCUME~1\User\DEFINI~1\Application Data\Google\Chrome\User Data\Default\Extensions\nahooofggegjbnodalhoibemeabkapop\3_0
CHR Extension: (Gmail) - C:\DOCUME~1\User\DEFINI~1\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR StartMenuInternet: Google Chrome - C:\Programas\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
R2 !SASCORE; C:\Programas\SUPERAntiSpyware\SASCORE.EXE [119056 2013-05-23] (SUPERAntiSpyware.com)
S3 Adobe LM Service; C:\Programas\Ficheiros comuns\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-08-13] (Adobe Systems)
S3 eBVServ; C:\Programas\TOSHIBA\TOSHIBA e-STUDIO Client\TOSHIBA e-BRIDGE Viewer\eBVServ.exe [69632 2006-05-03] ()
S2 gupdate; C:\Programas\Google\Update\GoogleUpdate.exe [135664 2010-02-01] (Google Inc.)
S3 gupdatem; C:\Programas\Google\Update\GoogleUpdate.exe [135664 2010-02-01] (Google Inc.)
S3 LightScribeService; C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe [79136 2007-07-25] (Hewlett-Packard Company)
R2 MDM; C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Programas\Mozilla Maintenance Service\maintenanceservice.exe [117144 2013-07-03] (Mozilla Foundation)
R2 MsMpSvc; C:\Programas\Microsoft Security Client\MsMpEng.exe [20456 2013-01-27] (Microsoft Corporation)
R2 NMSAccess; C:\Programas\CDBurnerXP\NMSAccessU.exe [71096 2012-06-03] ()
S3 odserv; C:\Programas\Ficheiros comuns\Microsoft Shared\OFFICE12\ODSERV.EXE [440696 2011-07-20] (Microsoft Corporation)
S3 ose; C:\Programas\Ficheiros comuns\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
S3 ServiceLayer; C:\Programas\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.)
S3 WMPNetworkSvc; C:\Programas\Windows Media Player\WMPNetwk.exe [915968 2007-01-05] (Microsoft Corporation)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]
S4 FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [x]
S4 HidServ; %SystemRoot%\System32\hidserv.dll [x]
S3 JavaQuickStarterService; "C:\Programas\Java\jre6\bin\jqs.exe" -service -config "C:\Programas\Java\jre6\lib\deploy\jqs\jqs.conf" [x]
S3 NMIndexingService; "C:\Programas\Ficheiros comuns\Ahead\Lib\NMIndexingService.exe" [x]
==================== Drivers (Whitelisted) ====================
R3 cmuda; C:\Windows\System32\drivers\cmuda.sys [1368000 2005-12-15] (C-Media Inc)
R3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc. )
S3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36608 2009-05-18] ()
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [51120 2004-12-16] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2004-12-16] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21744 2004-12-16] (HP)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2013-08-07] (Malwarebytes Corporation)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [195296 2013-01-20] (Microsoft Corporation)
R1 SASDIFSV; C:\Programas\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Programas\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Secdrv; C:\Windows\System32\DRIVERS\secdrv.sys [27440 2006-03-02] ()
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [721904 2010-04-29] (Duplex Secure Ltd.)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [90112 2009-03-20] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14976 2009-03-20] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [121856 2009-03-20] (MCCI Corporation)
R2 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5504 2012-06-03] ()
R1 vcdrom; C:\WINDOWS\system32\drivers\VCdRom.sys [8576 2001-12-19] (Microsoft Corporation)
S3 viagfx; C:\Windows\System32\DRIVERS\vtmini.sys [172416 2006-05-23] (Copyright © VIA/S3 Graphics Co, Ltd.)
R0 viamraid; C:\Windows\System32\DRIVERS\viamraid.sys [73600 2008-01-20] (VIA Technologies inc,.ltd)
S3 WinRing0_1_2_0; C:\Programas\IObit\Game Booster 3\Driver\WinRing0.sys [14416 2010-11-01] (OpenLibSys.org)
S3 cpuz134; \??\C:\Programas\CPUID\PC Wizard 2010\pcwiz_x32.sys [x]
S4 InCDFs; system32\drivers\InCDFs.sys [x]
S1 InCDPass; system32\drivers\InCDPass.sys [x]
S1 InCDRm; system32\drivers\InCDRm.sys [x]
S4 IntelIde; No ImagePath
S3 mcdbus; system32\DRIVERS\mcdbus.sys [x]
S1 SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys [x]
U2 V2iMount;
S0 viaagp1; system32\DRIVERS\viaagp1.sys [x]
U1 WS2IFSL;
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-08 14:53 - 2013-08-08 14:53 - 00000000 ____D C:\FRST
2013-08-07 18:36 - 2013-08-08 10:36 - 00000496 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 56769479-ab02-4eb7-aea7-26824c90f949.job
2013-08-07 18:36 - 2013-08-08 02:00 - 00000496 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 3a1b7b8a-5833-4dad-bb47-189f1f0efbec.job
2013-08-07 18:36 - 2013-08-07 18:36 - 00000000 ____D C:\Programas\SUPERAntiSpyware
2013-08-07 18:36 - 2013-08-07 18:36 - 00000000 ____D C:\Documents and Settings\User\Application Data\SUPERAntiSpyware.com
2013-08-07 18:22 - 2013-08-07 18:23 - 00000000 ____D C:\Programas\Malwarebytes' Anti-Malware
2013-08-07 18:22 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-08-07 17:29 - 2013-08-07 17:30 - 00000000 ____D C:\Documents and Settings\User\Ambiente de trabalho\pyload
2013-08-07 17:29 - 2013-08-07 17:26 - 17366025 ____R C:\Documents and Settings\User\Ambiente de trabalho\pyload-v0.4.9-win.zip
2013-08-07 16:47 - 2013-08-07 16:47 - 00000000 ____D C:\Programas\DivX H.264 decoder
2013-08-07 16:39 - 2013-08-07 16:39 - 00000000 ____D C:\Programas\ffdshow
2013-08-07 16:36 - 2013-08-07 16:36 - 00000000 ____D C:\Documents and Settings\User\Ambiente de trabalho\gspot
2013-08-07 15:51 - 2013-08-07 15:51 - 00000218 _____ C:\Documents and Settings\User\.recently-used.xbel
2013-08-07 15:46 - 2013-08-07 15:52 - 00000000 ____D C:\Documents and Settings\User\.tucan
2013-08-07 15:45 - 2013-08-07 16:17 - 00000000 ____D C:\Tucan
2013-08-07 11:35 - 2013-08-07 17:46 - 00000000 ____D C:\Programas\Mozilla Thunderbird
2013-08-02 16:03 - 2013-08-02 16:03 - 00000000 ____D C:\Documents and Settings\User\Ambiente de trabalho\Codec
2013-08-01 15:54 - 2013-08-02 12:26 - 00033618 _____ C:\Documents and Settings\User\Ambiente de trabalho\P3 2013 AA.zip
2013-08-01 15:33 - 2013-08-02 12:25 - 00159232 _____ C:\Documents and Settings\User\Ambiente de trabalho\P3 2013 AA.xls
2013-07-31 17:24 - 2013-07-31 17:24 - 00000000 ____D C:\Documents and Settings\User\Ambiente de trabalho\Mrcds
2013-07-31 12:29 - 2006-01-09 15:01 - 00086016 _____ (Giganology Inc.) C:\WINDOWS\system32\gigagetbho_v10.dll
2013-07-31 12:28 - 2013-07-31 12:28 - 00000000 ____D C:\Programas\Giganology
2013-07-24 18:45 - 2013-07-24 18:46 - 00000000 ____D C:\Documents and Settings\User\2plan_workspace
2013-07-09 16:38 - 2013-07-09 16:38 - 00000000 ____D C:\Documents and Settings\User\Application Data\DesktopReminder
2013-07-09 11:53 - 2013-08-07 16:34 - 00000000 ____D C:\Documents and Settings\User\Os meus documentos\DesktopReminder
2013-07-09 11:52 - 2013-08-08 00:00 - 00000000 ____D C:\Programas\Desktop-Reminder 2
2013-07-09 11:52 - 2013-07-09 11:52 - 00000000 __HDC C:\Documents and Settings\All Users\Application Data\{D3B667B0-55AE-40A2-BA13-F0CE5CD1242F}
==================== One Month Modified Files and Folders =======
2013-08-08 14:54 - 2011-08-12 17:24 - 00000000 ____D C:\Documents and Settings\User\Application Data\uTorrent
2013-08-08 14:53 - 2013-08-08 14:53 - 00000000 ____D C:\FRST
2013-08-08 14:51 - 2010-02-01 14:19 - 00000992 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-08 14:24 - 2012-05-30 11:32 - 00001324 _____ C:\WINDOWS\system32\d3d9caps.dat
2013-08-08 12:41 - 2008-01-20 12:30 - 00447361 _____ C:\WINDOWS\WindowsUpdate.log
2013-08-08 12:32 - 2012-05-30 15:50 - 00000245 _____ C:\WINDOWS\civ.ini
2013-08-08 11:51 - 2010-02-01 14:19 - 00000988 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-08 10:36 - 2013-08-07 18:36 - 00000496 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 56769479-ab02-4eb7-aea7-26824c90f949.job
2013-08-08 05:51 - 2012-01-19 18:02 - 00032344 _____ C:\WINDOWS\SchedLgU.Txt
2013-08-08 02:00 - 2013-08-07 18:36 - 00000496 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 3a1b7b8a-5833-4dad-bb47-189f1f0efbec.job
2013-08-08 00:00 - 2013-07-09 11:52 - 00000000 ____D C:\Programas\Desktop-Reminder 2
2013-08-07 19:01 - 2008-01-20 12:38 - 00000000 ____D C:\Documents and Settings\User
2013-08-07 18:36 - 2013-08-07 18:36 - 00000000 ____D C:\Programas\SUPERAntiSpyware
2013-08-07 18:36 - 2013-08-07 18:36 - 00000000 ____D C:\Documents and Settings\User\Application Data\SUPERAntiSpyware.com
2013-08-07 18:36 - 2008-01-20 12:16 - 00000000 ___RD C:\Programas
2013-08-07 18:36 - 2008-01-20 12:15 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Iniciar
2013-08-07 18:36 - 2008-01-20 12:15 - 00000000 ____D C:\Documents and Settings\All Users\Ambiente de trabalho
2013-08-07 18:34 - 2013-07-02 12:20 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2013-08-07 18:23 - 2013-08-07 18:22 - 00000000 ____D C:\Programas\Malwarebytes' Anti-Malware
2013-08-07 17:46 - 2013-08-07 11:35 - 00000000 ____D C:\Programas\Mozilla Thunderbird
2013-08-07 17:46 - 2012-05-03 11:22 - 00000000 ____D C:\Programas\Mozilla Maintenance Service
2013-08-07 17:30 - 2013-08-07 17:29 - 00000000 ____D C:\Documents and Settings\User\Ambiente de trabalho\pyload
2013-08-07 17:29 - 2008-01-20 12:38 - 00000000 ____D C:\Documents and Settings\User\Ambiente de trabalho
2013-08-07 17:26 - 2013-08-07 17:29 - 17366025 ____R C:\Documents and Settings\User\Ambiente de trabalho\pyload-v0.4.9-win.zip
2013-08-07 16:47 - 2013-08-07 16:47 - 00000000 ____D C:\Programas\DivX H.264 decoder
2013-08-07 16:47 - 2009-11-19 13:16 - 00000000 ____D C:\Documents and Settings\User\Application Data\vlc
2013-08-07 16:47 - 2008-01-20 21:56 - 00000116 _____ C:\WINDOWS\NeroDigital.ini
2013-08-07 16:44 - 2013-03-06 07:46 - 00000376 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-08-07 16:39 - 2013-08-07 16:39 - 00000000 ____D C:\Programas\ffdshow
2013-08-07 16:36 - 2013-08-07 16:36 - 00000000 ____D C:\Documents and Settings\User\Ambiente de trabalho\gspot
2013-08-07 16:34 - 2013-07-09 11:53 - 00000000 ____D C:\Documents and Settings\User\Os meus documentos\DesktopReminder
2013-08-07 16:34 - 2012-09-06 14:47 - 00000270 _____ C:\WINDOWS\Tasks\Game_Booster_AutoUpdate.job
2013-08-07 16:34 - 2012-01-19 18:03 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-08-07 16:34 - 2012-01-19 18:03 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-08-07 16:34 - 2008-01-20 12:36 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-08-07 16:32 - 2008-01-20 12:38 - 00000188 ___SH C:\Documents and Settings\User\ntuser.ini
2013-08-07 16:19 - 2008-01-20 12:38 - 00000000 ___RD C:\Documents and Settings\User\Menu Iniciar\Programas\Arranque
2013-08-07 16:19 - 2008-01-20 12:38 - 00000000 ___RD C:\Documents and Settings\User\Menu Iniciar\Programas
2013-08-07 16:17 - 2013-08-07 15:45 - 00000000 ____D C:\Tucan
2013-08-07 16:17 - 2010-02-15 16:11 - 00000000 ____D C:\Programas\Total Video Converter
2013-08-07 16:16 - 2008-01-22 13:04 - 00000000 ____D C:\Programas\K-Lite Codec Pack
2013-08-07 16:14 - 2012-10-09 12:12 - 00000000 ____D C:\Documents and Settings\User\Application Data\Dropbox
2013-08-07 16:13 - 2008-01-20 12:43 - 00000000 ___HD C:\Programas\InstallShield Installation Information
2013-08-07 15:52 - 2013-08-07 15:46 - 00000000 ____D C:\Documents and Settings\User\.tucan
2013-08-07 15:51 - 2013-08-07 15:51 - 00000218 _____ C:\Documents and Settings\User\.recently-used.xbel
2013-08-07 15:49 - 2009-01-09 13:42 - 00000000 ____D C:\Documents and Settings\User\Application Data\gtk-2.0
2013-08-07 12:07 - 2013-05-31 12:06 - 00057450 _____ C:\WINDOWS\setupapi.log
2013-08-07 10:39 - 2006-03-02 13:00 - 00012598 _____ C:\WINDOWS\system32\wpa.dbl
2013-08-02 17:21 - 2008-01-20 18:12 - 00000000 ____D C:\Documents and Settings\User\Ambiente de trabalho\Atalhos
2013-08-02 16:03 - 2013-08-02 16:03 - 00000000 ____D C:\Documents and Settings\User\Ambiente de trabalho\Codec
2013-08-02 12:26 - 2013-08-01 15:54 - 00033618 _____ C:\Documents and Settings\User\Ambiente de trabalho\P3 2013 AA.zip
2013-08-02 12:25 - 2013-08-01 15:33 - 00159232 _____ C:\Documents and Settings\User\Ambiente de trabalho\P3 2013 AA.xls
2013-08-01 17:45 - 2011-04-13 13:08 - 00000000 ____D C:\Programas\Jubler
2013-08-01 17:45 - 2011-04-13 13:08 - 00000000 ____D C:\Documents and Settings\User\Application Data\Jubler
2013-07-31 17:24 - 2013-07-31 17:24 - 00000000 ____D C:\Documents and Settings\User\Ambiente de trabalho\MrcdsNvgtnCmnd_MSNM
2013-07-31 15:58 - 2009-01-26 13:39 - 00000000 ____D C:\BP
2013-07-31 12:28 - 2013-07-31 12:28 - 00000000 ____D C:\Programas\Giganology
2013-07-29 18:52 - 2008-01-20 18:14 - 00000000 ___RD C:\Documents and Settings\User\Os meus documentos\User
2013-07-24 18:46 - 2013-07-24 18:45 - 00000000 ____D C:\Documents and Settings\User\2plan_workspace
2013-07-18 15:05 - 2012-05-30 16:08 - 00000000 ____D C:\WINDOWS\A3W_DATA
2013-07-17 11:48 - 2012-10-09 12:26 - 00000000 ___RD C:\Documents and Settings\User\Os meus documentos\Dropbox
2013-07-09 16:38 - 2013-07-09 16:38 - 00000000 ____D C:\Documents and Settings\User\Application Data\DesktopReminder
2013-07-09 11:53 - 2008-01-20 12:38 - 00000000 ___RD C:\Documents and Settings\User\Os meus documentos
2013-07-09 11:52 - 2013-07-09 11:52 - 00000000 __HDC C:\Documents and Settings\All Users\Application Data\{D3B667B0-55AE-40A2-BA13-F0CE5CD1242F}
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2006-03-02 13:00] - [2006-03-02 13:00] - 1034240 ____A (Microsoft Corporation) 7a28f6b962dcdbfd94280338b4a8e6fb
C:\Windows\System32\winlogon.exe
[2006-03-02 13:00] - [2006-03-02 13:00] - 0505344 ____A (Microsoft Corporation) 42d8303e00cd0545182bbd202900194b
C:\Windows\System32\svchost.exe
[2006-03-02 13:00] - [2006-03-02 13:00] - 0014336 ____A (Microsoft Corporation) b62fc77d3cfc8b1c74763742d3214d3e
C:\Windows\System32\services.exe
[2006-03-02 13:00] - [2006-03-02 13:00] - 0108544 ____A (Microsoft Corporation) 8186da2b57774e6cd516a014827272ef
C:\Windows\System32\User32.dll
[2006-03-02 13:00] - [2006-03-02 13:00] - 0578048 ____A (Microsoft Corporation) ac6c73998a38ede5d2fa2aca19ffdc7d
C:\Windows\System32\userinit.exe
[2006-03-02 13:00] - [2006-03-02 13:00] - 0025088 ____A (Microsoft Corporation) 68e7c26452f13e43b101da596ff9dd31
C:\Windows\System32\Drivers\volsnap.sys
[2006-03-02 13:00] - [2006-03-02 13:00] - 0052992 ____A (Microsoft Corporation) 0c75717937b930a3be7b81bee1ed78a0
==================== End Of Log ============================