Serveur d'impression

Attaques Bonet / MITM / Spam possibles. analyse pcapng – Serveur d’impression

Par Titanfall , le 12 juin 2020 - 129 minutes de lecture

Donc, nouveau scan (09-06-2020):

Résultat de l'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2020

Exécuté par XXXXXXZZZ (administrateur) sur XXXXXXZZZ (Hewlett-Packard HP Pavilion Notebook) (09-06-2020 11:52:22)

Exécution à partir de C: Users XXXXXXZZZ Downloads

Profils chargés: XXXXXXZZZ

Plateforme: Windows 8.1 (mise à jour) (X64) Langue: Português (Portugal)

Navigateur par défaut: Chrome

Mode de démarrage: Normal

==================== Processus (liste blanche) =================

(Si une entrée est incluse dans la liste de correctifs, le processus sera fermé. Le fichier ne sera pas déplacé.)

() [File not signed] C: Program Files Hewlett-Packard SimplePass opvapp.exe

(Adobe Inc. -> Adobe Systems) C: Program Files (x86) Common Files Adobe ARM 1.0 armsvc.exe

(Apple Inc. -> Apple Inc.) C: Program Files Bonjour mDNSResponder.exe

(Atheros Communications, Inc.) [File not signed] C: Program Files (x86) Jumpstart jswpbapi.exe

(AVAST Software s.r.o. -> AVAST Software) C: Program Files AVAST Software SecureLine VpnSvc.exe

(AVG Netherlands B.V. ->) C: Program Files (x86) AVG Web TuneUp WtuSystemSupport.exe

(AVG Netherlands B.V. -> AVG Secure Search) C: Program Files (x86) Common Files AVG Secure Search vToolbarUpdater 40.3.8 ToolbarUpdater.exe

(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C: Program Files (x86) AVG AVG TuneUp TuneupSvc.exe

(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C: Program Files (x86) AVG AVG TuneUp TuneupUI.exe

(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C: Program Files (x86) AVG Antivirus aswEngSrv.exe

(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C: Program Files (x86) AVG Antivirus aswidsagent.exe

(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C: Program Files (x86) AVG Antivirus AVGSvc.exe

(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C: Program Files (x86) AVG Antivirus AVGUI.exe <2>

(CyberLink Corp. ->) C: Program Files CyberLink Shared files RichVideo64.exe

(CyberLink Corp. -> CyberLink Corp.) C: Program Files (x86) Cyberlink YouCam YouCamService.exe

(Dassault Systèmes) [File not signed] C: Program Files Dassault Systemes DraftSight bin dsHttpApiService.exe

(DesignBuilder Software Ltd -> DesignBuilder Software Ltd.) C: Program Files (x86) DesignBuilder JobServer DBJobServer.exe

(DesignBuilder Software Ltd -> DesignBuilder) C: Program Files (x86) DesignBuilder Lib DBSimLServer.exe

(DEVGURU CO LTD -> DEVGURU Co., LTD.) C: Program Files Samsung USB Drivers 25_escape conn ss_conn_service.exe

(DEVGURU Co., Ltd. -> DEVGURU Co., LTD.) C: Program Files Samsung USB Drivers 28_ssconn2 conn ss_conn_service2.exe

(Hewlett Packard -> Hewlett-Packard Co.) C: Program Files HP HP Deskjet 3050 J610 series Bin ScanToPCActivationApp.exe

(Hewlett-Packard Company -> Hewlett-Packard Company) C: Program Files (x86) Hewlett-Packard Shared hpqwmiex.exe

(Société Hewlett-Packard -> Société Hewlett-Packard) C: Windows System32 hpservice.exe

(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C: Program Files (x86) Hewlett-Packard HP CoolSense CoolSense.exe

(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C: Program Files (x86) Hewlett-Packard HP System Event HPWMISVC.exe

(HP Inc. -> HP Inc.) C: Program Files (x86) Hewlett-Packard HP Support Solutions HPSupportSolutionsFrameworkService.exe

(Intel Corporation – Groupe des sous-systèmes intégrés et blocs IP -> Intel Corporation) C: Program Files (x86) Intel Intel® Management Engine Components DAL jhi_service.exe

(Intel Corporation – Groupe des sous-systèmes intégrés et blocs IP -> Intel Corporation) C: Program Files (x86) Intel Intel® Management Engine Components LMS LMS.exe

(Intel Corporation – pGFX -> Intel Corporation) C: Windows System32 igfxCUIService.exe

(Intel Corporation – pGFX -> Intel Corporation) C: Windows System32 igfxEM.exe

(Intel Corporation – pGFX -> Intel Corporation) C: Windows System32 igfxHK.exe

(Intel Corporation – Technologie de stockage rapide -> Intel Corporation) C: Program Files Intel Intel® Rapid Storage Technology IAStorDataMgrSvc.exe

(Intel Corporation – Technologie de stockage rapide -> Intel Corporation) C: Program Files Intel Intel® Rapid Storage Technology IAStorIcon.exe

(Logiciel Intel® -> Intel Corporation) C: Windows SysWOW64 esif_uf.exe

(Logiciel Intel® -> Intel Corporation) C: Windows Temp DPTF esif_assist.exe

(Malwarebytes Inc -> Malwarebytes) C: Program Files Malwarebytes Anti-Malware MBAMService.exe

(Malwarebytes Inc -> Malwarebytes) C: Program Files Malwarebytes Anti-Malware mbamtray.exe

(Mega Limited -> Mega Limited) C: Users XXXXXXZZZ AppData Local MEGAsync MEGAsync.exe

(Microsoft Corporation -> Microsoft Corporation) C: Program Files (x86) Microsoft Office Office14 MSOSYNC.EXE

(Microsoft Corporation -> Microsoft Corporation) C: Windows Microsoft.NET Framework64 v3.0 WPF PresentationFontCache.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 dllhost.exe <2>

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 SkyDrive.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 wlanext.exe

(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files (x86) NVIDIA Corporation NetService NvNetworkService.exe

(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files (x86) NVIDIA Corporation Update Core NvBackend.exe

(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files NVIDIA Corporation Display nvtray.exe

(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files NVIDIA Corporation Display nvxdsync.exe

(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files NVIDIA Corporation NvStreamSrv nvstreamsvc.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C: Windows System32 nvvsvc.exe <2>

(Technologie PLX) [File not signed] C: Program Files (x86) Iomega Iomega Encryption Iomega Encryption.exe

(Realtek Semiconductor Corp ->) C: Program Files (x86) Realtek REALTEK Bluetooth BTDevMgr.exe

(Realtek Semiconductor Corp -> Realtek Semiconductor) C: Program Files Realtek Audio HDA RAVBg64.exe

(Realtek Semiconductor Corp -> Realtek Semiconductor) C: Program Files Realtek Audio HDA RtkAudioService64.exe

(Realtek Semiconductor Corp -> Realtek Semiconductor) C: Program Files Realtek Audio HDA RtkNGUI64.exe

(Softex Inc.) [File not signed] C: Program Files Hewlett-Packard SimplePass OmniServ.exe

(Softex Incorporated -> Hewlett-Packard) C: Program Files Hewlett-Packard SimplePass ClientCore.exe

(Softex Incorporated -> Hewlett-Packard) C: Program Files Hewlett-Packard SimplePass OPBHOBroker.exe

(Softex Incorporated -> Hewlett-Packard) C: Program Files Hewlett-Packard SimplePass OPBHOBrokerDsktop.exe

(Synaptics Incorporated -> Synaptics Incorporated) C: Program Files Synaptics SynTP SynTPEnh.exe

(Synaptics Incorporated -> Synaptics Incorporated) C: Program Files Synaptics SynTP SynTPEnhService.exe

(Synaptics Incorporated -> Synaptics Incorporated) C: Program Files Synaptics SynTP SynTPHelper.exe

(VMware, Inc. -> VMware, Inc.) C: Program Files (x86) Common Files VMware USB vmware-usbarbitrator64.exe

(VMware, Inc. -> VMware, Inc.) C: Program Files (x86) VMware VMware Player vmware-authd.exe

(VMware, Inc. -> VMware, Inc.) C: Windows SysWOW64 vmnat.exe

(VMware, Inc. -> VMware, Inc.) C: Windows SysWOW64 vmnetdhcp.exe

(WildTangent Inc -> WildTangent) C: Program Files (x86) WildTangent Games App GamesAppIntegrationService.exe

(WildTangent Inc -> WildTangent, Inc.) C: Program Files (x86) WildTangent Games App GamesAppService.exe

==================== Registre (liste blanche) ===================

(Si une entrée est incluse dans la liste de correctifs, l'élément de registre sera restauré par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM … Run: [RTHDVCPL] => C: Program Files Realtek Audio HDA RtkNGUI64.exe [8459480 2015-03-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)

HKLM … Run: [NvBackend] => C: Program Files (x86) NVIDIA Corporation Update Core NvBackend.exe [2464072 2015-02-09] (NVIDIA Corporation -> NVIDIA Corporation)

HKLM … Run: [ShadowPlay] => C: Windows system32 nvspcap64.dll [2800296 2015-02-09] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]

HKLM … Run: [AdobeAAMUpdater-1.0] => C: Program Files (x86) Common Files Adobe OOBE PDApp UWA UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

HKLM … Run: [IAStorIcon] => C: Program Files Intel Intel® Rapid Storage Technology IAStorIcon.exe [322472 2015-07-22] (Intel Corporation – Technologie de stockage rapide -> Intel Corporation)

HKLM … Run: [AVGUI.exe] => C: Program Files (x86) AVG Antivirus AvLaunch.exe [156776 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

HKLM-x32 … Exécuter: [AccelerometerSysTrayApplet] => C: Program Files (x86) Hewlett-Packard HP 3D DriveGuard AccelerometerST.exe [127624 2015-01-30] (Société Hewlett-Packard -> Société Hewlett-Packard)

HKLM-x32 … Exécuter: [HPMessageService] => C: Program Files (x86) Hewlett-Packard HP System Event HPMSGSVC.exe [509192 2014-12-01] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)

HKLM-x32 … Exécuter: [HP Software Update] => C: Program Files (x86) Hp HP Software Update HPWuSchd2.exe [96056 2013-05-30] (Société Hewlett-Packard -> Hewlett-Packard)

HKLM-x32 … Exécuter: [BCSSync] => C: Program Files (x86) Microsoft Office Office14 BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)

HKLM-x32 … Exécuter: [] => [X]

HKLM-x32 … Exécuter: [Acrobat Assistant 8.0] => C: Program Files (x86) Adobe Acrobat 11.0 Acrobat Acrotray.exe [3498728 2015-06-29] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

HKLM-x32 … Exécuter: [vProt] => C: Program Files (x86) AVG Web TuneUp vprot.exe [2195968 2019-01-28] (AVG Netherlands B.V. ->)

HKLM-x32 … Exécuter: [VirtualCloneDrive] => C: Program Files (x86) Elaborate Bytes VirtualCloneDrive VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG -> Elaborate Bytes AG)

HKLM-x32 … Exécuter: [Autodesk Desktop App] => C: Program Files (x86) Autodesk Autodesk Desktop App AutodeskDesktopApp.exe [709416 2018-03-10] (Autodesk, Inc. -> Autodesk, Inc.)

HKLM-x32 … Exécuter: [jswtrayutil] => C: Program Files (x86) Jumpstart jswtrayutil.exe [528384 2008-09-26] (Atheros Communications, Inc.) [File not signed]

HKLM-x32 … Exécuter: [KiesTrayAgent] => C: Program Files (x86) Samsung Kies KiesTrayAgent.exe [318112 2017-11-15] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)

HKLM-x32 … Exécuter: [Aimersoft Helper Compact.exe] => C: Program Files (x86) Fichiers communs Aimersoft Aimersoft Helper Compact ASHelper.exe [2138272 2016-10-08] (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft)

HKLM-x32 … Exécuter: [SunJavaUpdateSched] => C: Program Files (x86) Fichiers communs Java Java Update jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)

HKLM-x32 … Exécuter: [XArp] => C: Program Files (x86) XArp xarp.exe [10413568 2011-04-01] (www.chrismc.de) [File not signed]

HKLM … Winlogon: [Userinit] C: Windows SysWOW64 userinit.exe, <==== ATTENTION

HKLM … Policies Explorer: [AllowLegacyWebView] 1

HKLM … Policies Explorer: [AllowUnhashedWebView] 1

HKU S-1-5-21-3751382696-3894377064-3631472648-1001 … Run: [HP Deskjet 3050 J610 series (NET)] => C: Program Files HP HP Deskjet 3050 J610 series Bin ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)

HKU S-1-5-21-3751382696-3894377064-3631472648-1001 … Run: [IomegaEncryption] => C: Program Files (x86) Iomega Iomega Encryption Iomega Encryption.exe [455168 2011-09-16] (Technologie PLX) [File not signed]

HKU S-1-5-21-3751382696-3894377064-3631472648-1001 … Run: [DAEMON Tools Lite Automount] => C: Program Files DAEMON Tools Lite DTAgent.exe [4289728 2016-04-04] (Disc Soft Ltd -> Disc Soft Ltd)

HKU S-1-5-21-3751382696-3894377064-3631472648-1001 … Run: [GoogleDriveSync] => C: Program Files Google Drive googledrivesync.exe [48214752 2020-04-06] (Google LLC ->)

HKU S-1-5-21-3751382696-3894377064-3631472648-1001 … Run: [Autodesk Sync] => C: Program Files Autodesk Autodesk Sync AdSync.exe [1283112 2016-02-02] (Autodesk, Inc -> Autodesk, Inc.)

HKU S-1-5-21-3751382696-3894377064-3631472648-1001 … Run: [Steam] => C: Program Files (x86) Steam steam.exe [3200800 2018-05-19] (Valve -> Valve Corporation)

HKU S-1-5-21-3751382696-3894377064-3631472648-1001 … Run: [CCleaner Smart Cleaning] => C: Program Files CCleaner CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)

HKU S-1-5-21-3751382696-3894377064-3631472648-1001 … Run: [Spotify] => C: Users XXXXXXZZZ AppData Roaming Spotify Spotify.exe [22824680 2020-05-19] (Spotify AB -> Spotify Ltd)

HKU S-1-5-21-3751382696-3894377064-3631472648-1001 … Run: [OfficeSyncProcess] => C: Program Files (x86) Microsoft Office Office14 MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation -> Microsoft Corporation)

HKU S-1-5-21-3751382696-3894377064-3631472648-1001 … Policies Explorer: []

HKU S-1-5-18 … Run: [Autodesk Sync] => C: Program Files Autodesk Autodesk Sync AdSync.exe [1283112 2016-02-02] (Autodesk, Inc -> Autodesk, Inc.)

HKLM … Print Monitors Adobe PDF Port Monitor: C: Windows system32 AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)

HKLM … Print Monitors HP 9311 Status Monitor: C: Windows system32 hpinksts9311LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)

HKLM … Print Monitors Moniteur d'état HP C611: C: Windows system32 hpinkstsC611LM.dll [333344 2013-05-06] (Hewlett Packard -> Hewlett-Packard Co.)

HKLM … Print Monitors HP Discovery Port Monitor (HP Deskjet 3050 J610 series): C: Windows system32 HPDiscoPM9311.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)

HKLM … Print Monitors HP Universal Port Monitor: C: Windows system32 hpbprtmon.dll [423936 2014-06-11] (Éditeur de compatibilité matérielle Microsoft Windows -> Hewlett-Packard)

HKLM … Print Monitors KM Language Monitor: C: Windows system32 KMPJL64.DLL [124560 2017-07-31] (Éditeur de compatibilité matérielle Microsoft Windows -> KYOCERA Document Solutions Inc.)

HKLM … Print Monitors Wondershare PDFelement Monitor: C: Windows system32 WSPDFelementMonitor.dll [271360 2017-10-19] (Logiciel Wondershare) [File not signed]

HKLM Software Microsoft Active Setup Installed Components: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C: Program Files (x86) Google Chrome Application 83.0.4103.97 Installer chrmstp.exe [2020-06-05] (Google LLC -> Google LLC)

HKLM Software … Authentication Credential Providers: [538C240D-3DEE-4032-AB4C-08A3A6EB0861] -> c: Program Files (x86) CyberLink YouCam CLCredProv x64 CLCredProv.dll [2015-02-11] (CyberLink Corp. -> CyberLink)

HKLM Software … Authentication Credential Providers: [F3F1B0FA-4775-41d8-8578-436772D93FB4] -> C: Program Files Hewlett-Packard SimplePass OmniPassCredProv.dll [2015-03-04] (Softex Inc.) [File not signed]

HKLM Software … Authentication Credential Provider Filters: [F3F1B0FA-4775-41d8-8578-436772D93FB4] -> C: Program Files Hewlett-Packard SimplePass OmniPassCredProv.dll [2015-03-04] (Softex Inc.) [File not signed]

Démarrage: C: ProgramData Microsoft Windows Menu Démarrer Programmes Démarrage Assistante de gestor de conteúdo pour PlayStation®.lnk [2016-04-23]

ShortcutTarget: Assistente de gestor de conteúdo for PlayStation®.lnk -> C: Program Files (x86) Sony Content Manager Assistant CMA.exe (Sony Computer Entertainment Inc. -> Sony Computer Entertainment Inc.)

Démarrage: C: ProgramData Microsoft Windows Menu Démarrer Programmes Démarrage Avast SecureLine VPN.lnk [2019-07-16]

ShortcutTarget: Avast SecureLine VPN.lnk -> C: Program Files AVAST Software SecureLine Vpn.exe (AVAST Software s.r.o. -> AVAST Software)

Démarrage: C: ProgramData Microsoft Windows Menu Démarrer Programmes Démarrage AVG TuneUp.lnk [2019-09-20]

ShortcutTarget: AVG TuneUp.lnk -> C: Program Files (x86) AVG AVG TuneUp TuneupUI.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)

Démarrage: C: Users XXXXXXZZZ AppData Roaming Microsoft Windows Start Menu Programs Startup Autenticacao.gov.pt.lnk [2020-04-24]

ShortcutTarget: Autenticacao.gov.pt.lnk -> C: Program Files (x86) plugin Autenticacao.Gov Autenticacao.gov.pt.exe (Agência para a Modernização Administrativa, I.P. -> Agência para a Modernização Administrativa, IP)

Démarrage: C: Users XXXXXXZZZ AppData Roaming Microsoft Windows Start Menu Programs Startup MEGAsync.lnk [2019-02-07]

ShortcutTarget: MEGAsync.lnk -> C: Users XXXXXXZZZ AppData Local MEGAsync MEGAsync.exe (Mega Limited -> Mega Limited)

Démarrage: C: Users XXXXXXZZZ AppData Roaming Microsoft Windows Start Menu Programs Startup OneNote 2010 Screen Clipper and Launcher.lnk [2018-05-18]

ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C: Program Files (x86) Microsoft Office Office14 ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

BootExecute: autocheck autochk / m / P Device HarddiskVolume13autocheck autochk *

GroupPolicy: Restriction? <==== ATTENTION

FF HKLM SOFTWARE Policies Mozilla Firefox: Restriction <==== ATTENTION

CHR HKLM SOFTWARE Policies Google: Restriction <==== ATTENTION

==================== Tâches planifiées (liste blanche) ============

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

Tâche: 019EFCA7-800A-45BD-B5D4-E7BC04A47010 – System32 Tasks Adobe Flash Player NPAPI Notifier => C: Windows SysWOW64 Macromed Flash FlashUtil32_32_0_0_371_Plugin.exe [1458232 2020-05-13] (Adobe Inc. -> Adobe)

Tâche: 035A9236-3D0D-4CEC-88E7-316A88A60D57 – System32 Tasks AutoKMS => C: Windows AutoKMS AutoKMS.exe [5046784 2018-01-30] () [File not signed]

Tâche: 0B7F76E1-EE25-416A-B69A-E967896AD3B6 – System32 Tasks GoogleUpdateTaskMachineUA => C: Program Files (x86) Google Update GoogleUpdate.exe [154440 2016-03-18] (Google Inc -> Google Inc.)

Tâche: 0CE47549-B8CB-4819-ABF3-3FA3A57AB0D4 – System32 Tasks Hewlett-Packard HP Active Health HP Active Health Scan (HPSA) => C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPActiveHealth ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.)

Tâche: 130F5CA5-8C3C-463D-8A72-447D87BD6E01 – System32 Tasks Start SimplePass => C: Program Files Hewlett-Packard SimplePass ClientCore.exe [4716280 2015-01-30] (Softex Incorporated -> Hewlett-Packard)

Tâche: 196B8F02-98BF-41FB-B1A3-5F36DB0DE18D – System32 Tasks Adobe Acrobat Update Task => C: Program Files (x86) Common Files Adobe ARM 1.0 AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)

Tâche: 2082FD68-9C15-4062-AC44-9424D96210B8 – pas de chemin de fichier

Tâche: 23DAD9CE-2053-4866-8F74-D0729C66989D – pas de chemin de fichier

Tâche: 2D6FC168-D4B7-4440-A3F6-FFF3E4F97500 – pas de chemin de fichier

Tâche: 2E6908D5-EFAB-4013-A5F8-C67EA3EB73E1 – System32 Tasks G2MUpdateTask-S-1-5-21-3751382696-3894377064-3631472648-1001 => C: Users XXXXXXZZZ AppData Local GoToM 17956 g2mupdate.exe [32424 2020-06-09] (LogMeIn, Inc. -> LogMeIn, Inc.)

Tâche: 336DBD9A-B9BE-4A9D-8E7E-70DF4DD0C45C – System32 Tasks G2MUploadTask-S-1-5-21-3751382696-3894377064-3631472648-1001 => C: Users XXXXXXZZZ AppData Local Go 17956 g2mupload.exe [32424 2020-06-09] (LogMeIn, Inc. -> LogMeIn, Inc.)

Tâche: 4676C5EC-11E4-46DB-A339-B05760EBFD33 – System32 Tasks Antivirus Emergency Update => C: Program Files (x86) AVG Antivirus AvEmUpdate.exe [3387520 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

Tâche: 480057E1-65C8-4672-B6EB-449337F4A059 – System32 Tasks AVG TuneUp Update => C: Program Files (x86) AVG AVG TuneUp TUNEUpdate.exe [1706528 2019-09-20] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)

Tâche: 482950C8-5BA7-4A9B-B305-736188A98CF5 – System32 Tasks Hewlett-Packard HP Support Assistant HP Support Assistant Quick Start => C: Program Files (x86) Hewlett-Packard HP Support Framework HPSF.exe [1505624 2020-05-20] (HP Inc. -> HP Inc.)

Tâche: 4922F370-D891-4A1B-B13A-67F51EFA83AE – pas de chemin de fichier

Tâche: 506A236E-C8FC-491D-A1A7-2D971555245D – System32 Tasks YCMServiceAgent => c: Program Files (x86) Cyberlink YouCam YouCamService.exe [267224 2015-02-11] (CyberLink Corp. -> CyberLink Corp.)

Tâche: 71EB72E0-9D55-4AC5-BDF7-6B6F866DDCDE – System32 Tasks npcapwatchdog => C: Program Files Npcap CheckStatus.bat [862 2019-04-30] () [File not signed]

Tâche: 7A56FE0C-B693-4340-AEA0-D5C5C9067C4C – System32 Tasks Hewlett-Packard HP Support Assistant HP Support Solutions Framework Updater => C: Program Files (x86) Hewlett-Packard HP Support Solutions Modules HPSSFUpdater.exe [662872 2020-04-30] (HP Inc. -> HP Inc.)

Tâche: 8BF8C487-50E7-4763-9DD0-BEEB2C3856D5 – System32 Tasks Avast SecureLine => C: Program Files AVAST Software SecureLine SecureLine.exe [3438680 2016-05-24] (Logiciel AVAST a.s. -> Logiciel AVAST)

Tâche: 8F05A697-8454-4451-9D04-4F3843C4EC1A – System32 Tasks Hewlett-Packard HP Support Assistant WarrantyChecker => C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPWarrantyCheck HPWarrantyChecker.exe [1117048 2020-03-26] (HP Inc. -> HP Inc.)

Tâche: 9594B004-459A-4105-BDB9-0686695F1DBC – System32 Tasks BlueStacksHelper => C: ProgramData BlueStacks Client Helper BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)

Tâche: A7A40B26-2C9E-4141-A5EF-3A3EB86182C4 – System32 Tasks Start OPBHOBrokerDesktop => C: Program Files Hewlett-Packard SimplePass OPBHOBrokerDsktop.exe [506104 2015-01-30] (Softex Incorporated -> Hewlett-Packard)

Tâche: AC2D90BD-03AB-4717-B91B-4ACD2D25A495 – System32 Tasks HPCeeScheduleForXXXXXXZZZ => C: Program Files (x86) Hewlett-Packard HP Ceement HPCEE.exe

Tâche: AC444CF5-C990-4BC8-8C8E-9F5B38F05A81 – System32 Tasks Hewlett-Packard HP Support Assistant WarrantyChecker_DeviceScan => C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPWarrantyCheck HPWarrantyChecker.exe [1117048 2020-03-26] (HP Inc. -> HP Inc.)

Tâche: B366A58C-E1F0-4F66-B965-EEE0E58ECF54 – System32 Tasks Start OPBHOBroker => C: Program Files Hewlett-Packard SimplePass OPBHOBroker.exe [506104 2015-01-30] (Softex Incorporated -> Hewlett-Packard)

Tâche: B8FFC866-248A-4176-AC9F-31F3B9144F13 – System32 Tasks CCleanerSkipUAC => C: Program Files CCleaner CCleaner.exe [16494464 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)

Tâche: B9781211-096A-4A59-B2CD-6631DAA6F92E – System32 Tasks Hewlett-Packard HP Support Assistant PC Health Analysis => C: Program Files (x86) Hewlett-Packard HP Support Framework HPSF. EXE [1505624 2020-05-20] (HP Inc. -> HP Inc.)

Tâche: BDD8080F-6580-4439-B090-E1F0B8980028 – System32 Tasks AVGPCTuneUp_Task_BkGndMaintenance => C: Program Files (x86) AVG AVG PC TuneUp tuscanx.exe

Tâche: BF84E17C-D1AA-4F8E-AD9C-9C3999F8CDD2 – System32 Tasks Mozilla Firefox Default Browser Agent E7CF176E110C211B => C: Program Files (x86) Mozilla Firefox default-browser-agent.exe [124624 2020-06-05] (Mozilla Corporation -> Fondation Mozilla)

Tâche: C045C518-0FA6-4A67-A3D5-151056E6C9D9 – System32 Tasks Adobe Flash Player Updater => C: Windows SysWOW64 Macromed Flash FlashPlayerUpdateService.exe [335416 2020-05-13] (Adobe Inc. -> Adobe)

Tâche: C2BDB807-0EE2-4A05-9C29-E0B43518E8DB – System32 Tasks Hewlett-Packard HP Support Assistant PC Health Analysis Restart => C: Program Files (x86) Hewlett-Packard HP Support Framework HPSF .EXE [1505624 2020-05-20] (HP Inc. -> HP Inc.)

Tâche: C718E444-7E77-4374-9197-635B15CB8D22 – System32 Tasks Avast SecureLine VPN Update => c: program files avast software secureline vpnupdate.exe [1390472 2019-10-24] (AVAST Software s.r.o. -> AVAST Software)

Tâche: C9FF1DA6-EC0B-4F09-A9DB-B6A37A1F1374 – System32 Tasks CCleaner Update => C: Program Files CCleaner CCUpdate.exe [619416 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)

Tâche: CA139223-98A5-4E6F-9A90-3BD01B619423 – System32 Tasks Driver Easy Scheduled Scan => C: Program Files Easeware DriverEasy DriverEasy.exe [3392368 2017-11-10] (Easeware Technology Limited -> Easeware)

Tâche: CAB11F90-659D-4C59-8472-7217C7636690 – System32 Tasks AVG Overseer => C: Program Files Common Files AVG Overseer overseer.exe [1692296 2020-03-03] (AVG Technologies USA, LLC -> AVG Technologies)

Tâche: D7F26C8B-7EE3-4B58-971C-7ABBFDF75B19 – pas de chemin de fichier

Tâche: E1C5D3F6-C2CE-48AF-96F3-03D7E23B9A45 – System32 Tasks Hewlett-Packard HP Support Assistant Product Configurator => C: Program Files (x86) Hewlett-Packard HP Support Framework Resources ProductConfig .EXE [320856 2020-04-23] (HP Inc. -> HP Inc.)

Tâche: E7333F8C-E08D-4FB6-84DC-694BB2775824 – System32 Tasks Hewlett-Packard HP CoolSense HP CoolSense Start at Logon => C: Program Files (x86) Hewlett-Packard HP CoolSense CoolSense. EXE [1354552 2014-05-19] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)

Tâche: EB9B233E-D483-496B-8CD6-9C9CBAAE9007 – System32 Tasks Hewlett-Packard HP Support Assistant HP Support Solutions Framework Report => C: Program Files (x86) Hewlett-Packard HP Support Solutions Modules HPSFReport.exe [134008 2020-03-25] (HP Inc. -> HP Inc.)

Tâche: EBCAD8C1-2F95-424A-87E3-ED87CF10A5D5 – pas de chemin de fichier

Tâche: EDE8E45E-2A78-41AD-8D66-72B614CF9C9E – System32 Tasks GoogleUpdateTaskMachineCore => C: Program Files (x86) Google Update GoogleUpdate.exe [154440 2016-03-18] (Google Inc -> Google Inc.)

Tâche: F173A769-3028-456B-B1A5-D1EC4B2ED322 – System32 Tasks HPCustParticipation HP Deskjet 3050 J610 series => C: Program Files HP HP Deskjet 3050 J610 series Bin HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)

Tâche: F6005A55-D650-4ABA-99F1-795479106D2D – System32 Tasks 7A5E22F3-13A6-4040-B1C5-E4043B449990 => C: Windows system32 pcalua.exe -a C: E20-II unwcs21.EXE -c C: E20-II csi22 INSTALL.LOG

(Si une entrée est incluse dans la liste de correctifs, le fichier de tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Tâche: C: Windows Tasks Driver Easy Scheduled Scan.job => C: Program Files Easeware DriverEasy DriverEasy.exe

Tâche: C: Windows Tasks G2MUpdateTask-S-1-5-21-3751382696-3894377064-3631472648-1001.job => C: Users XXXXXXZZZ AppData Local GoToMeeting 17956 g2mupdate.exe

Tâche: C: Windows Tasks G2MUploadTask-S-1-5-21-3751382696-3894377064-3631472648-1001.job => C: Users XXXXXXZZZ AppData Local GoToMeeting 17956 g2mupload.exe

Tâche: C: Windows Tasks HPCeeScheduleForXXXXXXZZZ.job => C: Program Files (x86) Hewlett-Packard HP Ceement HPCEE.exe

==================== Internet (liste blanche) ====================

(Si un élément est inclus dans la liste de correctifs, s'il s'agit d'un élément du registre, il sera supprimé ou restauré par défaut.)

Winsock: Catalog5 07 C: Program Files (x86) Bonjour mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)

Winsock: Catalog9 12 C: Windows SysWOW64 vsocklib.dll [42376 2018-06-22] (VMware, Inc. -> VMware, Inc.)

Winsock: Catalog9 13 C: Windows SysWOW64 vsocklib.dll [42376 2018-06-22] (VMware, Inc. -> VMware, Inc.)

Winsock: Catalog5-x64 07 C: Program Files Bonjour mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)

Winsock: Catalog9-x64 12 C: Windows system32 vsocklib.dll [46472 2018-06-22] (VMware, Inc. -> VMware, Inc.)

Winsock: Catalog9-x64 13 C: Windows system32 vsocklib.dll [46472 2018-06-22] (VMware, Inc. -> VMware, Inc.)

Hôtes: il existe plusieurs entrées dans Hôtes. Voir la section Hôtes de Addition.txt

Tcpip .. Interfaces 9BE7CB1D-7D01-412C-87BA-0BF14F21DCFC: [NameServer] 192.168.175.1

Tcpip .. Interfaces AE83C2A5-B32C-49E6-92F8-44E82B6BF54C: [DhcpNameServer] 192.168.1.1

Tcpip .. Interfaces D7780C2A-6612-4825-B9AA-0AAAE7D9CBB1: [DhcpNameServer] 192.168.1.1

Tcpip .. Interfaces F378EDC9-2002-40C5-A4FD-8D06037995AC: [NameServer] 192.168.56.1

Tcpip .. Interfaces F9ED1E2C-E78F-4493-82DC-AA9A69316967: [NameServer] 192.168.6.1

Internet Explorer:

==================

HKLM Software Microsoft Internet Explorer Main, Start Page = about: vide

HKLM Software Wow6432Node Microsoft Internet Explorer Main, Start Page = about: vide

HKLM Software Wow6432Node Microsoft Internet Explorer Main, Default_Page_URL = hxxp: //hp13.msn.com

HKU .DEFAULT Software Microsoft Internet Explorer Main, Start Page = about: vide

HKU .DEFAULT Software Microsoft Internet Explorer Main, Default_Page_URL = hxxp: //hp13.msn.com

HKU S-1-5-21-3751382696-3894377064-3631472648-1001 Software Microsoft Internet Explorer Main, page de démarrage = hxxps: //mysearch.avg.com/? Cid = 0748ECFF-99FC-45F5- A9A9-AAA31FAD88FA & mid = 2e2973733faf47cca1dda13ec7d56e85-0c260b95194f388f5d97415cd7ba6e43361199e3 & lang = pt & ds = AVG & coid = avgtbavg & cmpid = ipm180 & v = 26 v & d = 20 v

HKU S-1-5-21-3751382696-3894377064-3631472648-1001 Software Microsoft Internet Explorer Main, Default_Page_URL = hxxp: //hp13.msn.com

SearchScopes: HKLM -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =

SearchScopes: HKLM -> 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =

SearchScopes: HKLM-x32 -> C77A81B7-79DB-4F42-8F4C-3CEBC5863FB2 URL = hxxp: //www.amazon.co.uk/s/ref=azs_osd_ieauk? Ie = UTF-8 & tag = hp-uk3-vsb- 21 & link% 5Fcode = qs & index = aps & field-keywords = searchTerms

SearchScopes: HKU S-1-5-21-3751382696-3894377064-3631472648-1001 -> 95B7759C-8C7F-4BF1-B163-73684A933233 URL = hxxps: //mysearch.avg.com/search? Cid = 0748ECFF -99FC-45F5-A9A9-AAA31FAD88FA & mid = 2e2973733faf47cca1dda13ec7d56e85-0c260b95194f388f5d97415cd7ba6e43361199e3 & lang = pt & ds = AVG & COID = avgtbavg & cmpid = ipm180716c & pr = fr & d = 2016-06-12 22: 27: 20 & v = 4.3.9.626 & pid = UMC & sg = & sap = dsp & q = searchTerms

SearchScopes: HKU S-1-5-21-3751382696-3894377064-3631472648-1001 -> C77A81B7-79DB-4F42-8F4C-3CEBC5863FB2 URL = hxxp: //www.amazon.co.uk/s/ref= azs_osd_ieauk? ie = UTF-8 & tag = hp-uk3-vsb-21 & link% 5Fcode = qs & index = aps & field-keywords = searchTerms

BHO: Groove GFS Browser Helper -> 72853161-30C5-4D22-B7F9-0BBC1D38A37E -> C: Program Files Microsoft Office Office14 GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)

BHO: Java ™ Plug-In SSV Helper -> 761497BB-D6F0-462C-B6EB-D4DAF1D92D43 -> C: Program Files Java jre1.8.0_241 bin ssv.dll [2020-03-05] (Oracle America, Inc. -> Oracle Corporation)

BHO: AVG Web TuneUp -> 95B7759C-8C7F-4BF1-B163-73684A933233 -> C: Program Files AVG Web TuneUp 4.3.9.626 AVG Web TuneUp.dll [2019-01-28] (AVG Pays-Bas B.V. -> AVG)

BHO: Adobe Acrobat Create PDF Helper -> AE7CD045-E861-484f-8273-0445EE161910 -> C: Program Files (x86) Common Files Adobe Acrobat WCIEActiveX x64 AcroIEFavClient.dll [2015-06-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

BHO: Gestionnaire de cache de documents Office -> B4F3A835-0E21-4959-BA22-42B3008E02FF -> C: Program Files Microsoft Office Office14 URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)

BHO: Java ™ Plug-In 2 SSV Helper -> DBC80044-A445-435b-BC74-9C25C1C588A9 -> C: Program Files Java jre1.8.0_241 bin jp2ssv.dll [2020-03-05] (Oracle America, Inc. -> Oracle Corporation)

BHO: HP Network Check Helper -> E76FD755-C1BA-4DCB-9F13-99BD91223ADE -> C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPNetworkCheck HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)

BHO: Adobe Acrobat Créer un fichier PDF à partir de la sélection -> F4971EE7-DAA0-4053-9964-665D8EE6A077 -> C: Program Files (x86) Common Files Adobe Acrobat WCIEActiveX x64 AcroIEFavClient.dll [2015-06-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

BHO-x32: Aide du navigateur Groove GFS -> 72853161-30C5-4D22-B7F9-0BBC1D38A37E -> C: Program Files (x86) Microsoft Office Office14 GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: extension Evernote -> 92EF2EAD-A7CE-4424-B0DB-499CF856608E -> C: Program Files (x86) Evernote Evernote EvernoteIE.dll [2014-12-17] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

BHO-x32: AVG Web TuneUp -> 95B7759C-8C7F-4BF1-B163-73684A933233 -> C: Program Files (x86) AVG Web TuneUp 4.3.9.626 AVG Web TuneUp.dll [2019-01-28] (AVG Pays-Bas B.V. -> AVG)

BHO-x32: Adobe Acrobat Create PDF Helper -> AE7CD045-E861-484f-8273-0445EE161910 -> C: Program Files (x86) Common Files Adobe Acrobat WCIEActiveX AcroIEFavClient.dll [2015-06-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

BHO-x32: Gestionnaire de cache de documents Office -> B4F3A835-0E21-4959-BA22-42B3008E02FF -> C: Program Files (x86) Microsoft Office Office14 URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: HP Network Check Helper -> E76FD755-C1BA-4DCB-9F13-99BD91223ADE -> C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPNetworkCheck HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)

BHO-x32: Adobe Acrobat Créer un fichier PDF à partir de la sélection -> F4971EE7-DAA0-4053-9964-665D8EE6A077 -> C: Program Files (x86) Common Files Adobe Acrobat WCIEActiveX AcroIEFavClient.dll [2015-06-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

Barre d'outils: HKLM – Adobe Acrobat Create PDF Toolbar – 47833539-D0C5-4125-9FA8-0819E2EAAC93 – C: Program Files (x86) Common Files Adobe Acrobat WCIEActiveX x64 AcroIEFavClient.dll [2015-06-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

Barre d'outils: HKLM-x32 – Adobe Acrobat Create PDF Toolbar – 47833539-D0C5-4125-9FA8-0819E2EAAC93 – C: Program Files (x86) Common Files Adobe Acrobat WCIEActiveX AcroIEFavClient.dll [2015-06-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

Barre d'outils: HKU S-1-5-21-3751382696-3894377064-3631472648-1001 -> Adobe Acrobat Create PDF Toolbar – 47833539-D0C5-4125-9FA8-0819E2EAAC93 – C: Program Files (x86) Common Files Adobe Acrobat WCIEActiveX x64 AcroIEFavClient.dll [2015-06-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

Handler-x32: asp – 8D32BA61-D15B-11d4-894B-000000000000 – C: Windows SysWow64 hsppp.dll [2006-10-07] (Logiciel EzTools) [File not signed]

Handler-x32: ezstor – 8D32BA61-D15B-11d4-894B-000000000000 – C: Windows SysWow64 hsppp.dll [2006-10-07] (Logiciel EzTools) [File not signed]

Handler-x32: hsp – 8D32BA61-D15B-11d4-894B-000000000000 – C: Windows SysWow64 hsppp.dll [2006-10-07] (Logiciel EzTools) [File not signed]

Handler-x32: jpip – B92DD248-E3D5-4A92-B311-C9B841681455 – C:Program Files (x86)LizardTechExpressViewnpexview.dll [2014-02-02] (LizardTech) [File not signed]

Handler-x32: sidlet – B92DD248-E3D5-4A92-B311-C9B841681455 – C:Program Files (x86)LizardTechExpressViewnpexview.dll [2014-02-02] (LizardTech) [File not signed]

Handler-x32: x-asp – 8D32BA61-D15B-11d4-894B-000000000000 – C:WindowsSysWow64hsppp.dll [2006-10-07] (EzTools Software) [File not signed]

Handler-x32: x-cnote – 8D32BA61-D15B-11d4-894B-000000000000 – C:WindowsSysWow64hsppp.dll [2006-10-07] (EzTools Software) [File not signed]

Handler-x32: x-hsp – 8D32BA61-D15B-11d4-894B-000000000000 – C:WindowsSysWow64hsppp.dll [2006-10-07] (EzTools Software) [File not signed]

Handler-x32: x-mem1 – C3719F83-7EF8-4BA0-89B0-3360C7AFB7CC – C:WindowsSysWow64WowCtl2.dll [2006-10-13] (EzTools Software) [File not signed]

Handler-x32: x-zip – 8D32BA61-D15B-11d4-894B-000000000000 – C:WindowsSysWow64hsppp.dll [2006-10-07] (EzTools Software) [File not signed]

Handler-x32: zip – 8D32BA61-D15B-11d4-894B-000000000000 – C:WindowsSysWow64hsppp.dll [2006-10-07] (EzTools Software) [File not signed]

FireFox:

========

FF DefaultProfile: t5l5e12d.default

FF ProfilePath: C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.default [2020-06-09]

FF Extension: (Disconnect) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensions2.0@disconnect.me.xpi [2020-01-06]

FF Extension: (AVG Web TuneUp) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionsavg@toolbar.xpi [2019-04-11] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avg/wtu/update.json]

FF Extension: (SerpClix ClickSense) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionsdev@serpclix.com.xpi [2020-04-24] [UpdateUrl:hxxps://serpclix.com/downloads/addon/updates.json]

FF Extension: (Ghostery – Privacy Ad Blocker) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionsfirefox@ghostery.com.xpi [2020-05-21]

FF Extension: (HTTPS Everywhere) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionshttps-everywhere-eff@eff.org.xpi [2020-05-22] [UpdateUrl:hxxps://www.eff.org/files/https-everywhere-updates.json]

FF Extension: (Disable WebRTC) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionsjid1-5Fs7iTLscUaZBgwr@jetpack.xpi [2020-06-02]

FF Extension: (Para o Google Tradutor) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionsjid1-93WyvpgvxzGATw@jetpack.xpi [2020-02-06]

FF Extension: (Decentraleyes) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionsjid1-BoFifL9Vbdl2zQ@jetpack.xpi [2020-04-01]

FF Extension: (DuckDuckGo Privacy Essentials) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionsjid1-ZAdIEUB7XOzOJw@jetpack.xpi [2020-06-03]

FF Extension: (Lazarus: Form Recovery) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionslazarus@interclue.com.xpi [2016-07-12] [Legacy]

FF Extension: (Avast SafePrice | Comparação, ofertas, cupões) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionssp@avast.com.xpi [2020-05-02]

FF Extension: (Google Translator for Firefox) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionstranslator@zoli.bod.xpi [2020-02-05]

FF Extension: (uBlock Origin) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionsuBlock0@raymondhill.net.xpi [2020-05-28]

FF Extension: (uMatrix) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionsuMatrix@raymondhill.net.xpi [2020-01-06]

FF Extension: (Startpage.com: pesquisa privada) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensions20fc2e06-e3e4-4b2b-812b-ab431220cada.xpi [2020-01-07]

FF Extension: (Cookie Quick Manager) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensions60f82f00-9ad5-4de5-b31c-b16a47c51558.xpi [2020-05-15]

FF Extension: (Flash and Video Download) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionsadeadebb-fedc-4180-a7f4-cfdd87496551.xpi [2020-05-24]

FF Extension: (Video DownloadHelper) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionsb9db16a4-6edc-47ec-a1f4-b86292ed211d.xpi [2020-03-31]

FF SearchPlugin: C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultsearchpluginsavg-secure-search.xml [2019-01-28]

FF HKLM-x32…FirefoxExtensions: [firefox@bho.com] – C:Program FilesHewlett-PackardSimplePassFFBHOExt => not found

FF HKLM-x32…FirefoxExtensions: [web2pdfextension@web2pdf.adobedotcom] – C:Program Files (x86)AdobeAcrobat 11.0AcrobatBrowserWCFirefoxExtn

FF Extension: (Adobe Acrobat – Create PDF) – C:Program Files (x86)AdobeAcrobat 11.0AcrobatBrowserWCFirefoxExtn [2016-04-30] [Legacy] [not signed]

FF Plugin: @adobe.com/FlashPlayer -> C:Windowssystem32MacromedFlashNPSWF64_32_0_0_371.dll [2020-05-13] (Adobe Inc. -> )

FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:Program FilesJavajre1.8.0_241bindtpluginnpDeployJava1.dll [2020-03-05] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:Program FilesJavajre1.8.0_241binplugin2npjp2.dll [2020-03-05] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:Program FilesMicrosoft Silverlight5.1.50907.0npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:PROGRA~1MICROS~1Office14NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect -> C:Program Files (x86)Common FilesAdobeOOBEPDAppCCMUtilitiesnpAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems Incorporated -> Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:WindowsSysWOW64MacromedFlashNPSWF32_32_0_0_371.dll [2020-05-13] (Adobe Inc. -> )

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:windowsSysWOW64AdobeDirectornp32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.) [File not signed]

FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:Program Files (x86)Common FilesAVG Secure SearchSiteSafetyInstaller40.3.8\npsitesafety.dll [No File]

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:Program Files (x86)Foxit PhantomPDFpluginsnpFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:Program Files (x86)Foxit PhantomPDFpluginsnpFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:Program Files (x86)Foxit PhantomPDFpluginsnpFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:Program Files (x86)Foxit PhantomPDFpluginsnpFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:Program Files (x86)IntelIntel® Management Engine ComponentsIPTnpIntelWebAPIIPT.dll [2014-11-10] (Intel® Identity Protection Technology Software -> Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:Program Files (x86)IntelIntel® Management Engine ComponentsIPTnpIntelWebAPIUpdater.dll [2014-11-10] (Intel® Identity Protection Technology Software -> Intel Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:Program Files (x86)Microsoft Silverlight5.1.50907.0npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:PROGRA~2MICROS~1Office14NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:PROGRA~2MICROS~1Office14NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:Program Files (x86)WildTangent GamesAppBrowserIntegrationRegisteredNP_wtapp.dll [2014-11-15] (WildTangent Inc -> )

FF Plugin-x32: Adobe Acrobat -> C:Program Files (x86)AdobeAcrobat 11.0AcrobatAirnppdf32.dll [2015-06-29] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

FF Plugin-x32: Adobe Reader -> C:Program Files (x86)AdobeAcrobat Reader DCReaderAIRnppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:Program Files (x86)Common FilesAdobeOOBEPDAppCCMUtilitiesnpAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems Incorporated -> Adobe Systems)

FF Plugin-x32: Lizardtech ExpressViewPlugin -> C:Program Files (x86)LizardTechExpressViewnpexview.dll [2014-02-02] (LizardTech) [File not signed]

FF Plugin HKUS-1-5-21-3751382696-3894377064-3631472648-1001: @zoom.us/ZoomVideoPlugin -> C:UsersXXXXXXZZZAppDataRoamingZoombin_00npzoomplugin.dll [2020-05-14] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome:

=======

CHR Profile: C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefault [2020-06-07]

CHR Notifications: Default -> hxxps://web.skype.com

CHR HomePage: Default -> mysearch.avg.com

CHR StartupUrls: Default -> "hxxp://google.pt/"

CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q=searchTerms

CHR DefaultSearchKeyword: Default -> hxxps://mysearch.avg.com

CHR Extension: (Slides) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]

CHR Extension: (Seedr) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsabfimpkhacgimamjbiegeoponlepcbob [2018-08-20]

CHR Extension: (Flash Video Downloader) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsaiimdkdngfcipjohbjenkahhlhccpdbc [2019-05-14]

CHR Extension: (Docs) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2017-10-14]

CHR Extension: (Google Drive) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2018-10-17]

CHR Extension: (YouTube) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-18]

CHR Extension: (Adblock Plus – free ad blocker) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionscfhdojbkjhnklbpkdaibdccddilifddb [2020-04-06]

CHR Extension: (AVG Secure Search) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionschfdnecihphmhljaaejmgoiahnihplgn [2020-01-11]

CHR Extension: (Tampermonkey) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsdhdgffkkebhmkfjojejmpbldmpobfkfo [2020-06-07]

CHR Extension: (Email Exporter) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsecnfbegpagpeocjegnecbifjepfcpnhe [2020-06-07]

CHR Extension: (Toolkit For FB) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsfcachklhcihfinmagjnlomehfdhndhep [2019-07-04]

CHR Extension: (Sheets) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2017-10-14]

CHR Extension: (Google Docs Offline) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-07]

CHR Extension: (Social Fixer for Facebook) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsifmhoabcaeehkljcfclfiieohkohdgbb [2019-10-08]

CHR Extension: (Email Extractor) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsjdianbbpnakhcmfkcckaboohfgnngfcc [2020-06-07]

CHR Extension: (Unseen for Facebook) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsjiomcgpfgkeefipihnplhadgdoollmap [2019-09-23]

CHR Extension: (Application Launcher for Drive (by Google)) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionslmjegmlicamnimmfhcmpkclmigmmcbeh [2017-04-03]

CHR Extension: (Video DownloadHelper) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionslmjnegcaeklhafolokijcfjliaokphfk [2020-04-01]

CHR Extension: (Lazarus: Form Recovery) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsloljledaigphbcpfhfmgopdkppkifgno [2016-07-12]

CHR Extension: (Buster: Captcha Solver for Humans) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsmpbjkejclgfgadiemmefgebjfooflfhl [2020-06-07]

CHR Extension: (Chrome Web Store Payments) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]

CHR Extension: (Social Revealer) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsnmnnjcmpjlbbobehaikglfgpbjclcoeg [2019-01-30]

CHR Extension: (Unfriend Finder) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsolljnkilmblncgcghhaodkpdcnokhpah [2020-03-29]

CHR Extension: (Social Profile view notification) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionspegkceflonohbcefcbflfpficfkmpeod [2019-10-28]

CHR Extension: (Gmail) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2019-05-14]

CHR Extension: (Chrome Media Router) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-07]

CHR Profile: C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataSystem Profile [2019-07-26]

CHR HKUS-1-5-21-3751382696-3894377064-3631472648-1001SOFTWAREGoogleChromeExtensions…ChromeExtension: [chfdnecihphmhljaaejmgoiahnihplgn]

CHR HKUS-1-5-21-3751382696-3894377064-3631472648-1001SOFTWAREGoogleChromeExtensions…ChromeExtension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]

CHR HKUS-1-5-21-3751382696-3894377064-3631472648-1001SOFTWAREGoogleChromeExtensions…ChromeExtension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

CHR HKLM-x32…ChromeExtension: [efaidnbmnnnibpcajpcglclefindmkaj] – C:Program Files (x86)AdobeAcrobat 11.0AcrobatBrowserWCChromeExtnWCChromeExtn.crx [2015-06-29]

CHR HKLM-x32…ChromeExtension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdAppMgrSvc; C:Program Files (x86)AutodeskAutodesk Desktop AppAdAppMgrSvc.exe [1374072 2018-03-10] (Autodesk, Inc. -> Autodesk Inc.)

R2 AVG Antivirus; C:Program Files (x86)AVGAntivirusAVGSvc.exe [349552 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R3 avgbIDSAgent; C:Program Files (x86)AVGAntivirusaswidsagent.exe [6397888 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R2 BTDevManager; C:Program Files (x86)REALTEKRealtek BluetoothBTDevMgr.exe [125656 2015-09-18] (Realtek Semiconductor Corp -> )

R2 CleanupPSvc; C:Program Files (x86)AVGAVG TuneUpTuneupSvc.exe [10301176 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)

R2 DBJobServer; C:Program Files (x86)DesignBuilderJobServerDBJobServer.exe [672168 2018-03-22] (DesignBuilder Software Ltd -> DesignBuilder Software Ltd.)

R2 DBSimLServer; C:Program Files (x86)DesignBuilderLibDBSimLServer.exe [23464 2018-03-22] (DesignBuilder Software Ltd -> DesignBuilder)

S3 DialComService; C:Program Files (x86)DIAL GmbHDIAL Communication FrameworkDialComService.exe [2184192 2017-05-29] (DIAL GmbH) [File not signed]

S3 Disc Soft Lite Bus Service; C:Program FilesDAEMON Tools LiteDiscSoftBusService.exe [1443520 2016-04-04] (Disc Soft Ltd -> Disc Soft Ltd)

R2 DraftSight API Service; C:Program FilesDassault SystemesDraftSightbindsHttpApiService.exe [121344 2016-11-10] (Dassault Systèmes) [File not signed]

R2 esifsvc; C:WindowsSysWOW64esif_uf.exe [1037568 2015-03-04] (Intel® Software -> Intel Corporation)

R2 GamesAppIntegrationService; C:Program Files (x86)WildTangent GamesAppGamesAppIntegrationService.exe [347200 2015-02-09] (WildTangent Inc -> WildTangent)

R2 HPSupportSolutionsFrameworkService; C:Program Files (x86)Hewlett-PackardHP Support SolutionsHPSupportSolutionsFrameworkService.exe [379224 2020-05-20] (HP Inc. -> HP Inc.)

R2 HPWMISVC; c:Program Files (x86)Hewlett-PackardHP System EventHPWMISVC.exe [573704 2014-12-01] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)

R2 igfxCUIService1.0.0.0; C:Windowssystem32igfxCUIService.exe [344168 2015-04-28] (Intel Corporation – pGFX -> Intel Corporation)

R2 jhi_service; C:Program Files (x86)IntelIntel® Management Engine ComponentsDALjhi_service.exe [158496 2014-11-10] (Intel Corporation – Embedded Subsystems and IP Blocks Group -> Intel Corporation)

R2 jswpbapi; C:Program Files (x86)Jumpstartjswpbapi.exe [265216 2008-09-26] (Atheros Communications, Inc.) [File not signed]

S3 jswpsapi; C:Program Files (x86)Jumpstartjswpsapi.exe [954368 2008-09-26] (Atheros Communications, Inc.) [File not signed]

R2 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [6933272 2020-03-19] (Malwarebytes Inc -> Malwarebytes)

R2 NvNetworkService; C:Program Files (x86)NVIDIA CorporationNetServiceNvNetworkService.exe [1795912 2015-02-09] (NVIDIA Corporation -> NVIDIA Corporation)

R2 NvStreamSvc; C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe [19819848 2015-02-09] (NVIDIA Corporation -> NVIDIA Corporation)

R2 omniserv; C:Program FilesHewlett-PackardSimplePassOmniServ.exe [103424 2015-01-30] (Softex Inc.) [File not signed]

S3 ProtonVPN Service; C:Program Files (x86)Proton TechnologiesProtonVPNProtonVPNService.exe [101096 2020-02-17] (ProtonVPN AG -> )

S3 ProtonVPN Update Service; C:Program Files (x86)Proton TechnologiesProtonVPNProtonVPN.UpdateService.exe [60136 2020-02-17] (ProtonVPN AG -> )

R2 RichVideo64; C:Program FilesCyberLinkShared filesRichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )

S3 rpcapd; C:Program Files (x86)WinPcaprpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc. -> CACE Technologies, Inc.)

R2 RtkAudioService; C:Program FilesRealtekAudioHDARtkAudioService64.exe [293080 2015-03-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)

R2 SecureLine; C:Program FilesAVAST SoftwareSecureLineVpnSvc.exe [6828424 2019-10-23] (AVAST Software s.r.o. -> AVAST Software)

R2 ss_conn_service; C:Program FilesSAMSUNGUSB Drivers25_escapeconnss_conn_service.exe [743688 2014-12-03] (DEVGURU CO LTD -> DEVGURU Co., LTD.)

R2 ss_conn_service2; C:Program FilesSamsungUSB Drivers28_ssconn2connss_conn_service2.exe [780328 2019-09-24] (DEVGURU Co., Ltd. -> DEVGURU Co., LTD.)

R2 SynTPEnhService; C:Program FilesSynapticsSynTPSynTPEnhService.exe [220840 2015-02-13] (Synaptics Incorporated -> Synaptics Incorporated)

S3 VBoxSDS; C:Program FilesOracleVirtualBoxVBoxSDS.exe [690424 2019-01-25] (Oracle Corporation -> Oracle Corporation)

R2 vToolbarUpdater40.3.8; C:Program Files (x86)Common FilesAVG Secure SearchvToolbarUpdater40.3.8ToolbarUpdater.exe [1371136 2019-01-28] (AVG Netherlands B.V. -> AVG Secure Search)

S3 WdNisSvc; C:Program FilesWindows DefenderNisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

S3 WinDefend; C:Program FilesWindows DefenderMsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

R2 WtuSystemSupport; C:Program Files (x86)AVG Web TuneUpWtuSystemSupport.exe [811520 2019-01-28] (AVG Netherlands B.V. -> )

S2 KMSServerService; C:WindowsKMSServerServiceKMS Server Service.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:Windowssystem32DRIVERSAccelerometer.sys [44680 2015-01-27] (Hewlett-Packard Company -> Hewlett-Packard)

S3 aftap0901; C:Windowssystem32DRIVERSaftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)

S3 akshasp; C:Windowssystem32DRIVERSakshasp.sys [90240 2006-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Aladdin Knowledge Systems Ltd.)

S3 aksusb; C:WindowsSystem32driversaksusb.sys [18688 2006-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Aladdin Knowledge Systems Ltd.)

R0 avgArDisk; C:WindowsSystem32driversavgArDisk.sys [37208 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R1 avgArPot; C:WindowsSystem32driversavgArPot.sys [205952 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R1 avgbidsdriver; C:WindowsSystem32driversavgbidsdriver.sys [234632 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R0 avgbidsh; C:WindowsSystem32driversavgbidsh.sys [178832 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R0 avgbuniv; C:WindowsSystem32driversavgbuniv.sys [61072 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R1 avgKbd; C:WindowsSystem32driversavgKbd.sys [42856 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R2 avgMonFlt; C:WindowsSystem32driversavgMonFlt.sys [175776 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R1 avgRdr; C:WindowsSystem32driversavgRdr2.sys [109336 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R0 avgRvrt; C:WindowsSystem32driversavgRvrt.sys [84928 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R1 avgSnx; C:WindowsSystem32driversavgSnx.sys [851664 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R1 avgSP; C:WindowsSystem32driversavgSP.sys [461064 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R2 avgStm; C:WindowsSystem32driversavgStm.sys [235552 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R0 avgVmm; C:WindowsSystem32driversavgVmm.sys [319184 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

S3 BlueStacksDrv; C:Program FilesBlueStacksBstkDrv.sys [313112 2019-03-14] (Bluestack Systems, Inc. -> Bluestack System Inc.)

S3 dg_ssudbus; C:Windowssystem32DRIVERSssudbus.sys [136040 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

R3 dtlitescsibus; C:WindowsSystem32driversdtlitescsibus.sys [30264 2016-04-28] (Disc Soft Ltd -> Disc Soft Ltd)

R3 dtliteusbbus; C:WindowsSystem32driversdtliteusbbus.sys [47672 2016-04-28] (Disc Soft Ltd -> Disc Soft Ltd)

S2 Hardlock; C:Windowssystem32drivershardlock.sys [314368 2006-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Aladdin Knowledge Systems Ltd.)

R0 hpdskflt; C:WindowsSystem32DRIVERShpdskflt.sys [31880 2015-01-27] (Hewlett-Packard Company -> Hewlett-Packard)

R0 IntelHSWPcc; C:WindowsSystem32driversIntelPcc.sys [79528 2014-12-22] (Intel® Software -> Intel Corporation)

R1 JSWPSLWF; C:Windowssystem32DRIVERSjswpslwfx.sys [26624 2008-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)

R3 kmloop; C:Windowssystem32DRIVERSloop.sys [15360 2013-08-22] (Microsoft Windows -> Microsoft Corporation)

S3 libusbK; C:WindowsSystem32driverslibusbK.sys [47200 2016-08-02] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)

R2 MBAMChameleon; C:WindowsSystem32DriversMbamChameleon.sys [214496 2020-05-22] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMSwissArmy; C:WindowsSystem32Driversmbamswissarmy.sys [248968 2020-06-02] (Malwarebytes Inc -> Malwarebytes)

S3 MEIx64; C:Windowssystem32DRIVERSTeeDriverx64.sys [129312 2014-11-10] (Intel Corporation – Embedded Subsystems and IP Blocks Group -> Intel Corporation)

R1 npcap; C:Windowssystem32DRIVERSnpcap.sys [70968 2019-07-30] (Insecure.Com LLC -> Insecure.Com LLC.)

S4 npcap_wifi; C:Windowssystem32DRIVERSnpcap.sys [70968 2019-07-30] (Insecure.Com LLC -> Insecure.Com LLC.)

R2 NPF; C:WindowsSystem32driversnpf.sys [35344 2010-06-25] (CACE Technologies, Inc. -> CACE Technologies, Inc.)

R3 NvStreamKms; C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamKms.sys [19784 2015-02-09] (NVIDIA Corporation -> NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:Windowssystem32driversnvvad64v.sys [38216 2015-02-09] (NVIDIA Corporation -> NVIDIA Corporation)

S3 OXSDIDRV_x64; C:Windowssystem32DRIVERSOXSDIDRV_x64.sys [52384 2011-08-23] (PLX Technology, Inc. -> )

S3 OXUDIDRV; C:Windowssystem32DriversOXUDIDRV_X64.sys [31280 2010-05-25] (Oxford Semiconductor Ltd -> )

U5 PROCMON24; C:WindowsSystem32DriversPROCMON24.sys [90168 2020-06-02] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals – www.sysinternals.com)

U5 RTSUER; C:WindowsSystem32DriversRTSUER.sys [377048 2015-03-03] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)

R3 ScpVBus; C:WindowsSystem32driversScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)

S3 SmbDrv; C:WindowsSystem32driversSmb_driver_AMDASF.sys [33448 2015-02-13] (Synaptics Incorporated -> Synaptics Incorporated)

R3 SmbDrvI; C:Windowssystem32DRIVERSSmb_driver_Intel.sys [33448 2015-02-13] (Synaptics Incorporated -> Synaptics Incorporated)

S3 ssudmdm; C:Windowssystem32DRIVERSssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

S3 tapprotonvpn; C:Windowssystem32DRIVERStapprotonvpn.sys [35768 2020-01-15] (ProtonVPN AG -> The OpenVPN Project)

S3 TIEHDUSB; C:WindowsSystem32driverstiehdusb.sys [128512 2012-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Texas Instruments)

R3 USBPcap; C:Windowssystem32DRIVERSUSBPcap.sys [40888 2017-08-20] (Tomasz Moń -> USBPcap)

R3 VBoxNetAdp; C:Windowssystem32DRIVERSVBoxNetAdp6.sys [235832 2019-01-28] (Oracle Corporation -> Oracle Corporation)

R1 VBoxNetLwf; C:Windowssystem32DRIVERSVBoxNetLwf.sys [247216 2019-01-28] (Oracle Corporation -> Oracle Corporation)

S3 vjoy; C:WindowsSystem32driversvjoy.sys [56440 2016-02-03] (Shaul Eizikovich -> Shaul Eizikovich)

R0 vsock; C:WindowsSystem32DRIVERSvsock.sys [92040 2018-06-22] (VMware, Inc. -> VMware, Inc.)

S3 WdBoot; C:Windowssystem32driversWdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C:Windowssystem32driversWdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:WindowsSystem32DriversWdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)

R3 WirelessButtonDriver; C:WindowsSystem32driversWirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)

U3 aswbdisk; no ImagePath

S3 cpuz140; ??C:UsersXXXXXXZZZ~1AppDataLocalTempcpuz140cpuz140_x64.sys [X] <==== ATTENTION

S3 esihdrv; ??C:UsersXXXXXXZZZ~1AppDataLocalTempesihdrv.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-09 11:52 – 2020-06-09 11:54 – 000063509 _____ C:UsersXXXXXXZZZDownloadsFRST.txt

2020-06-09 11:51 – 2020-06-09 11:51 – 002289152 _____ (Farbar) C:UsersXXXXXXZZZDownloadsFRST64.exe

2020-06-07 23:48 – 2020-06-08 01:26 – 000000000 ____D C:UsersXXXXXXZZZDownloadsMobile ETH

2020-06-07 16:57 – 2020-06-07 16:57 – 000226879 _____ C:UsersXXXXXXZZZDownloadsNessahan Alita – Reflexões Masculinas (Ed. 2008).pdf

2020-06-07 16:56 – 2020-06-07 16:56 – 000393633 _____ C:UsersXXXXXXZZZDownloadsNessahan Alita – A Guerra da Paixão (Ed. 2005).pdf

2020-06-07 16:56 – 2020-06-07 16:56 – 000321820 _____ C:UsersXXXXXXZZZDownloadsNessahan Alita – O Profano Feminino (Ed. 2008).pdf

2020-06-07 16:55 – 2020-06-07 16:55 – 001413718 _____ C:UsersXXXXXXZZZDownloadsNessahan Alita – Como lidar com mulheres (Ed. 2008).pdf

2020-06-05 14:57 – 2020-06-05 14:57 – 000000000 ____D C:Windowssystem32TasksMozilla

2020-06-05 10:16 – 2020-06-05 10:17 – 169944728 _____ (Oracle Corporation) C:UsersXXXXXXZZZDownloadsjdk-14.0.1_windows-x64_bin.exe

2020-06-05 10:12 – 2020-06-09 09:09 – 000000000 ____D C:Program Files (x86)Mozilla Firefox

2020-06-02 20:38 – 2020-06-02 20:38 – 000001505 _____ C:UsersXXXXXXZZZDesktopNetworkMiner.exe – Atalho.lnk

2020-06-02 20:28 – 2020-06-02 20:28 – 000090168 ____H (Sysinternals – www.sysinternals.com) C:Windowssystem32DriversPROCMON24.SYS

2020-06-02 20:18 – 2020-06-02 20:18 – 000000000 ____D C:UsersXXXXXXZZZDownloadspowershell mtsploit 2

2020-06-02 17:17 – 2020-06-02 17:17 – 000001208 _____ C:UsersXXXXXXZZZDesktopLegislação – Atalho.lnk

2020-06-02 14:34 – 2020-06-02 14:34 – 000248968 _____ (Malwarebytes) C:Windowssystem32Driversmbamswissarmy.sys

2020-06-02 11:16 – 2020-06-02 11:16 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalOsram_Lamp

2020-06-02 10:08 – 2020-06-02 10:09 – 004189296 _____ C:UsersXXXXXXZZZDownloadsultrasurf.exe

2020-06-01 21:21 – 2020-06-01 21:21 – 000002019 _____ C:UsersPublicDesktopPhilips_Cat.lnk

2020-06-01 21:21 – 2020-06-01 21:21 – 000002019 _____ C:ProgramDataDesktopPhilips_Cat.lnk

2020-06-01 21:21 – 2020-06-01 21:21 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsPhilips Lighting

2020-06-01 21:19 – 2020-06-01 21:21 – 000000000 ____D C:Program Files (x86)Philips Lighting

2020-06-01 18:23 – 2020-06-01 18:23 – 000002048 _____ C:UsersPublicDesktopOSRAM Lamp PlugIn.lnk

2020-06-01 18:23 – 2020-06-01 18:23 – 000002048 _____ C:ProgramDataDesktopOSRAM Lamp PlugIn.lnk

2020-06-01 18:23 – 2020-06-01 18:23 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsDIALux PlugIns

2020-06-01 18:22 – 2020-06-01 18:23 – 000000000 ____D C:ProgramDataDIALux

2020-06-01 18:22 – 2020-06-01 18:22 – 000000000 ____D C:ProgramDataDIALux PlugIns

2020-06-01 18:17 – 2020-06-01 21:00 – 000000000 ____D C:UsersXXXXXXZZZDownloadsPHILIPS

2020-06-01 18:17 – 2020-06-01 18:18 – 000000000 ____D C:UsersXXXXXXZZZDownloadsOSRAM

2020-06-01 18:15 – 2020-06-01 18:15 – 001751775 _____ C:UsersXXXXXXZZZDownloads20190926-philips-truefashion-2-compact-st715t.zip

2020-06-01 15:27 – 2020-06-01 15:27 – 000000000 ____D C:UsersXXXXXXZZZDocumentsDIAL GmbH

2020-06-01 15:27 – 2020-06-01 15:27 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalStimulsoft

2020-06-01 15:27 – 2020-06-01 15:27 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalDIAL GmbH

2020-06-01 12:15 – 2020-06-01 12:16 – 000038155 _____ C:DIALux Setup Information.txt

2020-06-01 12:15 – 2020-06-01 12:15 – 000005721 _____ C:DIAL Communication Framework Setup Log.txt

2020-06-01 12:15 – 2020-06-01 12:15 – 000001783 _____ C:UsersPublicDesktopDIALux evo.lnk

2020-06-01 12:15 – 2020-06-01 12:15 – 000001783 _____ C:ProgramDataDesktopDIALux evo.lnk

2020-06-01 12:15 – 2020-06-01 12:15 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalSafeNet Sentinel

2020-06-01 12:15 – 2020-06-01 12:15 – 000000000 ____D C:ProgramDataSafeNet Sentinel

2020-06-01 12:15 – 2020-06-01 12:15 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsDIALux evo

2020-06-01 12:15 – 2020-06-01 12:15 – 000000000 ____D C:Program Files (x86)DIAL GmbH

2020-06-01 12:13 – 2020-06-01 12:20 – 000656059 _____ C:WindowsDIALux Setup Log.txt

2020-06-01 12:13 – 2020-06-01 12:14 – 000000000 ____D C:ProgramDataDIAL GmbH

2020-06-01 12:13 – 2020-06-01 12:13 – 000000000 ____D C:Program FilesDIAL GmbH

2020-06-01 12:02 – 2020-06-01 12:04 – 486796896 _____ (DIAL GmbH) C:UsersXXXXXXZZZDownloadsDIALux_evo_9.0.exe

2020-05-28 14:18 – 2020-05-28 14:18 – 000090112 _____ C:UsersXXXXXXZZZDownloadsamipinkc2.exe

2020-05-28 13:07 – 2020-05-28 13:07 – 000002391 _____ C:UsersXXXXXXZZZAppDataLocalrecently-used.xbel

2020-05-28 12:56 – 2020-05-28 12:56 – 011226820 _____ C:UsersXXXXXXZZZDownloadsvulscan-master.zip

2020-05-27 15:28 – 2020-05-27 15:28 – 000030719 _____ C:UsersXXXXXXZZZDownloadsc2 metasploit powershel.zip

2020-05-24 14:46 – 2020-05-24 14:46 – 001227102 _____ C:UsersXXXXXXZZZDownloadsSGA10.zip

2020-05-23 00:22 – 2020-05-23 00:22 – 000000018 _____ C:UsersXXXXXXZZZDesktopSerpentine Similar.txt

2020-05-22 20:08 – 2020-05-22 20:09 – 000325072 _____ C:WindowsMinidump52220-169750-01.dmp

2020-05-22 16:03 – 2020-05-22 16:03 – 000214496 _____ (Malwarebytes) C:Windowssystem32DriversMbamChameleon.sys

2020-05-21 22:30 – 2020-05-21 22:30 – 000000083 _____ C:UsersXXXXXXZZZDesktopnmap.txt

2020-05-21 10:47 – 2020-05-28 13:07 – 000000000 ____D C:UsersXXXXXXZZZ.zenmap

2020-05-21 10:47 – 2020-05-21 10:47 – 000000986 _____ C:UsersXXXXXXZZZDesktopNmap – Zenmap GUI.lnk

2020-05-21 10:47 – 2020-05-21 10:47 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingMicrosoftWindowsStart MenuProgramsNmap

2020-05-21 10:45 – 2020-05-24 17:36 – 000003112 _____ C:Windowssystem32Tasksnpcapwatchdog

2020-05-21 10:43 – 2020-05-21 10:43 – 000000000 ____D C:WindowsSysWOW64Npcap

2020-05-21 10:43 – 2020-05-21 10:43 – 000000000 ____D C:Windowssystem32Npcap

2020-05-21 10:42 – 2020-05-28 13:00 – 000000000 ____D C:Program Files (x86)Nmap

2020-05-21 00:50 – 2020-05-21 10:13 – 000000000 ____D C:UsersXXXXXXZZZDownloadsSGA10

2020-05-19 10:20 – 2020-05-19 10:20 – 000002203 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Earth Pro.lnk

2020-05-19 10:20 – 2020-05-19 10:20 – 000002191 _____ C:UsersPublicDesktopGoogle Earth Pro.lnk

2020-05-19 10:20 – 2020-05-19 10:20 – 000002191 _____ C:ProgramDataDesktopGoogle Earth Pro.lnk

2020-05-17 13:58 – 2020-05-17 13:59 – 000000000 ____D C:UsersXXXXXXZZZDownloadsFotos Belém

2020-05-16 22:15 – 2020-05-16 22:24 – 000002368 _____ C:UsersXXXXXXZZZDesktopRkill.txt

2020-05-16 22:14 – 2020-05-16 22:14 – 001802704 _____ (Bleeping Computer, LLC) C:UsersXXXXXXZZZDownloadsrkill.exe

2020-05-16 21:34 – 2020-05-16 21:34 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalclink

2020-05-16 20:34 – 2020-05-16 20:40 – 000000000 ____D C:Appie

2020-05-15 23:38 – 2020-05-15 23:38 – 000000193 _____ C:UsersXXXXXXZZZDesktopbiblio.txt

2020-05-14 11:27 – 2020-05-14 11:27 – 000000000 ____D C:UsersXXXXXXZZZDocumentsZoom

2020-05-14 11:20 – 2020-05-14 11:20 – 000001947 _____ C:UsersXXXXXXZZZDesktopZoom.lnk

2020-05-14 11:19 – 2020-05-14 11:19 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingMicrosoftWindowsStart MenuProgramsZoom

2020-05-14 10:28 – 2020-04-30 04:49 – 000308736 _____ (Microsoft Corporation) C:Windowssystem32usbmon.dll

2020-05-14 10:28 – 2020-04-30 04:22 – 000881664 _____ (Microsoft Corporation) C:Windowssystem32printfilterpipelinesvc.exe

2020-05-14 10:28 – 2020-04-30 03:55 – 001756672 _____ (Microsoft Corporation) C:Windowssystem32GdiPlus.dll

2020-05-14 10:28 – 2020-04-30 03:43 – 001495040 _____ (Microsoft Corporation) C:WindowsSysWOW64GdiPlus.dll

2020-05-14 10:28 – 2020-04-30 03:40 – 000309760 _____ (Microsoft Corporation) C:Windowssystem32WSDMon.dll

2020-05-14 10:28 – 2020-04-30 03:37 – 000216576 _____ (Microsoft Corporation) C:Windowssystem32tcpmon.dll

2020-05-14 10:28 – 2020-04-30 03:33 – 001096704 _____ (Microsoft Corporation) C:Windowssystem32localspl.dll

2020-05-14 10:28 – 2020-04-16 07:04 – 022365896 _____ (Microsoft Corporation) C:Windowssystem32shell32.dll

2020-05-14 10:28 – 2020-04-16 07:04 – 003118032 _____ (Microsoft Corporation) C:Windowssystem32WpcMon.exe

2020-05-14 10:28 – 2020-04-16 07:04 – 001368592 _____ (Microsoft Corporation) C:Windowssystem32gdi32.dll

2020-05-14 10:28 – 2020-04-16 07:04 – 000722496 _____ (Microsoft Corporation) C:Windowssystem32SHCore.dll

2020-05-14 10:28 – 2020-04-16 07:04 – 000642488 _____ (Microsoft Corporation) C:Windowssystem32twinapi.appcore.dll

2020-05-14 10:28 – 2020-04-16 07:00 – 000374024 _____ (Adobe Systems Incorporated) C:Windowssystem32atmfd.dll

2020-05-14 10:28 – 2020-04-16 06:15 – 025755136 _____ (Microsoft Corporation) C:Windowssystem32mshtml.dll

2020-05-14 10:28 – 2020-04-16 05:30 – 019795840 _____ (Microsoft Corporation) C:WindowsSysWOW64shell32.dll

2020-05-14 10:28 – 2020-04-16 05:29 – 000561400 _____ (Microsoft Corporation) C:WindowsSysWOW64SHCore.dll

2020-05-14 10:28 – 2020-04-16 05:29 – 000493736 _____ (Microsoft Corporation) C:WindowsSysWOW64twinapi.appcore.dll

2020-05-14 10:28 – 2020-04-16 05:25 – 000316368 _____ (Adobe Systems Incorporated) C:WindowsSysWOW64atmfd.dll

2020-05-14 10:28 – 2020-04-16 04:40 – 002911744 _____ (Microsoft Corporation) C:Windowssystem32iertutil.dll

2020-05-14 10:28 – 2020-04-16 04:38 – 000581120 _____ (Microsoft Corporation) C:Windowssystem32vbscript.dll

2020-05-14 10:28 – 2020-04-16 04:31 – 020291072 _____ (Microsoft Corporation) C:WindowsSysWOW64mshtml.dll

2020-05-14 10:28 – 2020-04-16 04:31 – 000113152 _____ (Microsoft Corporation) C:Windowssystem32Windows.Security.Credentials.UI.UserConsentVerifier.dll

2020-05-14 10:28 – 2020-04-16 04:28 – 000186880 _____ (Microsoft Corporation) C:Windowssystem32easwrt.dll

2020-05-14 10:28 – 2020-04-16 04:27 – 005498880 _____ (Microsoft Corporation) C:Windowssystem32jscript9.dll

2020-05-14 10:28 – 2020-04-16 04:27 – 000785408 _____ (Microsoft Corporation) C:Windowssystem32jscript.dll

2020-05-14 10:28 – 2020-04-16 04:25 – 000546816 _____ (Microsoft Corporation) C:Windowssystem32Windows.Devices.PointOfService.dll

2020-05-14 10:28 – 2020-04-16 04:14 – 000497664 _____ (Microsoft Corporation) C:WindowsSysWOW64vbscript.dll

2020-05-14 10:28 – 2020-04-16 04:11 – 002304000 _____ (Microsoft Corporation) C:WindowsSysWOW64iertutil.dll

2020-05-14 10:28 – 2020-04-16 04:07 – 000084992 _____ (Microsoft Corporation) C:WindowsSysWOW64Windows.Security.Credentials.UI.UserConsentVerifier.dll

2020-05-14 10:28 – 2020-04-16 04:06 – 000463872 _____ (Microsoft Corporation) C:Windowssystem32Windows.Devices.Usb.dll

2020-05-14 10:28 – 2020-04-16 04:05 – 000147968 _____ (Microsoft Corporation) C:WindowsSysWOW64easwrt.dll

2020-05-14 10:28 – 2020-04-16 04:04 – 000654336 _____ (Microsoft Corporation) C:WindowsSysWOW64jscript.dll

2020-05-14 10:28 – 2020-04-16 04:03 – 000365568 _____ (Microsoft Corporation) C:WindowsSysWOW64Windows.Devices.PointOfService.dll

2020-05-14 10:28 – 2020-04-16 03:59 – 001994240 _____ (Microsoft Corporation) C:Windowssystem32DWrite.dll

2020-05-14 10:28 – 2020-04-16 03:59 – 001033216 _____ (Microsoft Corporation) C:Windowssystem32inetcomm.dll

2020-05-14 10:28 – 2020-04-16 03:54 – 015478272 _____ (Microsoft Corporation) C:Windowssystem32ieframe.dll

2020-05-14 10:28 – 2020-04-16 03:53 – 003258368 _____ (Microsoft Corporation) C:Windowssystem32Wpc.dll

2020-05-14 10:28 – 2020-04-16 03:53 – 000262144 _____ (Microsoft Corporation) C:Windowssystem32webcheck.dll

2020-05-14 10:28 – 2020-04-16 03:51 – 000809472 _____ (Microsoft Corporation) C:Windowssystem32msfeeds.dll

2020-05-14 10:28 – 2020-04-16 03:50 – 001384960 _____ (Microsoft Corporation) C:Windowssystem32FntCache.dll

2020-05-14 10:28 – 2020-04-16 03:49 – 002942464 _____ (Microsoft Corporation) C:Windowssystem32WpcWebSync.dll

2020-05-14 10:28 – 2020-04-16 03:49 – 002132992 _____ (Microsoft Corporation) C:Windowssystem32inetcpl.cpl

2020-05-14 10:28 – 2020-04-16 03:48 – 000310784 _____ (Microsoft Corporation) C:WindowsSysWOW64Windows.Devices.Usb.dll

2020-05-14 10:28 – 2020-04-16 03:43 – 000880640 _____ (Microsoft Corporation) C:WindowsSysWOW64inetcomm.dll

2020-05-14 10:28 – 2020-04-16 03:41 – 004112384 _____ (Microsoft Corporation) C:WindowsSysWOW64jscript9.dll

2020-05-14 10:28 – 2020-04-16 03:41 – 002471424 _____ (Microsoft Corporation) C:WindowsSysWOW64Wpc.dll

2020-05-14 10:28 – 2020-04-16 03:40 – 001085440 _____ (Microsoft Corporation) C:WindowsSysWOW64gdi32.dll

2020-05-14 10:28 – 2020-04-16 03:39 – 001560064 _____ (Microsoft Corporation) C:WindowsSysWOW64DWrite.dll

2020-05-14 10:28 – 2020-04-16 03:39 – 000696320 _____ (Microsoft Corporation) C:WindowsSysWOW64msfeeds.dll

2020-05-14 10:28 – 2020-04-16 03:38 – 002058752 _____ (Microsoft Corporation) C:WindowsSysWOW64inetcpl.cpl

2020-05-14 10:28 – 2020-04-16 03:38 – 000333312 _____ (Microsoft Corporation) C:WindowsSysWOW64iedkcs32.dll

2020-05-14 10:28 – 2020-04-16 03:37 – 004859392 _____ (Microsoft Corporation) C:Windowssystem32wininet.dll

2020-05-14 10:28 – 2020-04-16 03:35 – 013861376 _____ (Microsoft Corporation) C:WindowsSysWOW64ieframe.dll

2020-05-14 10:28 – 2020-04-16 03:35 – 000254976 _____ (Microsoft Corporation) C:Windowssystem32Windows.Devices.HumanInterfaceDevice.dll

2020-05-14 10:28 – 2020-04-16 03:32 – 000689152 _____ (Microsoft Corporation) C:Windowssystem32Windows.Devices.Bluetooth.dll

2020-05-14 10:28 – 2020-04-16 03:30 – 014533632 _____ (Microsoft Corporation) C:Windowssystem32twinui.dll

2020-05-14 10:28 – 2020-04-16 03:28 – 000902656 _____ (Microsoft Corporation) C:Windowssystem32Windows.Devices.SmartCards.dll

2020-05-14 10:28 – 2020-04-16 03:27 – 000173056 _____ (Microsoft Corporation) C:WindowsSysWOW64Windows.Devices.HumanInterfaceDevice.dll

2020-05-14 10:28 – 2020-04-16 03:26 – 012880384 _____ (Microsoft Corporation) C:WindowsSysWOW64twinui.dll

2020-05-14 10:28 – 2020-04-16 03:26 – 001566720 _____ (Microsoft Corporation) C:Windowssystem32urlmon.dll

2020-05-14 10:28 – 2020-04-16 03:26 – 000466432 _____ (Microsoft Corporation) C:WindowsSysWOW64Windows.Devices.Bluetooth.dll

2020-05-14 10:28 – 2020-04-16 03:24 – 007799296 _____ (Microsoft Corporation) C:Windowssystem32Windows.Data.Pdf.dll

2020-05-14 10:28 – 2020-04-16 03:23 – 000626688 _____ (Microsoft Corporation) C:WindowsSysWOW64Windows.Devices.SmartCards.dll

2020-05-14 10:28 – 2020-04-16 03:22 – 000068096 _____ (Microsoft Corporation) C:Windowssystem32ConfigureExpandedStorage.dll

2020-05-14 10:28 – 2020-04-16 03:20 – 004387328 _____ (Microsoft Corporation) C:WindowsSysWOW64wininet.dll

2020-05-14 10:28 – 2020-04-16 03:20 – 000052736 _____ (Microsoft Corporation) C:WindowsSysWOW64ConfigureExpandedStorage.dll

2020-05-14 10:28 – 2020-04-16 03:19 – 001265152 _____ (Microsoft Corporation) C:Windowssystem32schedsvc.dll

2020-05-14 10:28 – 2020-04-16 03:18 – 005271552 _____ (Microsoft Corporation) C:WindowsSysWOW64Windows.Data.Pdf.dll

2020-05-14 10:28 – 2020-04-16 03:16 – 001341952 _____ (Microsoft Corporation) C:WindowsSysWOW64urlmon.dll

2020-05-14 10:28 – 2020-04-16 03:15 – 000800768 _____ (Microsoft Corporation) C:Windowssystem32ieapfltr.dll

2020-05-14 10:28 – 2020-04-16 03:15 – 000710144 _____ (Microsoft Corporation) C:WindowsSysWOW64ieapfltr.dll

2020-05-14 10:28 – 2020-04-16 03:14 – 001727488 _____ (Microsoft Corporation) C:Windowssystem32Windows.UI.Immersive.dll

2020-05-14 10:28 – 2020-04-16 03:11 – 001546752 _____ (Microsoft Corporation) C:WindowsSysWOW64Windows.UI.Immersive.dll

2020-05-14 10:28 – 2020-04-16 03:11 – 000140288 _____ (Microsoft Corporation) C:Windowssystem32efswrt.dll

2020-05-14 10:28 – 2020-04-16 03:11 – 000104448 _____ (Microsoft Corporation) C:WindowsSysWOW64efswrt.dll

2020-05-14 10:28 – 2020-04-16 03:07 – 000156160 _____ (Microsoft Corporation) C:WindowsSysWOW64PlayToManager.dll

2020-05-14 10:28 – 2020-04-16 03:05 – 000229888 _____ (Microsoft Corporation) C:Windowssystem32PlayToManager.dll

2020-05-14 10:28 – 2020-04-14 08:33 – 000205824 _____ (Microsoft Corporation) C:Windowssystem32scrrun.dll

2020-05-14 10:28 – 2020-04-14 08:03 – 000168448 _____ (Microsoft Corporation) C:WindowsSysWOW64scrrun.dll

2020-05-14 10:28 – 2020-04-11 19:42 – 007362296 _____ (Microsoft Corporation) C:Windowssystem32ntoskrnl.exe

2020-05-14 10:28 – 2020-04-11 19:41 – 000376568 _____ (Microsoft Corporation) C:Windowssystem32Driversclfs.sys

2020-05-14 10:28 – 2020-04-11 19:39 – 001542696 _____ (Microsoft Corporation) C:Windowssystem32user32.dll

2020-05-14 10:28 – 2020-04-11 19:29 – 001737720 _____ (Microsoft Corporation) C:Windowssystem32ntdll.dll

2020-05-14 10:28 – 2020-04-11 18:31 – 001501096 _____ (Microsoft Corporation) C:WindowsSysWOW64ntdll.dll

2020-05-14 10:28 – 2020-04-11 18:04 – 004168704 _____ (Microsoft Corporation) C:Windowssystem32win32k.sys

2020-05-14 10:28 – 2020-04-11 16:55 – 000194560 _____ (Microsoft Corporation) C:Windowssystem32winsrv.dll

2020-05-14 10:28 – 2020-04-11 16:53 – 000112128 _____ (Microsoft Corporation) C:Windowssystem32vaultcli.dll

2020-05-14 10:28 – 2020-04-11 16:48 – 001377792 _____ (Microsoft Corporation) C:WindowsSysWOW64user32.dll

2020-05-14 10:28 – 2020-04-11 16:47 – 000260608 _____ (Microsoft Corporation) C:Windowssystem32vaultsvc.dll

2020-05-14 10:28 – 2020-04-11 16:23 – 001317888 _____ (Microsoft Corporation) C:Windowssystem32Windows.Media.Streaming.dll

2020-05-14 10:28 – 2020-04-11 16:22 – 001103872 _____ (Microsoft Corporation) C:WindowsSysWOW64Windows.Media.Streaming.dll

2020-05-14 10:28 – 2020-04-11 01:12 – 002446576 _____ (Microsoft Corporation) C:Windowssystem32Driverstcpip.sys

2020-05-14 10:28 – 2020-04-11 01:12 – 000428784 _____ (Microsoft Corporation) C:Windowssystem32DriversFWPKCLNT.SYS

2020-05-14 10:28 – 2020-04-09 14:36 – 001311744 _____ (Microsoft Corporation) C:WindowsSysWOW64msjet40.dll

2020-05-14 10:28 – 2020-04-07 20:30 – 000988472 _____ (Microsoft Corporation) C:Windowssystem32mfsrcsnk.dll

2020-05-14 10:28 – 2020-04-07 20:28 – 000857320 _____ (Microsoft Corporation) C:WindowsSysWOW64mfsrcsnk.dll

2020-05-14 10:28 – 2020-04-07 14:55 – 003330048 _____ (Microsoft Corporation) C:Windowssystem32msi.dll

2020-05-14 10:28 – 2020-04-07 14:51 – 003636224 _____ (Microsoft Corporation) C:WindowsSysWOW64msi.dll

2020-05-14 10:28 – 2020-04-04 17:06 – 000879616 _____ (Microsoft Corporation) C:Windowssystem32rasdlg.dll

2020-05-14 10:28 – 2020-04-04 17:01 – 001572864 _____ (Microsoft Corporation) C:Windowssystem32wbengine.exe

2020-05-14 10:28 – 2020-04-04 16:50 – 000795136 _____ (Microsoft Corporation) C:WindowsSysWOW64rasdlg.dll

2020-05-14 10:13 – 2020-05-13 09:42 – 000338104 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32avgBoot.exe

2020-05-13 16:42 – 2020-05-13 16:43 – 140053773 _____ C:UsersXXXXXXZZZDownloadsHAPv5.11.zip

2020-05-13 09:43 – 2020-05-13 09:42 – 000235552 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgStm.sys

2020-05-13 09:43 – 2020-05-13 09:42 – 000175776 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgMonFlt.sys

2020-05-11 16:42 – 2020-06-08 02:05 – 000000000 ____D C:Windowssystem32TasksAVAST Software

2020-05-10 21:06 – 2020-05-10 21:06 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingQtProject

2020-05-10 21:04 – 2020-05-10 21:04 – 000001201 _____ C:UsersPublicDesktopMiniTool Power Data Recovery 8.8.lnk

2020-05-10 21:04 – 2020-05-10 21:04 – 000001201 _____ C:ProgramDataDesktopMiniTool Power Data Recovery 8.8.lnk

2020-05-10 21:04 – 2020-05-10 21:04 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMiniTool Power Data Recovery

2020-05-10 20:58 – 2020-05-10 22:38 – 000000000 ____D C:Program Files (x86)MiniTool PowerDataRecovery

2020-05-10 20:51 – 2020-05-10 20:51 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingMicrosoftWindowsStart MenuProgramsDiskInternals

2020-05-10 20:51 – 2020-05-10 20:51 – 000000000 ____D C:Program Files (x86)DiskInternals

2020-05-10 20:32 – 2020-05-10 20:32 – 000001677 _____ C:UsersPublicDesktopRecuva.lnk

2020-05-10 20:32 – 2020-05-10 20:32 – 000001677 _____ C:ProgramDataDesktopRecuva.lnk

2020-05-10 20:32 – 2020-05-10 20:32 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRecuva

2020-05-10 20:32 – 2020-05-10 20:32 – 000000000 ____D C:Program FilesRecuva

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-09 11:59 – 2018-07-01 02:15 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalLowMozilla

2020-06-09 11:53 – 2020-04-22 15:26 – 000000000 ____D C:FRST

2020-06-09 11:52 – 2019-09-18 14:54 – 000000594 _____ C:WindowsTasksG2MUpdateTask-S-1-5-21-3751382696-3894377064-3631472648-1001.job

2020-06-09 11:39 – 2020-04-22 15:39 – 000000000 ____D C:UsersXXXXXXZZZDocumentsSMsec

2020-06-09 11:31 – 2020-04-24 12:21 – 000000000 ___RD C:UsersXXXXXXZZZDocumentsMEGAsync uploads

2020-06-09 11:22 – 2019-09-18 14:54 – 000000690 _____ C:WindowsTasksG2MUploadTask-S-1-5-21-3751382696-3894377064-3631472648-1001.job

2020-06-09 11:16 – 2015-05-05 05:06 – 000818068 _____ C:Windowssystem32prfh0816.dat

2020-06-09 11:16 – 2015-05-05 05:06 – 000175394 _____ C:Windowssystem32prfc0816.dat

2020-06-09 11:16 – 2014-11-21 05:42 – 001956190 _____ C:Windowssystem32PerfStringBackup.INI

2020-06-09 11:16 – 2013-08-22 14:36 – 000000000 ____D C:WindowsInf

2020-06-09 10:45 – 2020-05-02 10:45 – 000000374 _____ C:WindowsTasksHPCeeScheduleForXXXXXXZZZ.job

2020-06-09 09:34 – 2016-03-18 21:20 – 000000000 ____D C:UsersXXXXXXZZZDocumentsYoucam

2020-06-09 09:33 – 2018-07-27 23:43 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalCrashDumps

2020-06-09 09:28 – 2019-09-18 14:54 – 000003700 _____ C:Windowssystem32TasksG2MUploadTask-S-1-5-21-3751382696-3894377064-3631472648-1001

2020-06-09 09:28 – 2019-09-18 14:54 – 000003604 _____ C:Windowssystem32TasksG2MUpdateTask-S-1-5-21-3751382696-3894377064-3631472648-1001

2020-06-09 09:28 – 2019-09-18 14:54 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalGoToMeeting

2020-06-09 09:24 – 2020-03-19 19:44 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalAVAST Software

2020-06-09 09:21 – 2020-03-16 11:06 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingSpotify

2020-06-09 09:21 – 2016-04-23 21:50 – 000000000 ____D C:ProgramDataAvg

2020-06-09 09:17 – 2016-03-18 21:20 – 000000000 __RDO C:UsersXXXXXXZZZOneDrive

2020-06-09 09:17 – 2016-03-18 21:14 – 000000000 __SHD C:UsersXXXXXXZZZIntelGraphicsProfiles

2020-06-09 09:10 – 2019-04-05 12:40 – 000000000 ____D C:ProgramDataVMware

2020-06-09 09:10 – 2017-11-30 18:27 – 000000434 _____ C:WindowsTasksDriver Easy Scheduled Scan.job

2020-06-09 09:10 – 2013-08-22 15:45 – 000000006 ____H C:WindowsTasksSA.DAT

2020-06-09 09:10 – 2013-08-22 15:44 – 001175584 _____ C:Windowssystem32FNTCACHE.DAT

2020-06-09 09:09 – 2016-05-02 18:14 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service

2020-06-08 02:12 – 2013-08-22 14:25 – 000524288 ___SH C:Windowssystem32configBBI

2020-06-08 02:05 – 2020-05-02 10:45 – 000003202 _____ C:Windowssystem32TasksHPCeeScheduleForXXXXXXZZZ

2020-06-08 02:05 – 2019-06-24 09:55 – 000004188 _____ C:Windowssystem32TasksAvast SecureLine VPN Update

2020-06-08 02:05 – 2019-03-27 15:39 – 000003874 _____ C:Windowssystem32TasksBlueStacksHelper

2020-06-08 02:05 – 2019-03-14 12:51 – 000004128 _____ C:Windowssystem32TasksCCleaner Update

2020-06-08 02:05 – 2019-03-14 12:51 – 000002818 _____ C:Windowssystem32TasksCCleanerSkipUAC

2020-06-08 02:05 – 2018-03-13 10:37 – 000004472 _____ C:Windowssystem32TasksAdobe Flash Player NPAPI Notifier

2020-06-08 02:05 – 2018-01-19 14:55 – 000003108 _____ C:Windowssystem32Tasks7A5E22F3-13A6-4040-B1C5-E4043B449990

2020-06-08 02:05 – 2017-11-30 18:27 – 000003832 _____ C:Windowssystem32TasksDriver Easy Scheduled Scan

2020-06-08 02:05 – 2017-06-28 03:34 – 000004324 _____ C:Windowssystem32TasksAdobe Flash Player Updater

2020-06-08 02:05 – 2017-04-06 22:46 – 000004174 _____ C:Windowssystem32TasksAntivirus Emergency Update

2020-06-08 02:05 – 2016-04-18 20:31 – 000003646 _____ C:Windowssystem32TasksHPCustParticipation HP Deskjet 3050 J610 series

2020-06-08 02:05 – 2016-03-31 20:06 – 000004476 _____ C:Windowssystem32TasksAdobe Acrobat Update Task

2020-06-08 02:05 – 2016-03-18 21:26 – 000003444 _____ C:Windowssystem32TasksGoogleUpdateTaskMachineUA

2020-06-08 02:05 – 2016-03-18 21:26 – 000003316 _____ C:Windowssystem32TasksGoogleUpdateTaskMachineCore

2020-06-08 02:05 – 2015-06-04 18:43 – 000002118 _____ C:Windowssystem32TasksAvast SecureLine

2020-06-08 02:05 – 2015-05-04 20:52 – 000002986 _____ C:Windowssystem32TasksStart SimplePass

2020-06-08 02:05 – 2015-05-04 20:52 – 000002924 _____ C:Windowssystem32TasksStart OPBHOBrokerDesktop

2020-06-08 02:05 – 2015-05-04 20:52 – 000002912 _____ C:Windowssystem32TasksStart OPBHOBroker

2020-06-07 17:15 – 2013-08-22 16:36 – 000000000 ____D C:Windowssystem32NDF

2020-06-07 14:53 – 2016-04-28 13:32 – 000000000 ____D C:UsersXXXXXXZZZDocumentsDepesas anuais

2020-06-07 14:09 – 2019-07-18 11:12 – 000000000 ____D C:UsersXXXXXXZZZ.VirtualBox

2020-06-07 13:56 – 2019-07-18 11:12 – 000000000 ____D C:ProgramDataVirtualBox

2020-06-05 15:12 – 2016-03-18 21:21 – 000003600 _____ C:Windowssystem32TasksOptimize Start Menu Cache Files-S-1-5-21-3751382696-3894377064-3631472648-1001

2020-06-05 14:57 – 2016-05-02 18:14 – 000001182 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk

2020-06-05 09:41 – 2016-03-18 21:27 – 000002247 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2020-06-04 18:33 – 2020-05-04 21:27 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingxarp-XXXXXXZZZ

2020-06-04 13:20 – 2016-03-31 20:06 – 000002086 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAcrobat Reader DC.lnk

2020-06-02 19:55 – 2018-06-24 15:52 – 000001277 _____ C:UsersXXXXXXZZZDesktopMUSICA.txt – Atalho.lnk

2020-06-02 19:27 – 2016-03-18 21:12 – 000000000 ____D C:UsersXXXXXXZZZ

2020-06-02 11:21 – 2013-08-22 16:36 – 000000000 ____D C:Windowstracing

2020-06-01 21:21 – 2015-05-04 20:52 – 000000000 ___HD C:Program Files (x86)InstallShield Installation Information

2020-05-29 08:53 – 2015-06-04 18:15 – 000000000 ____D C:ProgramDataRealtek

2020-05-28 23:50 – 2016-04-25 18:02 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingvlc

2020-05-28 00:58 – 2013-08-22 16:36 – 000000000 ____D C:WindowsAppReadiness

2020-05-28 00:46 – 2017-12-10 17:58 – 000000000 ____D C:UsersXXXXXXZZZDocumentsFacebook

2020-05-28 00:38 – 2020-04-22 15:36 – 000000000 ____D C:UsersXXXXXXZZZDocumentsJogos

2020-05-28 00:14 – 2017-03-04 00:04 – 000000000 ____D C:UsersXXXXXXZZZDocumentsXadrez

2020-05-28 00:12 – 2016-12-17 17:46 – 000000000 ____D C:UsersXXXXXXZZZDocumentsSegurança Social

2020-05-28 00:11 – 2018-06-24 15:40 – 000000000 ____D C:UsersXXXXXXZZZDocumentsProgramas

2020-05-28 00:11 – 2016-04-30 18:20 – 000000000 ____D C:UsersXXXXXXZZZDocumentsProgramas instalados

2020-05-28 00:10 – 2016-05-12 20:08 – 000000000 ____D C:UsersXXXXXXZZZDocumentsOutros

2020-05-28 00:09 – 2018-05-06 16:14 – 000000000 ____D C:UsersXXXXXXZZZDocumentsLivros

2020-05-27 13:56 – 2019-11-04 15:58 – 000000000 ____D C:UsersXXXXXXZZZDownloadsNetworkMiner_2-5

2020-05-27 10:01 – 2015-05-04 20:48 – 000000000 ____D C:Program Files (x86)Hewlett-Packard

2020-05-26 18:00 – 2016-04-28 01:41 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalMicrosoft Help

2020-05-26 12:34 – 2020-03-16 11:07 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalSpotify

2020-05-25 09:55 – 2020-04-30 19:15 – 000000000 ____D C:UsersXXXXXXZZZDownloadsETH

2020-05-22 20:08 – 2016-05-24 22:12 – 000000000 ____D C:WindowsMinidump

2020-05-22 20:00 – 2017-04-03 19:15 – 000000000 ___RD C:UsersXXXXXXZZZGoogle Drive

2020-05-22 12:21 – 2019-02-07 10:56 – 000000000 ___RD C:UsersXXXXXXZZZDocumentsMEGA

2020-05-21 10:45 – 2020-03-31 18:09 – 000000000 ____D C:Program FilesNpcap

2020-05-21 01:37 – 2016-04-23 21:45 – 000000000 ____D C:UsersXXXXXXZZZDocumentsPasses

2020-05-19 10:20 – 2018-03-22 22:48 – 000000000 ____D C:Program FilesGoogle

2020-05-18 22:34 – 2013-08-22 16:20 – 000000000 ____D C:WindowsCbsTemp

2020-05-18 12:33 – 2016-03-18 21:15 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalPackages

2020-05-18 12:32 – 2013-08-22 16:36 – 000000000 ___HD C:Program FilesWindowsApps

2020-05-17 15:20 – 2019-07-18 11:13 – 000000000 ____D C:UsersXXXXXXZZZVirtualBox VMs

2020-05-17 13:12 – 2019-04-24 01:38 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingTelegram Desktop

2020-05-16 21:57 – 2015-06-04 18:43 – 000000000 ____D C:ProgramDataAVAST Software

2020-05-16 21:48 – 2016-06-27 16:51 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingACEStream

2020-05-16 21:48 – 2016-06-27 16:51 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoaming.ACEStream

2020-05-16 04:27 – 2016-03-31 22:45 – 000000000 ____D C:Windowssystem32MRT

2020-05-16 04:22 – 2013-08-22 16:36 – 000000000 ___RD C:WindowsToastData

2020-05-16 04:22 – 2013-08-22 16:36 – 000000000 ____D C:Windowssystem32inetsrv

2020-05-15 23:46 – 2018-04-26 15:42 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalDesignBuilder

2020-05-15 23:46 – 2018-04-26 15:36 – 000000000 ____D C:ProgramDataDesignBuilder

2020-05-15 23:43 – 2020-04-18 19:52 – 000000000 ____D C:Program Files (x86)TeamViewer

2020-05-15 23:42 – 2019-12-08 18:20 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingMicrosoftWindowsStart MenuProgramsWugFresh Development

2020-05-15 23:41 – 2020-01-11 03:43 – 000000000 ____D C:Program Files (x86)Kingo ROOT

2020-05-15 23:41 – 2018-05-20 03:24 – 000000000 ____D C:Program Files (x86)Facebook Friend Mapper

2020-05-15 23:41 – 2016-03-29 22:06 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingDropboxOEM

2020-05-15 11:41 – 2016-03-31 22:45 – 120636720 ____C (Microsoft Corporation) C:Windowssystem32MRT.exe

2020-05-14 11:19 – 2020-04-09 12:17 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingZoom

2020-05-13 23:42 – 2013-08-22 16:36 – 000000000 ____D C:WindowsSysWOW64Macromed

2020-05-13 23:42 – 2013-08-22 16:36 – 000000000 ____D C:Windowssystem32Macromed

2020-05-13 22:38 – 2016-04-18 20:06 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalHP

2020-05-13 10:44 – 2020-04-28 14:25 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalLowIGDump

2020-05-13 09:42 – 2019-01-07 00:31 – 000061072 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32Driversavgbuniv.sys

2020-05-13 09:42 – 2019-01-07 00:31 – 000037208 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgArDisk.sys

2020-05-13 09:42 – 2018-10-20 20:56 – 000042856 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgKbd.sys

2020-05-13 09:42 – 2017-11-30 14:52 – 000205952 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgArPot.sys

2020-05-13 09:42 – 2017-04-06 22:46 – 000851664 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgSnx.sys

2020-05-13 09:42 – 2017-04-06 22:46 – 000461064 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgSP.sys

2020-05-13 09:42 – 2017-04-06 22:46 – 000319184 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgVmm.sys

2020-05-13 09:42 – 2017-04-06 22:46 – 000109336 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgRdr2.sys

2020-05-13 09:42 – 2017-04-06 22:46 – 000084928 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgRvrt.sys

2020-05-13 09:41 – 2019-01-14 16:33 – 000234632 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32Driversavgbidsdriver.sys

2020-05-13 09:41 – 2019-01-07 00:31 – 000178832 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32Driversavgbidsh.sys

2020-05-12 17:41 – 2020-03-07 21:03 – 000000000 ____D C:ProgramDataProtonVPN

2020-05-12 00:18 – 2018-02-25 20:28 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingWireshark

2020-05-11 22:49 – 2020-03-24 22:50 – 000000000 ____D C:fakenet1.4.11

2020-05-10 17:51 – 2016-04-10 14:24 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingAVAST Software

2020-05-10 17:51 – 2015-06-04 18:43 – 000000000 ____D C:Program FilesAVAST Software

==================== Files in the root of some directories ========

2020-01-03 14:39 – 2020-01-03 14:39 – 003185243 _____ () C:Program FilesHxDSetup.zip

2020-02-26 13:17 – 2020-02-26 13:17 – 003341981 _____ () C:Program FilesSnort_2_9_15_1_Installer.exe

2017-11-28 12:01 – 2017-11-28 12:03 – 007649280 _____ () C:Program Files (x86)GUTAEE6.tmp

2020-05-28 13:07 – 2020-05-28 13:07 – 000002391 _____ () C:UsersXXXXXXZZZAppDataLocalrecently-used.xbel

2020-01-11 03:44 – 2020-01-11 03:59 – 000000068 _____ () C:UsersXXXXXXZZZAppDataLocaluts.ini

2020-05-21 10:47 – 2020-05-28 11:12 – 000000286 _____ () C:UsersXXXXXXZZZAppDataLocalzenmap.exe.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2020-04-08 11:59

==================== End of FRST.txt ========================

Also, the Addition.txt:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020

Ran by XXXXXXZZZ (09-06-2020 12:01:08)

Running from C:UsersXXXXXXZZZDownloads

Windows 8.1 (Update) (X64) (2016-03-18 20:13:59)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrador (S-1-5-21-3751382696-3894377064-3631472648-500 – Administrator – Disabled)

Convidado (S-1-5-21-3751382696-3894377064-3631472648-501 – Limited – Disabled)

XXXXXXZZZ (S-1-5-21-3751382696-3894377064-3631472648-1001 – Administrator – Enabled) => C:UsersXXXXXXZZZ

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46

AV: AVG Antivirus (Enabled – Up to date) 18A975F9-A60C-37D8-E30B-4BEF31AD3411

AS: AVG Antivirus (Enabled – Up to date) A3C8941D-8036-3856-D9BB-709D4A2A7EAC

AS: Windows Defender (Disabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

[PS3] Save Resigner (HKLM-x32…[PS3] Save Resigner 2.0.2) (Version: 2.0.2 – The Prince of Codes)

[PS3] Save Resigner (HKLM-x32…96CF2F0B-EBB0-4D7F-852F-C54A30C8E5CF) (Version: 2.0.2 – The Prince of Codes) Hidden

µTorrent (HKUS-1-5-21-3751382696-3894377064-3631472648-1001…uTorrent) (Version: 3.5.5.45505 – BitTorrent Inc.)

7-Zip 9.20 (x64 edition) (HKLM…23170F69-40C1-2702-0920-000001000000) (Version: 9.20.00.0 – Igor Pavlov)

A360 Desktop (HKLM…7758802D-9486-4883-9927-CCAC366A3BA4) (Version: 7.2.3.1800 – Autodesk)

ACA & MEP 2017 Object Enabler (HKLM…28B89EEF-0004-0000-5102-CF3F3A09B77D) (Version: 7.9.45.0 – Autodesk) Hidden

ACAD Private (HKLM…28B89EEF-0001-0000-3102-CF3F3A09B77D) (Version: 21.0.52.0 – Autodesk) Hidden

Actualizações da NVIDIA 16.13.65 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.Update) (Version: 16.13.65 – NVIDIA Corporation) Hidden

Adobe Acrobat Reader DC – Português (HKLM-x32…AC76BA86-7AD7-1046-7B44-AC0F074E4100) (Version: 20.009.20067 – Adobe Systems Incorporated)

Adobe Acrobat XI Pro (HKLM-x32…AC76BA86-1033-FFFF-7760-000000000006) (Version: 11.0.12 – Adobe Systems)

Adobe Flash Player 32 NPAPI (HKLM-x32…Adobe Flash Player NPAPI) (Version: 32.0.0.371 – Adobe)

Adobe Shockwave Player 12.1 (HKLM-x32…Adobe Shockwave Player) (Version: 12.1.7.157 – Adobe Systems, Inc.)

Aimersoft Helper Compact 2.5.2 (HKLM-x32…405147F7-FCC5-499B-A27E-EA6BD4A80435_is1) (Version: 2.5.2 – Aimersoft)

Android Rom Dumper version 1.3.5 (HKLM-x32…595D7D79-D70F-4930-A450-BF06B628EE2D_is1) (Version: 1.3.5 – BoxWares Team)

Android Studio (HKLM…Android Studio) (Version: 3.6 – Google LLC)

Android Toolkit 2.0.30 (HKLM-x32…F9441FCC-1C08-4933-939F-0E8A27D6C0CE_is1) (Version: 2.0.30 – Apeaksoft Studio)

Any DGN to DWG Converter 2018 (HKLM-x32…Any DGN to DWG Converter_is1) (Version:  – AnyDWG Software, Inc.)

Any DWF to DWG Converter 2017 (HKLM-x32…Any DWF to DWG Converter_is1) (Version:  – AnyDWG Software, Inc.)

Aplicação de ambiente de trabalho Autodesk (HKLM-x32…Autodesk Desktop App) (Version: 7.0.9.191 – Autodesk)

Aplicativos da Autodesk em destaque 2016-2017 (HKLM-x32…27C15055-713B-4D0E-881F-19598A2DFD59) (Version: 2.2.0 – Autodesk)

Application Verifier x64 External Package (HKLM…10CA1677-8F02-3131-F25C-780BAB52E468) (Version: 10.1.18362.1 – Microsoft) Hidden

Assistente de gestor de conteúdo para PlayStation® (HKLM-x32…E5C1C342-5E78-4D91-85BE-40C716B09391) (Version: 3.55.7671.0901 – Sony Computer Entertainment Inc.)

AutoCAD 2017 – English (HKLM…28B89EEF-0001-0409-2102-CF3F3A09B77D) (Version: 21.0.52.0 – Autodesk) Hidden

AutoCAD 2017 (HKLM…28B89EEF-0001-0000-0102-CF3F3A09B77D) (Version: 21.0.52.0 – Autodesk) Hidden

AutoCAD 2017 Language Pack – English (HKLM…28B89EEF-0001-0409-1102-CF3F3A09B77D) (Version: 21.0.52.0 – Autodesk) Hidden

Autodesk Advanced Material Library Image Library 2017 (HKLM-x32…8ED2ED41-4455-449D-993C-751C039089B9) (Version: 15.11.3.0 – Autodesk)

Autodesk App Manager 2016-2017 (HKLM-x32…C0954809-F5DC-426C-847E-8409DE14E4C0) (Version: 2.2.0 – Autodesk)

Autodesk AutoCAD 2017 – English (HKLM…AutoCAD 2017 – English) (Version: 21.0.52.0 – Autodesk)

Autodesk AutoCAD Performance Feedback Tool 1.2.5 (HKLM-x32…8600F844-9AA5-412E-B6F2-F9C6CBCFD268) (Version: 1.2.5.0 – Autodesk)

Autodesk BIM 360 Glue AutoCAD 2017 Add-in 64 bit (HKLM…276A67E0-71EB-4827-B5F7-2ACF02BC1A5B) (Version: 4.37.6853 – Autodesk)

Autodesk Design Review (HKLM-x32…139C013B-5BAC-4101-BC6C-B2A78C0125A4) (Version: 14.0.0.177 – Autodesk) Hidden

Autodesk Design Review (HKLM-x32…Autodesk Design Review) (Version: 14.0.0.177 – Autodesk)

Autodesk DWG TrueView 2018 – English (HKLM…DWG TrueView 2018 – English) (Version: 22.0.50.0 – Autodesk)

Autodesk License Service (x64) – 3.1 (HKLM…EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D) (Version: 3.1.26.0 – Autodesk)

Autodesk Material Library 2017 (HKLM-x32…8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE) (Version: 15.11.3.0 – Autodesk)

Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32…3FBFBC43-9882-43FA-B979-2D53896747B3) (Version: 15.11.3.0 – Autodesk)

AutoDWG DWG DXF Converter 2019 (HKLM-x32…98D8413-1812-41BC-8AD5-2192A80AC23F) (Version:  – )

AutoHotkey 1.1.24.01 (HKLM…AutoHotkey) (Version: 1.1.24.01 – Lexikos)

Autopsy (HKLM…274E8015-93B6-470C-943B-5FDD6E803462) (Version: 4.13.0 – The Sleuth Kit)

Avast SecureLine (HKLM…2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5_is1) (Version: 1.0.220.2 – AVAST Software)

AVG AntiVirus FREE (HKLM-x32…AVG Antivirus) (Version: 20.3.3120 – AVG Technologies)

AVG TuneUp (HKLM-x32…949BE04F-D7E8-4C19-9F89-8B304AB4308A_is1) (Version: 19.1.1209 – AVG Technologies)

AVG Web TuneUp (HKLM-x32…AVG Web TuneUp) (Version: 4.3.9.626 – AVG Technologies)

Backup and Sync from Google (HKLM…FE296942-D2D3-4149-8895-60655FE4CFDE) (Version: 3.49.9800.0000 – Google, Inc.)

Bejeweled 3 (HKLM-x32…WTA-8fc518d5-0776-414b-8c35-d47a24361589) (Version: 3.0.2.59 – WildTangent) Hidden

BlueStacks App Player (HKLM…BlueStacks) (Version: 4.60.3.1001 – BlueStack Systems, Inc.)

Bonjour (HKLM…6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D) (Version: 3.0.0.10 – Apple Inc.)

Bruteforce Save Data (HKLM-x32…Bruteforce Save Data) (Version:  – )

Build-a-lot (HKLM-x32…WTA-1122e411-4a7b-46f0-8a81-a325b319b16e) (Version: 3.0.2.59 – WildTangent) Hidden

Building the Great Wall of China Collector's Edition (HKLM-x32…WTA-460b63ee-3e7e-405f-8860-c7ef48fb3a7e) (Version: 3.0.2.48 – WildTangent) Hidden

Cain & Abel 4.9.56 (HKLM-x32…Cain & Abel 4.9.56) (Version:  – )

CCleaner (HKLM…CCleaner) (Version: 5.55 – Piriform)

Cisco EAP-FAST Module (HKLM-x32…64BF0187-F3D2-498B-99EA-163AF9AE6EC9) (Version: 2.2.14 – Cisco Systems, Inc.)

Cisco LEAP Module (HKLM-x32…AF312B06-5C5C-468E-89B3-BE6DE2645722) (Version: 1.0.19 – Cisco Systems, Inc.)

Cisco PEAP Module (HKLM-x32…A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F) (Version: 1.1.6 – Cisco Systems, Inc.)

Crazy Chicken Soccer (HKLM-x32…WTA-ee1c9a77-df4c-46ab-a6b3-85ad880357a3) (Version: 2.2.0.110 – WildTangent) Hidden

CyberLink Media Suite 10 (HKLM-x32…InstallShield_1FBF6C24-C1fD-4101-A42B-0C564F9E8E79) (Version: 10.0.9.4928 – CyberLink Corp.)

Cyberlink PhotoDirector (HKLM…5A454EC5-217A-42a5-8CE1-2DDEC4E70E01) (Version: 5.0.4.6303 – Nome da empresa:) Hidden

Cyberlink PhotoDirector (HKLM-x32…InstallShield_5A454EC5-217A-42a5-8CE1-2DDEC4E70E01) (Version: 5.0.4.6303 – CyberLink Corp.)

CyberLink Power2Go 8 (HKLM-x32…InstallShield_2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2) (Version: 8.0.9.5009 – CyberLink Corp.)

CyberLink PowerBackup 2.6 (HKLM-x32…InstallShield_ADD5DB49-72CF-11D8-9D75-000129760D75) (Version: 2.6.2.1307 – CyberLink Corp.)

CyberLink PowerDirector 12 (HKLM…E1646825-D391-42A0-93AA-27FA810DA093) (Version: 12.0.3.3812 – Nome da empresa:) Hidden

CyberLink PowerDirector 12 (HKLM-x32…InstallShield_E1646825-D391-42A0-93AA-27FA810DA093) (Version: 12.0.3.3812 – CyberLink Corp.)

CyberLink YouCam (HKLM-x32…InstallShield_01FB4998-33C4-4431-85ED-079E3EEFE75D) (Version: 5.0.6.5011 – CyberLink Corp.)

DAEMON Tools Lite (HKLM…DAEMON Tools Lite) (Version: 10.3.0.0154 – Disc Soft Ltd)

Delicious: Emily's Wonder Wedding Premium Edition (HKLM-x32…WTA-ab833d9b-3665-402d-b993-c99a471eeb10) (Version: 3.0.2.59 – WildTangent) Hidden

DesignBuilder (HKLM-x32…9C306D70-8A6C-11D5-8CDF-00D0B78FC575) (Version: 5.3.0.014 – DesignBuilder Software Ltd.)

DIAL Communication Framework (HKLM-x32…562D0D31-FBAF-4505-8B27-4EC92EEA91D6) (Version: 1.3.2.258 – DIAL GmbH)

DIAL Data Dispatcher (HKLM-x32…DIAL Data Dispatcher1.0) (Version: 2.0.24.0 – DIAL GmbH)

DIALux evo (x64) (HKLM-x32…5FF70775-5D3A-4A26-B9ED-1BF642E9987C) (Version: 5.9.0.49107 – DIAL GmbH)

DisableMSDefender (HKLM…74FE39A0-FB76-47CD-84BA-91E2BBB17EF2) (Version: 1.0.0 – Hewlett-Packard Company) Hidden

DiskInternals Partition Recovery (HKLM-x32…DiskInternals Partition Recovery) (Version: 7.6.2 – DiskInternals Research)

Dolphin (HKLM-x32…Dolphin) (Version: 4.0.2 – Dolphin Development Team)

DraftSight 2017 SP0 x64 (HKLM…E78A1C28-8E3C-4CFB-82A4-077E7104F993) (Version: 17.0.2086 – Dassault Systemes)

Driver Easy 5.5.5 (HKLM…DriverEasy_is1) (Version: 5.5.5 – Easeware)

DWF to DWG Converter (HKLM-x32…909F0ECA-1A61-43F3-B2F2-D1A7AE79A444) (Version:  – )

DWG TrueView 2018 – English (HKLM…28B89EEF-1028-0409-0100-CF3F3A09B77D) (Version: 22.0.50.0 – Autodesk) Hidden

EaseUS Data Recovery Wizard (HKLM…EaseUS Data Recovery Wizard_is1) (Version:  – EaseUS)

E-CAT / E20-II Configuration Services 2.21 (HKLM-x32…E-CAT / E20-II Configuration Services 2.21) (Version:  – )

E-CAT Enable 2.11 (HKLM-x32…E-CAT Enable 2.11) (Version:  – )

Energy Star (HKLM…465CA2B6-98AF-4E77-BE22-A908C34BB9EC) (Version: 1.0.9 – Hewlett-Packard Company)

EPSON Scan (HKLM-x32…EPSON Scanner) (Version:  – )

Evernote v. 5.8.1 (HKLM-x32…4FD2D1C8-8636-11E4-9D21-00163E98E7D6) (Version: 5.8.1.6061 – Evernote Corp.)

Foxit PhantomPDF (HKLM-x32…4E32271C-B55A-4CDF-8DB7-88FD1C45927C) (Version: 7.0.310.226 – Foxit Software Inc.)

Genymotion version 3.1.0 (HKLM…6D180286-D4DF-40EF-9227-923B9C07C08A_is1) (Version: 3.1.0 – Genymobile)

Git version 2.26.0 (HKLM…Git_is1) (Version: 2.26.0 – The Git Development Community)

Google Chrome (HKLM-x32…Google Chrome) (Version: 83.0.4103.97 – Google LLC)

Google Earth Pro (HKLM…B6EAFE41-5723-40EB-869B-4AF44CA17B35) (Version: 7.3.3.7699 – Google)

Google Update Helper (HKLM-x32…60EC980A-BDA2-4CB6-A427-B07A5498B4CA) (Version: 1.3.35.451 – Google LLC) Hidden

GoTo Opener (HKLM-x32…C0F33C38-345C-4C02-B161-11389350C2A5) (Version: 1.0.533 – LogMeIn, Inc.)

GoToMeeting 10.10.1.17956 (HKUS-1-5-21-3751382696-3894377064-3631472648-1001…GoToMeeting) (Version: 10.10.1.17956 – LogMeIn, Inc.)

Hardlock Device Drivers (HKLM-x32…Hardlock Device Drivers) (Version:  – )

Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32…6F340107-F9AA-47C6-B54C-C3A19F11553F) (Version: 1.00.0000 – Hewlett-Packard Company) Hidden

Hijack Hunter 1.8.4.1 (HKLM-x32…616A9B24-448B-4DF3-926A-C4141FCD692C_is1) (Version:  – NoVirusThanks Company Srl)

Hourly Analysis Program 4.91 (HKLM-x32…Hourly Analysis Program 4.91) (Version:  – Carrier Corporation)

HP 3D DriveGuard (HKLM-x32…D817481A-193E-4332-A4F3-E19132F744F0) (Version: 6.0.24.1 – Hewlett-Packard Company)

HP CoolSense (HKLM-x32…ADE2F6A7-E7BD-4955-BD66-30903B223DDF) (Version: 2.20.41 – Hewlett-Packard Company)

HP Deskjet 3050 J610 series Ajuda (HKLM-x32…F7632A9B-661E-4FD9-B1A4-3B86BC99847F) (Version: 140.0.63.63 – Hewlett Packard)

HP Deskjet 3050 J610 series Estudo de aprimoramento de produtos (HKLM…A954C7EA-DDD9-4055-BC48-E816F174F397) (Version: 28.0.1315.0 – Hewlett-Packard Co.)

HP Deskjet 3050 J610 series Software básico do dispositivo (HKLM…E6E28DE7-446E-4E27-BE37-4B6D925A385B) (Version: 28.0.1315.0 – Hewlett-Packard Co.)

HP Documentation (HKLM-x32…915AE95A-9009-41DB-9D9D-D57E17AAB48F) (Version: 1.1.0.0 – Hewlett-Packard)

HP Photo Creations (HKLM-x32…HP Photo Creations) (Version: 1.0.0.7702 – HP)

HP Registration Service (HKLM…D1E8F2D7-7794-4245-B286-87ED86C1893C) (Version: 1.2.7960.5089 – Hewlett-Packard)

HP SimplePass (HKLM-x32…InstallShield_314FAD12-F785-4471-BCE8-AB506642B9A1) (Version: 8.01.39 – Hewlett-Packard)

HP Support Assistant (HKLM-x32…E959FD01-BD01-4CC4-9BB8-4EBE8309BF37) (Version: 8.8.26.13 – HP)

HP Support Solutions Framework (HKLM-x32…7463C61B-A36C-47BC-8E16-701EBC34C26F) (Version: 12.16.22.11 – HP)

HP System Event Utility (HKLM-x32…3EDAF5B5-0CA9-4967-B103-FBFF1162C336) (Version: 1.2.10 – Hewlett-Packard Company)

HP Update (HKLM-x32…912D30CF-F39E-4B31-AD9A-123C6B794EE2) (Version: 5.005.002.002 – Hewlett-Packard)

HP Wireless Button Driver (HKLM-x32…30B2D1D8-0A07-4B71-9553-0710C5D31E35) (Version: 1.1.2.1 – Hewlett-Packard Company)

HPDiagnosticAlert (HKLM-x32…B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D) (Version: 1.00.0001 – Microsoft) Hidden

HxD Hex Editor 2.3 (HKLM…HxD_is1) (Version: 2.3 – Maël Hörz)

HxD Hex Editor version 1.7.7.0 (HKLM-x32…HxD Hex Editor_is1) (Version: 1.7.7.0 – Maël Hörz)

ImgBurn (HKLM-x32…ImgBurn) (Version: 2.5.8.0 – LIGHTNING UK!)

Importação do SketchUp 2016-2017 (HKLM-x32…63925DB-9D8C-48E2-8F04-1B7038B6C783) (Version: 2.2.0 – Autodesk)

iMyFone AnyRecover 2.0.0.16 (HKLM-x32…89DFCC5A-39CC-4AE7-8313-1ED6553E1ADD_is1) (Version: 2.0.0.16 – Shenzhen iMyFone Technology Co., Ltd.)

Inst5675 (HKLM…2DE6247C-7077-451B-8BA7-FFD1A2ABBB47) (Version: 8.01.39 – Softex Inc.) Hidden

Inst5676 (HKLM…878F6913-7421-4713-97F7-0A736EE2A188) (Version: 8.01.39 – Softex Inc.) Hidden

Intel Collaborative Processor Performance Control (HKLM-x32…E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 – Intel Corporation)

Intel® Dynamic Platform and Thermal Framework (HKLM-x32…654EE65D-FAA4-4EA6-8C07-DC94E6A304D4) (Version: 8.0.10100.71 – Intel Corporation)

Intel® Management Engine Components (HKLM…1CEAC85D-2590-4760-800F-8DE5E91F3700) (Version: 10.0.31.1000 – Intel Corporation)

Intel® Processor Graphics (HKLM-x32…F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA) (Version: 10.18.14.4139 – Intel Corporation)

Intel® Rapid Storage Technology (HKLM…409CB30E-E457-4008-9B1A-ED1B9EA21140) (Version: 14.5.2.1088 – Intel Corporation)

Intel® Hardware Accelerated Execution Manager (HKLM…754CC9DC-3DB4-4FB2-B71E-87331DB9EA17) (Version: 7.5.4 – Intel Corporation)

Iomega Encryption (HKLM…634B56F2-09FF-407B-B9FB-3611DDC52773) (Version: 1.03.0003 – Iomega an EMC Company)

Iomega Encryption 3.1.0 (HKLM…2A5534DE-30C7-429C-976A-132E89549180) (Version: 3.1.0 – Iomega)

IRS – Modelo 3 Impressos 2016 (HKLM…pt.at.DM3IRSCLIv2016) (Version: 2016.2.1.0124 – AT)

iTube Studio(Build 7.4.7.3) (HKLM-x32…iTube Studio_is1) (Version: 7.4.7.3 – iTube Studio)

Java 8 Update 241 (64-bit) (HKLM…26A24AE4-039D-4CA4-87B4-2F64180241F0) (Version: 8.0.2410.7 – Oracle Corporation)

Java™ SE Development Kit 14 (64-bit) (HKLM…3552AC04-4EFC-51F1-AA92-9D1A99E02C95) (Version: 14.0.0.0 – Oracle Corporation)

JetBrains PyCharm Community Edition 2018.2.1 (HKLM-x32…PyCharm Community Edition 2018.2.1) (Version: 182.3911.33 – JetBrains s.r.o.)

Jewel Match 3 (HKLM-x32…WTA-fced6a73-fdd6-4324-9ec6-d4a9ddcc449c) (Version: 3.0.2.59 – WildTangent) Hidden

Jill of the Jungle (HKLM-x32…1129701343_is1) (Version: 1.0 CS – GOG.com)

Jogos da WildTangent (HKLM-x32…WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 – WildTangent)

Jumpstart Installation Program (HKLM-x32…B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13) (Version:  – Atheros)

Kits Configuration Installer (HKLM-x32…63AAA877-5536-9481-2385-28A082100D78) (Version: 10.1.18362.1 – Microsoft) Hidden

LAV Filters 0.74.1 (HKLM-x32…lavfilters_is1) (Version: 0.74.1 – Hendrik Leppkes)

LizardTech ExpressView Browser Plug-in (HKLM-x32…4EFFB6FD-C0D3-43AF-AABB-BC0DCDBF2F34) (Version: 6.5.1 – LizardTech)

Local_Monitor 4.1 (HKLM-x32…DED1CF45-A68B-40A9-AF54-7447D6D0CFDD_is1) (Version:  – Insecuritynet, Inc.)

Magic ISO Maker v5.5 (build 0281) (HKLM-x32…Magic ISO Maker v5.5 (build 0281)) (Version:  – )

Malwarebytes version 4.1.0.56 (HKLM…35065F43-4BB2-439A-BFF7-0F1014F2E0CD_is1) (Version: 4.1.0.56 – Malwarebytes)

MEGAsync (HKLM-x32…MEGAsync) (Version:  – Mega Limited)

Microsoft .NET Core SDK 3.1.201 (x64) (HKLM-x32…5e0a0ca7-8d37-4573-8d5b-03416809a484) (Version: 3.1.201.15034 – Microsoft Corporation)

Microsoft Office (HKLM-x32…90150000-0138-0409-0000-0000000FF1CE) (Version: 15.0.4641.1005 – Microsoft Corporation)

Microsoft Office Professional Plus 2010 (HKLM-x32…Office14.PROPLUS) (Version: 14.0.7015.1000 – Microsoft Corporation)

Microsoft Silverlight (HKLM…89F4137D-6C26-4A84-BDB8-2E5A4BB71E00) (Version: 5.1.50907.0 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…710f4c1c-cc18-4c49-8cbf-51240c89a1a2) (Version: 8.0.61001 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…837b34e3-7c30-493c-8f6a-2b0f04e2912c) (Version: 8.0.59193 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…8220EEFE-38CD-377E-8595-13398D740ACE) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.4148 (HKLM…4B6C7001-C7D6-3710-913E-5BC23FCE91E6) (Version: 9.0.30729.4148 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.17 (HKLM-x32…9A25302D-30C0-39D9-BD6F-21E6EC160475) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.4148 (HKLM-x32…1F1C2DFC-2D24-3E06-BCB8-725134ADF989) (Version: 9.0.30729.4148 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…9BE518E6-ECC6-35A9-88E4-87755C07200F) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…1D8E6291-B0D5-35EC-8441-6616F567A0F7) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…F0C3E5D1-1ADE-321E-8167-68EF0DE699A5) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…ca67548a-5ebe-413a-b50c-4b9ceb6d66c6) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…33d1fd90-4274-48a1-9bc1-97e33d9c2d6f) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…50d4fc8-5d48-4b8f-8972-47c82c46020f) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…f65db027-aff3-4070-886a-0d87064aabb1) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.25.28508 (HKLM-x32…6913e92a-b64e-41c9-a5e6-cef39207fe89) (Version: 14.25.28508.3 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.25.28508 (HKLM-x32…65e650ff-30be-469d-b63a-418d71ea1765) (Version: 14.25.28508.3 – Microsoft Corporation)

Microsoft Visual F# 2.0 Runtime (HKLM-x32…729A3000-BC8A-3B74-BA5D-5068FE12D70C) (Version: 10.0.30319 – Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM…Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 – Microsoft Corporation)

Microsoft Visual Studio Installer (HKLM…6F320B93-EE3C-4826-85E0-ADF79F8D4C61) (Version: 2.5.2059.317 – Microsoft Corporation)

MiniTool Power Data Recovery 8.8 (HKLM…E1BCD081-4BF4-4E2F-832A-911EC42EF3C5_is1) (Version: 8.8 – MiniTool Software Limited)

Mozilla Firefox 77.0.1 (x64 pt-PT) (HKLM…Mozilla Firefox 77.0.1 (x64 pt-PT)) (Version: 77.0.1 – Mozilla)

Mozilla Maintenance Service (HKLM-x32…MozillaMaintenanceService) (Version: 77.0.1.7458 – Mozilla)

MSI Development Tools (HKLM-x32…DB4DB790-64DD-1902-4BF2-833B3B6DBCA1) (Version: 10.1.18362.1 – Microsoft Corporation) Hidden

Nmap 7.80 (HKLM-x32…Nmap) (Version: 7.80 – Nmap Project)

NoVirusThanks Anti-Rootkit (Free Edition) v1.2 (HKLM-x32…NoVirusThanks Anti-Rootkit (Free Edition)_is1) (Version: 1.2.0.0 – NoVirusThanks Company Srl)

Npcap 0.9982 (HKLM-x32…NpcapInst) (Version: 0.9982 – Nmap Project)

NVIDIA Controlador gráfico 347.26 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.Driver) (Version: 347.26 – NVIDIA Corporation)

NVIDIA GeForce Experience 2.1.4 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.GFExperience) (Version: 2.1.4 – NVIDIA Corporation)

NVIDIA O software do sistema PhysX 9.14.0702 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.PhysX) (Version: 9.14.0702 – NVIDIA Corporation)

OpenSSL 1.1.1f Light (64-bit) (HKLM…OpenSSL Light (64-bit)_is1) (Version:  – OpenSSL Win64 Installer Team)

Oracle VM VirtualBox 6.0.4 (HKLM…79366295-CD6A-4467-9901-4A7DFCF90F40) (Version: 6.0.4 – Oracle Corporation)

OSRAM Lamp PlugIn 1.8.3.1 (HKLM-x32…567EA4E4-B799-4F1C-BFE0-D0381BD8651A) (Version: 1.83.1000 – OSRAM)

Painel de controlo da NVIDIA 347.26 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.ControlPanel) (Version: 347.26 – NVIDIA Corporation) Hidden

Panda Cloud Cleaner (HKLM-x32…92B2B132-C7F0-43DC-921A-4493C04F78A4_is1) (Version: 1.1.10 – Panda Security)

PEStudio (HKLM-x32…PEStudio) (Version: 1.0.0.27 – Elcontrol Enegy Net SpA)

Philips Product Selector 5.2.12.2 (HKLM-x32…81AD9228-21AC-4DBD-AE33-98146A88BAA8) (Version: 5.2.12.2 – Signify) Hidden

Philips Product Selector 5.2.12.2 (HKLM-x32…InstallShield_81AD9228-21AC-4DBD-AE33-98146A88BAA8) (Version: 5.2.12.2 – Signify)

plugin Autenticação.Gov (HKLM-x32…DA5C6D6B-C160-4732-9A6D-CB0B58387A84) (Version: 2.0.46 – Agência para a Modernização Administrativa)

Polar Bowler 1st Frame (HKLM-x32…WTA-7427884d-05c8-4a08-baa0-d130eb2faeef) (Version: 3.0.2.59 – WildTangent) Hidden

PPS max plugin 1.7.0 (HKLM-x32…PPS max plugin_is1) (Version: 1.7.0.0 – Tree C Technology B.V.)

Project64 1.6 (HKLM-x32…9559F7CA-5E34-4237-A2D9-D856464AD727) (Version: 1.6 – Project64)

ProtonVPN (HKLM-x32…6766D7C7-E034-49EA-82AC-0FE614B7F1DF) (Version: 1.13.3 – Proton Technologies AG) Hidden

ProtonVPN (HKLM-x32…ProtonVPN 1.13.3) (Version: 1.13.3 – Proton Technologies AG)

Python 3.7.0 (64-bit) (HKUS-1-5-21-3751382696-3894377064-3631472648-1001…f684de81-73c2-4924-ad43-e7ae400d47b5) (Version: 3.7.150.0 – Python Software Foundation)

Python 3.7.0 Core Interpreter (64-bit) (HKLM…F046BD5A-33F4-4ABA-BD2D-0227F6291EC9) (Version: 3.7.150.0 – Python Software Foundation) Hidden

Python 3.7.0 Development Libraries (64-bit) (HKLM…61246987-8D99-44A9-8FF5-E2E3F503B72D) (Version: 3.7.150.0 – Python Software Foundation) Hidden

Python 3.7.0 Documentation (64-bit) (HKLM…E7C56E72-C80E-453B-9345-FAEAE5DB51A4) (Version: 3.7.150.0 – Python Software Foundation) Hidden

Python 3.7.0 Executables (64-bit) (HKLM…84B7971A-F59F-4247-AD34-BEC02CF85FBD) (Version: 3.7.150.0 – Python Software Foundation) Hidden

Python 3.7.0 pip Bootstrap (64-bit) (HKLM…8A6F7991-1955-4C46-8C0C-8D7C6F7042FA) (Version: 3.7.150.0 – Python Software Foundation) Hidden

Python 3.7.0 Standard Library (64-bit) (HKLM…18D93BBC-06F6-449D-96FB-CD473CFC6A6D) (Version: 3.7.150.0 – Python Software Foundation) Hidden

Python 3.7.0 Tcl/Tk Support (64-bit) (HKLM…A2FC01E0-059E-4D21-AFD2-B63A7E1EF3CD) (Version: 3.7.150.0 – Python Software Foundation) Hidden

Python 3.7.0 Test Suite (64-bit) (HKLM…E4266358-1C9B-4AF0-ABF7-72BE136904CF) (Version: 3.7.150.0 – Python Software Foundation) Hidden

Python 3.7.0 Utility Scripts (64-bit) (HKLM…9E24E01B-CBD8-4558-A56D-6188F1A3C822) (Version: 3.7.150.0 – Python Software Foundation) Hidden

Python 3.8.2 (64-bit) (HKUS-1-5-21-3751382696-3894377064-3631472648-1001…13ee6ab9-4dca-406c-bc3b-5d86391d39a1) (Version: 3.8.2150.0 – Python Software Foundation)

Python 3.8.2 Add to Path (64-bit) (HKLM…88AF4D20-BE9D-4CA6-8BD4-5DB380A41CC8) (Version: 3.8.2150.0 – Python Software Foundation) Hidden

Python 3.8.2 Core Interpreter (64-bit) (HKLM…AD923240-0ACE-45C9-8749-05BF77AAE101) (Version: 3.8.2150.0 – Python Software Foundation) Hidden

Python 3.8.2 Development Libraries (64-bit) (HKLM…BDFB7011-0AB2-440F-8F00-32AF7A9ED1ED) (Version: 3.8.2150.0 – Python Software Foundation) Hidden

Python 3.8.2 Documentation (64-bit) (HKLM…65B0F976-5151-427E-95B4-2320DC64F91E) (Version: 3.8.2150.0 – Python Software Foundation) Hidden

Python 3.8.2 Executables (64-bit) (HKLM…A36C1168-60E6-42E4-93DB-6BE8C6DD9DD6) (Version: 3.8.2150.0 – Python Software Foundation) Hidden

Python 3.8.2 pip Bootstrap (64-bit) (HKLM…8EEE042B-6EAF-4171-BA6E-01319ED99DA8) (Version: 3.8.2150.0 – Python Software Foundation) Hidden

Python 3.8.2 Standard Library (64-bit) (HKLM…33F9B46C-EB19-4BB7-ABFA-F8C71B73E9A4) (Version: 3.8.2150.0 – Python Software Foundation) Hidden

Python 3.8.2 Tcl/Tk Support (64-bit) (HKLM…FCA1EB7D-2F62-4659-AA5F-42C37CE5D3CB) (Version: 3.8.2150.0 – Python Software Foundation) Hidden

Python 3.8.2 Test Suite (64-bit) (HKLM…F6DA05CF-67B5-47D0-ABD4-371C80BA0717) (Version: 3.8.2150.0 – Python Software Foundation) Hidden

Python 3.8.2 Utility Scripts (64-bit) (HKLM…52AB506A-EC3C-4060-9EBF-6A975994CB35) (Version: 3.8.2150.0 – Python Software Foundation) Hidden

Python Launcher (HKLM-x32…AF12A465-EA47-447D-B6BF-2A82CDBE2F0E) (Version: 3.8.6994.0 – Python Software Foundation)

QCAD Trial 3.19.1 (HKLM…438D0F39-554F-40A4-BA3F-04809892FB96) (Version: 3.19.1 – RibbonSoft GmbH)

Ranch Rush 2 – Premium Edition (HKLM-x32…WTA-7396ad2b-d565-43cb-89bb-20ab60c8fe9f) (Version: 2.2.0.98 – WildTangent) Hidden

REALTEK Bluetooth Driver (HKLM-x32…9D3D8C60-A5EF-4123-B2B9-172095903AB) (Version: 1.0.0.46 – REALTEK Semiconductor Corp.)

Realtek Card Reader (HKLM-x32…5BC2B5AB-80DE-4E83-B8CF-426902051D0A) (Version: 6.3.370.68 – Realtek Semiconductor Corp.)

Realtek Ethernet Controller Driver (HKLM-x32…8833FFB6-5B0C-4764-81AA-06DFEED9A476) (Version: 8.37.1119.2014 – Realtek)

Realtek High Definition Audio Driver (HKLM-x32…F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC) (Version: 6.0.1.7457 – Realtek Semiconductor Corp.)

REALTEK Wireless LAN Driver (HKLM-x32…A5107464-AA9B-4177-8129-5FF2F42DD322) (Version: 1.0.0.46 – REALTEK Semiconductor Corp.)

Recuva (HKLM…Recuva) (Version: 1.53 – Piriform)

RemoteComms driver (HKLM-x32…89B4CA50-3F94-451F-B93A-22608DF45FF9) (Version: 1.30.0002 – PLX Technology)

Runefall (HKLM-x32…WTA-7be9cc5b-65c3-4233-9f92-6fbda3316c00) (Version: 3.0.2.126 – WildTangent) Hidden

Samsung Kies (HKLM-x32…758C8301-2696-4855-AF45-534B1200980A) (Version: 2.6.4.17113.1 – Samsung Electronics Co., Ltd.) Hidden

Samsung Kies (HKLM-x32…InstallShield_758C8301-2696-4855-AF45-534B1200980A) (Version: 2.6.4.17113.1 – Samsung Electronics Co., Ltd.)

SAMSUNG USB Driver for Mobile Phones (HKLM…D0795B21-0CDA-4a92-AB9E-6E92D8111E44) (Version: 1.5.51.0 – SAMSUNG Electronics Co., Ltd.)

SDK ARM Additions (HKLM-x32…73681F86-CD86-4208-572F-959B45430B04) (Version: 10.1.18362.1 – Microsoft Corporation) Hidden

SDK ARM Redistributables (HKLM-x32…67EE3804-9642-62BA-EBF1-B1561FB4ECBE) (Version: 10.1.18362.1 – Microsoft Corporation) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32…90140000-0011-0000-0000-0000000FF1CE_Office14.PROPLUS_DE28B448-32E8-4E8F-84F0-A52B21A49B5B) (Version:  – Microsoft)

SHIELD Streaming (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_GFExperience.NvStreamSrv) (Version: 3.1.2000 – NVIDIA Corporation) Hidden

Skype versão 8.58 (HKLM-x32…Skype_is1) (Version: 8.58 – Skype Technologies S.A.)

SMath Studio (HKLM-x32…7003EC5C-E484-4C85-BFCE-8EA508C9B3F0) (Version: 0.98.6179 – Andrey Ivashov)

Software de Dispositivos Chipset Intel® (HKLM-x32…e3d22965-5c2d-48c8-acec-c2ba2d50b275) (Version: 10.0.22 – Intel® Corporation) Hidden

SoulseekQt (HKLM-x32…SoulseekQt) (Version:  – )

Spotify (HKUS-1-5-21-3751382696-3894377064-3631472648-1001…Spotify) (Version: 1.1.33.569.gced9e0f5 – Spotify AB)

Spybot Identity Monitor (HKLM-x32…DEE2C8BC-083E-48D8-A934-7B547D87E85C_is1) (Version: 3.0 – Safer-Networking Ltd.)

Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)

swMSM (HKLM-x32…612C34C7-5E90-47D8-9B5C-0F717DD82726) (Version: 12.0.0.1 – Adobe Systems, Inc) Hidden

Synaptics Pointing Device Driver (HKLM…SynTPDeinstKey) (Version: 18.1.48.54 – Synaptics Incorporated)

Telegram Desktop version 1.7.10 (HKUS-1-5-21-3751382696-3894377064-3631472648-1001…53F49750-6209-4FBF-9CA8-7A333C87D1ED_is1) (Version: 1.7.10 – Telegram Messenger LLP)

TI Connect™ (HKLM-x32…D06BA64C-4447-49B4-B99D-E85BEA9E1035) (Version: 4.0.0.218 – Texas Instruments Inc.)

Tomb Raider Level Editor XP (HKLM-x32…Tomb Raider Level Editor) (Version:  – )

Trinklit Supreme (HKLM-x32…WTA-c985ff2e-3479-4327-ae3b-b151a4c8a0d4) (Version: 2.2.0.98 – WildTangent) Hidden

UltData – Android Data Recovery 5.3.1.4 (HKLM-x32…UltData – Android Data Recovery_is1) (Version: 5.3.1.4 – Tenorshare, Inc.)

Universal CRT Extension SDK (HKLM-x32…13952D7A-B7B3-F4F8-5F29-5CD18E8168B7) (Version: 10.1.18362.1 – Microsoft Corporation) Hidden

Universal CRT Headers Libraries and Sources (HKLM-x32…74CBC330-ED16-31B9-E8BE-0C6A8E67DE32) (Version: 10.1.18362.1 – Microsoft Corporation) Hidden

Universal CRT Redistributable (HKLM-x32…460C87B-7F4C-3170-FAC9-B7A6AE5CE4E9) (Version: 10.0.26624 – Microsoft Corporation) Hidden

Universal CRT Redistributable (HKLM-x32…847D4DAF-0182-265B-324F-406462E8A90D) (Version: 10.1.18362.1 – Microsoft Corporation) Hidden

Universal CRT Tools x64 (HKLM…54FE4D23-11A2-F1C4-76E9-79C8FB40A4A1) (Version: 10.1.18362.1 – Microsoft Corporation) Hidden

Universal CRT Tools x86 (HKLM-x32…9F7B0D96-881D-8850-C303-43F3A08E6902) (Version: 10.1.18362.1 – Microsoft Corporation) Hidden

Universal General MIDI DLS Extension SDK (HKLM-x32…6F54BF87-2EE6-FA6D-431D-33A665992D49) (Version: 10.1.18362.1 – Microsoft Corporation) Hidden

Update Installer for WildTangent Games App (HKLM-x32…2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2.WildTangent Games App) (Version:  – WildTangent) Hidden

USBPcap 1.2.0.3 (HKLM…USBPcap) (Version: 1.2.0.3 – Tomasz Mon)

vcpp_crt.redist.clickonce (HKLM-x32…6B25D94A-4B50-45E2-BBD3-54E68700E1BC) (Version: 14.25.28508 – Microsoft Corporation) Hidden

VirtualCloneDrive (HKLM-x32…VirtualCloneDrive) (Version: 5.5.0.0 – Elaborate Bytes)

Visual Studio 2012 x64 Redistributables (HKLM…8C775E70-A791-4DA8-BCC3-6AB7136F4484) (Version: 14.0.0.1 – AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32…98EFF19A-30AB-4E4B-B943-F06B1C63EBF8) (Version: 14.0.0.1 – AVG Technologies CZ, s.r.o.)

Visual Studio Build Tools 2019 (HKLM-x32…43108e7a) (Version: 16.5.30002.166 – Microsoft Corporation)

vJoy Device Driver 2.1.6.20 (HKLM…8E31F76F-74C3-47F1-9550-E041EEDC5FBB_is1) (Version: 2.1.6.20 – Shaul Eizikovich)

VLC media player (HKLM-x32…VLC media player) (Version: 3.0.8 – VideoLAN)

VMware Player (HKLM…DDDE2FEC-464C-4D0D-BCBC-9F4B4A06209B) (Version: 15.0.2 – VMware, Inc.)

vs_FileTracker_Singleton (HKLM-x32…692A0FB3-E6A2-4D41-AC03-4136B4312DC0) (Version: 16.3.29209 – Microsoft Corporation) Hidden

Wedding Dash (HKLM-x32…WTA-bcbcc6be-1055-406f-90e0-31082ecf66fa) (Version: 2.2.0.95 – WildTangent) Hidden

WhatsApp (HKUS-1-5-21-3751382696-3894377064-3631472648-1001…WhatsApp) (Version: 0.3.1847 – WhatsApp)

WildTangent Games App para HP (HKLM-x32…70B446D1-E03B-4ab0-9B3C-0832142C9AA8.WildTangent Games App-hp) (Version: 4.0.11.14 – WildTangent) Hidden

WinAppDeploy (HKLM-x32…8E3AE0EF-D067-700C-BDB4-10D5552155DC) (Version: 10.1.18362.1 – Microsoft Corporation) Hidden

WinDjView 2.1 (HKLM…WinDjView) (Version: 2.1 – Andrew Zhezherun)

Windows Driver Package – Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0) (HKLM…EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 – Texas Instruments Inc.)

Windows Driver Package – Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1) (HKLM…7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 – Texas Instruments Inc.)

Windows SDK AddOn (HKLM-x32…E6F877A1-2F65-4BF0-87B6-A4071B7663D3) (Version: 10.1.0.0 – Microsoft Corporation)

Windows Software Development Kit – Windows 10.0.18362.1 (HKLM-x32…126dedf0-cc0e-4b48-9ece-806b0e437195) (Version: 10.1.18362.1 – Microsoft Corporation)

WinPcap 4.1.2 (HKLM-x32…WinPcapInst) (Version: 4.1.0.2001 – CACE Technologies)

WinRT Intellisense Desktop – en-us (HKLM-x32…E67F1F03-FB4A-3D61-8999-E6A4C4B26F34) (Version: 10.1.18362.1 – Microsoft Corporation) Hidden

WinRT Intellisense Desktop – Other Languages (HKLM-x32…7EF010FF-7800-28BA-FF49-2D219EC7BA82) (Version: 10.1.18362.1 – Microsoft Corporation) Hidden

WinRT Intellisense IoT – en-us (HKLM-x32…36AE12FB-4349-6EAA-B6E4-5F4E06FA8AE8) (Version: 10.1.18362.1 – Microsoft Corporation) Hidden

WinRT Intellisense IoT – Other Languages (HKLM-x32…6B03A6A4-643C-57CE-CA6F-4E19BF47497A) (Version: 10.1.18362.1 – Microsoft Corporation) Hidden

WinRT Intellisense Mobile – en-us (HKLM-x32…918A448F-59E8-FBF5-B087-D3F07160C7E0) (Version: 10.1.18362.1 – Microsoft Corporation) Hidden

WinRT Intellisense PPI – en-us (HKLM-x32…66483041-F590-EC46-4AF0-EE39C62FB680) (Version: 10.1.18362.1 – Microsoft Corporation) Hidden

WinRT Intellisense PPI – Other Languages (HKLM-x32…9C61E6D2-C43E-6746-B519-6185558C4A24) (Version: 10.1.18362.1 – Microsoft Corporation) Hidden

WinRT Intellisense UAP – en-us (HKLM-x32…6B37CC5B-78DF-5050-2215-68479716A587) (Version: 10.1.18362.1 – Microsoft Corporation) Hidden

WinRT Intellisense UAP – Other Languages (HKLM-x32…250D5341-0879-4016-399C-BBCD87B80E95) (Version: 10.1.18362.1 – Microsoft Corporation) Hidden

Wireshark 3.2.3 64-bit (HKLM-x32…Wireshark) (Version: 3.2.3 – The Wireshark developer community, hxxps://www.wireshark.org)

wkhtmltox 0.12.5-1 (HKLM…wkhtmltopdf) (Version:  – )

Wondershare Helper Compact 2.5.3 (HKLM-x32…5363CE84-5F09-48A1-8B6C-6BB590FFEDF2_is1) (Version: 2.5.3 – Wondershare)

Wondershare PDFelement 6 Pro(Build 6.3.5) (HKLM-x32…B026557A-EF19-4812-8A79-B30F94AA0A78_is1) (Version: 6.3.5.2806 – Wondershare Software Co.,Ltd.)

Wondershare Recoverit(Build 8.5.7.16) (HKLM-x32…829555DC-31E5-4FEA-B350-8FCF24CECD95_is1) (Version: 8.5.7.16 – Wondershare Software Co.,Ltd.)

X Builder Framework 1.05x (HKLM-x32…X Builder Framework 1.05x) (Version:  – )

XArp 2.2.2 (HKLM-x32…XArp) (Version: 2.2.2 – Christoph Mayer)

XBuilder Tag Grid 1.0 (HKLM-x32…8814F01A-66A3-4A5F-899A-FFEA12633963) (Version: 1.0.18 – Carrier Corporation)

Youda Jewel Shop (HKLM-x32…WTA-0f2ac400-5236-4aa4-a9fa-2d97068ccbc9) (Version: 3.0.2.51 – WildTangent) Hidden

Zoom (HKUS-1-5-21-3751382696-3894377064-3631472648-1001…ZoomUMX) (Version: 5.0 – Zoom Video Communications, Inc.)

Packages:

=========

– Games App – -> C:Program FilesWindowsAppsWildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2016-03-29] (WildTangent Games)

Guia de introdução ao Windows 8 -> C:Program FilesWindowsAppsAD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2016-03-29] (Hewlett-Packard Company)

HP All-in-One Printer Remote -> C:Program FilesWindowsAppsAD2F1837.HPPrinterControl_55.1.43.0_x86__v10z8vjag6ke6 [2016-04-18] (Hewlett-Packard Company)

HP Connected Music -> C:Program FilesWindowsAppsAD2F1837.HPConnectedMusic_1.5.0.253_x86__v10z8vjag6ke6 [2016-03-29] (Hewlett-Packard Company)

HP Registration -> C:Program FilesWindowsAppsAD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2015-06-04] (Hewlett-Packard Company)

Jogos -> C:Program FilesWindowsAppsMicrosoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2015-06-04] (Microsoft Corporation) [MS Ad]

KYOCERA Print Center -> C:Program FilesWindowsAppsA97ECD55.KYOCERAPrintCenter_1.7.11126.0_x86__kqmhh0ktdt7dg [2019-12-05] (KYOCERA Document Solutions Inc)

McAfee® Central for HP -> C:Program FilesWindowsApps2703103D.McAfeeCentral_5.0.177.1_x64__4ehj4w4frejdr [2018-04-02] (.-McAfee Inc-.)

Microsoft Mahjong -> C:Program FilesWindowsAppsMicrosoft.MicrosoftMahjong_2.10.1812.2002_x86__8wekyb3d8bbwe [2019-02-04] (Microsoft Studios) [MS Ad]

MSN Desporto -> C:Program FilesWindowsAppsMicrosoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-29] (Microsoft Corporation) [MS Ad]

MSN Finanças -> C:Program FilesWindowsAppsMicrosoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-28] (Microsoft Corporation) [MS Ad]

MSN Meteorologia -> C:Program FilesWindowsAppsMicrosoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-23] (Microsoft Corporation) [MS Ad]

MSN Notícias -> C:Program FilesWindowsAppsMicrosoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-28] (Microsoft Corporation) [MS Ad]

MSN Receitas -> C:Program FilesWindowsAppsMicrosoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2016-03-29] (Microsoft Corporation) [MS Ad]

MSN Saúde e Bem-Estar -> C:Program FilesWindowsAppsMicrosoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2016-03-29] (Microsoft Corporation) [MS Ad]

MSN Viagens -> C:Program FilesWindowsAppsMicrosoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2016-03-29] (Microsoft Corporation) [MS Ad]

Música -> C:Program FilesWindowsAppsMicrosoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2016-03-29] (Microsoft Corporation) [MS Ad]

mysms – Text from Computer, Messaging -> C:Program FilesWindowsAppsUptoElevenDigitalSolution.mysms-Textanywhere_2.8.0.0_x64__c9d6r4qvva5x8 [2016-03-29] (Up to Eleven Digital Solutions GmbH)

Paciência -> C:Program FilesWindowsApps26720RandomSaladGamesLLC.SimpleSolitaire_5.4.0.40_x64__kx24dqmazqk8j [2016-12-15] (Random Salad Games LLC) [MS Ad]

Sidekick Private Browser -> C:Program FilesWindowsAppsSaferWebSoftware.SidekickWeb_1.1.0.7_neutral__aad3gkxz4ewf0 [2020-05-18] (SaferWeb Software)

Skype -> C:Program FilesWindowsAppsMicrosoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2016-03-29] (Skype) [MS Ad]

Snapfish -> C:Program FilesWindowsAppsAD2F1837.HPConnectedPhotopoweredbySnapfish_5.5.0.8_x86__v10z8vjag6ke6 [2016-05-04] (HP Inc.)

The Weather Channel for HP -> C:Program FilesWindowsAppsWeather.TheWeatherChannelforHP_2.1.20.0_x64__t3yemqpq4kp7p [2016-03-29] (The Weather Channel.)

Tradutor -> C:Program FilesWindowsAppsMicrosoft.BingTranslator_1.18.3.0_x64__8wekyb3d8bbwe [2017-04-07] (Microsoft Corporation)

TripAdvisor Hotels Flights Restaurants -> C:Program FilesWindowsAppsTripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.2.0.24_neutral__qj0v5chwq8f2g [2015-06-04] (TripAdvisor LLC)

Vídeo -> C:Program FilesWindowsAppsMicrosoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2016-03-29] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKUS-1-5-21-3751382696-3894377064-3631472648-1001_ClassesCLSIDD327DA6-B4DF-4842-B833-2CFF84F0948Flocalserver32 -> C:Program FilesAutodeskAutoCAD 2017acad.exe (Autodesk, Inc -> Autodesk, Inc.)

CustomCLSID: HKUS-1-5-21-3751382696-3894377064-3631472648-1001_ClassesCLSID19A6E644-14E6-4A60-B8D7-DD20610A871DInprocServer32 -> C:UsersXXXXXXZZZAppDataLocalMicrosoftTeamsMeetingAddin1.0.20031.2x64Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-3751382696-3894377064-3631472648-1001_ClassesCLSID3faa4380-a399-11cf-a466-00805fe418f6InprocServer32 -> C:Program FilesAutodeskDWG TrueView 2018 – Englishen-USdwgviewrficn.dll (Autodesk, Inc -> Autodesk, Inc.)

CustomCLSID: HKUS-1-5-21-3751382696-3894377064-3631472648-1001_ClassesCLSID720DB9AF-D62C-4ED0-A377-429C22312852localserver32 -> C:Program FilesAutodeskAutoCAD 2017acad.exe (Autodesk, Inc -> Autodesk, Inc.)

CustomCLSID: HKUS-1-5-21-3751382696-3894377064-3631472648-1001_ClassesCLSID84B5A313-CD5D-4904-8BA2-AFDC81C1B309InprocServer32 -> C:UsersXXXXXXZZZAppDataLocalGoToMeeting17359G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)

CustomCLSID: HKUS-1-5-21-3751382696-3894377064-3631472648-1001_ClassesCLSIDB6EB585B-B467-4E46-A9C7-48D7D6FD26CBlocalserver32 -> C:Program FilesAutodeskDWG TrueView 2018 – Englishdwgviewr.exe (Autodesk, Inc -> Autodesk, Inc.)

CustomCLSID: HKUS-1-5-21-3751382696-3894377064-3631472648-1001_ClassesCLSIDC591CFEA-E432-495d-A0BE-58E4CCD87B17ShellOpenCommand -> C:Program FilesSynapticsSynTPSynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)

CustomCLSID: HKUS-1-5-21-3751382696-3894377064-3631472648-1001_ClassesCLSIDCB965DF1-B8EA-49C7-BDAD-5457FDC1BF92InprocServer32 -> C:UsersXXXXXXZZZAppDataLocalMicrosoftTeamsMeetingAddin1.0.20031.2x64Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-3751382696-3894377064-3631472648-1001_ClassesCLSIDE2C40589-DE61-11ce-BAE0-0020AF6D7005InprocServer32 -> C:Program FilesAutodeskAutoCAD 2017en-USacadficn.dll (Autodesk, Inc -> Autodesk, Inc.)

ShellExecuteHooks: Groove GFS Stub Execution Hook – B5A7F190-DDA6-4420-B3BA-52453494E6CD – C:Program FilesMicrosoft OfficeOffice14GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook – B5A7F190-DDA6-4420-B3BA-52453494E6CD – C:Program Files (x86)Microsoft OfficeOffice14GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> 056D528D-CE28-4194-9BA3-BA2E9197FF8C => C:UsersXXXXXXZZZAppDataLocalMEGAsyncShellExtX64.dll [2020-03-18] (Mega Limited -> )

ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> 05B38830-F4E9-4329-978B-1DD28605D202 => C:UsersXXXXXXZZZAppDataLocalMEGAsyncShellExtX64.dll [2020-03-18] (Mega Limited -> )

ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> 0596C850-7BDD-4C9D-AFDF-873BE6890637 => C:UsersXXXXXXZZZAppDataLocalMEGAsyncShellExtX64.dll [2020-03-18] (Mega Limited -> )

ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> 81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42 => C:Program FilesGoogleDrivegoogledrivesync64.dll [2020-04-06] (Google LLC -> Google)

ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> 81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40 => C:Program FilesGoogleDrivegoogledrivesync64.dll [2020-04-06] (Google LLC -> Google)

ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> 81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41 => C:Program FilesGoogleDrivegoogledrivesync64.dll [2020-04-06] (Google LLC -> Google)

ShellIconOverlayIdentifiers: [00asw] -> 472083B0-C522-11CF-8763-00608CC02F24 =>  -> No File

ShellIconOverlayIdentifiers: [00avg] -> 472083B0-C522-11CF-8763-00608CC02F24 =>  -> No File

ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> 36A21736-36C2-4C11-8ACB-D4136F2B57BD => C:Windowssystem32AcSignIcon.dll [2017-02-15] (Autodesk, Inc -> Autodesk, Inc.)

ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> 056D528D-CE28-4194-9BA3-BA2E9197FF8C => C:UsersXXXXXXZZZAppDataLocalMEGAsyncShellExtX64.dll [2020-03-18] (Mega Limited -> )

ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> 05B38830-F4E9-4329-978B-1DD28605D202 => C:UsersXXXXXXZZZAppDataLocalMEGAsyncShellExtX64.dll [2020-03-18] (Mega Limited -> )

ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> 0596C850-7BDD-4C9D-AFDF-873BE6890637 => C:UsersXXXXXXZZZAppDataLocalMEGAsyncShellExtX64.dll [2020-03-18] (Mega Limited -> )

ContextMenuHandlers1: [7-Zip] -> 23170F69-40C1-278A-1000-000100020000 => C:Program Files7-Zip7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]

ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> 2E7A2C6C-B938-40a4-BA1C-C7EC982DC202 => C:Program FilesCommon FilesAutodesk SharedAcShellExAcShellExtension.dll [2017-02-15] (Autodesk, Inc -> Autodesk)

ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> A6595CD1-BF77-430A-A452-18696685F7C7 => C:Program Files (x86)AdobeAcrobat 11.0Acrobat ElementsContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

ContextMenuHandlers1: [ANotepad++64] -> B298D29A-A6ED-11DE-BA8C-A68E55D89593 => C:Program Files (x86)Notepad++NppShell_06.dll -> No File

ContextMenuHandlers1-x32: [Autodesk.DWF.ContextMenu] -> 6C18531F-CA85-45F7-8278-FF33CF0A5964 => C:Program Files (x86)Common FilesAutodesk SharedDWF CommonDWFShellExtension.dll [2017-03-09] (Autodesk, Inc.) [File not signed]

ContextMenuHandlers1: [AVG] -> 472083B1-C522-11CF-8763-00608CC02F24 => C:Program Files (x86)AVGAntivirusashShell.dll [2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

ContextMenuHandlers1: [CLVDShellExt] -> 3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2 => C:Program Files (x86)Common FilesCyberLinkShellExtComponentCLVDShellExt.dll [2015-02-09] (CyberLink Corp. -> Cyberlink)

ContextMenuHandlers1: [DIALuxShellExtension] -> F23E3460-D1B1-4F51-8C3D-E5D91E3C71C8 => C:Program FilesDIAL GmbHDIALuxDial.ShellExtension.x64.dll [2017-12-05] (DIAL GmbH) [File not signed]

ContextMenuHandlers1: [Foxit_ConvertToPDF] -> C5269811-4A29-4818-A4BB-111F9FC63A5F => C:Program Files (x86)Foxit PhantomPDFpluginsConvertToPDFShellExtension_x64.dll [2015-03-03] (Foxit Software Incorporated -> Foxit Software Inc.)

ContextMenuHandlers1: [GDContextMenu] -> BB02B294-8425-42E5-983F-41A1FA970CD6 => C:Program FilesGoogleDrivecontextmenu64.dll [2020-04-06] (Google LLC -> Google)

ContextMenuHandlers1: [MagicISO] -> DB85C504-C730-49DD-BEC1-7B39C6103B7A => C:Program Files (x86)MagicISOmisosh64.dll [2008-05-22] (MagicISO, Inc.) [File not signed]

ContextMenuHandlers1: [MEGA (Context menu)] -> 0229E5E7-09E9-45CF-9228-0228EC7D5F17 => C:UsersXXXXXXZZZAppDataLocalMEGAsyncShellExtX64.dll [2020-03-18] (Mega Limited -> )

ContextMenuHandlers1: [VirtualCloneDrive] -> B7056B8E-4F99-44f8-8CBD-282390FE5428 => C:Program Files (x86)Elaborate BytesVirtualCloneDriveElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)

ContextMenuHandlers2: [CLVDShellExt] -> 3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2 => C:Program Files (x86)Common FilesCyberLinkShellExtComponentCLVDShellExt.dll [2015-02-09] (CyberLink Corp. -> Cyberlink)

ContextMenuHandlers2: [MEGA (Context menu)] -> 0229E5E7-09E9-45CF-9228-0228EC7D5F17 => C:UsersXXXXXXZZZAppDataLocalMEGAsyncShellExtX64.dll [2020-03-18] (Mega Limited -> )

ContextMenuHandlers2: [VirtualCloneDrive] -> B7056B8E-4F99-44f8-8CBD-282390FE5428 => C:Program Files (x86)Elaborate BytesVirtualCloneDriveElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)

ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> 271DC252-6FE1-4D59-9053-E4CF50AB99DE => C:Program Files (x86)VMwareVMware PlayervmdkShellExt.dll [2018-11-21] (VMware, Inc. -> VMware, Inc.)

ContextMenuHandlers2: [VMDiskMenuHandler64] -> E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC => C:Program Files (x86)VMwareVMware Playerx64vmdkShellExt64.dll [2018-11-21] (VMware, Inc. -> VMware, Inc.)

ContextMenuHandlers3: [00avg] -> 472083B0-C522-11CF-8763-00608CC02F24 =>  -> No File

ContextMenuHandlers3: [MBAMShlExt] -> 57CE581A-0CB6-4266-9CA0-19364C90A0B3 => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers3: [MEGA (Context menu)] -> 0229E5E7-09E9-45CF-9228-0228EC7D5F17 => C:UsersXXXXXXZZZAppDataLocalMEGAsyncShellExtX64.dll [2020-03-18] (Mega Limited -> )

ContextMenuHandlers4: [7-Zip] -> 23170F69-40C1-278A-1000-000100020000 => C:Program Files7-Zip7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]

ContextMenuHandlers4: [GDContextMenu] -> BB02B294-8425-42E5-983F-41A1FA970CD6 => C:Program FilesGoogleDrivecontextmenu64.dll [2020-04-06] (Google LLC -> Google)

ContextMenuHandlers4: [MagicISO] -> DB85C504-C730-49DD-BEC1-7B39C6103B7A => C:Program Files (x86)MagicISOmisosh64.dll [2008-05-22] (MagicISO, Inc.) [File not signed]

ContextMenuHandlers4: [MEGA (Context menu)] -> 0229E5E7-09E9-45CF-9228-0228EC7D5F17 => C:UsersXXXXXXZZZAppDataLocalMEGAsyncShellExtX64.dll [2020-03-18] (Mega Limited -> )

ContextMenuHandlers4: [RecuvaShellExt] -> 435E5DF5-2510-463C-B223-BDA47006D002 => C:Program FilesRecuvaRecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)

ContextMenuHandlers5: [igfxcui] -> 3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4 =>  -> No File

ContextMenuHandlers5: [igfxDTCM] -> 9B5F5829-A529-4B12-814A-E81BCB8D93FC => C:Windowssystem32igfxDTCM.dll [2015-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

ContextMenuHandlers5: [NvCplDesktopContext] -> 3D1975AF-48C6-4f8e-A182-BE0E08FA86A9 => C:Windowssystem32nvshext.dll [2015-01-11] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> A6595CD1-BF77-430A-A452-18696685F7C7 => C:Program Files (x86)AdobeAcrobat 11.0Acrobat ElementsContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

ContextMenuHandlers6: [AVG] -> 472083B1-C522-11CF-8763-00608CC02F24 => C:Program Files (x86)AVGAntivirusashShell.dll [2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

ContextMenuHandlers6: [MagicISO] -> DB85C504-C730-49DD-BEC1-7B39C6103B7A => C:Program Files (x86)MagicISOmisosh64.dll [2008-05-22] (MagicISO, Inc.) [File not signed]

ContextMenuHandlers6: [MBAMShlExt] -> 57CE581A-0CB6-4266-9CA0-19364C90A0B3 => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers6: [RecuvaShellExt] -> 435E5DF5-2510-463C-B223-BDA47006D002 => C:Program FilesRecuvaRecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2015-01-30 19:16 – 2015-01-30 19:16 – 000864768 _____ (%CFullName%) [File not signed] C:Program FilesHewlett-PackardSimplePassOpBHO64.dll

2019-09-20 15:20 – 2016-09-12 15:53 – 048936448 _____ () [File not signed] C:Program Files (x86)AVGAVG TuneUplibcef.dll

2011-09-16 10:03 – 2011-09-16 10:03 – 000226304 _____ () [File not signed] C:Program Files (x86)IomegaIomega EncryptionContent.dll

2011-09-16 10:03 – 2011-09-16 10:03 – 000227840 _____ () [File not signed] C:Program Files (x86)IomegaIomega EncryptionDeviceAccess.dll

2011-09-16 10:04 – 2011-09-16 10:04 – 000364544 _____ () [File not signed] C:Program Files (x86)IomegaIomega EncryptionDeviceManagement.dll

2011-09-16 10:06 – 2011-09-16 10:06 – 000658432 _____ () [File not signed] C:Program Files (x86)IomegaIomega EncryptionGatewayCore.dll

2011-09-16 10:05 – 2011-09-16 10:05 – 000335872 _____ () [File not signed] C:Program Files (x86)IomegaIomega EncryptionPlxTech.Das.DotNetApi.dll

2011-09-16 10:07 – 2011-09-16 10:07 – 000422400 _____ () [File not signed] C:Program Files (x86)IomegaIomega EncryptionPlxTech.Das.Gateway.Core.dll

2011-09-16 10:03 – 2011-09-16 10:03 – 000245248 _____ () [File not signed] C:Program Files (x86)IomegaIomega EncryptionStorage.dll

2011-09-16 10:02 – 2011-09-16 10:02 – 000045056 _____ () [File not signed] C:Program Files (x86)IomegaIomega EncryptionUtils_ISIS.dll

2011-09-16 10:02 – 2011-09-16 10:02 – 000078848 _____ () [File not signed] C:Program Files (x86)IomegaIomega EncryptionXML.dll

2015-01-30 19:07 – 2015-01-30 19:07 – 002169344 _____ () [File not signed] C:Program FilesHewlett-PackardSimplePassautheng.dll

2015-01-30 19:05 – 2015-01-30 19:05 – 000021504 _____ () [File not signed] C:Program FilesHewlett-PackardSimplePasscryptodll.dll

2015-01-30 19:05 – 2015-01-30 19:05 – 000055296 _____ () [File not signed] C:Program FilesHewlett-PackardSimplePassRandomPass.dll

2015-01-30 19:05 – 2015-01-30 19:05 – 000035840 _____ () [File not signed] C:Program FilesHewlett-PackardSimplePassssplogon.dll

2020-05-08 08:50 – 2017-12-05 13:42 – 001442816 _____ (DIAL GmbH) [File not signed] C:Program FilesDIAL GmbHDIALuxDial.ShellExtension.x64.dll

2015-01-30 19:06 – 2015-01-30 19:06 – 000715264 _____ (Hewlett-Packard) [File not signed] C:Program FilesHewlett-PackardSimplePassstoreng.dll

2015-01-30 19:07 – 2015-01-30 19:07 – 001134080 _____ (Hewlett-Packard) [File not signed] C:Program FilesHewlett-PackardSimplePassuserdata.dll

2010-11-18 21:08 – 2010-11-18 21:08 – 000086016 _____ (Igor Pavlov) [File not signed] C:Program Files7-Zip7-zip.dll

2015-07-22 10:44 – 2015-07-22 10:44 – 000562688 _____ (Intel Corporation) [File not signed] C:Program FilesIntelIntel® Rapid Storage TechnologyISDI2.dll

2015-07-22 10:44 – 2015-07-22 10:44 – 000285184 _____ (Intel Corporation) [File not signed] C:Program FilesIntelIntel® Rapid Storage TechnologyPsiData.dll

2016-03-29 22:31 – 2008-05-22 23:25 – 000043520 _____ (MagicISO, Inc.) [File not signed] C:Program Files (x86)MagicISOmisosh64.dll

2015-06-04 18:46 – 2015-06-04 18:46 – 001093120 _____ (Microsoft Corporation) [File not signed] C:WindowsWinSxSx86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8fMFC80U.DLL

2015-06-04 18:12 – 2013-04-01 23:19 – 000574464 _____ (Realtek Semiconductor Corp.) [File not signed] C:Windowssystem32Rtlihvs.dll

2015-01-30 19:16 – 2015-01-30 19:16 – 000746064 _____ (Softex Incorporated -> ) [File not signed] C:Program FilesHewlett-PackardSimplePassGraphicalPwd.dll

2015-01-30 19:16 – 2015-01-30 19:16 – 000431696 _____ (Softex Incorporated -> ) [File not signed] C:Program FilesHewlett-PackardSimplePassmstrpwd.dll

2015-01-30 19:16 – 2015-01-30 19:16 – 000760912 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:Program FilesHewlett-PackardSimplePasshdddrv.dll

2015-01-30 19:16 – 2015-01-30 19:16 – 001384528 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:Program FilesHewlett-PackardSimplePassWbf.dll

2019-06-25 10:37 – 2019-06-25 10:32 – 002095104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program FilesAVAST SoftwareSecureLinelibcrypto-1_1.dll

2016-08-31 09:43 – 2016-08-31 09:43 – 005458432 _____ (The Qt Company Ltd) [File not signed] C:Program FilesDassault SystemesDraftSightbinQt5Core.dll

2016-08-31 09:43 – 2016-08-31 09:43 – 001065984 _____ (The Qt Company Ltd) [File not signed] C:Program FilesDassault SystemesDraftSightbinQt5Network.dll

2016-08-31 09:43 – 2016-08-31 09:43 – 000195072 _____ (The Qt Company Ltd) [File not signed] C:Program FilesDassault SystemesDraftSightbinQt5Xml.dll

2017-09-14 07:37 – 2017-09-14 07:37 – 000026112 _____ (The Qt Company Ltd) [File not signed] C:UsersXXXXXXZZZAppDataLocalMEGAsyncimageformatsqgif.dll

2017-09-14 07:42 – 2017-09-14 07:42 – 000033280 _____ (The Qt Company Ltd) [File not signed] C:UsersXXXXXXZZZAppDataLocalMEGAsyncimageformatsqicns.dll

2017-09-14 07:37 – 2017-09-14 07:37 – 000027648 _____ (The Qt Company Ltd) [File not signed] C:UsersXXXXXXZZZAppDataLocalMEGAsyncimageformatsqico.dll

2017-09-14 07:37 – 2017-09-14 07:37 – 000245760 _____ (The Qt Company Ltd) [File not signed] C:UsersXXXXXXZZZAppDataLocalMEGAsyncimageformatsqjpeg.dll

2017-09-14 07:42 – 2017-09-14 07:42 – 000021504 _____ (The Qt Company Ltd) [File not signed] C:UsersXXXXXXZZZAppDataLocalMEGAsyncimageformatsqsvg.dll

2017-09-14 07:42 – 2017-09-14 07:42 – 000020992 _____ (The Qt Company Ltd) [File not signed] C:UsersXXXXXXZZZAppDataLocalMEGAsyncimageformatsqtga.dll

2017-09-14 07:42 – 2017-09-14 07:42 – 000316416 _____ (The Qt Company Ltd) [File not signed] C:UsersXXXXXXZZZAppDataLocalMEGAsyncimageformatsqtiff.dll

2017-09-14 07:42 – 2017-09-14 07:42 – 000019968 _____ (The Qt Company Ltd) [File not signed] C:UsersXXXXXXZZZAppDataLocalMEGAsyncimageformatsqwbmp.dll

2017-09-14 07:42 – 2017-09-14 07:42 – 000322560 _____ (The Qt Company Ltd) [File not signed] C:UsersXXXXXXZZZAppDataLocalMEGAsyncimageformatsqwebp.dll

2017-09-14 07:37 – 2017-09-14 07:37 – 001010688 _____ (The Qt Company Ltd) [File not signed] C:UsersXXXXXXZZZAppDataLocalMEGAsyncplatformsqwindows.dll

2019-04-09 10:32 – 2017-10-19 10:17 – 000271360 _____ (Wondershare Software) [File not signed] C:WindowsSystem32WSPDFelementMonitor.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => ""="Service"

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => ""="Service"

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMcMPFSvc => ""="Service"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKUS-1-5-21-3751382696-3894377064-3631472648-1001SoftwareClasses.scr: AutoCADScriptFile => C:Windowssystem32notepad.exe "%1"

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 – 2019-01-01 03:44 – 000000132 _____ C:Windowssystem32driversetchosts

127.0.0.1 activate.adobe.com

127.0.0.1 practivate.adobe.com

127.0.0.1 lmlicenses.wip4.adobe.com

127.0.0.1 lm.licenses.adobe.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:Program Fileswkhtmltopdfbin;C:Program FilesOpenSSL-Win64bin;C:Program FilesJavajdk-14bin;C:Python37Scripts;C:Program Files (x86)Common FilesOracleJavajavapath;C:platform-tools;C:Windowssystem32;C:ProgramDataOracleJavajavapath;C:Program Files (x86)InteliCLS Client;C:Program FilesInteliCLS Client;C:Program Files (x86)NVIDIA CorporationPhysXCommon;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;C:Program FilesHewlett-PackardSimplePass;C:Program FilesIntelIntel® Management Engine ComponentsDAL;C:Program Files (x86)IntelIntel® Management Engine ComponentsDAL;C:Program FilesIntelIntel® Management Engine ComponentsIPT;C:Program Files (x86)IntelIntel® Management Engine ComponentsIPT;C:E20-IIEnviro;C:Program Filesdotnet;C:Program FilesGitcmd

HKUS-1-5-21-3751382696-3894377064-3631472648-1001Control PanelDesktop\Wallpaper -> C:WindowswebwallpaperHewlett-Packard BackgroundsbackgroundDefault.jpg

DNS Servers: 192.168.1.1 – 192.168.175.1

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: RequireAdmin)

Windows Firewall is enabled.

Network Binding:

=============

Ethernet: Npcap Packet Driver (NPCAP) (Wi-Fi) -> insecure_npcap_wifi (enabled)

Ethernet: Npcap Packet Driver (NPCAP) -> insecure_npcap (enabled)

Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_vboxnetlwf (enabled)

Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled)

Ethernet: JumpStart Wireless Filter Driver -> ms_ndislwf (enabled)

Wi-Fi: Npcap Packet Driver (NPCAP) (Wi-Fi) -> insecure_npcap_wifi (enabled)

Wi-Fi: Npcap Packet Driver (NPCAP) -> insecure_npcap (enabled)

Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_vboxnetlwf (enabled)

Wi-Fi: VMware Bridge Protocol -> vmware_bridge (enabled)

Wi-Fi: JumpStart Wireless Filter Driver -> ms_ndislwf (enabled)

VMware Network Adapter VMnet8: Npcap Packet Driver (NPCAP) (Wi-Fi) -> insecure_npcap_wifi (enabled)

VMware Network Adapter VMnet8: Npcap Packet Driver (NPCAP) -> insecure_npcap (enabled)

VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled)

VMware Network Adapter VMnet1: Npcap Packet Driver (NPCAP) (Wi-Fi) -> insecure_npcap_wifi (enabled)

VMware Network Adapter VMnet1: Npcap Packet Driver (NPCAP) -> insecure_npcap (enabled)

VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled)

VirtualBox Host-Only Network: Npcap Packet Driver (NPCAP) (Wi-Fi) -> insecure_npcap_wifi (enabled)

VirtualBox Host-Only Network: Npcap Packet Driver (NPCAP) -> insecure_npcap (enabled)

VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_vboxnetlwf (enabled)

VirtualBox Host-Only Network: VMware Bridge Protocol -> vmware_bridge (enabled)

VirtualBox Host-Only Network: JumpStart Wireless Filter Driver -> ms_ndislwf (enabled)

Npcap Loopback Adapter: Npcap Packet Driver (NPCAP) (Wi-Fi) -> insecure_npcap_wifi (enabled)

Npcap Loopback Adapter: Npcap Packet Driver (NPCAP) -> insecure_npcap (enabled)

Npcap Loopback Adapter: VirtualBox NDIS6 Bridged Networking Driver -> oracle_vboxnetlwf (enabled)

Npcap Loopback Adapter: VMware Bridge Protocol -> vmware_bridge (enabled)

Npcap Loopback Adapter: JumpStart Wireless Filter Driver -> ms_ndislwf (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIGServices: AdAppMgrSvc => 2

HKLM…StartupApprovedStartupFolder: => "Assistente de gestor de conteúdo para PlayStation®.lnk"

HKLM…StartupApprovedStartupFolder: => "ScpToolkit Tray Notifications.lnk"

HKLM…StartupApprovedStartupFolder: => "Avast SecureLine VPN.lnk"

HKLM…StartupApprovedRun: => "NvBackend"

HKLM…StartupApprovedRun32: => "AccelerometerSysTrayApplet"

HKLM…StartupApprovedRun32: => "HPMessageService"

HKLM…StartupApprovedRun32: => "HP Software Update"

HKLM…StartupApprovedRun32: => "BCSSync"

HKLM…StartupApprovedRun32: => "AVG_UI"

HKLM…StartupApprovedRun32: => "Acrobat Assistant 8.0"

HKLM…StartupApprovedRun32: => "SunJavaUpdateSched"

HKLM…StartupApprovedRun32: => "vProt"

HKLM…StartupApprovedRun32: => "VirtualCloneDrive"

HKLM…StartupApprovedRun32: => "Autodesk Desktop App"

HKLM…StartupApprovedRun32: => "jswtrayutil"

HKLM…StartupApprovedRun32: => "PSUAMain"

HKLM…StartupApprovedRun32: => "Wondershare Helper Compact.exe"

HKLM…StartupApprovedRun32: => "KiesTrayAgent"

HKLM…StartupApprovedRun32: => "Aimersoft Helper Compact.exe"

HKLM…StartupApprovedRun32: => "XArp"

HKUS-1-5-21-3751382696-3894377064-3631472648-1001…StartupApprovedStartupFolder: => "OneNote 2010 Screen Clipper and Launcher.lnk"

HKUS-1-5-21-3751382696-3894377064-3631472648-1001…StartupApprovedStartupFolder: => "Autenticacao.gov.pt.lnk"

HKUS-1-5-21-3751382696-3894377064-3631472648-1001…StartupApprovedRun: => "DAEMON Tools Lite Automount"

HKUS-1-5-21-3751382696-3894377064-3631472648-1001…StartupApprovedRun: => "GoogleDriveSync"

HKUS-1-5-21-3751382696-3894377064-3631472648-1001…StartupApprovedRun: => "Autodesk Sync"

HKUS-1-5-21-3751382696-3894377064-3631472648-1001…StartupApprovedRun: => "Steam"

HKUS-1-5-21-3751382696-3894377064-3631472648-1001…StartupApprovedRun: => "CCleaner Smart Cleaning"

HKUS-1-5-21-3751382696-3894377064-3631472648-1001…StartupApprovedRun: => "AvastBrowserAutoLaunch_8E2202057F0AAA05DFC4AE202AF0EABB"

HKUS-1-5-21-3751382696-3894377064-3631472648-1001…StartupApprovedRun: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [582A6683-D72A-46B6-ACE3-5DDF801194EF] => (Allow) C:Program Files (x86)NVIDIA CorporationNetServiceNvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [BCEFEFB2-60E2-49CB-867A-17284DF5084E] => (Allow) C:Program Files (x86)NVIDIA CorporationNetServiceNvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [6F2F07DD-A742-44EC-994D-0154FFCB01B5] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [AFFCD9A6-C298-4963-AB51-C30E247AFBB1] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [7808A858-FCAB-4CBE-8379-522C54F4E6B0] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [B186DA8C-5846-4184-A738-92C3AA9F2AC1] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [B7FF1360-33D9-4C8D-8781-A64CC9E443D3] => (Allow) C:Program FilesBonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [992F1852-2433-4440-8DE4-D9B1246F35FC] => (Allow) C:Program FilesBonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [ADCDF42B-282C-4832-85E0-FA81E4E51183] => (Allow) C:Program Files (x86)BonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [4979BC6A-1279-4FA3-9F8F-35D9CD55B21F] => (Allow) C:Program Files (x86)BonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [B47007A9-2898-4F03-BF02-FED19537847B] => (Allow) C:Program Files (x86)Hewlett-PackardHP System EventHPSOCKSVC.exe (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)

FirewallRules: [39D2D09C-F5A7-49C3-A51B-7C3A63B6092F] => (Allow) c:Program Files (x86)CyberLinkPowerDVD12PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)

FirewallRules: [E17FE3D7-439C-46AC-8654-AE3E8CF5BAB3] => (Allow) c:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe => No File

FirewallRules: [C7F3A161-5DEC-4FE3-98B3-D3AE8FBAC944] => (Allow) c:Program Files (x86)CyberLinkPowerDVD12PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)

FirewallRules: [17D8CE27-9FB3-43FC-A66E-A7C41F14EB1B] => (Allow) c:Program Files (x86)CyberLinkPowerDVD12MoviePowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)

FirewallRules: [BAC676D9-D48D-4B1F-9D48-D916649D3BED] => (Allow) C:Program FilesHPHP Deskjet 3050 J610 seriesBinDeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)

FirewallRules: [1E3A958A-DBF9-4792-BA75-66CDD5B97F81] => (Allow) C:Program FilesHPHP Deskjet 3050 J610 seriesBinHPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)

FirewallRules: [94AEC018-D89F-44D8-BE94-CB30F928F3D5] => (Allow) C:Program FilesHPHP Deskjet 3050 J610 seriesBinHPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)

FirewallRules: [3CC6A172-6CFC-4C96-94F1-FEA79C8C66DC] => (Allow) C:UsersXXXXXXZZZAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [A319A1AD-CD39-4B0E-AD31-FA83D3D78242] => (Allow) C:UsersXXXXXXZZZAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [C8947CEF-1C24-4CC9-90B0-3D548221606C] => (Allow) C:UsersXXXXXXZZZAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [FC78FDD5-0FE6-4B5C-B0B2-7BA1E5E56122] => (Allow) C:UsersXXXXXXZZZAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [A835927B-3BA1-4345-868E-B80FDF3DFE6B] => (Allow) C:UsersXXXXXXZZZAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [59D701D2-D615-4312-ABB5-8CC133C606A7] => (Allow) C:UsersXXXXXXZZZAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [TCP Query User1D930BCB-2B04-4333-8EF9-C057EC9E6BAFC:program files (x86)sonycontent manager assistantcma.exe] => (Allow) C:program files (x86)sonycontent manager assistantcma.exe (Sony Computer Entertainment Inc. -> Sony Computer Entertainment Inc.)

FirewallRules: [UDP Query UserA39DAA6C-B810-4FC1-8EDD-8DD8AF086F6FC:program files (x86)sonycontent manager assistantcma.exe] => (Allow) C:program files (x86)sonycontent manager assistantcma.exe (Sony Computer Entertainment Inc. -> Sony Computer Entertainment Inc.)

FirewallRules: [25B196BB-0691-4DDC-BB61-C324E536385D] => (Allow) C:Program Files (x86)AVGAvavgmfapx.exe => No File

FirewallRules: [68830A77-7703-4DCD-B1D4-2BDF8413B333] => (Allow) C:Program Files (x86)AVGAvavgmfapx.exe => No File

FirewallRules: [AC06ADD7-2F7A-438B-806C-A4154DFC73F1] => (Allow) C:Program Files (x86)Mozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [D4AD2E35-4E6E-4D00-B9D8-A5EB21B85B30] => (Allow) C:Program Files (x86)Mozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [TCP Query User9CF8F516-A810-4B68-B577-6D76ADBD6979C:program files (x86)soulseekqtsoulseekqt.exe] => (Block) C:program files (x86)soulseekqtsoulseekqt.exe () [File not signed]

FirewallRules: [UDP Query User1C042E6F-79B1-4354-945A-103696EB9945C:program files (x86)soulseekqtsoulseekqt.exe] => (Block) C:program files (x86)soulseekqtsoulseekqt.exe () [File not signed]

FirewallRules: [TCP Query User16E10655-99C6-4050-8E89-D57F6F18A920C:program files (x86)skypephoneskype.exe] => (Allow) C:program files (x86)skypephoneskype.exe => No File

FirewallRules: [UDP Query User052989CE-193D-439A-ABF6-6C5A57B97CBCC:program files (x86)skypephoneskype.exe] => (Allow) C:program files (x86)skypephoneskype.exe => No File

FirewallRules: [TCP Query UserD9402F64-6C5B-43AE-9415-C52306CD3465C:usersXXXXXXZZZappdataroamingacestreamengineace_engine.exe] => (Allow) C:usersXXXXXXZZZappdataroamingacestreamengineace_engine.exe => No File

FirewallRules: [UDP Query UserD68E4CDB-5539-4A54-B66A-E9E07FB4DA19C:usersXXXXXXZZZappdataroamingacestreamengineace_engine.exe] => (Allow) C:usersXXXXXXZZZappdataroamingacestreamengineace_engine.exe => No File

FirewallRules: [TCP Query User70E94656-89AD-4D48-8485-5C61A98E5D7DC:program filesnefarius software solutionsscptoolkitscpserver.exe] => (Allow) C:program filesnefarius software solutionsscptoolkitscpserver.exe => No File

FirewallRules: [UDP Query User08EA37E1-5D9D-44D9-B1B5-D00E1E46864FC:program filesnefarius software solutionsscptoolkitscpserver.exe] => (Allow) C:program filesnefarius software solutionsscptoolkitscpserver.exe => No File

FirewallRules: [TCP Query User9DB2D3EB-A419-40A9-8B7F-02B5F54F0ED6C:program files (x86)airdroidairdroid.exe] => (Allow) C:program files (x86)airdroidairdroid.exe => No File

FirewallRules: [UDP Query User0C64B981-176C-43C7-AC23-DCDFE020FD7CC:program files (x86)airdroidairdroid.exe] => (Allow) C:program files (x86)airdroidairdroid.exe => No File

FirewallRules: [999E8B30-A3CC-4CFC-82E9-BE529C851F3E] => (Allow) C:UsersXXXXXXZZZAppDataLocalTemp7zS1A27HPDiagnosticCoreUI.exe => No File

FirewallRules: [4C9EB99C-5BB1-4E5A-9383-0E808C25D152] => (Allow) C:UsersXXXXXXZZZAppDataLocalTemp7zS1A27HPDiagnosticCoreUI.exe => No File

FirewallRules: [TCP Query UserB4B18508-AD74-4D0F-91E0-A0A25EB96CECC:program files (x86)sonycontent manager assistantcma.exe] => (Block) C:program files (x86)sonycontent manager assistantcma.exe (Sony Computer Entertainment Inc. -> Sony Computer Entertainment Inc.)

FirewallRules: [UDP Query User791C7AA4-28C9-4307-BFD5-93EFF7A53417C:program files (x86)sonycontent manager assistantcma.exe] => (Block) C:program files (x86)sonycontent manager assistantcma.exe (Sony Computer Entertainment Inc. -> Sony Computer Entertainment Inc.)

FirewallRules: [TCP Query UserBFE9BE95-C491-45D5-97F0-1F91C2DCCBDEC:program files (x86)skypephoneskype.exe] => (Block) C:program files (x86)skypephoneskype.exe => No File

FirewallRules: [2A3B511F-88A9-434F-851F-8323C7B84A61] => (Allow) C:Program FilesEasewareDriverEasyDriverEasy.exe (Easeware Technology Limited -> Easeware)

FirewallRules: [F58757DD-5309-4BAC-8672-3228BB5C0926] => (Allow) C:UsersXXXXXXZZZAppDataLocalTemp7zS5F1AHPDiagnosticCoreUI.exe => No File

FirewallRules: [E6751800-8FD6-446B-859E-0C8AD3D2993C] => (Allow) C:UsersXXXXXXZZZAppDataLocalTemp7zS5F1AHPDiagnosticCoreUI.exe => No File

FirewallRules: [A7E1E8CF-3332-4C3B-B2F2-4D0513F85CF2] => (Allow) LPort=9422

FirewallRules: [03ADEAC4-2838-478C-B592-ED07458E4C1E] => (Allow) LPort=9245

FirewallRules: [F59BA0EC-D15A-450E-A3B5-3CD06B04642D] => (Allow) LPort=9246

FirewallRules: [091F67FF-828D-40B1-BF39-95961341573C] => (Allow) LPort=9247

FirewallRules: [TCP Query UserE248A19E-99A2-4804-B6BC-5ACD8565160BC:program files (x86)caincain.exe] => (Allow) C:program files (x86)caincain.exe => No File

FirewallRules: [UDP Query User4D5623CB-FB3B-4213-8FD5-8A30C84E8FA2C:program files (x86)caincain.exe] => (Allow) C:program files (x86)caincain.exe => No File

FirewallRules: [7C5AB3F8-67AF-44F7-8597-902CC0D24BD9] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [479750AD-D7FF-40D1-BBF8-C2E1B082AF6E] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [66A28919-DA35-4E6F-A3A3-A57E77F7746B] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [F876F68F-A0AF-4E72-A14C-7D600645599A] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [TCP Query User50979378-03F8-44E0-90DB-5D6959D70469C:program files (x86)soulseekqtsoulseekqt.exe] => (Allow) C:program files (x86)soulseekqtsoulseekqt.exe () [File not signed]

FirewallRules: [UDP Query UserC833F1CD-6066-403C-98CA-92840F4DEE3DC:program files (x86)soulseekqtsoulseekqt.exe] => (Allow) C:program files (x86)soulseekqtsoulseekqt.exe () [File not signed]

FirewallRules: [TCP Query User973BD09C-F2D6-428F-AA51-398E84385F98C:program files (x86)facebook friend mapperphantomjs.exe] => (Block) C:program files (x86)facebook friend mapperphantomjs.exe => No File

FirewallRules: [UDP Query UserFC808989-45B7-4EA6-9D7B-17B90191BD9FC:program files (x86)facebook friend mapperphantomjs.exe] => (Block) C:program files (x86)facebook friend mapperphantomjs.exe => No File

FirewallRules: [TCP Query User1C96D305-E77E-4FB0-882C-E011AEDE7B98C:usersXXXXXXZZZappdataroamingacestreamengineace_engine.exe] => (Allow) C:usersXXXXXXZZZappdataroamingacestreamengineace_engine.exe => No File

FirewallRules: [UDP Query User92E6F78F-1558-4A1E-89BD-C9718E9F0025C:usersXXXXXXZZZappdataroamingacestreamengineace_engine.exe] => (Allow) C:usersXXXXXXZZZappdataroamingacestreamengineace_engine.exe => No File

FirewallRules: [TCP Query User9EBAD4BE-25CB-4D18-B75E-7A6CDE9BB797C:usersXXXXXXZZZappdataroamingutorrentupdates3.5.4_44632.exe] => (Allow) C:usersXXXXXXZZZappdataroamingutorrentupdates3.5.4_44632.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [UDP Query User14DF02A4-E03D-4848-9B20-5E4BF53829F9C:usersXXXXXXZZZappdataroamingutorrentupdates3.5.4_44632.exe] => (Allow) C:usersXXXXXXZZZappdataroamingutorrentupdates3.5.4_44632.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [TCP Query UserAE9277F6-2BA5-48AD-989C-910019969FDCC:program files (x86)winpcaprpcapd.exe] => (Block) C:program files (x86)winpcaprpcapd.exe (CACE Technologies, Inc. -> CACE Technologies, Inc.)

FirewallRules: [UDP Query User35D83A15-0FB0-43D7-BCF5-C0B8D94CB1C3C:program files (x86)winpcaprpcapd.exe] => (Block) C:program files (x86)winpcaprpcapd.exe (CACE Technologies, Inc. -> CACE Technologies, Inc.)

FirewallRules: [TCP Query User24BEA927-D042-4EBC-A3B5-4274B8538946C:usersXXXXXXZZZdownloadszeronet-win-distzeronet.exe] => (Allow) C:usersXXXXXXZZZdownloadszeronet-win-distzeronet.exe => No File

FirewallRules: [UDP Query UserB3EDB2D5-3563-4F56-8092-946663BDE464C:usersXXXXXXZZZdownloadszeronet-win-distzeronet.exe] => (Allow) C:usersXXXXXXZZZdownloadszeronet-win-distzeronet.exe => No File

FirewallRules: [8EA1455A-A080-426A-8D2D-5335EB3D8E34] => (Allow) C:Program FilesBlueStacksHD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)

FirewallRules: [A921AD6F-18C4-4A87-94B3-B778404C4912] => (Allow) C:Program Files (x86)VMwareVMware Playervmware-authd.exe (VMware, Inc. -> VMware, Inc.)

FirewallRules: [45CAEAFE-406C-4630-B965-2E046F854716] => (Allow) C:Program Files (x86)VMwareVMware Playervmware-authd.exe (VMware, Inc. -> VMware, Inc.)

FirewallRules: [1DF90E31-1041-4093-A46F-530835B973A6] => (Allow) C:Program Files (x86)MicrosoftSkype for DesktopSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [37D7A423-4F11-48BC-A63A-D606409F3905] => (Allow) C:Program Files (x86)MicrosoftSkype for DesktopSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [A68B9487-DE2A-42D4-8F65-7AD1BE4FF56E] => (Allow) C:UsersXXXXXXZZZDownloadsultdata-android.exe => No File

FirewallRules: [0502B751-C5CB-4DD2-8CF9-5CB89E5FC85C] => (Allow) C:UsersXXXXXXZZZDownloadsultdata-android.exe => No File

FirewallRules: [TCP Query UserDDB5E758-E868-4317-B733-0FE13C15E18BC:program filesandroidandroid studiojrebinjava.exe] => (Allow) C:program filesandroidandroid studiojrebinjava.exe

FirewallRules: [UDP Query User6098E9AC-3E8B-4C11-AE5E-5D77E65F248AC:program filesandroidandroid studiojrebinjava.exe] => (Allow) C:program filesandroidandroid studiojrebinjava.exe

FirewallRules: [TCP Query UserD16594A1-06E4-4EDD-85AC-3AB7A8523C48C:usersXXXXXXZZZappdataroamingspotifyspotify.exe] => (Allow) C:usersXXXXXXZZZappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [UDP Query User347E955D-D687-412B-B652-2E7BE3FB0FE3C:usersXXXXXXZZZappdataroamingspotifyspotify.exe] => (Allow) C:usersXXXXXXZZZappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [TCP Query User9318684D-7351-437E-AA4B-38CDAB311CC5C:usersXXXXXXZZZappdataroamingspotifyspotify.exe] => (Block) C:usersXXXXXXZZZappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [UDP Query User2B2AEEDB-7C5F-4179-BE80-649DD55B4518C:usersXXXXXXZZZappdataroamingspotifyspotify.exe] => (Block) C:usersXXXXXXZZZappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [TCP Query User2E858FE0-9142-4312-8E70-C21A0FA30D53C:usersXXXXXXZZZappdatalocalmicrosoftteamscurrentteams.exe] => (Allow) C:usersXXXXXXZZZappdatalocalmicrosoftteamscurrentteams.exe => No File

FirewallRules: [UDP Query UserFD2327B3-3575-4FFD-8CD6-110255058609C:usersXXXXXXZZZappdatalocalmicrosoftteamscurrentteams.exe] => (Allow) C:usersXXXXXXZZZappdatalocalmicrosoftteamscurrentteams.exe => No File

FirewallRules: [663C67BD-E556-4C15-B443-0198A336ACCE] => (Block) C:usersXXXXXXZZZappdatalocalmicrosoftteamscurrentteams.exe => No File

FirewallRules: [37553DE9-4D90-4CE3-AFEA-CD53619A5F61] => (Block) C:usersXXXXXXZZZappdatalocalmicrosoftteamscurrentteams.exe => No File

FirewallRules: [F3A0DD59-0075-44DB-833D-668479A84900] => (Allow) C:UsersXXXXXXZZZAppDataRoamingZoombinZoom.exe => No File

FirewallRules: [8B730F98-3968-42A3-AB7B-001BD1618A58] => (Allow) C:UsersXXXXXXZZZAppDataRoamingZoombinairhost.exe => No File

FirewallRules: [F0045ADC-AEA7-406F-8C15-26BA696126A9] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [4B943EEA-FFAE-48AC-83AB-470A55A8022B] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [4C2E7AE0-A446-4C94-A73B-E6FAA3E4EA66] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [467134C1-8DBE-4139-8EDE-D7E61A286F65] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [TCP Query UserD8ED4101-A5CE-4C62-A166-C94C7B8A673FC:fakenet1.4.11fakenet.exe] => (Allow) C:fakenet1.4.11fakenet.exe () [File not signed]

FirewallRules: [UDP Query UserCBCE98D5-763A-4A0E-AD25-A01A11150B65C:fakenet1.4.11fakenet.exe] => (Allow) C:fakenet1.4.11fakenet.exe () [File not signed]

FirewallRules: [TCP Query User44C0B41F-120E-44CA-BCA9-6654375A0B78C:program files (x86)microsoftskype for desktopskype.exe] => (Allow) C:program files (x86)microsoftskype for desktopskype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [UDP Query UserC842BD42-262C-4277-96CD-376902CDA081C:program files (x86)microsoftskype for desktopskype.exe] => (Allow) C:program files (x86)microsoftskype for desktopskype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [TCP Query UserEF992F2B-0A05-4B7D-8D80-0960EDE2BE96C:program files (x86)nmapnmap.exe] => (Allow) C:program files (x86)nmapnmap.exe (Insecure.Com LLC -> Insecure.Org)

FirewallRules: [UDP Query UserED9C07AC-142E-4AF4-B911-F0430B82B0ADC:program files (x86)nmapnmap.exe] => (Allow) C:program files (x86)nmapnmap.exe (Insecure.Com LLC -> Insecure.Org)

FirewallRules: [TCP Query UserDB6B9E30-A92D-4FAA-B83C-534A9DB88096C:program files (x86)microsoft officeoffice14groove.exe] => (Block) C:program files (x86)microsoft officeoffice14groove.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [UDP Query User5E059811-A8BA-4348-A5EE-8024A24393C9C:program files (x86)microsoft officeoffice14groove.exe] => (Block) C:program files (x86)microsoft officeoffice14groove.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [FABFAEEE-3FF4-421B-A30B-818CDC15DD55] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

01-06-2020 18:20:41 Installed OSRAM

==================== Faulty Device Manager Devices ============

Name: WAN Miniport (SSTP) #3

Description: WAN Miniport (SSTP)

Class Guid: 4d36e972-e325-11ce-bfc1-08002be10318

Manufacturer: Microsoft

Service: RasSstp

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver

Name: vJoy Device

Description: vJoy Device

Class Guid: 745a17a0-74d3-11d0-b6fe-00a0c90f57da

Manufacturer: Shaul Eizikovich

Service: vjoy

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: ========================

Application errors:

==================

Error: (06/09/2020 09:32:39 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nome da aplicação com falha: SecureLine.exe, versão: 1.0.289.0, carimbo de data/hora: 0x5720feec

Nome do módulo com falha: HTMLayout.dll, versão: 6.3.9600.19697, carimbo de data/hora: 0x5e91f218

Código de exceção: 0xc0000135

Desvio de falha: 0x0009d452

ID do processo com falha: 0x1294

Hora de início da aplicação com falha: 0x01d63e367fe5e91f

Caminho da aplicação com falha: C:Program FilesAVAST SoftwareSecureLineSecureLine.exe

Caminho do módulo com falha: HTMLayout.dll

ID do Relatório: c6e5238e-aa2b-11ea-8303-3ca82aab1c8a

Nome completo do pacote com falha:

ID da aplicação relativa ao pacote com falha:

Error: (06/09/2020 09:30:46 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: O programa LiveComm.exe versão 17.5.9600.22013 deixou de interagir com o Windows e foi fechado. Para verificar se existem mais informações disponíveis sobre o problema, consulte o histórico de problemas no painel de controlo do Centro de Ação.

ID do Processo: 1d24

Hora de Início: 01d63e378eedd1c5

Hora de Cessação: 4294967295

Caminho da Aplicação: C:Program FilesWindowsAppsmicrosoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbweLiveComm.exe

ID do Relatório: 8290376b-aa2b-11ea-8303-3ca82aab1c8a

Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe

ID da aplicação relativa ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/09/2020 09:21:41 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: O programa LiveComm.exe versão 17.5.9600.22013 deixou de interagir com o Windows e foi fechado. Para verificar se existem mais informações disponíveis sobre o problema, consulte o histórico de problemas no painel de controlo do Centro de Ação.

ID do Processo: 1be8

Hora de Início: 01d63e36410c1675

Hora de Cessação: 4294967295

Caminho da Aplicação: C:Program FilesWindowsAppsmicrosoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbweLiveComm.exe

ID do Relatório: 35f199e1-aa2a-11ea-8303-3ca82aab1c8a

Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe

ID da aplicação relativa ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/09/2020 09:10:41 AM) (Source: DPTF) (EventID: 256) (User: )

Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.0.10100.71) TYPE: ERROR

DPTF Build Version:  8.0.10100.71

DPTF Build Date:  Sep 18 2014 11:16:17

Source File:  ……..SourcesPoliciesPolicyLibPolicyBase.cpp @ line 553

Executing Function:  PolicyBase::takeControlOfOsc

Message:  Failed to acquire OSC.

Policy: [0]

Error: (06/08/2020 02:11:58 AM) (Source: NvStreamSvc) (EventID: 1) (User: )

Description: Event-ID 1

Error: (06/08/2020 02:11:57 AM) (Source: NvStreamSvc) (EventID: 1) (User: )

Description: Event-ID 1

Error: (06/07/2020 05:15:29 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nome da aplicação com falha: rundll32.exe_winethc.dll, versão: 6.3.9600.17415, carimbo de data/hora: 0x54504eb8

Nome do módulo com falha: USER32.dll, versão: 6.3.9600.19697, carimbo de data/hora: 0x5e91f8a1

Código de exceção: 0xc0000142

Desvio de falha: 0x00000000000ecf40

ID do processo com falha: 0xfe20

Hora de início da aplicação com falha: 0x01d63ce6dc383106

Caminho da aplicação com falha: C:WindowsSystem32rundll32.exe

Caminho do módulo com falha: USER32.dll

ID do Relatório: 1a146bd8-a8da-11ea-8302-3ca82aab1c8a

Nome completo do pacote com falha:

ID da aplicação relativa ao pacote com falha:

Error: (06/07/2020 11:52:54 AM) (Source: Perflib) (EventID: 1008) (User: )

Description: O procedimento Open para o serviço "WmiApRpl" na DLL "C:Windowssystem32wbemwmiaprpl.dll" falhou. Os dados de desempenho para este serviço não estarão disponíveis. Os primeiros quatro bytes (DWORD) da secção Data contêm o código de erro.

System errors:

=============

Error: (06/09/2020 10:13:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: O serviço Gestor de ligação de acesso remoto terminou com o seguinte erro:

O sistema não conseguiu localizar o ficheiro especificado.

Error: (06/09/2020 10:13:02 AM) (Source: RasMan) (EventID: 20030) (User: )

Description: Remote Access Connection Manager failed to start because it could not load one or more communication DLLs. Ensure that your communication hardware is installed and then restart the Remote Access Connection Manager service. If the problem persists, contact the system administrator. O sistema não conseguiu localizar o ficheiro especificado.

Error: (06/09/2020 09:43:42 AM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: O serviço Gestor de ligação de acesso remoto terminou com o seguinte erro:

O sistema não conseguiu localizar o ficheiro especificado.

Error: (06/09/2020 09:43:42 AM) (Source: RasMan) (EventID: 20030) (User: )

Description: Remote Access Connection Manager failed to start because it could not load one or more communication DLLs. Ensure that your communication hardware is installed and then restart the Remote Access Connection Manager service. If the problem persists, contact the system administrator. O sistema não conseguiu localizar o ficheiro especificado.

Error: (06/09/2020 09:41:40 AM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: O serviço Gestor de ligação de acesso remoto terminou com o seguinte erro:

O sistema não conseguiu localizar o ficheiro especificado.

Error: (06/09/2020 09:41:40 AM) (Source: RasMan) (EventID: 20030) (User: )

Description: Remote Access Connection Manager failed to start because it could not load one or more communication DLLs. Ensure that your communication hardware is installed and then restart the Remote Access Connection Manager service. If the problem persists, contact the system administrator. O sistema não conseguiu localizar o ficheiro especificado.

Error: (06/09/2020 09:21:28 AM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: O serviço Gestor de ligação de acesso remoto terminou com o seguinte erro:

O sistema não conseguiu localizar o ficheiro especificado.

Error: (06/09/2020 09:21:27 AM) (Source: RasMan) (EventID: 20030) (User: )

Description: Remote Access Connection Manager failed to start because it could not load one or more communication DLLs. Ensure that your communication hardware is installed and then restart the Remote Access Connection Manager service. If the problem persists, contact the system administrator. O sistema não conseguiu localizar o ficheiro especificado.

Windows Defender:

===================================

Date: 2016-04-30 16:06:04.685

Description:

A análise de Windows Defender foi parada antes de ser concluída.

ID de Análise: 0F93CF3B-A2A0-4700-9D62-D626C4F6BC00

Tipo de Análise: Antimalware

Parâmetros de Análise: Análise Rápida

Utilizador: NT AUTHORITYSYSTEM

Date: 2016-04-30 14:18:37.297

Description:

A análise de Windows Defender foi parada antes de ser concluída.

ID de Análise: 30B6151F-CD35-4918-8EBA-47223CB0EE9A

Tipo de Análise: Antimalware

Parâmetros de Análise: Análise Rápida

Utilizador: NT AUTHORITYSYSTEM

Date: 2016-04-28 23:46:49.814

Description:

A análise de Windows Defender foi parada antes de ser concluída.

ID de Análise: BBE65ED8-605F-4130-9BD3-D58DD3640E3B

Tipo de Análise: Antimalware

Parâmetros de Análise: Análise Rápida

Utilizador: NT AUTHORITYSYSTEM

Date: 2016-04-28 22:11:50.407

Description:

A análise de Windows Defender foi parada antes de ser concluída.

ID de Análise: D556AB88-19BC-4270-979C-58941438DC75

Tipo de Análise: Antimalware

Parâmetros de Análise: Análise Rápida

Utilizador: NT AUTHORITYSYSTEM

Date: 2016-04-28 21:58:02.035

Description:

A análise de Windows Defender foi parada antes de ser concluída.

ID de Análise: 20BA1FA2-3A89-4648-8CC9-3D9F0804C803

Tipo de Análise: Antimalware

Parâmetros de Análise: Análise Rápida

Utilizador: NT AUTHORITYSYSTEM

Date: 2016-04-28 02:40:09.940

Description:

Windows Defender encontrou um erro ao tentar carregar assinaturas e irá tentar reverter para um conjunto de assinaturas em condições conhecido.

Assinaturas Tentadas: Atual

Código de Erro: 0x80073aba

Descrição do Erro: O recurso é demasiado velho para ser compatível.

Versão de Assinatura: 1.191.2881.0;1.191.2881.0

Versão de Motor: 1.1.11302.0

Date: 2014-12-10 04:48:25.704

Description:

A funcionalidade de Proteção em Tempo Real de Windows Defender encontrou um erro e falhou.

Funcionalidade: Sistema de Inspeção de Rede

Código de Erro: 0x80070002

Descrição do Erro: The system cannot find the file specified.

Razão: Faltam atualizações no sistema que são necessárias à execução do Sistema de Inspeção de Rede. Instale as atualizações necessárias e reinicie o computador.

Date: 2014-12-10 04:46:18.485

Description:

A funcionalidade de Proteção em Tempo Real de Windows Defender encontrou um erro e falhou.

Funcionalidade: Sistema de Inspeção de Rede

Código de Erro: 0x80070002

Descrição do Erro: The system cannot find the file specified.

Razão: Faltam atualizações no sistema que são necessárias à execução do Sistema de Inspeção de Rede. Instale as atualizações necessárias e reinicie o computador.

CodeIntegrity:

===================================

Date: 2018-11-13 09:54:06.045

Description:

Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume4WindowsSystem32wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-13 09:54:05.586

Description:

Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume4WindowsSystem32wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-13 09:54:04.899

Description:

Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume4WindowsSystem32wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-13 09:54:04.297

Description:

Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume4WindowsSystem32wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-13 09:54:03.799

Description:

Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume4WindowsSystem32wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-13 09:54:03.416

Description:

Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume4WindowsSystem32wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-13 09:54:03.150

Description:

Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume4WindowsSystem32wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-13 09:54:02.801

Description:

Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume4WindowsSystem32wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: Insyde F.03 03/31/2015

Motherboard: Hewlett-Packard 8096

Processor: Intel® Core™ i5-5200U CPU @ 2.20GHz

Percentage of memory in use: 41%

Total physical RAM: 8130.26 MB

Available physical RAM: 4745.97 MB

Total Virtual: 16834.26 MB

Available Virtual: 13268.11 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:441.62 GB) (Free:56.1 GB) NTFS

Drive d: (RECOVERY) (Fixed) (Total:23.12 GB) (Free:2.56 GB) NTFS ==>[system with boot components (obtained from drive)]

\?Volume320a96b5-9680-4cfd-94e7-147030d64aeb (WINRE) (Fixed) (Total:0.63 GB) (Free:0.34 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================

Disk: 0 (Size: 465.8 GB) (Disk ID: 4199D061)

Partition: GPT.

==================== End of Addition.txt =======================

Click to rate this post!
[Total: 0 Average: 0]

Commentaires

Laisser un commentaire

Votre commentaire sera révisé par les administrateurs si besoin.