Attaques Bonet / MITM / Spam possibles. analyse pcapng – Serveur d’impression
Donc, nouveau scan (09-06-2020):
Résultat de l'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2020
Exécuté par XXXXXXZZZ (administrateur) sur XXXXXXZZZ (Hewlett-Packard HP Pavilion Notebook) (09-06-2020 11:52:22)
Exécution à partir de C: Users XXXXXXZZZ Downloads
Profils chargés: XXXXXXZZZ
Plateforme: Windows 8.1 (mise à jour) (X64) Langue: Português (Portugal)
Navigateur par défaut: Chrome
Mode de démarrage: Normal
==================== Processus (liste blanche) =================
(Si une entrée est incluse dans la liste de correctifs, le processus sera fermé. Le fichier ne sera pas déplacé.)
() [File not signed] C: Program Files Hewlett-Packard SimplePass opvapp.exe
(Adobe Inc. -> Adobe Systems) C: Program Files (x86) Common Files Adobe ARM 1.0 armsvc.exe
(Apple Inc. -> Apple Inc.) C: Program Files Bonjour mDNSResponder.exe
(Atheros Communications, Inc.) [File not signed] C: Program Files (x86) Jumpstart jswpbapi.exe
(AVAST Software s.r.o. -> AVAST Software) C: Program Files AVAST Software SecureLine VpnSvc.exe
(AVG Netherlands B.V. ->) C: Program Files (x86) AVG Web TuneUp WtuSystemSupport.exe
(AVG Netherlands B.V. -> AVG Secure Search) C: Program Files (x86) Common Files AVG Secure Search vToolbarUpdater 40.3.8 ToolbarUpdater.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C: Program Files (x86) AVG AVG TuneUp TuneupSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C: Program Files (x86) AVG AVG TuneUp TuneupUI.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C: Program Files (x86) AVG Antivirus aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C: Program Files (x86) AVG Antivirus aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C: Program Files (x86) AVG Antivirus AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C: Program Files (x86) AVG Antivirus AVGUI.exe <2>
(CyberLink Corp. ->) C: Program Files CyberLink Shared files RichVideo64.exe
(CyberLink Corp. -> CyberLink Corp.) C: Program Files (x86) Cyberlink YouCam YouCamService.exe
(Dassault Systèmes) [File not signed] C: Program Files Dassault Systemes DraftSight bin dsHttpApiService.exe
(DesignBuilder Software Ltd -> DesignBuilder Software Ltd.) C: Program Files (x86) DesignBuilder JobServer DBJobServer.exe
(DesignBuilder Software Ltd -> DesignBuilder) C: Program Files (x86) DesignBuilder Lib DBSimLServer.exe
(DEVGURU CO LTD -> DEVGURU Co., LTD.) C: Program Files Samsung USB Drivers 25_escape conn ss_conn_service.exe
(DEVGURU Co., Ltd. -> DEVGURU Co., LTD.) C: Program Files Samsung USB Drivers 28_ssconn2 conn ss_conn_service2.exe
(Hewlett Packard -> Hewlett-Packard Co.) C: Program Files HP HP Deskjet 3050 J610 series Bin ScanToPCActivationApp.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C: Program Files (x86) Hewlett-Packard Shared hpqwmiex.exe
(Société Hewlett-Packard -> Société Hewlett-Packard) C: Windows System32 hpservice.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C: Program Files (x86) Hewlett-Packard HP CoolSense CoolSense.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C: Program Files (x86) Hewlett-Packard HP System Event HPWMISVC.exe
(HP Inc. -> HP Inc.) C: Program Files (x86) Hewlett-Packard HP Support Solutions HPSupportSolutionsFrameworkService.exe
(Intel Corporation – Groupe des sous-systèmes intégrés et blocs IP -> Intel Corporation) C: Program Files (x86) Intel Intel® Management Engine Components DAL jhi_service.exe
(Intel Corporation – Groupe des sous-systèmes intégrés et blocs IP -> Intel Corporation) C: Program Files (x86) Intel Intel® Management Engine Components LMS LMS.exe
(Intel Corporation – pGFX -> Intel Corporation) C: Windows System32 igfxCUIService.exe
(Intel Corporation – pGFX -> Intel Corporation) C: Windows System32 igfxEM.exe
(Intel Corporation – pGFX -> Intel Corporation) C: Windows System32 igfxHK.exe
(Intel Corporation – Technologie de stockage rapide -> Intel Corporation) C: Program Files Intel Intel® Rapid Storage Technology IAStorDataMgrSvc.exe
(Intel Corporation – Technologie de stockage rapide -> Intel Corporation) C: Program Files Intel Intel® Rapid Storage Technology IAStorIcon.exe
(Logiciel Intel® -> Intel Corporation) C: Windows SysWOW64 esif_uf.exe
(Logiciel Intel® -> Intel Corporation) C: Windows Temp DPTF esif_assist.exe
(Malwarebytes Inc -> Malwarebytes) C: Program Files Malwarebytes Anti-Malware MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C: Program Files Malwarebytes Anti-Malware mbamtray.exe
(Mega Limited -> Mega Limited) C: Users XXXXXXZZZ AppData Local MEGAsync MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C: Program Files (x86) Microsoft Office Office14 MSOSYNC.EXE
(Microsoft Corporation -> Microsoft Corporation) C: Windows Microsoft.NET Framework64 v3.0 WPF PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 wlanext.exe
(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files (x86) NVIDIA Corporation NetService NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files (x86) NVIDIA Corporation Update Core NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files NVIDIA Corporation Display nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files NVIDIA Corporation Display nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files NVIDIA Corporation NvStreamSrv nvstreamsvc.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C: Windows System32 nvvsvc.exe <2>
(Technologie PLX) [File not signed] C: Program Files (x86) Iomega Iomega Encryption Iomega Encryption.exe
(Realtek Semiconductor Corp ->) C: Program Files (x86) Realtek REALTEK Bluetooth BTDevMgr.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C: Program Files Realtek Audio HDA RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C: Program Files Realtek Audio HDA RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C: Program Files Realtek Audio HDA RtkNGUI64.exe
(Softex Inc.) [File not signed] C: Program Files Hewlett-Packard SimplePass OmniServ.exe
(Softex Incorporated -> Hewlett-Packard) C: Program Files Hewlett-Packard SimplePass ClientCore.exe
(Softex Incorporated -> Hewlett-Packard) C: Program Files Hewlett-Packard SimplePass OPBHOBroker.exe
(Softex Incorporated -> Hewlett-Packard) C: Program Files Hewlett-Packard SimplePass OPBHOBrokerDsktop.exe
(Synaptics Incorporated -> Synaptics Incorporated) C: Program Files Synaptics SynTP SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C: Program Files Synaptics SynTP SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C: Program Files Synaptics SynTP SynTPHelper.exe
(VMware, Inc. -> VMware, Inc.) C: Program Files (x86) Common Files VMware USB vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C: Program Files (x86) VMware VMware Player vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C: Windows SysWOW64 vmnat.exe
(VMware, Inc. -> VMware, Inc.) C: Windows SysWOW64 vmnetdhcp.exe
(WildTangent Inc -> WildTangent) C: Program Files (x86) WildTangent Games App GamesAppIntegrationService.exe
(WildTangent Inc -> WildTangent, Inc.) C: Program Files (x86) WildTangent Games App GamesAppService.exe
==================== Registre (liste blanche) ===================
(Si une entrée est incluse dans la liste de correctifs, l'élément de registre sera restauré par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM … Run: [RTHDVCPL] => C: Program Files Realtek Audio HDA RtkNGUI64.exe [8459480 2015-03-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM … Run: [NvBackend] => C: Program Files (x86) NVIDIA Corporation Update Core NvBackend.exe [2464072 2015-02-09] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM … Run: [ShadowPlay] => C: Windows system32 nvspcap64.dll [2800296 2015-02-09] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM … Run: [AdobeAAMUpdater-1.0] => C: Program Files (x86) Common Files Adobe OOBE PDApp UWA UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM … Run: [IAStorIcon] => C: Program Files Intel Intel® Rapid Storage Technology IAStorIcon.exe [322472 2015-07-22] (Intel Corporation – Technologie de stockage rapide -> Intel Corporation)
HKLM … Run: [AVGUI.exe] => C: Program Files (x86) AVG Antivirus AvLaunch.exe [156776 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32 … Exécuter: [AccelerometerSysTrayApplet] => C: Program Files (x86) Hewlett-Packard HP 3D DriveGuard AccelerometerST.exe [127624 2015-01-30] (Société Hewlett-Packard -> Société Hewlett-Packard)
HKLM-x32 … Exécuter: [HPMessageService] => C: Program Files (x86) Hewlett-Packard HP System Event HPMSGSVC.exe [509192 2014-12-01] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32 … Exécuter: [HP Software Update] => C: Program Files (x86) Hp HP Software Update HPWuSchd2.exe [96056 2013-05-30] (Société Hewlett-Packard -> Hewlett-Packard)
HKLM-x32 … Exécuter: [BCSSync] => C: Program Files (x86) Microsoft Office Office14 BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32 … Exécuter: [] => [X]
HKLM-x32 … Exécuter: [Acrobat Assistant 8.0] => C: Program Files (x86) Adobe Acrobat 11.0 Acrobat Acrotray.exe [3498728 2015-06-29] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32 … Exécuter: [vProt] => C: Program Files (x86) AVG Web TuneUp vprot.exe [2195968 2019-01-28] (AVG Netherlands B.V. ->)
HKLM-x32 … Exécuter: [VirtualCloneDrive] => C: Program Files (x86) Elaborate Bytes VirtualCloneDrive VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKLM-x32 … Exécuter: [Autodesk Desktop App] => C: Program Files (x86) Autodesk Autodesk Desktop App AutodeskDesktopApp.exe [709416 2018-03-10] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32 … Exécuter: [jswtrayutil] => C: Program Files (x86) Jumpstart jswtrayutil.exe [528384 2008-09-26] (Atheros Communications, Inc.) [File not signed]
HKLM-x32 … Exécuter: [KiesTrayAgent] => C: Program Files (x86) Samsung Kies KiesTrayAgent.exe [318112 2017-11-15] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM-x32 … Exécuter: [Aimersoft Helper Compact.exe] => C: Program Files (x86) Fichiers communs Aimersoft Aimersoft Helper Compact ASHelper.exe [2138272 2016-10-08] (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft)
HKLM-x32 … Exécuter: [SunJavaUpdateSched] => C: Program Files (x86) Fichiers communs Java Java Update jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32 … Exécuter: [XArp] => C: Program Files (x86) XArp xarp.exe [10413568 2011-04-01] (www.chrismc.de) [File not signed]
HKLM … Winlogon: [Userinit] C: Windows SysWOW64 userinit.exe, <==== ATTENTION
HKLM … Policies Explorer: [AllowLegacyWebView] 1
HKLM … Policies Explorer: [AllowUnhashedWebView] 1
HKU S-1-5-21-3751382696-3894377064-3631472648-1001 … Run: [HP Deskjet 3050 J610 series (NET)] => C: Program Files HP HP Deskjet 3050 J610 series Bin ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU S-1-5-21-3751382696-3894377064-3631472648-1001 … Run: [IomegaEncryption] => C: Program Files (x86) Iomega Iomega Encryption Iomega Encryption.exe [455168 2011-09-16] (Technologie PLX) [File not signed]
HKU S-1-5-21-3751382696-3894377064-3631472648-1001 … Run: [DAEMON Tools Lite Automount] => C: Program Files DAEMON Tools Lite DTAgent.exe [4289728 2016-04-04] (Disc Soft Ltd -> Disc Soft Ltd)
HKU S-1-5-21-3751382696-3894377064-3631472648-1001 … Run: [GoogleDriveSync] => C: Program Files Google Drive googledrivesync.exe [48214752 2020-04-06] (Google LLC ->)
HKU S-1-5-21-3751382696-3894377064-3631472648-1001 … Run: [Autodesk Sync] => C: Program Files Autodesk Autodesk Sync AdSync.exe [1283112 2016-02-02] (Autodesk, Inc -> Autodesk, Inc.)
HKU S-1-5-21-3751382696-3894377064-3631472648-1001 … Run: [Steam] => C: Program Files (x86) Steam steam.exe [3200800 2018-05-19] (Valve -> Valve Corporation)
HKU S-1-5-21-3751382696-3894377064-3631472648-1001 … Run: [CCleaner Smart Cleaning] => C: Program Files CCleaner CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU S-1-5-21-3751382696-3894377064-3631472648-1001 … Run: [Spotify] => C: Users XXXXXXZZZ AppData Roaming Spotify Spotify.exe [22824680 2020-05-19] (Spotify AB -> Spotify Ltd)
HKU S-1-5-21-3751382696-3894377064-3631472648-1001 … Run: [OfficeSyncProcess] => C: Program Files (x86) Microsoft Office Office14 MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKU S-1-5-21-3751382696-3894377064-3631472648-1001 … Policies Explorer: []
HKU S-1-5-18 … Run: [Autodesk Sync] => C: Program Files Autodesk Autodesk Sync AdSync.exe [1283112 2016-02-02] (Autodesk, Inc -> Autodesk, Inc.)
HKLM … Print Monitors Adobe PDF Port Monitor: C: Windows system32 AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM … Print Monitors HP 9311 Status Monitor: C: Windows system32 hpinksts9311LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM … Print Monitors Moniteur d'état HP C611: C: Windows system32 hpinkstsC611LM.dll [333344 2013-05-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM … Print Monitors HP Discovery Port Monitor (HP Deskjet 3050 J610 series): C: Windows system32 HPDiscoPM9311.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM … Print Monitors HP Universal Port Monitor: C: Windows system32 hpbprtmon.dll [423936 2014-06-11] (Éditeur de compatibilité matérielle Microsoft Windows -> Hewlett-Packard)
HKLM … Print Monitors KM Language Monitor: C: Windows system32 KMPJL64.DLL [124560 2017-07-31] (Éditeur de compatibilité matérielle Microsoft Windows -> KYOCERA Document Solutions Inc.)
HKLM … Print Monitors Wondershare PDFelement Monitor: C: Windows system32 WSPDFelementMonitor.dll [271360 2017-10-19] (Logiciel Wondershare) [File not signed]
HKLM Software Microsoft Active Setup Installed Components: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C: Program Files (x86) Google Chrome Application 83.0.4103.97 Installer chrmstp.exe [2020-06-05] (Google LLC -> Google LLC)
HKLM Software … Authentication Credential Providers: [538C240D-3DEE-4032-AB4C-08A3A6EB0861] -> c: Program Files (x86) CyberLink YouCam CLCredProv x64 CLCredProv.dll [2015-02-11] (CyberLink Corp. -> CyberLink)
HKLM Software … Authentication Credential Providers: [F3F1B0FA-4775-41d8-8578-436772D93FB4] -> C: Program Files Hewlett-Packard SimplePass OmniPassCredProv.dll [2015-03-04] (Softex Inc.) [File not signed]
HKLM Software … Authentication Credential Provider Filters: [F3F1B0FA-4775-41d8-8578-436772D93FB4] -> C: Program Files Hewlett-Packard SimplePass OmniPassCredProv.dll [2015-03-04] (Softex Inc.) [File not signed]
Démarrage: C: ProgramData Microsoft Windows Menu Démarrer Programmes Démarrage Assistante de gestor de conteúdo pour PlayStation®.lnk [2016-04-23]
ShortcutTarget: Assistente de gestor de conteúdo for PlayStation®.lnk -> C: Program Files (x86) Sony Content Manager Assistant CMA.exe (Sony Computer Entertainment Inc. -> Sony Computer Entertainment Inc.)
Démarrage: C: ProgramData Microsoft Windows Menu Démarrer Programmes Démarrage Avast SecureLine VPN.lnk [2019-07-16]
ShortcutTarget: Avast SecureLine VPN.lnk -> C: Program Files AVAST Software SecureLine Vpn.exe (AVAST Software s.r.o. -> AVAST Software)
Démarrage: C: ProgramData Microsoft Windows Menu Démarrer Programmes Démarrage AVG TuneUp.lnk [2019-09-20]
ShortcutTarget: AVG TuneUp.lnk -> C: Program Files (x86) AVG AVG TuneUp TuneupUI.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Démarrage: C: Users XXXXXXZZZ AppData Roaming Microsoft Windows Start Menu Programs Startup Autenticacao.gov.pt.lnk [2020-04-24]
ShortcutTarget: Autenticacao.gov.pt.lnk -> C: Program Files (x86) plugin Autenticacao.Gov Autenticacao.gov.pt.exe (Agência para a Modernização Administrativa, I.P. -> Agência para a Modernização Administrativa, IP)
Démarrage: C: Users XXXXXXZZZ AppData Roaming Microsoft Windows Start Menu Programs Startup MEGAsync.lnk [2019-02-07]
ShortcutTarget: MEGAsync.lnk -> C: Users XXXXXXZZZ AppData Local MEGAsync MEGAsync.exe (Mega Limited -> Mega Limited)
Démarrage: C: Users XXXXXXZZZ AppData Roaming Microsoft Windows Start Menu Programs Startup OneNote 2010 Screen Clipper and Launcher.lnk [2018-05-18]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C: Program Files (x86) Microsoft Office Office14 ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
BootExecute: autocheck autochk / m / P Device HarddiskVolume13autocheck autochk *
GroupPolicy: Restriction? <==== ATTENTION
FF HKLM SOFTWARE Policies Mozilla Firefox: Restriction <==== ATTENTION
CHR HKLM SOFTWARE Policies Google: Restriction <==== ATTENTION
==================== Tâches planifiées (liste blanche) ============
(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)
Tâche: 019EFCA7-800A-45BD-B5D4-E7BC04A47010 – System32 Tasks Adobe Flash Player NPAPI Notifier => C: Windows SysWOW64 Macromed Flash FlashUtil32_32_0_0_371_Plugin.exe [1458232 2020-05-13] (Adobe Inc. -> Adobe)
Tâche: 035A9236-3D0D-4CEC-88E7-316A88A60D57 – System32 Tasks AutoKMS => C: Windows AutoKMS AutoKMS.exe [5046784 2018-01-30] () [File not signed]
Tâche: 0B7F76E1-EE25-416A-B69A-E967896AD3B6 – System32 Tasks GoogleUpdateTaskMachineUA => C: Program Files (x86) Google Update GoogleUpdate.exe [154440 2016-03-18] (Google Inc -> Google Inc.)
Tâche: 0CE47549-B8CB-4819-ABF3-3FA3A57AB0D4 – System32 Tasks Hewlett-Packard HP Active Health HP Active Health Scan (HPSA) => C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPActiveHealth ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.)
Tâche: 130F5CA5-8C3C-463D-8A72-447D87BD6E01 – System32 Tasks Start SimplePass => C: Program Files Hewlett-Packard SimplePass ClientCore.exe [4716280 2015-01-30] (Softex Incorporated -> Hewlett-Packard)
Tâche: 196B8F02-98BF-41FB-B1A3-5F36DB0DE18D – System32 Tasks Adobe Acrobat Update Task => C: Program Files (x86) Common Files Adobe ARM 1.0 AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Tâche: 2082FD68-9C15-4062-AC44-9424D96210B8 – pas de chemin de fichier
Tâche: 23DAD9CE-2053-4866-8F74-D0729C66989D – pas de chemin de fichier
Tâche: 2D6FC168-D4B7-4440-A3F6-FFF3E4F97500 – pas de chemin de fichier
Tâche: 2E6908D5-EFAB-4013-A5F8-C67EA3EB73E1 – System32 Tasks G2MUpdateTask-S-1-5-21-3751382696-3894377064-3631472648-1001 => C: Users XXXXXXZZZ AppData Local GoToM 17956 g2mupdate.exe [32424 2020-06-09] (LogMeIn, Inc. -> LogMeIn, Inc.)
Tâche: 336DBD9A-B9BE-4A9D-8E7E-70DF4DD0C45C – System32 Tasks G2MUploadTask-S-1-5-21-3751382696-3894377064-3631472648-1001 => C: Users XXXXXXZZZ AppData Local Go 17956 g2mupload.exe [32424 2020-06-09] (LogMeIn, Inc. -> LogMeIn, Inc.)
Tâche: 4676C5EC-11E4-46DB-A339-B05760EBFD33 – System32 Tasks Antivirus Emergency Update => C: Program Files (x86) AVG Antivirus AvEmUpdate.exe [3387520 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Tâche: 480057E1-65C8-4672-B6EB-449337F4A059 – System32 Tasks AVG TuneUp Update => C: Program Files (x86) AVG AVG TuneUp TUNEUpdate.exe [1706528 2019-09-20] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Tâche: 482950C8-5BA7-4A9B-B305-736188A98CF5 – System32 Tasks Hewlett-Packard HP Support Assistant HP Support Assistant Quick Start => C: Program Files (x86) Hewlett-Packard HP Support Framework HPSF.exe [1505624 2020-05-20] (HP Inc. -> HP Inc.)
Tâche: 4922F370-D891-4A1B-B13A-67F51EFA83AE – pas de chemin de fichier
Tâche: 506A236E-C8FC-491D-A1A7-2D971555245D – System32 Tasks YCMServiceAgent => c: Program Files (x86) Cyberlink YouCam YouCamService.exe [267224 2015-02-11] (CyberLink Corp. -> CyberLink Corp.)
Tâche: 71EB72E0-9D55-4AC5-BDF7-6B6F866DDCDE – System32 Tasks npcapwatchdog => C: Program Files Npcap CheckStatus.bat [862 2019-04-30] () [File not signed]
Tâche: 7A56FE0C-B693-4340-AEA0-D5C5C9067C4C – System32 Tasks Hewlett-Packard HP Support Assistant HP Support Solutions Framework Updater => C: Program Files (x86) Hewlett-Packard HP Support Solutions Modules HPSSFUpdater.exe [662872 2020-04-30] (HP Inc. -> HP Inc.)
Tâche: 8BF8C487-50E7-4763-9DD0-BEEB2C3856D5 – System32 Tasks Avast SecureLine => C: Program Files AVAST Software SecureLine SecureLine.exe [3438680 2016-05-24] (Logiciel AVAST a.s. -> Logiciel AVAST)
Tâche: 8F05A697-8454-4451-9D04-4F3843C4EC1A – System32 Tasks Hewlett-Packard HP Support Assistant WarrantyChecker => C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPWarrantyCheck HPWarrantyChecker.exe [1117048 2020-03-26] (HP Inc. -> HP Inc.)
Tâche: 9594B004-459A-4105-BDB9-0686695F1DBC – System32 Tasks BlueStacksHelper => C: ProgramData BlueStacks Client Helper BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Tâche: A7A40B26-2C9E-4141-A5EF-3A3EB86182C4 – System32 Tasks Start OPBHOBrokerDesktop => C: Program Files Hewlett-Packard SimplePass OPBHOBrokerDsktop.exe [506104 2015-01-30] (Softex Incorporated -> Hewlett-Packard)
Tâche: AC2D90BD-03AB-4717-B91B-4ACD2D25A495 – System32 Tasks HPCeeScheduleForXXXXXXZZZ => C: Program Files (x86) Hewlett-Packard HP Ceement HPCEE.exe
Tâche: AC444CF5-C990-4BC8-8C8E-9F5B38F05A81 – System32 Tasks Hewlett-Packard HP Support Assistant WarrantyChecker_DeviceScan => C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPWarrantyCheck HPWarrantyChecker.exe [1117048 2020-03-26] (HP Inc. -> HP Inc.)
Tâche: B366A58C-E1F0-4F66-B965-EEE0E58ECF54 – System32 Tasks Start OPBHOBroker => C: Program Files Hewlett-Packard SimplePass OPBHOBroker.exe [506104 2015-01-30] (Softex Incorporated -> Hewlett-Packard)
Tâche: B8FFC866-248A-4176-AC9F-31F3B9144F13 – System32 Tasks CCleanerSkipUAC => C: Program Files CCleaner CCleaner.exe [16494464 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Tâche: B9781211-096A-4A59-B2CD-6631DAA6F92E – System32 Tasks Hewlett-Packard HP Support Assistant PC Health Analysis => C: Program Files (x86) Hewlett-Packard HP Support Framework HPSF. EXE [1505624 2020-05-20] (HP Inc. -> HP Inc.)
Tâche: BDD8080F-6580-4439-B090-E1F0B8980028 – System32 Tasks AVGPCTuneUp_Task_BkGndMaintenance => C: Program Files (x86) AVG AVG PC TuneUp tuscanx.exe
Tâche: BF84E17C-D1AA-4F8E-AD9C-9C3999F8CDD2 – System32 Tasks Mozilla Firefox Default Browser Agent E7CF176E110C211B => C: Program Files (x86) Mozilla Firefox default-browser-agent.exe [124624 2020-06-05] (Mozilla Corporation -> Fondation Mozilla)
Tâche: C045C518-0FA6-4A67-A3D5-151056E6C9D9 – System32 Tasks Adobe Flash Player Updater => C: Windows SysWOW64 Macromed Flash FlashPlayerUpdateService.exe [335416 2020-05-13] (Adobe Inc. -> Adobe)
Tâche: C2BDB807-0EE2-4A05-9C29-E0B43518E8DB – System32 Tasks Hewlett-Packard HP Support Assistant PC Health Analysis Restart => C: Program Files (x86) Hewlett-Packard HP Support Framework HPSF .EXE [1505624 2020-05-20] (HP Inc. -> HP Inc.)
Tâche: C718E444-7E77-4374-9197-635B15CB8D22 – System32 Tasks Avast SecureLine VPN Update => c: program files avast software secureline vpnupdate.exe [1390472 2019-10-24] (AVAST Software s.r.o. -> AVAST Software)
Tâche: C9FF1DA6-EC0B-4F09-A9DB-B6A37A1F1374 – System32 Tasks CCleaner Update => C: Program Files CCleaner CCUpdate.exe [619416 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Tâche: CA139223-98A5-4E6F-9A90-3BD01B619423 – System32 Tasks Driver Easy Scheduled Scan => C: Program Files Easeware DriverEasy DriverEasy.exe [3392368 2017-11-10] (Easeware Technology Limited -> Easeware)
Tâche: CAB11F90-659D-4C59-8472-7217C7636690 – System32 Tasks AVG Overseer => C: Program Files Common Files AVG Overseer overseer.exe [1692296 2020-03-03] (AVG Technologies USA, LLC -> AVG Technologies)
Tâche: D7F26C8B-7EE3-4B58-971C-7ABBFDF75B19 – pas de chemin de fichier
Tâche: E1C5D3F6-C2CE-48AF-96F3-03D7E23B9A45 – System32 Tasks Hewlett-Packard HP Support Assistant Product Configurator => C: Program Files (x86) Hewlett-Packard HP Support Framework Resources ProductConfig .EXE [320856 2020-04-23] (HP Inc. -> HP Inc.)
Tâche: E7333F8C-E08D-4FB6-84DC-694BB2775824 – System32 Tasks Hewlett-Packard HP CoolSense HP CoolSense Start at Logon => C: Program Files (x86) Hewlett-Packard HP CoolSense CoolSense. EXE [1354552 2014-05-19] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
Tâche: EB9B233E-D483-496B-8CD6-9C9CBAAE9007 – System32 Tasks Hewlett-Packard HP Support Assistant HP Support Solutions Framework Report => C: Program Files (x86) Hewlett-Packard HP Support Solutions Modules HPSFReport.exe [134008 2020-03-25] (HP Inc. -> HP Inc.)
Tâche: EBCAD8C1-2F95-424A-87E3-ED87CF10A5D5 – pas de chemin de fichier
Tâche: EDE8E45E-2A78-41AD-8D66-72B614CF9C9E – System32 Tasks GoogleUpdateTaskMachineCore => C: Program Files (x86) Google Update GoogleUpdate.exe [154440 2016-03-18] (Google Inc -> Google Inc.)
Tâche: F173A769-3028-456B-B1A5-D1EC4B2ED322 – System32 Tasks HPCustParticipation HP Deskjet 3050 J610 series => C: Program Files HP HP Deskjet 3050 J610 series Bin HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Tâche: F6005A55-D650-4ABA-99F1-795479106D2D – System32 Tasks 7A5E22F3-13A6-4040-B1C5-E4043B449990 => C: Windows system32 pcalua.exe -a C: E20-II unwcs21.EXE -c C: E20-II csi22 INSTALL.LOG
(Si une entrée est incluse dans la liste de correctifs, le fichier de tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Tâche: C: Windows Tasks Driver Easy Scheduled Scan.job => C: Program Files Easeware DriverEasy DriverEasy.exe
Tâche: C: Windows Tasks G2MUpdateTask-S-1-5-21-3751382696-3894377064-3631472648-1001.job => C: Users XXXXXXZZZ AppData Local GoToMeeting 17956 g2mupdate.exe
Tâche: C: Windows Tasks G2MUploadTask-S-1-5-21-3751382696-3894377064-3631472648-1001.job => C: Users XXXXXXZZZ AppData Local GoToMeeting 17956 g2mupload.exe
Tâche: C: Windows Tasks HPCeeScheduleForXXXXXXZZZ.job => C: Program Files (x86) Hewlett-Packard HP Ceement HPCEE.exe
==================== Internet (liste blanche) ====================
(Si un élément est inclus dans la liste de correctifs, s'il s'agit d'un élément du registre, il sera supprimé ou restauré par défaut.)
Winsock: Catalog5 07 C: Program Files (x86) Bonjour mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog9 12 C: Windows SysWOW64 vsocklib.dll [42376 2018-06-22] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9 13 C: Windows SysWOW64 vsocklib.dll [42376 2018-06-22] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog5-x64 07 C: Program Files Bonjour mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog9-x64 12 C: Windows system32 vsocklib.dll [46472 2018-06-22] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 13 C: Windows system32 vsocklib.dll [46472 2018-06-22] (VMware, Inc. -> VMware, Inc.)
Hôtes: il existe plusieurs entrées dans Hôtes. Voir la section Hôtes de Addition.txt
Tcpip .. Interfaces 9BE7CB1D-7D01-412C-87BA-0BF14F21DCFC: [NameServer] 192.168.175.1
Tcpip .. Interfaces AE83C2A5-B32C-49E6-92F8-44E82B6BF54C: [DhcpNameServer] 192.168.1.1
Tcpip .. Interfaces D7780C2A-6612-4825-B9AA-0AAAE7D9CBB1: [DhcpNameServer] 192.168.1.1
Tcpip .. Interfaces F378EDC9-2002-40C5-A4FD-8D06037995AC: [NameServer] 192.168.56.1
Tcpip .. Interfaces F9ED1E2C-E78F-4493-82DC-AA9A69316967: [NameServer] 192.168.6.1
Internet Explorer:
==================
HKLM Software Microsoft Internet Explorer Main, Start Page = about: vide
HKLM Software Wow6432Node Microsoft Internet Explorer Main, Start Page = about: vide
HKLM Software Wow6432Node Microsoft Internet Explorer Main, Default_Page_URL = hxxp: //hp13.msn.com
HKU .DEFAULT Software Microsoft Internet Explorer Main, Start Page = about: vide
HKU .DEFAULT Software Microsoft Internet Explorer Main, Default_Page_URL = hxxp: //hp13.msn.com
HKU S-1-5-21-3751382696-3894377064-3631472648-1001 Software Microsoft Internet Explorer Main, page de démarrage = hxxps: //mysearch.avg.com/? Cid = 0748ECFF-99FC-45F5- A9A9-AAA31FAD88FA & mid = 2e2973733faf47cca1dda13ec7d56e85-0c260b95194f388f5d97415cd7ba6e43361199e3 & lang = pt & ds = AVG & coid = avgtbavg & cmpid = ipm180 & v = 26 v & d = 20 v
HKU S-1-5-21-3751382696-3894377064-3631472648-1001 Software Microsoft Internet Explorer Main, Default_Page_URL = hxxp: //hp13.msn.com
SearchScopes: HKLM -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =
SearchScopes: HKLM -> 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =
SearchScopes: HKLM-x32 -> C77A81B7-79DB-4F42-8F4C-3CEBC5863FB2 URL = hxxp: //www.amazon.co.uk/s/ref=azs_osd_ieauk? Ie = UTF-8 & tag = hp-uk3-vsb- 21 & link% 5Fcode = qs & index = aps & field-keywords = searchTerms
SearchScopes: HKU S-1-5-21-3751382696-3894377064-3631472648-1001 -> 95B7759C-8C7F-4BF1-B163-73684A933233 URL = hxxps: //mysearch.avg.com/search? Cid = 0748ECFF -99FC-45F5-A9A9-AAA31FAD88FA & mid = 2e2973733faf47cca1dda13ec7d56e85-0c260b95194f388f5d97415cd7ba6e43361199e3 & lang = pt & ds = AVG & COID = avgtbavg & cmpid = ipm180716c & pr = fr & d = 2016-06-12 22: 27: 20 & v = 4.3.9.626 & pid = UMC & sg = & sap = dsp & q = searchTerms
SearchScopes: HKU S-1-5-21-3751382696-3894377064-3631472648-1001 -> C77A81B7-79DB-4F42-8F4C-3CEBC5863FB2 URL = hxxp: //www.amazon.co.uk/s/ref= azs_osd_ieauk? ie = UTF-8 & tag = hp-uk3-vsb-21 & link% 5Fcode = qs & index = aps & field-keywords = searchTerms
BHO: Groove GFS Browser Helper -> 72853161-30C5-4D22-B7F9-0BBC1D38A37E -> C: Program Files Microsoft Office Office14 GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java ™ Plug-In SSV Helper -> 761497BB-D6F0-462C-B6EB-D4DAF1D92D43 -> C: Program Files Java jre1.8.0_241 bin ssv.dll [2020-03-05] (Oracle America, Inc. -> Oracle Corporation)
BHO: AVG Web TuneUp -> 95B7759C-8C7F-4BF1-B163-73684A933233 -> C: Program Files AVG Web TuneUp 4.3.9.626 AVG Web TuneUp.dll [2019-01-28] (AVG Pays-Bas B.V. -> AVG)
BHO: Adobe Acrobat Create PDF Helper -> AE7CD045-E861-484f-8273-0445EE161910 -> C: Program Files (x86) Common Files Adobe Acrobat WCIEActiveX x64 AcroIEFavClient.dll [2015-06-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Gestionnaire de cache de documents Office -> B4F3A835-0E21-4959-BA22-42B3008E02FF -> C: Program Files Microsoft Office Office14 URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java ™ Plug-In 2 SSV Helper -> DBC80044-A445-435b-BC74-9C25C1C588A9 -> C: Program Files Java jre1.8.0_241 bin jp2ssv.dll [2020-03-05] (Oracle America, Inc. -> Oracle Corporation)
BHO: HP Network Check Helper -> E76FD755-C1BA-4DCB-9F13-99BD91223ADE -> C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPNetworkCheck HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO: Adobe Acrobat Créer un fichier PDF à partir de la sélection -> F4971EE7-DAA0-4053-9964-665D8EE6A077 -> C: Program Files (x86) Common Files Adobe Acrobat WCIEActiveX x64 AcroIEFavClient.dll [2015-06-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Aide du navigateur Groove GFS -> 72853161-30C5-4D22-B7F9-0BBC1D38A37E -> C: Program Files (x86) Microsoft Office Office14 GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: extension Evernote -> 92EF2EAD-A7CE-4424-B0DB-499CF856608E -> C: Program Files (x86) Evernote Evernote EvernoteIE.dll [2014-12-17] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: AVG Web TuneUp -> 95B7759C-8C7F-4BF1-B163-73684A933233 -> C: Program Files (x86) AVG Web TuneUp 4.3.9.626 AVG Web TuneUp.dll [2019-01-28] (AVG Pays-Bas B.V. -> AVG)
BHO-x32: Adobe Acrobat Create PDF Helper -> AE7CD045-E861-484f-8273-0445EE161910 -> C: Program Files (x86) Common Files Adobe Acrobat WCIEActiveX AcroIEFavClient.dll [2015-06-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Gestionnaire de cache de documents Office -> B4F3A835-0E21-4959-BA22-42B3008E02FF -> C: Program Files (x86) Microsoft Office Office14 URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> E76FD755-C1BA-4DCB-9F13-99BD91223ADE -> C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPNetworkCheck HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: Adobe Acrobat Créer un fichier PDF à partir de la sélection -> F4971EE7-DAA0-4053-9964-665D8EE6A077 -> C: Program Files (x86) Common Files Adobe Acrobat WCIEActiveX AcroIEFavClient.dll [2015-06-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Barre d'outils: HKLM – Adobe Acrobat Create PDF Toolbar – 47833539-D0C5-4125-9FA8-0819E2EAAC93 – C: Program Files (x86) Common Files Adobe Acrobat WCIEActiveX x64 AcroIEFavClient.dll [2015-06-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Barre d'outils: HKLM-x32 – Adobe Acrobat Create PDF Toolbar – 47833539-D0C5-4125-9FA8-0819E2EAAC93 – C: Program Files (x86) Common Files Adobe Acrobat WCIEActiveX AcroIEFavClient.dll [2015-06-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Barre d'outils: HKU S-1-5-21-3751382696-3894377064-3631472648-1001 -> Adobe Acrobat Create PDF Toolbar – 47833539-D0C5-4125-9FA8-0819E2EAAC93 – C: Program Files (x86) Common Files Adobe Acrobat WCIEActiveX x64 AcroIEFavClient.dll [2015-06-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: asp – 8D32BA61-D15B-11d4-894B-000000000000 – C: Windows SysWow64 hsppp.dll [2006-10-07] (Logiciel EzTools) [File not signed]
Handler-x32: ezstor – 8D32BA61-D15B-11d4-894B-000000000000 – C: Windows SysWow64 hsppp.dll [2006-10-07] (Logiciel EzTools) [File not signed]
Handler-x32: hsp – 8D32BA61-D15B-11d4-894B-000000000000 – C: Windows SysWow64 hsppp.dll [2006-10-07] (Logiciel EzTools) [File not signed]
Handler-x32: jpip – B92DD248-E3D5-4A92-B311-C9B841681455 – C:Program Files (x86)LizardTechExpressViewnpexview.dll [2014-02-02] (LizardTech) [File not signed]
Handler-x32: sidlet – B92DD248-E3D5-4A92-B311-C9B841681455 – C:Program Files (x86)LizardTechExpressViewnpexview.dll [2014-02-02] (LizardTech) [File not signed]
Handler-x32: x-asp – 8D32BA61-D15B-11d4-894B-000000000000 – C:WindowsSysWow64hsppp.dll [2006-10-07] (EzTools Software) [File not signed]
Handler-x32: x-cnote – 8D32BA61-D15B-11d4-894B-000000000000 – C:WindowsSysWow64hsppp.dll [2006-10-07] (EzTools Software) [File not signed]
Handler-x32: x-hsp – 8D32BA61-D15B-11d4-894B-000000000000 – C:WindowsSysWow64hsppp.dll [2006-10-07] (EzTools Software) [File not signed]
Handler-x32: x-mem1 – C3719F83-7EF8-4BA0-89B0-3360C7AFB7CC – C:WindowsSysWow64WowCtl2.dll [2006-10-13] (EzTools Software) [File not signed]
Handler-x32: x-zip – 8D32BA61-D15B-11d4-894B-000000000000 – C:WindowsSysWow64hsppp.dll [2006-10-07] (EzTools Software) [File not signed]
Handler-x32: zip – 8D32BA61-D15B-11d4-894B-000000000000 – C:WindowsSysWow64hsppp.dll [2006-10-07] (EzTools Software) [File not signed]
FireFox:
========
FF DefaultProfile: t5l5e12d.default
FF ProfilePath: C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.default [2020-06-09]
FF Extension: (Disconnect) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensions2.0@disconnect.me.xpi [2020-01-06]
FF Extension: (AVG Web TuneUp) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionsavg@toolbar.xpi [2019-04-11] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avg/wtu/update.json]
FF Extension: (SerpClix ClickSense) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionsdev@serpclix.com.xpi [2020-04-24] [UpdateUrl:hxxps://serpclix.com/downloads/addon/updates.json]
FF Extension: (Ghostery – Privacy Ad Blocker) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionsfirefox@ghostery.com.xpi [2020-05-21]
FF Extension: (HTTPS Everywhere) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionshttps-everywhere-eff@eff.org.xpi [2020-05-22] [UpdateUrl:hxxps://www.eff.org/files/https-everywhere-updates.json]
FF Extension: (Disable WebRTC) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionsjid1-5Fs7iTLscUaZBgwr@jetpack.xpi [2020-06-02]
FF Extension: (Para o Google Tradutor) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionsjid1-93WyvpgvxzGATw@jetpack.xpi [2020-02-06]
FF Extension: (Decentraleyes) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionsjid1-BoFifL9Vbdl2zQ@jetpack.xpi [2020-04-01]
FF Extension: (DuckDuckGo Privacy Essentials) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionsjid1-ZAdIEUB7XOzOJw@jetpack.xpi [2020-06-03]
FF Extension: (Lazarus: Form Recovery) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionslazarus@interclue.com.xpi [2016-07-12] [Legacy]
FF Extension: (Avast SafePrice | Comparação, ofertas, cupões) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionssp@avast.com.xpi [2020-05-02]
FF Extension: (Google Translator for Firefox) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionstranslator@zoli.bod.xpi [2020-02-05]
FF Extension: (uBlock Origin) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionsuBlock0@raymondhill.net.xpi [2020-05-28]
FF Extension: (uMatrix) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionsuMatrix@raymondhill.net.xpi [2020-01-06]
FF Extension: (Startpage.com: pesquisa privada) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensions20fc2e06-e3e4-4b2b-812b-ab431220cada.xpi [2020-01-07]
FF Extension: (Cookie Quick Manager) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensions60f82f00-9ad5-4de5-b31c-b16a47c51558.xpi [2020-05-15]
FF Extension: (Flash and Video Download) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionsadeadebb-fedc-4180-a7f4-cfdd87496551.xpi [2020-05-24]
FF Extension: (Video DownloadHelper) – C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultExtensionsb9db16a4-6edc-47ec-a1f4-b86292ed211d.xpi [2020-03-31]
FF SearchPlugin: C:UsersXXXXXXZZZAppDataRoamingMozillaFirefoxProfilest5l5e12d.defaultsearchpluginsavg-secure-search.xml [2019-01-28]
FF HKLM-x32…FirefoxExtensions: [firefox@bho.com] – C:Program FilesHewlett-PackardSimplePassFFBHOExt => not found
FF HKLM-x32…FirefoxExtensions: [web2pdfextension@web2pdf.adobedotcom] – C:Program Files (x86)AdobeAcrobat 11.0AcrobatBrowserWCFirefoxExtn
FF Extension: (Adobe Acrobat – Create PDF) – C:Program Files (x86)AdobeAcrobat 11.0AcrobatBrowserWCFirefoxExtn [2016-04-30] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:Windowssystem32MacromedFlashNPSWF64_32_0_0_371.dll [2020-05-13] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:Program FilesJavajre1.8.0_241bindtpluginnpDeployJava1.dll [2020-03-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:Program FilesJavajre1.8.0_241binplugin2npjp2.dll [2020-03-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:Program FilesMicrosoft Silverlight5.1.50907.0npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:PROGRA~1MICROS~1Office14NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:Program Files (x86)Common FilesAdobeOOBEPDAppCCMUtilitiesnpAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:WindowsSysWOW64MacromedFlashNPSWF32_32_0_0_371.dll [2020-05-13] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:windowsSysWOW64AdobeDirectornp32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:Program Files (x86)Common FilesAVG Secure SearchSiteSafetyInstaller40.3.8\npsitesafety.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:Program Files (x86)Foxit PhantomPDFpluginsnpFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:Program Files (x86)Foxit PhantomPDFpluginsnpFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:Program Files (x86)Foxit PhantomPDFpluginsnpFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:Program Files (x86)Foxit PhantomPDFpluginsnpFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:Program Files (x86)IntelIntel® Management Engine ComponentsIPTnpIntelWebAPIIPT.dll [2014-11-10] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:Program Files (x86)IntelIntel® Management Engine ComponentsIPTnpIntelWebAPIUpdater.dll [2014-11-10] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:Program Files (x86)Microsoft Silverlight5.1.50907.0npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:PROGRA~2MICROS~1Office14NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:PROGRA~2MICROS~1Office14NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:Program Files (x86)WildTangent GamesAppBrowserIntegrationRegistered NP_wtapp.dll [2014-11-15] (WildTangent Inc -> )
FF Plugin-x32: Adobe Acrobat -> C:Program Files (x86)AdobeAcrobat 11.0AcrobatAirnppdf32.dll [2015-06-29] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:Program Files (x86)AdobeAcrobat Reader DCReaderAIRnppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:Program Files (x86)Common FilesAdobeOOBEPDAppCCMUtilitiesnpAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: Lizardtech ExpressViewPlugin -> C:Program Files (x86)LizardTechExpressViewnpexview.dll [2014-02-02] (LizardTech) [File not signed]
FF Plugin HKUS-1-5-21-3751382696-3894377064-3631472648-1001: @zoom.us/ZoomVideoPlugin -> C:UsersXXXXXXZZZAppDataRoamingZoombin_00npzoomplugin.dll [2020-05-14] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR Profile: C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefault [2020-06-07]
CHR Notifications: Default -> hxxps://web.skype.com
CHR HomePage: Default -> mysearch.avg.com
CHR StartupUrls: Default -> "hxxp://google.pt/"
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q=searchTerms
CHR DefaultSearchKeyword: Default -> hxxps://mysearch.avg.com
CHR Extension: (Slides) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Seedr) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsabfimpkhacgimamjbiegeoponlepcbob [2018-08-20]
CHR Extension: (Flash Video Downloader) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsaiimdkdngfcipjohbjenkahhlhccpdbc [2019-05-14]
CHR Extension: (Docs) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-18]
CHR Extension: (Adblock Plus – free ad blocker) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionscfhdojbkjhnklbpkdaibdccddilifddb [2020-04-06]
CHR Extension: (AVG Secure Search) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionschfdnecihphmhljaaejmgoiahnihplgn [2020-01-11]
CHR Extension: (Tampermonkey) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsdhdgffkkebhmkfjojejmpbldmpobfkfo [2020-06-07]
CHR Extension: (Email Exporter) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsecnfbegpagpeocjegnecbifjepfcpnhe [2020-06-07]
CHR Extension: (Toolkit For FB) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsfcachklhcihfinmagjnlomehfdhndhep [2019-07-04]
CHR Extension: (Sheets) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Google Docs Offline) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-07]
CHR Extension: (Social Fixer for Facebook) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsifmhoabcaeehkljcfclfiieohkohdgbb [2019-10-08]
CHR Extension: (Email Extractor) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsjdianbbpnakhcmfkcckaboohfgnngfcc [2020-06-07]
CHR Extension: (Unseen for Facebook) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsjiomcgpfgkeefipihnplhadgdoollmap [2019-09-23]
CHR Extension: (Application Launcher for Drive (by Google)) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionslmjegmlicamnimmfhcmpkclmigmmcbeh [2017-04-03]
CHR Extension: (Video DownloadHelper) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionslmjnegcaeklhafolokijcfjliaokphfk [2020-04-01]
CHR Extension: (Lazarus: Form Recovery) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsloljledaigphbcpfhfmgopdkppkifgno [2016-07-12]
CHR Extension: (Buster: Captcha Solver for Humans) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsmpbjkejclgfgadiemmefgebjfooflfhl [2020-06-07]
CHR Extension: (Chrome Web Store Payments) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Social Revealer) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsnmnnjcmpjlbbobehaikglfgpbjclcoeg [2019-01-30]
CHR Extension: (Unfriend Finder) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionsolljnkilmblncgcghhaodkpdcnokhpah [2020-03-29]
CHR Extension: (Social Profile view notification) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionspegkceflonohbcefcbflfpficfkmpeod [2019-10-28]
CHR Extension: (Gmail) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2019-05-14]
CHR Extension: (Chrome Media Router) – C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-07]
CHR Profile: C:UsersXXXXXXZZZAppDataLocalGoogleChromeUser DataSystem Profile [2019-07-26]
CHR HKUS-1-5-21-3751382696-3894377064-3631472648-1001SOFTWAREGoogleChromeExtensions…ChromeExtension: [chfdnecihphmhljaaejmgoiahnihplgn]
CHR HKUS-1-5-21-3751382696-3894377064-3631472648-1001SOFTWAREGoogleChromeExtensions…ChromeExtension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKUS-1-5-21-3751382696-3894377064-3631472648-1001SOFTWAREGoogleChromeExtensions…ChromeExtension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32…ChromeExtension: [efaidnbmnnnibpcajpcglclefindmkaj] – C:Program Files (x86)AdobeAcrobat 11.0AcrobatBrowserWCChromeExtnWCChromeExtn.crx [2015-06-29]
CHR HKLM-x32…ChromeExtension: [eofcbnmajmjmplflapaojjnihcjkigck]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdAppMgrSvc; C:Program Files (x86)AutodeskAutodesk Desktop AppAdAppMgrSvc.exe [1374072 2018-03-10] (Autodesk, Inc. -> Autodesk Inc.)
R2 AVG Antivirus; C:Program Files (x86)AVGAntivirusAVGSvc.exe [349552 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:Program Files (x86)AVGAntivirusaswidsagent.exe [6397888 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 BTDevManager; C:Program Files (x86)REALTEKRealtek BluetoothBTDevMgr.exe [125656 2015-09-18] (Realtek Semiconductor Corp -> )
R2 CleanupPSvc; C:Program Files (x86)AVGAVG TuneUpTuneupSvc.exe [10301176 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 DBJobServer; C:Program Files (x86)DesignBuilderJobServerDBJobServer.exe [672168 2018-03-22] (DesignBuilder Software Ltd -> DesignBuilder Software Ltd.)
R2 DBSimLServer; C:Program Files (x86)DesignBuilderLibDBSimLServer.exe [23464 2018-03-22] (DesignBuilder Software Ltd -> DesignBuilder)
S3 DialComService; C:Program Files (x86)DIAL GmbHDIAL Communication FrameworkDialComService.exe [2184192 2017-05-29] (DIAL GmbH) [File not signed]
S3 Disc Soft Lite Bus Service; C:Program FilesDAEMON Tools LiteDiscSoftBusService.exe [1443520 2016-04-04] (Disc Soft Ltd -> Disc Soft Ltd)
R2 DraftSight API Service; C:Program FilesDassault SystemesDraftSightbindsHttpApiService.exe [121344 2016-11-10] (Dassault Systèmes) [File not signed]
R2 esifsvc; C:WindowsSysWOW64esif_uf.exe [1037568 2015-03-04] (Intel® Software -> Intel Corporation)
R2 GamesAppIntegrationService; C:Program Files (x86)WildTangent GamesAppGamesAppIntegrationService.exe [347200 2015-02-09] (WildTangent Inc -> WildTangent)
R2 HPSupportSolutionsFrameworkService; C:Program Files (x86)Hewlett-PackardHP Support SolutionsHPSupportSolutionsFrameworkService.exe [379224 2020-05-20] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:Program Files (x86)Hewlett-PackardHP System EventHPWMISVC.exe [573704 2014-12-01] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R2 igfxCUIService1.0.0.0; C:Windowssystem32igfxCUIService.exe [344168 2015-04-28] (Intel Corporation – pGFX -> Intel Corporation)
R2 jhi_service; C:Program Files (x86)IntelIntel® Management Engine ComponentsDALjhi_service.exe [158496 2014-11-10] (Intel Corporation – Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 jswpbapi; C:Program Files (x86)Jumpstartjswpbapi.exe [265216 2008-09-26] (Atheros Communications, Inc.) [File not signed]
S3 jswpsapi; C:Program Files (x86)Jumpstartjswpsapi.exe [954368 2008-09-26] (Atheros Communications, Inc.) [File not signed]
R2 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [6933272 2020-03-19] (Malwarebytes Inc -> Malwarebytes)
R2 NvNetworkService; C:Program Files (x86)NVIDIA CorporationNetServiceNvNetworkService.exe [1795912 2015-02-09] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvStreamSvc; C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe [19819848 2015-02-09] (NVIDIA Corporation -> NVIDIA Corporation)
R2 omniserv; C:Program FilesHewlett-PackardSimplePassOmniServ.exe [103424 2015-01-30] (Softex Inc.) [File not signed]
S3 ProtonVPN Service; C:Program Files (x86)Proton TechnologiesProtonVPNProtonVPNService.exe [101096 2020-02-17] (ProtonVPN AG -> )
S3 ProtonVPN Update Service; C:Program Files (x86)Proton TechnologiesProtonVPNProtonVPN.UpdateService.exe [60136 2020-02-17] (ProtonVPN AG -> )
R2 RichVideo64; C:Program FilesCyberLinkShared filesRichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
S3 rpcapd; C:Program Files (x86)WinPcaprpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R2 RtkAudioService; C:Program FilesRealtekAudioHDARtkAudioService64.exe [293080 2015-03-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SecureLine; C:Program FilesAVAST SoftwareSecureLineVpnSvc.exe [6828424 2019-10-23] (AVAST Software s.r.o. -> AVAST Software)
R2 ss_conn_service; C:Program FilesSAMSUNGUSB Drivers25_escapeconnss_conn_service.exe [743688 2014-12-03] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:Program FilesSamsungUSB Drivers28_ssconn2connss_conn_service2.exe [780328 2019-09-24] (DEVGURU Co., Ltd. -> DEVGURU Co., LTD.)
R2 SynTPEnhService; C:Program FilesSynapticsSynTPSynTPEnhService.exe [220840 2015-02-13] (Synaptics Incorporated -> Synaptics Incorporated)
S3 VBoxSDS; C:Program FilesOracleVirtualBoxVBoxSDS.exe [690424 2019-01-25] (Oracle Corporation -> Oracle Corporation)
R2 vToolbarUpdater40.3.8; C:Program Files (x86)Common FilesAVG Secure SearchvToolbarUpdater40.3.8ToolbarUpdater.exe [1371136 2019-01-28] (AVG Netherlands B.V. -> AVG Secure Search)
S3 WdNisSvc; C:Program FilesWindows DefenderNisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:Program FilesWindows DefenderMsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WtuSystemSupport; C:Program Files (x86)AVG Web TuneUpWtuSystemSupport.exe [811520 2019-01-28] (AVG Netherlands B.V. -> )
S2 KMSServerService; C:WindowsKMSServerServiceKMS Server Service.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:Windowssystem32DRIVERSAccelerometer.sys [44680 2015-01-27] (Hewlett-Packard Company -> Hewlett-Packard)
S3 aftap0901; C:Windowssystem32DRIVERSaftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
S3 akshasp; C:Windowssystem32DRIVERSakshasp.sys [90240 2006-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Aladdin Knowledge Systems Ltd.)
S3 aksusb; C:WindowsSystem32driversaksusb.sys [18688 2006-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Aladdin Knowledge Systems Ltd.)
R0 avgArDisk; C:WindowsSystem32driversavgArDisk.sys [37208 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:WindowsSystem32driversavgArPot.sys [205952 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:WindowsSystem32driversavgbidsdriver.sys [234632 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:WindowsSystem32driversavgbidsh.sys [178832 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:WindowsSystem32driversavgbuniv.sys [61072 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:WindowsSystem32driversavgKbd.sys [42856 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:WindowsSystem32driversavgMonFlt.sys [175776 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:WindowsSystem32driversavgRdr2.sys [109336 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:WindowsSystem32driversavgRvrt.sys [84928 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:WindowsSystem32driversavgSnx.sys [851664 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:WindowsSystem32driversavgSP.sys [461064 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:WindowsSystem32driversavgStm.sys [235552 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:WindowsSystem32driversavgVmm.sys [319184 2020-05-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 BlueStacksDrv; C:Program FilesBlueStacksBstkDrv.sys [313112 2019-03-14] (Bluestack Systems, Inc. -> Bluestack System Inc.)
S3 dg_ssudbus; C:Windowssystem32DRIVERSssudbus.sys [136040 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:WindowsSystem32driversdtlitescsibus.sys [30264 2016-04-28] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:WindowsSystem32driversdtliteusbbus.sys [47672 2016-04-28] (Disc Soft Ltd -> Disc Soft Ltd)
S2 Hardlock; C:Windowssystem32drivershardlock.sys [314368 2006-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Aladdin Knowledge Systems Ltd.)
R0 hpdskflt; C:WindowsSystem32DRIVERShpdskflt.sys [31880 2015-01-27] (Hewlett-Packard Company -> Hewlett-Packard)
R0 IntelHSWPcc; C:WindowsSystem32driversIntelPcc.sys [79528 2014-12-22] (Intel® Software -> Intel Corporation)
R1 JSWPSLWF; C:Windowssystem32DRIVERSjswpslwfx.sys [26624 2008-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 kmloop; C:Windowssystem32DRIVERSloop.sys [15360 2013-08-22] (Microsoft Windows -> Microsoft Corporation)
S3 libusbK; C:WindowsSystem32driverslibusbK.sys [47200 2016-08-02] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R2 MBAMChameleon; C:WindowsSystem32DriversMbamChameleon.sys [214496 2020-05-22] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:WindowsSystem32Driversmbamswissarmy.sys [248968 2020-06-02] (Malwarebytes Inc -> Malwarebytes)
S3 MEIx64; C:Windowssystem32DRIVERSTeeDriverx64.sys [129312 2014-11-10] (Intel Corporation – Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R1 npcap; C:Windowssystem32DRIVERSnpcap.sys [70968 2019-07-30] (Insecure.Com LLC -> Insecure.Com LLC.)
S4 npcap_wifi; C:Windowssystem32DRIVERSnpcap.sys [70968 2019-07-30] (Insecure.Com LLC -> Insecure.Com LLC.)
R2 NPF; C:WindowsSystem32driversnpf.sys [35344 2010-06-25] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R3 NvStreamKms; C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamKms.sys [19784 2015-02-09] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:Windowssystem32driversnvvad64v.sys [38216 2015-02-09] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OXSDIDRV_x64; C:Windowssystem32DRIVERSOXSDIDRV_x64.sys [52384 2011-08-23] (PLX Technology, Inc. -> )
S3 OXUDIDRV; C:Windowssystem32DriversOXUDIDRV_X64.sys [31280 2010-05-25] (Oxford Semiconductor Ltd -> )
U5 PROCMON24; C:WindowsSystem32DriversPROCMON24.sys [90168 2020-06-02] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals – www.sysinternals.com)
U5 RTSUER; C:WindowsSystem32DriversRTSUER.sys [377048 2015-03-03] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 ScpVBus; C:WindowsSystem32driversScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 SmbDrv; C:WindowsSystem32driversSmb_driver_AMDASF.sys [33448 2015-02-13] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:Windowssystem32DRIVERSSmb_driver_Intel.sys [33448 2015-02-13] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:Windowssystem32DRIVERSssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tapprotonvpn; C:Windowssystem32DRIVERStapprotonvpn.sys [35768 2020-01-15] (ProtonVPN AG -> The OpenVPN Project)
S3 TIEHDUSB; C:WindowsSystem32driverstiehdusb.sys [128512 2012-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Texas Instruments)
R3 USBPcap; C:Windowssystem32DRIVERSUSBPcap.sys [40888 2017-08-20] (Tomasz Moń -> USBPcap)
R3 VBoxNetAdp; C:Windowssystem32DRIVERSVBoxNetAdp6.sys [235832 2019-01-28] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:Windowssystem32DRIVERSVBoxNetLwf.sys [247216 2019-01-28] (Oracle Corporation -> Oracle Corporation)
S3 vjoy; C:WindowsSystem32driversvjoy.sys [56440 2016-02-03] (Shaul Eizikovich -> Shaul Eizikovich)
R0 vsock; C:WindowsSystem32DRIVERSvsock.sys [92040 2018-06-22] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:Windowssystem32driversWdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:Windowssystem32driversWdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:WindowsSystem32DriversWdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver; C:WindowsSystem32driversWirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
U3 aswbdisk; no ImagePath
S3 cpuz140; ??C:UsersXXXXXXZZZ~1AppDataLocalTempcpuz140cpuz140_x64.sys [X] <==== ATTENTION
S3 esihdrv; ??C:UsersXXXXXXZZZ~1AppDataLocalTempesihdrv.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-09 11:52 – 2020-06-09 11:54 – 000063509 _____ C:UsersXXXXXXZZZDownloadsFRST.txt
2020-06-09 11:51 – 2020-06-09 11:51 – 002289152 _____ (Farbar) C:UsersXXXXXXZZZDownloadsFRST64.exe
2020-06-07 23:48 – 2020-06-08 01:26 – 000000000 ____D C:UsersXXXXXXZZZDownloadsMobile ETH
2020-06-07 16:57 – 2020-06-07 16:57 – 000226879 _____ C:UsersXXXXXXZZZDownloadsNessahan Alita – Reflexões Masculinas (Ed. 2008).pdf
2020-06-07 16:56 – 2020-06-07 16:56 – 000393633 _____ C:UsersXXXXXXZZZDownloadsNessahan Alita – A Guerra da Paixão (Ed. 2005).pdf
2020-06-07 16:56 – 2020-06-07 16:56 – 000321820 _____ C:UsersXXXXXXZZZDownloadsNessahan Alita – O Profano Feminino (Ed. 2008).pdf
2020-06-07 16:55 – 2020-06-07 16:55 – 001413718 _____ C:UsersXXXXXXZZZDownloadsNessahan Alita – Como lidar com mulheres (Ed. 2008).pdf
2020-06-05 14:57 – 2020-06-05 14:57 – 000000000 ____D C:Windowssystem32TasksMozilla
2020-06-05 10:16 – 2020-06-05 10:17 – 169944728 _____ (Oracle Corporation) C:UsersXXXXXXZZZDownloadsjdk-14.0.1_windows-x64_bin.exe
2020-06-05 10:12 – 2020-06-09 09:09 – 000000000 ____D C:Program Files (x86)Mozilla Firefox
2020-06-02 20:38 – 2020-06-02 20:38 – 000001505 _____ C:UsersXXXXXXZZZDesktopNetworkMiner.exe – Atalho.lnk
2020-06-02 20:28 – 2020-06-02 20:28 – 000090168 ____H (Sysinternals – www.sysinternals.com) C:Windowssystem32DriversPROCMON24.SYS
2020-06-02 20:18 – 2020-06-02 20:18 – 000000000 ____D C:UsersXXXXXXZZZDownloadspowershell mtsploit 2
2020-06-02 17:17 – 2020-06-02 17:17 – 000001208 _____ C:UsersXXXXXXZZZDesktopLegislação – Atalho.lnk
2020-06-02 14:34 – 2020-06-02 14:34 – 000248968 _____ (Malwarebytes) C:Windowssystem32Driversmbamswissarmy.sys
2020-06-02 11:16 – 2020-06-02 11:16 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalOsram_Lamp
2020-06-02 10:08 – 2020-06-02 10:09 – 004189296 _____ C:UsersXXXXXXZZZDownloadsultrasurf.exe
2020-06-01 21:21 – 2020-06-01 21:21 – 000002019 _____ C:UsersPublicDesktopPhilips_Cat.lnk
2020-06-01 21:21 – 2020-06-01 21:21 – 000002019 _____ C:ProgramDataDesktopPhilips_Cat.lnk
2020-06-01 21:21 – 2020-06-01 21:21 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsPhilips Lighting
2020-06-01 21:19 – 2020-06-01 21:21 – 000000000 ____D C:Program Files (x86)Philips Lighting
2020-06-01 18:23 – 2020-06-01 18:23 – 000002048 _____ C:UsersPublicDesktopOSRAM Lamp PlugIn.lnk
2020-06-01 18:23 – 2020-06-01 18:23 – 000002048 _____ C:ProgramDataDesktopOSRAM Lamp PlugIn.lnk
2020-06-01 18:23 – 2020-06-01 18:23 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsDIALux PlugIns
2020-06-01 18:22 – 2020-06-01 18:23 – 000000000 ____D C:ProgramDataDIALux
2020-06-01 18:22 – 2020-06-01 18:22 – 000000000 ____D C:ProgramDataDIALux PlugIns
2020-06-01 18:17 – 2020-06-01 21:00 – 000000000 ____D C:UsersXXXXXXZZZDownloadsPHILIPS
2020-06-01 18:17 – 2020-06-01 18:18 – 000000000 ____D C:UsersXXXXXXZZZDownloadsOSRAM
2020-06-01 18:15 – 2020-06-01 18:15 – 001751775 _____ C:UsersXXXXXXZZZDownloads20190926-philips-truefashion-2-compact-st715t.zip
2020-06-01 15:27 – 2020-06-01 15:27 – 000000000 ____D C:UsersXXXXXXZZZDocumentsDIAL GmbH
2020-06-01 15:27 – 2020-06-01 15:27 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalStimulsoft
2020-06-01 15:27 – 2020-06-01 15:27 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalDIAL GmbH
2020-06-01 12:15 – 2020-06-01 12:16 – 000038155 _____ C:DIALux Setup Information.txt
2020-06-01 12:15 – 2020-06-01 12:15 – 000005721 _____ C:DIAL Communication Framework Setup Log.txt
2020-06-01 12:15 – 2020-06-01 12:15 – 000001783 _____ C:UsersPublicDesktopDIALux evo.lnk
2020-06-01 12:15 – 2020-06-01 12:15 – 000001783 _____ C:ProgramDataDesktopDIALux evo.lnk
2020-06-01 12:15 – 2020-06-01 12:15 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalSafeNet Sentinel
2020-06-01 12:15 – 2020-06-01 12:15 – 000000000 ____D C:ProgramDataSafeNet Sentinel
2020-06-01 12:15 – 2020-06-01 12:15 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsDIALux evo
2020-06-01 12:15 – 2020-06-01 12:15 – 000000000 ____D C:Program Files (x86)DIAL GmbH
2020-06-01 12:13 – 2020-06-01 12:20 – 000656059 _____ C:WindowsDIALux Setup Log.txt
2020-06-01 12:13 – 2020-06-01 12:14 – 000000000 ____D C:ProgramDataDIAL GmbH
2020-06-01 12:13 – 2020-06-01 12:13 – 000000000 ____D C:Program FilesDIAL GmbH
2020-06-01 12:02 – 2020-06-01 12:04 – 486796896 _____ (DIAL GmbH) C:UsersXXXXXXZZZDownloadsDIALux_evo_9.0.exe
2020-05-28 14:18 – 2020-05-28 14:18 – 000090112 _____ C:UsersXXXXXXZZZDownloadsamipinkc2.exe
2020-05-28 13:07 – 2020-05-28 13:07 – 000002391 _____ C:UsersXXXXXXZZZAppDataLocalrecently-used.xbel
2020-05-28 12:56 – 2020-05-28 12:56 – 011226820 _____ C:UsersXXXXXXZZZDownloadsvulscan-master.zip
2020-05-27 15:28 – 2020-05-27 15:28 – 000030719 _____ C:UsersXXXXXXZZZDownloadsc2 metasploit powershel.zip
2020-05-24 14:46 – 2020-05-24 14:46 – 001227102 _____ C:UsersXXXXXXZZZDownloadsSGA10.zip
2020-05-23 00:22 – 2020-05-23 00:22 – 000000018 _____ C:UsersXXXXXXZZZDesktopSerpentine Similar.txt
2020-05-22 20:08 – 2020-05-22 20:09 – 000325072 _____ C:WindowsMinidump 52220-169750-01.dmp
2020-05-22 16:03 – 2020-05-22 16:03 – 000214496 _____ (Malwarebytes) C:Windowssystem32DriversMbamChameleon.sys
2020-05-21 22:30 – 2020-05-21 22:30 – 000000083 _____ C:UsersXXXXXXZZZDesktopnmap.txt
2020-05-21 10:47 – 2020-05-28 13:07 – 000000000 ____D C:UsersXXXXXXZZZ.zenmap
2020-05-21 10:47 – 2020-05-21 10:47 – 000000986 _____ C:UsersXXXXXXZZZDesktopNmap – Zenmap GUI.lnk
2020-05-21 10:47 – 2020-05-21 10:47 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingMicrosoftWindowsStart MenuProgramsNmap
2020-05-21 10:45 – 2020-05-24 17:36 – 000003112 _____ C:Windowssystem32Tasksnpcapwatchdog
2020-05-21 10:43 – 2020-05-21 10:43 – 000000000 ____D C:WindowsSysWOW64Npcap
2020-05-21 10:43 – 2020-05-21 10:43 – 000000000 ____D C:Windowssystem32Npcap
2020-05-21 10:42 – 2020-05-28 13:00 – 000000000 ____D C:Program Files (x86)Nmap
2020-05-21 00:50 – 2020-05-21 10:13 – 000000000 ____D C:UsersXXXXXXZZZDownloadsSGA10
2020-05-19 10:20 – 2020-05-19 10:20 – 000002203 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Earth Pro.lnk
2020-05-19 10:20 – 2020-05-19 10:20 – 000002191 _____ C:UsersPublicDesktopGoogle Earth Pro.lnk
2020-05-19 10:20 – 2020-05-19 10:20 – 000002191 _____ C:ProgramDataDesktopGoogle Earth Pro.lnk
2020-05-17 13:58 – 2020-05-17 13:59 – 000000000 ____D C:UsersXXXXXXZZZDownloadsFotos Belém
2020-05-16 22:15 – 2020-05-16 22:24 – 000002368 _____ C:UsersXXXXXXZZZDesktopRkill.txt
2020-05-16 22:14 – 2020-05-16 22:14 – 001802704 _____ (Bleeping Computer, LLC) C:UsersXXXXXXZZZDownloadsrkill.exe
2020-05-16 21:34 – 2020-05-16 21:34 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalclink
2020-05-16 20:34 – 2020-05-16 20:40 – 000000000 ____D C:Appie
2020-05-15 23:38 – 2020-05-15 23:38 – 000000193 _____ C:UsersXXXXXXZZZDesktopbiblio.txt
2020-05-14 11:27 – 2020-05-14 11:27 – 000000000 ____D C:UsersXXXXXXZZZDocumentsZoom
2020-05-14 11:20 – 2020-05-14 11:20 – 000001947 _____ C:UsersXXXXXXZZZDesktopZoom.lnk
2020-05-14 11:19 – 2020-05-14 11:19 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingMicrosoftWindowsStart MenuProgramsZoom
2020-05-14 10:28 – 2020-04-30 04:49 – 000308736 _____ (Microsoft Corporation) C:Windowssystem32usbmon.dll
2020-05-14 10:28 – 2020-04-30 04:22 – 000881664 _____ (Microsoft Corporation) C:Windowssystem32printfilterpipelinesvc.exe
2020-05-14 10:28 – 2020-04-30 03:55 – 001756672 _____ (Microsoft Corporation) C:Windowssystem32GdiPlus.dll
2020-05-14 10:28 – 2020-04-30 03:43 – 001495040 _____ (Microsoft Corporation) C:WindowsSysWOW64GdiPlus.dll
2020-05-14 10:28 – 2020-04-30 03:40 – 000309760 _____ (Microsoft Corporation) C:Windowssystem32WSDMon.dll
2020-05-14 10:28 – 2020-04-30 03:37 – 000216576 _____ (Microsoft Corporation) C:Windowssystem32tcpmon.dll
2020-05-14 10:28 – 2020-04-30 03:33 – 001096704 _____ (Microsoft Corporation) C:Windowssystem32localspl.dll
2020-05-14 10:28 – 2020-04-16 07:04 – 022365896 _____ (Microsoft Corporation) C:Windowssystem32shell32.dll
2020-05-14 10:28 – 2020-04-16 07:04 – 003118032 _____ (Microsoft Corporation) C:Windowssystem32WpcMon.exe
2020-05-14 10:28 – 2020-04-16 07:04 – 001368592 _____ (Microsoft Corporation) C:Windowssystem32gdi32.dll
2020-05-14 10:28 – 2020-04-16 07:04 – 000722496 _____ (Microsoft Corporation) C:Windowssystem32SHCore.dll
2020-05-14 10:28 – 2020-04-16 07:04 – 000642488 _____ (Microsoft Corporation) C:Windowssystem32twinapi.appcore.dll
2020-05-14 10:28 – 2020-04-16 07:00 – 000374024 _____ (Adobe Systems Incorporated) C:Windowssystem32atmfd.dll
2020-05-14 10:28 – 2020-04-16 06:15 – 025755136 _____ (Microsoft Corporation) C:Windowssystem32mshtml.dll
2020-05-14 10:28 – 2020-04-16 05:30 – 019795840 _____ (Microsoft Corporation) C:WindowsSysWOW64shell32.dll
2020-05-14 10:28 – 2020-04-16 05:29 – 000561400 _____ (Microsoft Corporation) C:WindowsSysWOW64SHCore.dll
2020-05-14 10:28 – 2020-04-16 05:29 – 000493736 _____ (Microsoft Corporation) C:WindowsSysWOW64twinapi.appcore.dll
2020-05-14 10:28 – 2020-04-16 05:25 – 000316368 _____ (Adobe Systems Incorporated) C:WindowsSysWOW64atmfd.dll
2020-05-14 10:28 – 2020-04-16 04:40 – 002911744 _____ (Microsoft Corporation) C:Windowssystem32iertutil.dll
2020-05-14 10:28 – 2020-04-16 04:38 – 000581120 _____ (Microsoft Corporation) C:Windowssystem32vbscript.dll
2020-05-14 10:28 – 2020-04-16 04:31 – 020291072 _____ (Microsoft Corporation) C:WindowsSysWOW64mshtml.dll
2020-05-14 10:28 – 2020-04-16 04:31 – 000113152 _____ (Microsoft Corporation) C:Windowssystem32Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-05-14 10:28 – 2020-04-16 04:28 – 000186880 _____ (Microsoft Corporation) C:Windowssystem32easwrt.dll
2020-05-14 10:28 – 2020-04-16 04:27 – 005498880 _____ (Microsoft Corporation) C:Windowssystem32jscript9.dll
2020-05-14 10:28 – 2020-04-16 04:27 – 000785408 _____ (Microsoft Corporation) C:Windowssystem32jscript.dll
2020-05-14 10:28 – 2020-04-16 04:25 – 000546816 _____ (Microsoft Corporation) C:Windowssystem32Windows.Devices.PointOfService.dll
2020-05-14 10:28 – 2020-04-16 04:14 – 000497664 _____ (Microsoft Corporation) C:WindowsSysWOW64vbscript.dll
2020-05-14 10:28 – 2020-04-16 04:11 – 002304000 _____ (Microsoft Corporation) C:WindowsSysWOW64iertutil.dll
2020-05-14 10:28 – 2020-04-16 04:07 – 000084992 _____ (Microsoft Corporation) C:WindowsSysWOW64Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-05-14 10:28 – 2020-04-16 04:06 – 000463872 _____ (Microsoft Corporation) C:Windowssystem32Windows.Devices.Usb.dll
2020-05-14 10:28 – 2020-04-16 04:05 – 000147968 _____ (Microsoft Corporation) C:WindowsSysWOW64easwrt.dll
2020-05-14 10:28 – 2020-04-16 04:04 – 000654336 _____ (Microsoft Corporation) C:WindowsSysWOW64jscript.dll
2020-05-14 10:28 – 2020-04-16 04:03 – 000365568 _____ (Microsoft Corporation) C:WindowsSysWOW64Windows.Devices.PointOfService.dll
2020-05-14 10:28 – 2020-04-16 03:59 – 001994240 _____ (Microsoft Corporation) C:Windowssystem32DWrite.dll
2020-05-14 10:28 – 2020-04-16 03:59 – 001033216 _____ (Microsoft Corporation) C:Windowssystem32inetcomm.dll
2020-05-14 10:28 – 2020-04-16 03:54 – 015478272 _____ (Microsoft Corporation) C:Windowssystem32ieframe.dll
2020-05-14 10:28 – 2020-04-16 03:53 – 003258368 _____ (Microsoft Corporation) C:Windowssystem32Wpc.dll
2020-05-14 10:28 – 2020-04-16 03:53 – 000262144 _____ (Microsoft Corporation) C:Windowssystem32webcheck.dll
2020-05-14 10:28 – 2020-04-16 03:51 – 000809472 _____ (Microsoft Corporation) C:Windowssystem32msfeeds.dll
2020-05-14 10:28 – 2020-04-16 03:50 – 001384960 _____ (Microsoft Corporation) C:Windowssystem32FntCache.dll
2020-05-14 10:28 – 2020-04-16 03:49 – 002942464 _____ (Microsoft Corporation) C:Windowssystem32WpcWebSync.dll
2020-05-14 10:28 – 2020-04-16 03:49 – 002132992 _____ (Microsoft Corporation) C:Windowssystem32inetcpl.cpl
2020-05-14 10:28 – 2020-04-16 03:48 – 000310784 _____ (Microsoft Corporation) C:WindowsSysWOW64Windows.Devices.Usb.dll
2020-05-14 10:28 – 2020-04-16 03:43 – 000880640 _____ (Microsoft Corporation) C:WindowsSysWOW64inetcomm.dll
2020-05-14 10:28 – 2020-04-16 03:41 – 004112384 _____ (Microsoft Corporation) C:WindowsSysWOW64jscript9.dll
2020-05-14 10:28 – 2020-04-16 03:41 – 002471424 _____ (Microsoft Corporation) C:WindowsSysWOW64Wpc.dll
2020-05-14 10:28 – 2020-04-16 03:40 – 001085440 _____ (Microsoft Corporation) C:WindowsSysWOW64gdi32.dll
2020-05-14 10:28 – 2020-04-16 03:39 – 001560064 _____ (Microsoft Corporation) C:WindowsSysWOW64DWrite.dll
2020-05-14 10:28 – 2020-04-16 03:39 – 000696320 _____ (Microsoft Corporation) C:WindowsSysWOW64msfeeds.dll
2020-05-14 10:28 – 2020-04-16 03:38 – 002058752 _____ (Microsoft Corporation) C:WindowsSysWOW64inetcpl.cpl
2020-05-14 10:28 – 2020-04-16 03:38 – 000333312 _____ (Microsoft Corporation) C:WindowsSysWOW64iedkcs32.dll
2020-05-14 10:28 – 2020-04-16 03:37 – 004859392 _____ (Microsoft Corporation) C:Windowssystem32wininet.dll
2020-05-14 10:28 – 2020-04-16 03:35 – 013861376 _____ (Microsoft Corporation) C:WindowsSysWOW64ieframe.dll
2020-05-14 10:28 – 2020-04-16 03:35 – 000254976 _____ (Microsoft Corporation) C:Windowssystem32Windows.Devices.HumanInterfaceDevice.dll
2020-05-14 10:28 – 2020-04-16 03:32 – 000689152 _____ (Microsoft Corporation) C:Windowssystem32Windows.Devices.Bluetooth.dll
2020-05-14 10:28 – 2020-04-16 03:30 – 014533632 _____ (Microsoft Corporation) C:Windowssystem32twinui.dll
2020-05-14 10:28 – 2020-04-16 03:28 – 000902656 _____ (Microsoft Corporation) C:Windowssystem32Windows.Devices.SmartCards.dll
2020-05-14 10:28 – 2020-04-16 03:27 – 000173056 _____ (Microsoft Corporation) C:WindowsSysWOW64Windows.Devices.HumanInterfaceDevice.dll
2020-05-14 10:28 – 2020-04-16 03:26 – 012880384 _____ (Microsoft Corporation) C:WindowsSysWOW64twinui.dll
2020-05-14 10:28 – 2020-04-16 03:26 – 001566720 _____ (Microsoft Corporation) C:Windowssystem32urlmon.dll
2020-05-14 10:28 – 2020-04-16 03:26 – 000466432 _____ (Microsoft Corporation) C:WindowsSysWOW64Windows.Devices.Bluetooth.dll
2020-05-14 10:28 – 2020-04-16 03:24 – 007799296 _____ (Microsoft Corporation) C:Windowssystem32Windows.Data.Pdf.dll
2020-05-14 10:28 – 2020-04-16 03:23 – 000626688 _____ (Microsoft Corporation) C:WindowsSysWOW64Windows.Devices.SmartCards.dll
2020-05-14 10:28 – 2020-04-16 03:22 – 000068096 _____ (Microsoft Corporation) C:Windowssystem32ConfigureExpandedStorage.dll
2020-05-14 10:28 – 2020-04-16 03:20 – 004387328 _____ (Microsoft Corporation) C:WindowsSysWOW64wininet.dll
2020-05-14 10:28 – 2020-04-16 03:20 – 000052736 _____ (Microsoft Corporation) C:WindowsSysWOW64ConfigureExpandedStorage.dll
2020-05-14 10:28 – 2020-04-16 03:19 – 001265152 _____ (Microsoft Corporation) C:Windowssystem32schedsvc.dll
2020-05-14 10:28 – 2020-04-16 03:18 – 005271552 _____ (Microsoft Corporation) C:WindowsSysWOW64Windows.Data.Pdf.dll
2020-05-14 10:28 – 2020-04-16 03:16 – 001341952 _____ (Microsoft Corporation) C:WindowsSysWOW64urlmon.dll
2020-05-14 10:28 – 2020-04-16 03:15 – 000800768 _____ (Microsoft Corporation) C:Windowssystem32ieapfltr.dll
2020-05-14 10:28 – 2020-04-16 03:15 – 000710144 _____ (Microsoft Corporation) C:WindowsSysWOW64ieapfltr.dll
2020-05-14 10:28 – 2020-04-16 03:14 – 001727488 _____ (Microsoft Corporation) C:Windowssystem32Windows.UI.Immersive.dll
2020-05-14 10:28 – 2020-04-16 03:11 – 001546752 _____ (Microsoft Corporation) C:WindowsSysWOW64Windows.UI.Immersive.dll
2020-05-14 10:28 – 2020-04-16 03:11 – 000140288 _____ (Microsoft Corporation) C:Windowssystem32efswrt.dll
2020-05-14 10:28 – 2020-04-16 03:11 – 000104448 _____ (Microsoft Corporation) C:WindowsSysWOW64efswrt.dll
2020-05-14 10:28 – 2020-04-16 03:07 – 000156160 _____ (Microsoft Corporation) C:WindowsSysWOW64PlayToManager.dll
2020-05-14 10:28 – 2020-04-16 03:05 – 000229888 _____ (Microsoft Corporation) C:Windowssystem32PlayToManager.dll
2020-05-14 10:28 – 2020-04-14 08:33 – 000205824 _____ (Microsoft Corporation) C:Windowssystem32scrrun.dll
2020-05-14 10:28 – 2020-04-14 08:03 – 000168448 _____ (Microsoft Corporation) C:WindowsSysWOW64scrrun.dll
2020-05-14 10:28 – 2020-04-11 19:42 – 007362296 _____ (Microsoft Corporation) C:Windowssystem32ntoskrnl.exe
2020-05-14 10:28 – 2020-04-11 19:41 – 000376568 _____ (Microsoft Corporation) C:Windowssystem32Driversclfs.sys
2020-05-14 10:28 – 2020-04-11 19:39 – 001542696 _____ (Microsoft Corporation) C:Windowssystem32user32.dll
2020-05-14 10:28 – 2020-04-11 19:29 – 001737720 _____ (Microsoft Corporation) C:Windowssystem32ntdll.dll
2020-05-14 10:28 – 2020-04-11 18:31 – 001501096 _____ (Microsoft Corporation) C:WindowsSysWOW64ntdll.dll
2020-05-14 10:28 – 2020-04-11 18:04 – 004168704 _____ (Microsoft Corporation) C:Windowssystem32win32k.sys
2020-05-14 10:28 – 2020-04-11 16:55 – 000194560 _____ (Microsoft Corporation) C:Windowssystem32winsrv.dll
2020-05-14 10:28 – 2020-04-11 16:53 – 000112128 _____ (Microsoft Corporation) C:Windowssystem32vaultcli.dll
2020-05-14 10:28 – 2020-04-11 16:48 – 001377792 _____ (Microsoft Corporation) C:WindowsSysWOW64user32.dll
2020-05-14 10:28 – 2020-04-11 16:47 – 000260608 _____ (Microsoft Corporation) C:Windowssystem32vaultsvc.dll
2020-05-14 10:28 – 2020-04-11 16:23 – 001317888 _____ (Microsoft Corporation) C:Windowssystem32Windows.Media.Streaming.dll
2020-05-14 10:28 – 2020-04-11 16:22 – 001103872 _____ (Microsoft Corporation) C:WindowsSysWOW64Windows.Media.Streaming.dll
2020-05-14 10:28 – 2020-04-11 01:12 – 002446576 _____ (Microsoft Corporation) C:Windowssystem32Driverstcpip.sys
2020-05-14 10:28 – 2020-04-11 01:12 – 000428784 _____ (Microsoft Corporation) C:Windowssystem32DriversFWPKCLNT.SYS
2020-05-14 10:28 – 2020-04-09 14:36 – 001311744 _____ (Microsoft Corporation) C:WindowsSysWOW64msjet40.dll
2020-05-14 10:28 – 2020-04-07 20:30 – 000988472 _____ (Microsoft Corporation) C:Windowssystem32mfsrcsnk.dll
2020-05-14 10:28 – 2020-04-07 20:28 – 000857320 _____ (Microsoft Corporation) C:WindowsSysWOW64mfsrcsnk.dll
2020-05-14 10:28 – 2020-04-07 14:55 – 003330048 _____ (Microsoft Corporation) C:Windowssystem32msi.dll
2020-05-14 10:28 – 2020-04-07 14:51 – 003636224 _____ (Microsoft Corporation) C:WindowsSysWOW64msi.dll
2020-05-14 10:28 – 2020-04-04 17:06 – 000879616 _____ (Microsoft Corporation) C:Windowssystem32rasdlg.dll
2020-05-14 10:28 – 2020-04-04 17:01 – 001572864 _____ (Microsoft Corporation) C:Windowssystem32wbengine.exe
2020-05-14 10:28 – 2020-04-04 16:50 – 000795136 _____ (Microsoft Corporation) C:WindowsSysWOW64rasdlg.dll
2020-05-14 10:13 – 2020-05-13 09:42 – 000338104 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32avgBoot.exe
2020-05-13 16:42 – 2020-05-13 16:43 – 140053773 _____ C:UsersXXXXXXZZZDownloadsHAPv5.11.zip
2020-05-13 09:43 – 2020-05-13 09:42 – 000235552 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgStm.sys
2020-05-13 09:43 – 2020-05-13 09:42 – 000175776 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgMonFlt.sys
2020-05-11 16:42 – 2020-06-08 02:05 – 000000000 ____D C:Windowssystem32TasksAVAST Software
2020-05-10 21:06 – 2020-05-10 21:06 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingQtProject
2020-05-10 21:04 – 2020-05-10 21:04 – 000001201 _____ C:UsersPublicDesktopMiniTool Power Data Recovery 8.8.lnk
2020-05-10 21:04 – 2020-05-10 21:04 – 000001201 _____ C:ProgramDataDesktopMiniTool Power Data Recovery 8.8.lnk
2020-05-10 21:04 – 2020-05-10 21:04 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMiniTool Power Data Recovery
2020-05-10 20:58 – 2020-05-10 22:38 – 000000000 ____D C:Program Files (x86)MiniTool PowerDataRecovery
2020-05-10 20:51 – 2020-05-10 20:51 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingMicrosoftWindowsStart MenuProgramsDiskInternals
2020-05-10 20:51 – 2020-05-10 20:51 – 000000000 ____D C:Program Files (x86)DiskInternals
2020-05-10 20:32 – 2020-05-10 20:32 – 000001677 _____ C:UsersPublicDesktopRecuva.lnk
2020-05-10 20:32 – 2020-05-10 20:32 – 000001677 _____ C:ProgramDataDesktopRecuva.lnk
2020-05-10 20:32 – 2020-05-10 20:32 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRecuva
2020-05-10 20:32 – 2020-05-10 20:32 – 000000000 ____D C:Program FilesRecuva
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-09 11:59 – 2018-07-01 02:15 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalLowMozilla
2020-06-09 11:53 – 2020-04-22 15:26 – 000000000 ____D C:FRST
2020-06-09 11:52 – 2019-09-18 14:54 – 000000594 _____ C:WindowsTasksG2MUpdateTask-S-1-5-21-3751382696-3894377064-3631472648-1001.job
2020-06-09 11:39 – 2020-04-22 15:39 – 000000000 ____D C:UsersXXXXXXZZZDocumentsSMsec
2020-06-09 11:31 – 2020-04-24 12:21 – 000000000 ___RD C:UsersXXXXXXZZZDocumentsMEGAsync uploads
2020-06-09 11:22 – 2019-09-18 14:54 – 000000690 _____ C:WindowsTasksG2MUploadTask-S-1-5-21-3751382696-3894377064-3631472648-1001.job
2020-06-09 11:16 – 2015-05-05 05:06 – 000818068 _____ C:Windowssystem32prfh0816.dat
2020-06-09 11:16 – 2015-05-05 05:06 – 000175394 _____ C:Windowssystem32prfc0816.dat
2020-06-09 11:16 – 2014-11-21 05:42 – 001956190 _____ C:Windowssystem32PerfStringBackup.INI
2020-06-09 11:16 – 2013-08-22 14:36 – 000000000 ____D C:WindowsInf
2020-06-09 10:45 – 2020-05-02 10:45 – 000000374 _____ C:WindowsTasksHPCeeScheduleForXXXXXXZZZ.job
2020-06-09 09:34 – 2016-03-18 21:20 – 000000000 ____D C:UsersXXXXXXZZZDocumentsYoucam
2020-06-09 09:33 – 2018-07-27 23:43 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalCrashDumps
2020-06-09 09:28 – 2019-09-18 14:54 – 000003700 _____ C:Windowssystem32TasksG2MUploadTask-S-1-5-21-3751382696-3894377064-3631472648-1001
2020-06-09 09:28 – 2019-09-18 14:54 – 000003604 _____ C:Windowssystem32TasksG2MUpdateTask-S-1-5-21-3751382696-3894377064-3631472648-1001
2020-06-09 09:28 – 2019-09-18 14:54 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalGoToMeeting
2020-06-09 09:24 – 2020-03-19 19:44 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalAVAST Software
2020-06-09 09:21 – 2020-03-16 11:06 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingSpotify
2020-06-09 09:21 – 2016-04-23 21:50 – 000000000 ____D C:ProgramDataAvg
2020-06-09 09:17 – 2016-03-18 21:20 – 000000000 __RDO C:UsersXXXXXXZZZOneDrive
2020-06-09 09:17 – 2016-03-18 21:14 – 000000000 __SHD C:UsersXXXXXXZZZIntelGraphicsProfiles
2020-06-09 09:10 – 2019-04-05 12:40 – 000000000 ____D C:ProgramDataVMware
2020-06-09 09:10 – 2017-11-30 18:27 – 000000434 _____ C:WindowsTasksDriver Easy Scheduled Scan.job
2020-06-09 09:10 – 2013-08-22 15:45 – 000000006 ____H C:WindowsTasksSA.DAT
2020-06-09 09:10 – 2013-08-22 15:44 – 001175584 _____ C:Windowssystem32FNTCACHE.DAT
2020-06-09 09:09 – 2016-05-02 18:14 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service
2020-06-08 02:12 – 2013-08-22 14:25 – 000524288 ___SH C:Windowssystem32configBBI
2020-06-08 02:05 – 2020-05-02 10:45 – 000003202 _____ C:Windowssystem32TasksHPCeeScheduleForXXXXXXZZZ
2020-06-08 02:05 – 2019-06-24 09:55 – 000004188 _____ C:Windowssystem32TasksAvast SecureLine VPN Update
2020-06-08 02:05 – 2019-03-27 15:39 – 000003874 _____ C:Windowssystem32TasksBlueStacksHelper
2020-06-08 02:05 – 2019-03-14 12:51 – 000004128 _____ C:Windowssystem32TasksCCleaner Update
2020-06-08 02:05 – 2019-03-14 12:51 – 000002818 _____ C:Windowssystem32TasksCCleanerSkipUAC
2020-06-08 02:05 – 2018-03-13 10:37 – 000004472 _____ C:Windowssystem32TasksAdobe Flash Player NPAPI Notifier
2020-06-08 02:05 – 2018-01-19 14:55 – 000003108 _____ C:Windowssystem32Tasks7A5E22F3-13A6-4040-B1C5-E4043B449990
2020-06-08 02:05 – 2017-11-30 18:27 – 000003832 _____ C:Windowssystem32TasksDriver Easy Scheduled Scan
2020-06-08 02:05 – 2017-06-28 03:34 – 000004324 _____ C:Windowssystem32TasksAdobe Flash Player Updater
2020-06-08 02:05 – 2017-04-06 22:46 – 000004174 _____ C:Windowssystem32TasksAntivirus Emergency Update
2020-06-08 02:05 – 2016-04-18 20:31 – 000003646 _____ C:Windowssystem32TasksHPCustParticipation HP Deskjet 3050 J610 series
2020-06-08 02:05 – 2016-03-31 20:06 – 000004476 _____ C:Windowssystem32TasksAdobe Acrobat Update Task
2020-06-08 02:05 – 2016-03-18 21:26 – 000003444 _____ C:Windowssystem32TasksGoogleUpdateTaskMachineUA
2020-06-08 02:05 – 2016-03-18 21:26 – 000003316 _____ C:Windowssystem32TasksGoogleUpdateTaskMachineCore
2020-06-08 02:05 – 2015-06-04 18:43 – 000002118 _____ C:Windowssystem32TasksAvast SecureLine
2020-06-08 02:05 – 2015-05-04 20:52 – 000002986 _____ C:Windowssystem32TasksStart SimplePass
2020-06-08 02:05 – 2015-05-04 20:52 – 000002924 _____ C:Windowssystem32TasksStart OPBHOBrokerDesktop
2020-06-08 02:05 – 2015-05-04 20:52 – 000002912 _____ C:Windowssystem32TasksStart OPBHOBroker
2020-06-07 17:15 – 2013-08-22 16:36 – 000000000 ____D C:Windowssystem32NDF
2020-06-07 14:53 – 2016-04-28 13:32 – 000000000 ____D C:UsersXXXXXXZZZDocumentsDepesas anuais
2020-06-07 14:09 – 2019-07-18 11:12 – 000000000 ____D C:UsersXXXXXXZZZ.VirtualBox
2020-06-07 13:56 – 2019-07-18 11:12 – 000000000 ____D C:ProgramDataVirtualBox
2020-06-05 15:12 – 2016-03-18 21:21 – 000003600 _____ C:Windowssystem32TasksOptimize Start Menu Cache Files-S-1-5-21-3751382696-3894377064-3631472648-1001
2020-06-05 14:57 – 2016-05-02 18:14 – 000001182 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk
2020-06-05 09:41 – 2016-03-18 21:27 – 000002247 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
2020-06-04 18:33 – 2020-05-04 21:27 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingxarp-XXXXXXZZZ
2020-06-04 13:20 – 2016-03-31 20:06 – 000002086 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAcrobat Reader DC.lnk
2020-06-02 19:55 – 2018-06-24 15:52 – 000001277 _____ C:UsersXXXXXXZZZDesktopMUSICA.txt – Atalho.lnk
2020-06-02 19:27 – 2016-03-18 21:12 – 000000000 ____D C:UsersXXXXXXZZZ
2020-06-02 11:21 – 2013-08-22 16:36 – 000000000 ____D C:Windowstracing
2020-06-01 21:21 – 2015-05-04 20:52 – 000000000 ___HD C:Program Files (x86)InstallShield Installation Information
2020-05-29 08:53 – 2015-06-04 18:15 – 000000000 ____D C:ProgramDataRealtek
2020-05-28 23:50 – 2016-04-25 18:02 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingvlc
2020-05-28 00:58 – 2013-08-22 16:36 – 000000000 ____D C:WindowsAppReadiness
2020-05-28 00:46 – 2017-12-10 17:58 – 000000000 ____D C:UsersXXXXXXZZZDocumentsFacebook
2020-05-28 00:38 – 2020-04-22 15:36 – 000000000 ____D C:UsersXXXXXXZZZDocumentsJogos
2020-05-28 00:14 – 2017-03-04 00:04 – 000000000 ____D C:UsersXXXXXXZZZDocumentsXadrez
2020-05-28 00:12 – 2016-12-17 17:46 – 000000000 ____D C:UsersXXXXXXZZZDocumentsSegurança Social
2020-05-28 00:11 – 2018-06-24 15:40 – 000000000 ____D C:UsersXXXXXXZZZDocumentsProgramas
2020-05-28 00:11 – 2016-04-30 18:20 – 000000000 ____D C:UsersXXXXXXZZZDocumentsProgramas instalados
2020-05-28 00:10 – 2016-05-12 20:08 – 000000000 ____D C:UsersXXXXXXZZZDocumentsOutros
2020-05-28 00:09 – 2018-05-06 16:14 – 000000000 ____D C:UsersXXXXXXZZZDocumentsLivros
2020-05-27 13:56 – 2019-11-04 15:58 – 000000000 ____D C:UsersXXXXXXZZZDownloadsNetworkMiner_2-5
2020-05-27 10:01 – 2015-05-04 20:48 – 000000000 ____D C:Program Files (x86)Hewlett-Packard
2020-05-26 18:00 – 2016-04-28 01:41 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalMicrosoft Help
2020-05-26 12:34 – 2020-03-16 11:07 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalSpotify
2020-05-25 09:55 – 2020-04-30 19:15 – 000000000 ____D C:UsersXXXXXXZZZDownloadsETH
2020-05-22 20:08 – 2016-05-24 22:12 – 000000000 ____D C:WindowsMinidump
2020-05-22 20:00 – 2017-04-03 19:15 – 000000000 ___RD C:UsersXXXXXXZZZGoogle Drive
2020-05-22 12:21 – 2019-02-07 10:56 – 000000000 ___RD C:UsersXXXXXXZZZDocumentsMEGA
2020-05-21 10:45 – 2020-03-31 18:09 – 000000000 ____D C:Program FilesNpcap
2020-05-21 01:37 – 2016-04-23 21:45 – 000000000 ____D C:UsersXXXXXXZZZDocumentsPasses
2020-05-19 10:20 – 2018-03-22 22:48 – 000000000 ____D C:Program FilesGoogle
2020-05-18 22:34 – 2013-08-22 16:20 – 000000000 ____D C:WindowsCbsTemp
2020-05-18 12:33 – 2016-03-18 21:15 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalPackages
2020-05-18 12:32 – 2013-08-22 16:36 – 000000000 ___HD C:Program FilesWindowsApps
2020-05-17 15:20 – 2019-07-18 11:13 – 000000000 ____D C:UsersXXXXXXZZZVirtualBox VMs
2020-05-17 13:12 – 2019-04-24 01:38 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingTelegram Desktop
2020-05-16 21:57 – 2015-06-04 18:43 – 000000000 ____D C:ProgramDataAVAST Software
2020-05-16 21:48 – 2016-06-27 16:51 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingACEStream
2020-05-16 21:48 – 2016-06-27 16:51 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoaming.ACEStream
2020-05-16 04:27 – 2016-03-31 22:45 – 000000000 ____D C:Windowssystem32MRT
2020-05-16 04:22 – 2013-08-22 16:36 – 000000000 ___RD C:WindowsToastData
2020-05-16 04:22 – 2013-08-22 16:36 – 000000000 ____D C:Windowssystem32inetsrv
2020-05-15 23:46 – 2018-04-26 15:42 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalDesignBuilder
2020-05-15 23:46 – 2018-04-26 15:36 – 000000000 ____D C:ProgramDataDesignBuilder
2020-05-15 23:43 – 2020-04-18 19:52 – 000000000 ____D C:Program Files (x86)TeamViewer
2020-05-15 23:42 – 2019-12-08 18:20 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingMicrosoftWindowsStart MenuProgramsWugFresh Development
2020-05-15 23:41 – 2020-01-11 03:43 – 000000000 ____D C:Program Files (x86)Kingo ROOT
2020-05-15 23:41 – 2018-05-20 03:24 – 000000000 ____D C:Program Files (x86)Facebook Friend Mapper
2020-05-15 23:41 – 2016-03-29 22:06 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingDropboxOEM
2020-05-15 11:41 – 2016-03-31 22:45 – 120636720 ____C (Microsoft Corporation) C:Windowssystem32MRT.exe
2020-05-14 11:19 – 2020-04-09 12:17 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingZoom
2020-05-13 23:42 – 2013-08-22 16:36 – 000000000 ____D C:WindowsSysWOW64Macromed
2020-05-13 23:42 – 2013-08-22 16:36 – 000000000 ____D C:Windowssystem32Macromed
2020-05-13 22:38 – 2016-04-18 20:06 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalHP
2020-05-13 10:44 – 2020-04-28 14:25 – 000000000 ____D C:UsersXXXXXXZZZAppDataLocalLowIGDump
2020-05-13 09:42 – 2019-01-07 00:31 – 000061072 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32Driversavgbuniv.sys
2020-05-13 09:42 – 2019-01-07 00:31 – 000037208 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgArDisk.sys
2020-05-13 09:42 – 2018-10-20 20:56 – 000042856 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgKbd.sys
2020-05-13 09:42 – 2017-11-30 14:52 – 000205952 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgArPot.sys
2020-05-13 09:42 – 2017-04-06 22:46 – 000851664 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgSnx.sys
2020-05-13 09:42 – 2017-04-06 22:46 – 000461064 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgSP.sys
2020-05-13 09:42 – 2017-04-06 22:46 – 000319184 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgVmm.sys
2020-05-13 09:42 – 2017-04-06 22:46 – 000109336 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgRdr2.sys
2020-05-13 09:42 – 2017-04-06 22:46 – 000084928 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgRvrt.sys
2020-05-13 09:41 – 2019-01-14 16:33 – 000234632 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32Driversavgbidsdriver.sys
2020-05-13 09:41 – 2019-01-07 00:31 – 000178832 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32Driversavgbidsh.sys
2020-05-12 17:41 – 2020-03-07 21:03 – 000000000 ____D C:ProgramDataProtonVPN
2020-05-12 00:18 – 2018-02-25 20:28 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingWireshark
2020-05-11 22:49 – 2020-03-24 22:50 – 000000000 ____D C:fakenet1.4.11
2020-05-10 17:51 – 2016-04-10 14:24 – 000000000 ____D C:UsersXXXXXXZZZAppDataRoamingAVAST Software
2020-05-10 17:51 – 2015-06-04 18:43 – 000000000 ____D C:Program FilesAVAST Software
==================== Files in the root of some directories ========
2020-01-03 14:39 – 2020-01-03 14:39 – 003185243 _____ () C:Program FilesHxDSetup.zip
2020-02-26 13:17 – 2020-02-26 13:17 – 003341981 _____ () C:Program FilesSnort_2_9_15_1_Installer.exe
2017-11-28 12:01 – 2017-11-28 12:03 – 007649280 _____ () C:Program Files (x86)GUTAEE6.tmp
2020-05-28 13:07 – 2020-05-28 13:07 – 000002391 _____ () C:UsersXXXXXXZZZAppDataLocalrecently-used.xbel
2020-01-11 03:44 – 2020-01-11 03:59 – 000000068 _____ () C:UsersXXXXXXZZZAppDataLocaluts.ini
2020-05-21 10:47 – 2020-05-28 11:12 – 000000286 _____ () C:UsersXXXXXXZZZAppDataLocalzenmap.exe.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-04-08 11:59
==================== End of FRST.txt ========================
Also, the Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by XXXXXXZZZ (09-06-2020 12:01:08)
Running from C:UsersXXXXXXZZZDownloads
Windows 8.1 (Update) (X64) (2016-03-18 20:13:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-3751382696-3894377064-3631472648-500 – Administrator – Disabled)
Convidado (S-1-5-21-3751382696-3894377064-3631472648-501 – Limited – Disabled)
XXXXXXZZZ (S-1-5-21-3751382696-3894377064-3631472648-1001 – Administrator – Enabled) => C:UsersXXXXXXZZZ
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46
AV: AVG Antivirus (Enabled – Up to date) 18A975F9-A60C-37D8-E30B-4BEF31AD3411
AS: AVG Antivirus (Enabled – Up to date) A3C8941D-8036-3856-D9BB-709D4A2A7EAC
AS: Windows Defender (Disabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
[PS3] Save Resigner (HKLM-x32…[PS3] Save Resigner 2.0.2) (Version: 2.0.2 – The Prince of Codes)
[PS3] Save Resigner (HKLM-x32…96CF2F0B-EBB0-4D7F-852F-C54A30C8E5CF) (Version: 2.0.2 – The Prince of Codes) Hidden
µTorrent (HKUS-1-5-21-3751382696-3894377064-3631472648-1001…uTorrent) (Version: 3.5.5.45505 – BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM…23170F69-40C1-2702-0920-000001000000) (Version: 9.20.00.0 – Igor Pavlov)
A360 Desktop (HKLM…7758802D-9486-4883-9927-CCAC366A3BA4) (Version: 7.2.3.1800 – Autodesk)
ACA & MEP 2017 Object Enabler (HKLM…28B89EEF-0004-0000-5102-CF3F3A09B77D) (Version: 7.9.45.0 – Autodesk) Hidden
ACAD Private (HKLM…28B89EEF-0001-0000-3102-CF3F3A09B77D) (Version: 21.0.52.0 – Autodesk) Hidden
Actualizações da NVIDIA 16.13.65 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.Update) (Version: 16.13.65 – NVIDIA Corporation) Hidden
Adobe Acrobat Reader DC – Português (HKLM-x32…AC76BA86-7AD7-1046-7B44-AC0F074E4100) (Version: 20.009.20067 – Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32…AC76BA86-1033-FFFF-7760-000000000006) (Version: 11.0.12 – Adobe Systems)
Adobe Flash Player 32 NPAPI (HKLM-x32…Adobe Flash Player NPAPI) (Version: 32.0.0.371 – Adobe)
Adobe Shockwave Player 12.1 (HKLM-x32…Adobe Shockwave Player) (Version: 12.1.7.157 – Adobe Systems, Inc.)
Aimersoft Helper Compact 2.5.2 (HKLM-x32…405147F7-FCC5-499B-A27E-EA6BD4A80435_is1) (Version: 2.5.2 – Aimersoft)
Android Rom Dumper version 1.3.5 (HKLM-x32…595D7D79-D70F-4930-A450-BF06B628EE2D_is1) (Version: 1.3.5 – BoxWares Team)
Android Studio (HKLM…Android Studio) (Version: 3.6 – Google LLC)
Android Toolkit 2.0.30 (HKLM-x32…F9441FCC-1C08-4933-939F-0E8A27D6C0CE_is1) (Version: 2.0.30 – Apeaksoft Studio)
Any DGN to DWG Converter 2018 (HKLM-x32…Any DGN to DWG Converter_is1) (Version: – AnyDWG Software, Inc.)
Any DWF to DWG Converter 2017 (HKLM-x32…Any DWF to DWG Converter_is1) (Version: – AnyDWG Software, Inc.)
Aplicação de ambiente de trabalho Autodesk (HKLM-x32…Autodesk Desktop App) (Version: 7.0.9.191 – Autodesk)
Aplicativos da Autodesk em destaque 2016-2017 (HKLM-x32…27C15055-713B-4D0E-881F-19598A2DFD59) (Version: 2.2.0 – Autodesk)
Application Verifier x64 External Package (HKLM…10CA1677-8F02-3131-F25C-780BAB52E468) (Version: 10.1.18362.1 – Microsoft) Hidden
Assistente de gestor de conteúdo para PlayStation® (HKLM-x32…E5C1C342-5E78-4D91-85BE-40C716B09391) (Version: 3.55.7671.0901 – Sony Computer Entertainment Inc.)
AutoCAD 2017 – English (HKLM…28B89EEF-0001-0409-2102-CF3F3A09B77D) (Version: 21.0.52.0 – Autodesk) Hidden
AutoCAD 2017 (HKLM…28B89EEF-0001-0000-0102-CF3F3A09B77D) (Version: 21.0.52.0 – Autodesk) Hidden
AutoCAD 2017 Language Pack – English (HKLM…28B89EEF-0001-0409-1102-CF3F3A09B77D) (Version: 21.0.52.0 – Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2017 (HKLM-x32…8ED2ED41-4455-449D-993C-751C039089B9) (Version: 15.11.3.0 – Autodesk)
Autodesk App Manager 2016-2017 (HKLM-x32…C0954809-F5DC-426C-847E-8409DE14E4C0) (Version: 2.2.0 – Autodesk)
Autodesk AutoCAD 2017 – English (HKLM…AutoCAD 2017 – English) (Version: 21.0.52.0 – Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.5 (HKLM-x32…8600F844-9AA5-412E-B6F2-F9C6CBCFD268) (Version: 1.2.5.0 – Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 64 bit (HKLM…276A67E0-71EB-4827-B5F7-2ACF02BC1A5B) (Version: 4.37.6853 – Autodesk)
Autodesk Design Review (HKLM-x32…139C013B-5BAC-4101-BC6C-B2A78C0125A4) (Version: 14.0.0.177 – Autodesk) Hidden
Autodesk Design Review (HKLM-x32…Autodesk Design Review) (Version: 14.0.0.177 – Autodesk)
Autodesk DWG TrueView 2018 – English (HKLM…DWG TrueView 2018 – English) (Version: 22.0.50.0 – Autodesk)
Autodesk License Service (x64) – 3.1 (HKLM…EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D) (Version: 3.1.26.0 – Autodesk)
Autodesk Material Library 2017 (HKLM-x32…8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE) (Version: 15.11.3.0 – Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32…3FBFBC43-9882-43FA-B979-2D53896747B3) (Version: 15.11.3.0 – Autodesk)
AutoDWG DWG DXF Converter 2019 (HKLM-x32…