Ir para conteúdo

RUY

Members
  • Total de itens

    472
  • Registro em

  • Última visita

Reputação

2 Comum

1 Seguidor

Sobre RUY

  • Data de Nascimento 09/15/1975

Informações Pessoais

  • Sexo
    Masculino
  • Localização
    Porto Alegre

Contato

  1. Perdão pela demora.Informo que tudo nocomputador está normal
  2. Boa noite Cedurodrigues, segue o log do Security Check SecurityCheck by glax24 v.1.4.0.23 [04.07.15] WebSite: www.safezone.cc DateLog: 19.07.2015 20:50:04 Path starting: C:\Users\Ivan\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe Log directory: C:\SecurityCheck\ IsAdmin: True User: Ivan VersionXML: 1.51s ___________________________________________________________________________ Windows 7(6.1.7601) Service Pack 1 (x64) HomePremium Lang: Portuguese(0416) Installation date OS: 12.11.2013 12:06:31 LicenseStatus: Windows® 7, HomePremium edition The machine is permanently activated. Boot Mode: Normal Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe SystemDrive: C: FS: [NTFS] Capacity: [465.7 Gb] Used: [122.4 Gb] Free: [343.3 Gb] ------------------------------- [ Windows ] ------------------------------- Internet Explorer 11.0.9600.17914 [+] User Account Control enabled Automatic download and scheduled installation Date install updates: 2015-07-19 02:00:27 Windows Update (wuauserv) - The service is running Central de Segurança (wscsvc) - The service is running ---------------------------- [ Antivirus_WMI ] ---------------------------- Avira Antivirus (enabled and up to date) --------------------------- [ AntiSpyware_WMI ] --------------------------- Avira Antivirus (enabled and up to date) Windows Defender (enabled and up to date) ---------------------- [ AntiVirusFirewallInstall ] ----------------------- Avira Antivirus v.15.0.11.579 Avira v.1.1.40.29239 --------------------------- [ OtherUtilities ] ---------------------------- CCleaner v.3.28 Microsoft Silverlight v.5.1.40416.0 Skype™ 7.1 v.7.1.105 Warning! Download Update -------------------------------- [ Java ] --------------------------------- Java SE Development Kit 8 Update 11 (64-bit) v.8.0.110 Warning! Download Update Java 8 Update 51 v.8.0.510 [+] --------------------------- [ AdobeProduction ] --------------------------- Adobe AIR v.3.8.0.870 Warning! Download Update Adobe Flash Player 18 ActiveX v.18.0.0.209 [+] Adobe Flash Player 18 NPAPI v.18.0.0.209 [+] Adobe Shockwave Player 12.0 v.12.0.3.133 Warning! Download Update Adobe Reader XI (11.0.12) v.11.0.12 [+] ------------------------------- [ Browser ] ------------------------------- Google Chrome v.43.0.2357.134 [+] Mozilla Firefox 39.0 (x86 pt-BR) v.39.0 [+] ---------------------------- [ UnwantedApps ] ----------------------------- Google Toolbar for Internet Explorer v.1.0.0 << Hidden Внимание! Панель для браузера. Может замедлять работу браузера и иметь проблемы с нарушением конфиденциальности. ----------------------------- [ End of Log ] ------------------------------
  3. Fix result of Farbar Recovery Scan Tool (x64) Version:13-07-2015 Ran by Ivan at 2015-07-17 02:07:40 Run:1 Running from C:\Users\Ivan\Desktop Loaded Profiles: Ivan & DefaultAppPool (Available Profiles: Ivan & Classic .NET AppPool & DefaultAppPool) Boot Mode: Normal ============================================== fixlist content: ***************** start CreateRestorePoint: CloseProcesses: HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: E - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: F - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {07e7543c-c70a-11e3-b6dd-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {07e75442-c70a-11e3-b6dd-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {159d0521-f8af-11e3-ad2d-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {193604c4-4d4a-11e3-a847-806e6f6e6963} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {19e84295-ccb7-11e3-a5f0-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {19e8429b-ccb7-11e3-a5f0-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {1b5eeaba-217c-11e4-aad2-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {1b5eeac0-217c-11e4-aad2-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {1bacb505-b430-11e3-8e00-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {1bacb50e-b430-11e3-8e00-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {36ff097e-4d46-11e3-938a-00158307c667} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {4429fedb-696f-11e3-9e9b-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {4db834ac-aec9-11e3-adbe-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {4db834ae-aec9-11e3-adbe-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {5c9cccf9-b67a-11e3-9cda-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {5c9cccfb-b67a-11e3-9cda-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {5c9ccd03-b67a-11e3-9cda-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {5c9ccd07-b67a-11e3-9cda-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {5c9ccd09-b67a-11e3-9cda-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {5c9ccd0d-b67a-11e3-9cda-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {5c9ccd0f-b67a-11e3-9cda-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {627a7a26-a926-11e3-990e-806e6f6e6963} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {64bb57a2-a4c3-11e3-add2-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {64bb57a7-a4c3-11e3-add2-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {684402d8-aec6-11e3-8084-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {684402dd-aec6-11e3-8084-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {6bf2cc7f-85d1-11e3-8e04-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {6c32cd41-1d60-11e4-9896-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {6c32cd57-1d60-11e4-9896-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {6fe376f2-6647-11e3-a2dc-00248cd00264} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {6fe376f6-6647-11e3-a2dc-00248cd00264} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {7ec99124-4ca6-11e3-8cc1-806e6f6e6963} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {7ec99143-4ca6-11e3-8cc1-00158307c667} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {8e5c945d-6838-11e3-a83d-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {9f77dfcd-426c-11e4-989e-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {9f77dfd2-426c-11e4-989e-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {a22ba801-fd39-11e3-8e4e-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {a3b3cddc-429a-11e4-a996-00248cd00264} - E:\Windows/AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {a40f5e3f-e6ad-11e3-b685-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {a40f5e44-e6ad-11e3-b685-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {a6558883-bb83-11e3-8e13-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {a6558893-bb83-11e3-8e13-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {aca10495-4c7c-11e3-9f28-00158307c667} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {aca10499-4c7c-11e3-9f28-00158307c667} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {b404fdbd-41c8-11e4-b6b3-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {b404fdcb-41c8-11e4-b6b3-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {bd96ee5a-219e-11e4-992a-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {beef1c1b-6967-11e3-a4bb-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {beefb902-696d-11e3-947c-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {c0c16841-4b97-11e3-ba2f-00158307c667} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {c4246656-219c-11e4-9d3c-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {c462d889-6434-11e3-a823-00158307c667} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {c462d892-6434-11e3-a823-00158307c667} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {c462d896-6434-11e3-a823-00158307c667} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {c8445320-ccc4-11e3-ade1-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {c8445327-ccc4-11e3-ade1-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {cfd73058-c19c-11e3-9c94-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {cfd7305e-c19c-11e3-9c94-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {d36cbdc3-ec07-11e3-bc24-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {d36cbdc8-ec07-11e3-bc24-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {d3969f2e-64d8-11e3-92f5-00158307c667} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {d3969f32-64d8-11e3-92f5-00158307c667} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {d41b56aa-215a-11e4-bca8-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {d41b56ae-215a-11e4-bca8-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {d41b56b0-215a-11e4-bca8-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {d41b56b3-215a-11e4-bca8-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {d4e098dd-3437-11e4-9a51-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {d7b51dac-3063-11e4-aa66-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {d7b51db1-3063-11e4-aa66-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {e22c68a0-ccb9-11e3-aa2e-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {e22c68a6-ccb9-11e3-aa2e-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {e395ff1c-696e-11e3-af29-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {f8af15e2-e6af-11e3-851a-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {f8af15f3-e6af-11e3-851a-00248cd00264} - E:\AutoRun.exe SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] 2015-07-07 19:36 - 2015-07-07 19:36 - 00000000 ____D C:\Users\Todos os Usuários\F-Secure 2015-07-07 19:36 - 2015-07-07 19:36 - 00000000 ____D C:\ProgramData\F-Secure 2015-07-09 17:24 - 2014-06-10 20:24 - 00000000 ____D C:\Program Files\McAfee Security Scan C:\Users\Ivan\AppData\Local\Temp\avgnt.exe C:\Users\Ivan\AppData\Local\Temp\Quarantine.exe C:\Users\Ivan\AppData\Local\Temp\sqlite3.dll C:\Users\Bruno\AppData\Local\Temp\avgnt.exe HOSTS: CMD: bitsadmin /reset /allusers CMD: ipconfig /flushdns emptytemp: end ***************** Restore point was successfully created. Processes closed successfully. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E" => key removed successfully "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => key removed successfully "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{07e7543c-c70a-11e3-b6dd-00248cd00264}" => key removed successfully HKCR\CLSID\{07e7543c-c70a-11e3-b6dd-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{07e75442-c70a-11e3-b6dd-00248cd00264}" => key removed successfully HKCR\CLSID\{07e75442-c70a-11e3-b6dd-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{159d0521-f8af-11e3-ad2d-00248cd00264}" => key removed successfully HKCR\CLSID\{159d0521-f8af-11e3-ad2d-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{193604c4-4d4a-11e3-a847-806e6f6e6963}" => key removed successfully HKCR\CLSID\{193604c4-4d4a-11e3-a847-806e6f6e6963} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{19e84295-ccb7-11e3-a5f0-00248cd00264}" => key removed successfully HKCR\CLSID\{19e84295-ccb7-11e3-a5f0-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{19e8429b-ccb7-11e3-a5f0-00248cd00264}" => key removed successfully HKCR\CLSID\{19e8429b-ccb7-11e3-a5f0-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b5eeaba-217c-11e4-aad2-00248cd00264}" => key removed successfully HKCR\CLSID\{1b5eeaba-217c-11e4-aad2-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b5eeac0-217c-11e4-aad2-00248cd00264}" => key removed successfully HKCR\CLSID\{1b5eeac0-217c-11e4-aad2-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1bacb505-b430-11e3-8e00-00248cd00264}" => key removed successfully HKCR\CLSID\{1bacb505-b430-11e3-8e00-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1bacb50e-b430-11e3-8e00-00248cd00264}" => key removed successfully HKCR\CLSID\{1bacb50e-b430-11e3-8e00-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{36ff097e-4d46-11e3-938a-00158307c667}" => key removed successfully HKCR\CLSID\{36ff097e-4d46-11e3-938a-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4429fedb-696f-11e3-9e9b-00248cd00264}" => key removed successfully HKCR\CLSID\{4429fedb-696f-11e3-9e9b-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4db834ac-aec9-11e3-adbe-00248cd00264}" => key removed successfully HKCR\CLSID\{4db834ac-aec9-11e3-adbe-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4db834ae-aec9-11e3-adbe-00248cd00264}" => key removed successfully HKCR\CLSID\{4db834ae-aec9-11e3-adbe-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5c9cccf9-b67a-11e3-9cda-00158307c667}" => key removed successfully HKCR\CLSID\{5c9cccf9-b67a-11e3-9cda-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5c9cccfb-b67a-11e3-9cda-00158307c667}" => key removed successfully HKCR\CLSID\{5c9cccfb-b67a-11e3-9cda-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5c9ccd03-b67a-11e3-9cda-00158307c667}" => key removed successfully HKCR\CLSID\{5c9ccd03-b67a-11e3-9cda-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5c9ccd07-b67a-11e3-9cda-00158307c667}" => key removed successfully HKCR\CLSID\{5c9ccd07-b67a-11e3-9cda-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5c9ccd09-b67a-11e3-9cda-00158307c667}" => key removed successfully HKCR\CLSID\{5c9ccd09-b67a-11e3-9cda-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5c9ccd0d-b67a-11e3-9cda-00158307c667}" => key removed successfully HKCR\CLSID\{5c9ccd0d-b67a-11e3-9cda-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5c9ccd0f-b67a-11e3-9cda-00158307c667}" => key removed successfully HKCR\CLSID\{5c9ccd0f-b67a-11e3-9cda-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{627a7a26-a926-11e3-990e-806e6f6e6963}" => key removed successfully HKCR\CLSID\{627a7a26-a926-11e3-990e-806e6f6e6963} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{64bb57a2-a4c3-11e3-add2-00248cd00264}" => key removed successfully HKCR\CLSID\{64bb57a2-a4c3-11e3-add2-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{64bb57a7-a4c3-11e3-add2-00248cd00264}" => key removed successfully HKCR\CLSID\{64bb57a7-a4c3-11e3-add2-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{684402d8-aec6-11e3-8084-00158307c667}" => key removed successfully HKCR\CLSID\{684402d8-aec6-11e3-8084-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{684402dd-aec6-11e3-8084-00158307c667}" => key removed successfully HKCR\CLSID\{684402dd-aec6-11e3-8084-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6bf2cc7f-85d1-11e3-8e04-00248cd00264}" => key removed successfully HKCR\CLSID\{6bf2cc7f-85d1-11e3-8e04-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6c32cd41-1d60-11e4-9896-00158307c667}" => key removed successfully HKCR\CLSID\{6c32cd41-1d60-11e4-9896-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6c32cd57-1d60-11e4-9896-00158307c667}" => key removed successfully HKCR\CLSID\{6c32cd57-1d60-11e4-9896-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6fe376f2-6647-11e3-a2dc-00248cd00264}" => key removed successfully HKCR\CLSID\{6fe376f2-6647-11e3-a2dc-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6fe376f6-6647-11e3-a2dc-00248cd00264}" => key removed successfully HKCR\CLSID\{6fe376f6-6647-11e3-a2dc-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7ec99124-4ca6-11e3-8cc1-806e6f6e6963}" => key removed successfully HKCR\CLSID\{7ec99124-4ca6-11e3-8cc1-806e6f6e6963} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7ec99143-4ca6-11e3-8cc1-00158307c667}" => key removed successfully HKCR\CLSID\{7ec99143-4ca6-11e3-8cc1-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8e5c945d-6838-11e3-a83d-00248cd00264}" => key removed successfully HKCR\CLSID\{8e5c945d-6838-11e3-a83d-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9f77dfcd-426c-11e4-989e-00248cd00264}" => key removed successfully HKCR\CLSID\{9f77dfcd-426c-11e4-989e-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9f77dfd2-426c-11e4-989e-00248cd00264}" => key removed successfully HKCR\CLSID\{9f77dfd2-426c-11e4-989e-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a22ba801-fd39-11e3-8e4e-00248cd00264}" => key removed successfully HKCR\CLSID\{a22ba801-fd39-11e3-8e4e-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a3b3cddc-429a-11e4-a996-00248cd00264}" => key removed successfully HKCR\CLSID\{a3b3cddc-429a-11e4-a996-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a40f5e3f-e6ad-11e3-b685-00158307c667}" => key removed successfully HKCR\CLSID\{a40f5e3f-e6ad-11e3-b685-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a40f5e44-e6ad-11e3-b685-00158307c667}" => key removed successfully HKCR\CLSID\{a40f5e44-e6ad-11e3-b685-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a6558883-bb83-11e3-8e13-00248cd00264}" => key removed successfully HKCR\CLSID\{a6558883-bb83-11e3-8e13-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a6558893-bb83-11e3-8e13-00248cd00264}" => key removed successfully HKCR\CLSID\{a6558893-bb83-11e3-8e13-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aca10495-4c7c-11e3-9f28-00158307c667}" => key removed successfully HKCR\CLSID\{aca10495-4c7c-11e3-9f28-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aca10499-4c7c-11e3-9f28-00158307c667}" => key removed successfully HKCR\CLSID\{aca10499-4c7c-11e3-9f28-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b404fdbd-41c8-11e4-b6b3-00248cd00264}" => key removed successfully HKCR\CLSID\{b404fdbd-41c8-11e4-b6b3-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b404fdcb-41c8-11e4-b6b3-00248cd00264}" => key removed successfully HKCR\CLSID\{b404fdcb-41c8-11e4-b6b3-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bd96ee5a-219e-11e4-992a-00248cd00264}" => key removed successfully HKCR\CLSID\{bd96ee5a-219e-11e4-992a-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{beef1c1b-6967-11e3-a4bb-00248cd00264}" => key removed successfully HKCR\CLSID\{beef1c1b-6967-11e3-a4bb-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{beefb902-696d-11e3-947c-00248cd00264}" => key removed successfully HKCR\CLSID\{beefb902-696d-11e3-947c-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c0c16841-4b97-11e3-ba2f-00158307c667}" => key removed successfully HKCR\CLSID\{c0c16841-4b97-11e3-ba2f-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c4246656-219c-11e4-9d3c-00158307c667}" => key removed successfully HKCR\CLSID\{c4246656-219c-11e4-9d3c-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c462d889-6434-11e3-a823-00158307c667}" => key removed successfully HKCR\CLSID\{c462d889-6434-11e3-a823-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c462d892-6434-11e3-a823-00158307c667}" => key removed successfully HKCR\CLSID\{c462d892-6434-11e3-a823-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c462d896-6434-11e3-a823-00158307c667}" => key removed successfully HKCR\CLSID\{c462d896-6434-11e3-a823-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c8445320-ccc4-11e3-ade1-00248cd00264}" => key removed successfully HKCR\CLSID\{c8445320-ccc4-11e3-ade1-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c8445327-ccc4-11e3-ade1-00248cd00264}" => key removed successfully HKCR\CLSID\{c8445327-ccc4-11e3-ade1-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cfd73058-c19c-11e3-9c94-00158307c667}" => key removed successfully HKCR\CLSID\{cfd73058-c19c-11e3-9c94-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cfd7305e-c19c-11e3-9c94-00158307c667}" => key removed successfully HKCR\CLSID\{cfd7305e-c19c-11e3-9c94-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d36cbdc3-ec07-11e3-bc24-00248cd00264}" => key removed successfully HKCR\CLSID\{d36cbdc3-ec07-11e3-bc24-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d36cbdc8-ec07-11e3-bc24-00248cd00264}" => key removed successfully HKCR\CLSID\{d36cbdc8-ec07-11e3-bc24-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d3969f2e-64d8-11e3-92f5-00158307c667}" => key removed successfully HKCR\CLSID\{d3969f2e-64d8-11e3-92f5-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d3969f32-64d8-11e3-92f5-00158307c667}" => key removed successfully HKCR\CLSID\{d3969f32-64d8-11e3-92f5-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d41b56aa-215a-11e4-bca8-00158307c667}" => key removed successfully HKCR\CLSID\{d41b56aa-215a-11e4-bca8-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d41b56ae-215a-11e4-bca8-00158307c667}" => key removed successfully HKCR\CLSID\{d41b56ae-215a-11e4-bca8-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d41b56b0-215a-11e4-bca8-00158307c667}" => key removed successfully HKCR\CLSID\{d41b56b0-215a-11e4-bca8-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d41b56b3-215a-11e4-bca8-00158307c667}" => key removed successfully HKCR\CLSID\{d41b56b3-215a-11e4-bca8-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d4e098dd-3437-11e4-9a51-00248cd00264}" => key removed successfully HKCR\CLSID\{d4e098dd-3437-11e4-9a51-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d7b51dac-3063-11e4-aa66-00158307c667}" => key removed successfully HKCR\CLSID\{d7b51dac-3063-11e4-aa66-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d7b51db1-3063-11e4-aa66-00158307c667}" => key removed successfully HKCR\CLSID\{d7b51db1-3063-11e4-aa66-00158307c667} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e22c68a0-ccb9-11e3-aa2e-00248cd00264}" => key removed successfully HKCR\CLSID\{e22c68a0-ccb9-11e3-aa2e-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e22c68a6-ccb9-11e3-aa2e-00248cd00264}" => key removed successfully HKCR\CLSID\{e22c68a6-ccb9-11e3-aa2e-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e395ff1c-696e-11e3-af29-00248cd00264}" => key removed successfully HKCR\CLSID\{e395ff1c-696e-11e3-af29-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f8af15e2-e6af-11e3-851a-00248cd00264}" => key removed successfully HKCR\CLSID\{f8af15e2-e6af-11e3-851a-00248cd00264} => key not found. "HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f8af15f3-e6af-11e3-851a-00248cd00264}" => key removed successfully HKCR\CLSID\{f8af15f3-e6af-11e3-851a-00248cd00264} => key not found. HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully hwdatacard => Service removed successfully C:\Users\Todos os Usuários\F-Secure => moved successfully. "C:\ProgramData\F-Secure" => File/Folder not found. C:\Program Files\McAfee Security Scan => moved successfully. C:\Users\Ivan\AppData\Local\Temp\avgnt.exe => moved successfully. C:\Users\Ivan\AppData\Local\Temp\Quarantine.exe => moved successfully. C:\Users\Ivan\AppData\Local\Temp\sqlite3.dll => moved successfully. "C:\Users\Bruno\AppData\Local\Temp\avgnt.exe" => File/Folder not found. "C:\Windows\System32\Drivers\etc\hosts" => Could not move. Could not restore Hosts. ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 [ 7.5.7601 ] BITS administration utility. © Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. Unable to cancel {F6F04CC3-8CF9-4FFF-81AA-937DB38516D5}. 0 out of 1 jobs canceled. ========= End of CMD: ========= ========= ipconfig /flushdns ========= Configura��o de IP do Windows Libera��o do Cache do DNS Resolver bem-sucedida. ========= End of CMD: ========= EmptyTemp: => 2.8 GB temporary data Removed.
  4. Addition.txt Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-07-2015 Ran by Ivan at 2015-07-13 22:39:23 Running from C:\Users\Ivan\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-1793361252-1642306814-3946400002-500 - Administrator - Disabled) Convidado (S-1-5-21-1793361252-1642306814-3946400002-501 - Limited - Disabled) Ivan (S-1-5-21-1793361252-1642306814-3946400002-1000 - Administrator - Enabled) => C:\Users\Ivan ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.191 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated) Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.) Avira (HKLM-x32\...\{8467e01f-0496-42ce-b247-88ef205b4880}) (Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG) Avira (x32 Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG) Hidden Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.579 - Avira Operations GmbH & Co. KG) AzureTools.Notifications.VwdExpress (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden BurnAware Free 6.4 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware) CCleaner (HKLM\...\CCleaner) (Version: 3.28 - Piriform) Claro 3G (HKLM-x32\...\{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}) (Version: 1.0.0.1 - ) ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper) Firebird 2.5.0.26074 (Win32) (HKLM-x32\...\FBDBServer_2_5_is1) (Version: 2.5.0.26074 - Firebird Project) Gerenciador de Downloads (HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\a54e16f5d00985b6) (Version: 0.9.3.123 - Level Up! Gerenciador) GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - ) Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation) IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2014) (Version: 1.6 - Receita Federal do Brasil) IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2015) (Version: 1.2 - Receita Federal do Brasil) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) Java SE Development Kit 8 Update 11 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180110}) (Version: 8.0.110 - Oracle Corporation) K-Lite Codec Pack 10.0.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.0 - ) Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation) Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Express 2013 for Web - ENU (HKLM-x32\...\{3e544097-53d1-4252-98a6-93cc12a6d487}) (Version: 12.0.21005.13 - Microsoft Corporation) Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation) Microsoft Web Platform Installer 4.6 (HKLM\...\{16C7D2AD-20CA-491E-80BC-8607A9AACED9}) (Version: 4.0.40719.0 - Microsoft Corporation) Mozilla Firefox 39.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 pt-BR)) (Version: 39.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team) Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation) Paltalk Messenger 11.6 (HKLM-x32\...\Paltalk Messenger) (Version: 11.6.607.17218 - AVM Software Inc.) PHP Manager 1.2 for IIS 7 (HKLM\...\{E851486F-1FE2-44F0-85ED-F969088A68EE}) (Version: 1.2.0 - ) Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation) Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados) Revisores de Texto do Microsoft Office 2013 – Português do Brasil (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft) Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.) Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH) Unity Web Player (HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\UnityWebPlayer) (Version: 4.6.5f1 - Unity Technologies ApS) Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0416-0000-0000000FF1CE}_Office15.PROPLUS_{B36586AD-3256-47B6-8AE7-FA0D8727D7C2}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054791) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{04ADDEC1-208F-4295-AA61-16789EA56814}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054791) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{04ADDEC1-208F-4295-AA61-16789EA56814}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054791) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0416-0000-0000000FF1CE}_Office15.PROPLUS_{04ADDEC1-208F-4295-AA61-16789EA56814}) (Version: - Microsoft) VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.3 - VMware, Inc) VMware Player (Version: 6.0.3 - VMware, Inc.) Hidden wc3270 3.3.9ga12 (HKLM-x32\...\wc3270_is1) (Version: - Paul Mattes) WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 11-06-2015 01:08:14 Windows Update 12-06-2015 02:44:27 Windows Update 17-06-2015 16:02:35 Windows Update 23-06-2015 21:32:20 Windows Update 30-06-2015 23:43:36 Windows Update 07-07-2015 18:41:05 Windows Update 09-07-2015 21:26:52 ZHPFix Restore System Point 12-07-2015 23:48:57 Windows Update ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 23:34 - 2009-06-10 18:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {01D57A2E-D727-4424-8797-95EFED78F596} - System32\Tasks\{A89F789C-846C-41F6-944A-800668A6424C} => pcalua.exe -a "C:\Arquivos de Programas RFB\IRPF2015\IRPF2015.exe" -d "C:\Arquivos de Programas RFB\IRPF2015" Task: {14BE1C41-212D-46E0-8BB4-DA309E8DFB0F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {211986DB-DBA1-47A3-A248-3C08B1C8F9E4} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\OatTask => C:\Office Activation Technologies\Install.cmd [2016-08-14] () Task: {5509F5D9-8D2B-4B67-A9B2-4935F02F54BD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {60166314-1DFF-4DC3-9B01-A3D77E856930} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Ivan-PC-Ivan Ivan-PC => C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2015-04-14] (Microsoft Corporation) Task: {60896297-F226-4319-8F74-503ACA3928A7} - System32\Tasks\{DFAF1978-31D7-4441-8CAD-C747513E1BB4} => Iexplore.exe http://ui.skype.com/ui/0/6.7.0.102/pt/go/help.faq.installer?source=lightinstaller&LastError=1618 Task: {64177631-9678-436D-8C50-14930D90CC9E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {6D03D49A-0512-409A-B6E6-D6C35223B6A3} - System32\Tasks\{3B20EE6C-E0E6-4A2D-BDDD-183D79447EE2} => pcalua.exe -a "C:\Program Files (x86)\Mobile Partner\uninst.exe" Task: {6D24B6EA-06C2-41EC-BF1C-E0AA5C050E0B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {7962E69E-DFFF-4ABC-9747-967B7D8A7150} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-02-25] (Piriform Ltd) Task: {7F5ED2B7-E379-44F1-B5ED-8164F040A58B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-08] (Adobe Systems Incorporated) Task: {85160301-7DD4-4F44-B566-42E05CB94885} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-12] (Google Inc.) Task: {E7B98416-A630-459A-A306-538A746F5551} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-12] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2014-09-22 18:02 - 2013-04-25 12:55 - 10870528 _____ () C:\Program Files (x86)\Claro 3G\UIMain.exe 2014-09-22 18:02 - 2013-04-25 12:55 - 00680192 _____ () C:\Program Files (x86)\Claro 3G\CMUpdater.exe 2014-06-28 12:32 - 2014-07-03 12:25 - 38713856 _____ () C:\Program Files (x86)\Paltalk Messenger\libcef.dll 2013-11-11 21:49 - 2015-04-21 22:12 - 02220032 _____ () C:\Program Files (x86)\Paltalk Messenger\Images.dll 2014-06-12 17:22 - 2014-06-12 17:22 - 01261272 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll 2014-09-22 18:02 - 2012-09-24 16:01 - 01177424 _____ () C:\Program Files (x86)\Claro 3G\WAITINGFORM.DLL 2014-09-22 18:02 - 2013-04-25 12:54 - 01180928 _____ () C:\Program Files (x86)\Claro 3G\DLL_NETCARD_R.DLL 2009-07-13 18:03 - 2009-07-13 22:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll 2014-09-22 18:02 - 2010-12-10 12:42 - 00238928 _____ () C:\Program Files (x86)\Claro 3G\UICommonDlg.dll 2014-09-22 18:02 - 2010-12-10 12:42 - 00349520 _____ () C:\Program Files (x86)\Claro 3G\UISkin.dll 2014-09-22 18:02 - 2010-12-10 12:42 - 00165712 _____ () C:\Program Files (x86)\Claro 3G\BIXml.dll 2014-09-22 18:02 - 2010-12-10 12:42 - 00617808 _____ () C:\Program Files (x86)\Claro 3G\UpdateAgent.dll 2015-03-04 14:04 - 2014-02-10 11:44 - 04592128 _____ () C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll 2015-03-04 14:04 - 2014-02-10 11:44 - 00112128 _____ () C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: Media is not connected to internet. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{E95EE1D5-EA99-47AB-B04C-6CB8A7AD4FE5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{3D3D20BB-CD69-4C88-9F87-CEEE610EE2F8}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{24BC3941-B637-4F21-B9FF-43DC1F16B01D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{7F7C1768-CBF4-4D67-B32A-5132C73B9415}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{DD22D721-A34D-476A-8F69-D094C08FADBC}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [TCP Query User{1B7ED2FD-D801-4AE8-85D9-D68BBE043EE7}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe FirewallRules: [uDP Query User{A0ED3BA6-9F8A-453F-BBB3-B7C599C3FE62}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe FirewallRules: [TCP Query User{6F27820B-54DF-4641-9F30-902AAD0BE97C}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe FirewallRules: [uDP Query User{B263243F-8ED1-4188-8A1B-5434E6C6ACDA}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe FirewallRules: [TCP Query User{8CA82824-0CB7-4AD4-88AF-8726D6505665}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe FirewallRules: [uDP Query User{BCF27B4B-2062-4E25-87EC-76075EBEE855}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe FirewallRules: [TCP Query User{3EA8CBCB-96E6-40D3-92A6-43D116758E13}C:\users\ivan\appdata\local\apps\2.0\cpz0xokz.3mo\a6d9hvnm.x8c\leve..tion_4f84b7a5873ddfc9_0000.0009_025a6ac6eaeb9448\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\ivan\appdata\local\apps\2.0\cpz0xokz.3mo\a6d9hvnm.x8c\leve..tion_4f84b7a5873ddfc9_0000.0009_025a6ac6eaeb9448\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe FirewallRules: [uDP Query User{940752C4-EA29-403C-ACBF-C6C5563F9B67}C:\users\ivan\appdata\local\apps\2.0\cpz0xokz.3mo\a6d9hvnm.x8c\leve..tion_4f84b7a5873ddfc9_0000.0009_025a6ac6eaeb9448\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\ivan\appdata\local\apps\2.0\cpz0xokz.3mo\a6d9hvnm.x8c\leve..tion_4f84b7a5873ddfc9_0000.0009_025a6ac6eaeb9448\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe FirewallRules: [{36F3AB7D-C0FF-42BA-A699-3F92BD859365}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe FirewallRules: [{7371C823-E1AF-4E41-B76E-EEEE81AD1BF7}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe FirewallRules: [TCP Query User{AF813AFC-52FD-41B6-AD46-2AE7558693F3}C:\users\ivan\appdata\local\apps\2.0\cpz0xokz.3mo\a6d9hvnm.x8c\leve..tion_4f84b7a5873ddfc9_0000.0009_1feaa37cbf125788\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\ivan\appdata\local\apps\2.0\cpz0xokz.3mo\a6d9hvnm.x8c\leve..tion_4f84b7a5873ddfc9_0000.0009_1feaa37cbf125788\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe FirewallRules: [uDP Query User{34F04954-3F08-432C-8C55-AF5A50CEB8AD}C:\users\ivan\appdata\local\apps\2.0\cpz0xokz.3mo\a6d9hvnm.x8c\leve..tion_4f84b7a5873ddfc9_0000.0009_1feaa37cbf125788\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\ivan\appdata\local\apps\2.0\cpz0xokz.3mo\a6d9hvnm.x8c\leve..tion_4f84b7a5873ddfc9_0000.0009_1feaa37cbf125788\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe FirewallRules: [{7736D09C-21AD-4AB4-85CB-2DB6D0888294}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B423ECA4-6D65-4348-94BF-CF10F3B55632}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{3F0170D4-B642-46D1-B9CB-3D628078FD8F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [uDP Query User{341B29CB-F830-44EC-8CAF-45FF1D7B5772}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{D7F8338F-1605-4823-A441-F929DE12FBA4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: USB VCom Port Description: USB VCom Port Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Dispositivo Periférico Bluetooth Description: Dispositivo Periférico Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Dispositivo Periférico Bluetooth Description: Dispositivo Periférico Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Dispositivo Periférico Bluetooth Description: Dispositivo Periférico Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (07/12/2015 11:48:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: UIMain.exe, versão: 1.0.0.0, carimbo de hora: 0x00000000 Nome do módulo de falhas: KERNELBASE.dll, versão: 6.1.7601.18869, carimbo de hora: 0x556363bc Código de exceção: 0x0eedfade Deslocamento com falha: 0x0000c42d Identificação do processo com falha: 0x470 Hora de início do aplicativo com falha: 0xUIMain.exe0 Caminho do aplicativo com falha: UIMain.exe1 FCaminho do módulo de falhas: UIMain.exe2 Identificação do Relatório: UIMain.exe3 Error: (07/11/2015 05:55:45 PM) (Source: FirebirdGuardianDefaultInstance) (EventID: 281) (User: ) Description: Abnormal Termination: "C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe": terminated abnormally (4294967295) Error: (07/11/2015 01:21:17 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: UIMain.exe, versão: 1.0.0.0, carimbo de hora: 0x00000000 Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.18869, carimbo de hora: 0x55636317 Código de exceção: 0xc0000005 Deslocamento com falha: 0x000330dd Identificação do processo com falha: 0x4a8 Hora de início do aplicativo com falha: 0xUIMain.exe0 Caminho do aplicativo com falha: UIMain.exe1 FCaminho do módulo de falhas: UIMain.exe2 Identificação do Relatório: UIMain.exe3 Error: (07/10/2015 08:58:23 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Falha na geração de contexto de ativação para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Erro no arquivo de manifesto ou de diretiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2", na linhaC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são:. Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (07/10/2015 08:50:17 PM) (Source: FirebirdGuardianDefaultInstance) (EventID: 281) (User: ) Description: Abnormal Termination: "C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe": terminated abnormally (4294967295) Error: (07/10/2015 08:34:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: UIMain.exe, versão: 1.0.0.0, carimbo de hora: 0x00000000 Nome do módulo de falhas: unknown, versão: 0.0.0.0, carimbo de hora: 0x00000000 Código de exceção: 0xc0000005 Deslocamento com falha: 0x444e4545 Identificação do processo com falha: 0x630 Hora de início do aplicativo com falha: 0xUIMain.exe0 Caminho do aplicativo com falha: UIMain.exe1 FCaminho do módulo de falhas: UIMain.exe2 Identificação do Relatório: UIMain.exe3 Error: (07/10/2015 08:34:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: UIMain.exe, versão: 1.0.0.0, carimbo de hora: 0x00000000 Nome do módulo de falhas: unknown, versão: 0.0.0.0, carimbo de hora: 0x00000000 Código de exceção: 0xc0000005 Deslocamento com falha: 0x444e4545 Identificação do processo com falha: 0x630 Hora de início do aplicativo com falha: 0xUIMain.exe0 Caminho do aplicativo com falha: UIMain.exe1 FCaminho do módulo de falhas: UIMain.exe2 Identificação do Relatório: UIMain.exe3 Error: (07/10/2015 12:59:49 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: UIMain.exe, versão: 1.0.0.0, carimbo de hora: 0x00000000 Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.18869, carimbo de hora: 0x55636317 Código de exceção: 0xc0000005 Deslocamento com falha: 0x0002df40 Identificação do processo com falha: 0xfc0 Hora de início do aplicativo com falha: 0xUIMain.exe0 Caminho do aplicativo com falha: UIMain.exe1 FCaminho do módulo de falhas: UIMain.exe2 Identificação do Relatório: UIMain.exe3 Error: (07/09/2015 12:47:14 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa UIMain.exe versão 1.0.0.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: e00 Hora de Início: 01d0b9d9e56edc87 Hora de Término: 14 Caminho do Aplicativo: C:\Program Files (x86)\Claro 3G\UIMain.exe Id do Relatório: 2c6dc328-25ed-11e5-9884-00158307c667 Error: (07/09/2015 12:46:53 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: UIMain.exe, versão: 1.0.0.0, carimbo de hora: 0x00000000 Nome do módulo de falhas: unknown, versão: 0.0.0.0, carimbo de hora: 0x00000000 Código de exceção: 0xc0000005 Deslocamento com falha: 0x0000000c Identificação do processo com falha: 0xe00 Hora de início do aplicativo com falha: 0xUIMain.exe0 Caminho do aplicativo com falha: UIMain.exe1 FCaminho do módulo de falhas: UIMain.exe2 Identificação do Relatório: UIMain.exe3 System errors: ============= Error: (07/11/2015 05:56:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Serviço de Compartilhamento de Rede do Windows Media Player devido ao seguinte erro: %%1069 Error: (07/11/2015 05:56:16 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: O serviço WMPNetworkSvc não pôde fazer logon como NT AUTHORITY\NetworkService com a senha configurada atualmente devido ao seguinte erro: %%50 Para verificar se o serviço está configurado corretamente, use o snap-in de Serviços do Console de Gerenciamento Microsoft. Error: (07/11/2015 05:56:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Windows Search devido ao seguinte erro: %%1069 Error: (07/11/2015 05:56:15 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: O serviço WSearch não pôde fazer logon como NT AUTHORITY\SYSTEM com a senha configurada atualmente devido ao seguinte erro: %%50 Para verificar se o serviço está configurado corretamente, use o snap-in de Serviços do Console de Gerenciamento Microsoft. Error: (07/11/2015 05:55:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Firebird Server - DefaultInstance foi encerrado inesperadamente. Isso aconteceu 2 vez(es). Error: (07/11/2015 05:55:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço VMware NAT Service foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 1000 milissegundos: Reiniciar o serviço. Error: (07/11/2015 05:55:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Firebird Guardian - DefaultInstance foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço. Error: (07/11/2015 05:55:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Instalador de Módulos do Windows foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 120000 milissegundos: Reiniciar o serviço. Error: (07/11/2015 05:55:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Microsoft .NET Framework NGEN v4.0.30319_X64 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 120000 milissegundos: Reiniciar o serviço. Error: (07/11/2015 05:55:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Serviço de Compartilhamento de Rede do Windows Media Player foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço. Microsoft Office: ========================= Error: (07/12/2015 11:48:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: UIMain.exe1.0.0.000000000KERNELBASE.dll6.1.7601.18869556363bc0eedfade0000c42d47001d0bce63e466dd9C:\Program Files (x86)\Claro 3G\UIMain.exeC:\Windows\syswow64\KERNELBASE.dllaa4fe5e4-2909-11e5-a9fd-00158307c667 Error: (07/11/2015 05:55:45 PM) (Source: FirebirdGuardianDefaultInstance) (EventID: 281) (User: ) Description: Abnormal Termination: "C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe": terminated abnormally (4294967295) Error: (07/11/2015 01:21:17 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: UIMain.exe1.0.0.000000000ntdll.dll6.1.7601.1886955636317c0000005000330dd4a801d0bb6b92f1136fC:\Program Files (x86)\Claro 3G\UIMain.exeC:\Windows\SysWOW64\ntdll.dll45b7d376-2784-11e5-a210-00158307c667 Error: (07/10/2015 08:58:23 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Ivan\Downloads\SoftonicDownloader_para_portabletor.exe Error: (07/10/2015 08:50:17 PM) (Source: FirebirdGuardianDefaultInstance) (EventID: 281) (User: ) Description: Abnormal Termination: "C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe": terminated abnormally (4294967295) Error: (07/10/2015 08:34:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: UIMain.exe1.0.0.000000000unknown0.0.0.000000000c0000005444e454563001d0bb65f487737cC:\Program Files (x86)\Claro 3G\UIMain.exeunknown3f0a3272-275c-11e5-99a9-00158307c667 Error: (07/10/2015 08:34:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: UIMain.exe1.0.0.000000000unknown0.0.0.000000000c0000005444e454563001d0bb65f487737cC:\Program Files (x86)\Claro 3G\UIMain.exeunknown3c3eabe8-275c-11e5-99a9-00158307c667 Error: (07/10/2015 12:59:49 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: UIMain.exe1.0.0.000000000ntdll.dll6.1.7601.1886955636317c00000050002df40fc001d0ba8395565992C:\Program Files (x86)\Claro 3G\UIMain.exeC:\Windows\SysWOW64\ntdll.dll1bca391d-26b8-11e5-9991-00158307c667 Error: (07/09/2015 12:47:14 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: UIMain.exe1.0.0.0e0001d0b9d9e56edc8714C:\Program Files (x86)\Claro 3G\UIMain.exe2c6dc328-25ed-11e5-9884-00158307c667 Error: (07/09/2015 12:46:53 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: UIMain.exe1.0.0.000000000unknown0.0.0.000000000c00000050000000ce0001d0b9d9e56edc87C:\Program Files (x86)\Claro 3G\UIMain.exeunknown22f85bf3-25ed-11e5-9884-00158307c667 ==================== Memory info =========================== Processor: Intel® Core2 Duo CPU E7500 @ 2.93GHz Percentage of memory in use: 42% Total physical RAM: 4086.18 MB Available physical RAM: 2349.54 MB Total Virtual: 8170.57 MB Available Virtual: 6006.69 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.66 GB) (Free:342.69 GB) NTFS Drive e: (ZTEMODEM) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: CB93B4AD) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS) ==================== End of log ============================
  5. FRST Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015 Ran by Ivan (administrator) on IVAN-PC on 13-07-2015 22:38:18 Running from C:\Users\Ivan\Desktop Loaded Profiles: Ivan (Available Profiles: Ivan & Classic .NET AppPool & DefaultAppPool) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Português (Brasil) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (AVM Software Inc.) C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe () C:\Program Files (x86)\Claro 3G\UIMain.exe () C:\Program Files (x86)\Claro 3G\CMUpdater.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-18] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-06-02] (Avira Operations GmbH & Co. KG) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [761064 2015-05-01] (Adobe Systems Incorporated) HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: E - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: F - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {07e7543c-c70a-11e3-b6dd-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {07e75442-c70a-11e3-b6dd-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {159d0521-f8af-11e3-ad2d-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {193604c4-4d4a-11e3-a847-806e6f6e6963} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {19e84295-ccb7-11e3-a5f0-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {19e8429b-ccb7-11e3-a5f0-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {1b5eeaba-217c-11e4-aad2-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {1b5eeac0-217c-11e4-aad2-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {1bacb505-b430-11e3-8e00-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {1bacb50e-b430-11e3-8e00-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {36ff097e-4d46-11e3-938a-00158307c667} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {4429fedb-696f-11e3-9e9b-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {4db834ac-aec9-11e3-adbe-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {4db834ae-aec9-11e3-adbe-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {5c9cccf9-b67a-11e3-9cda-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {5c9cccfb-b67a-11e3-9cda-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {5c9ccd03-b67a-11e3-9cda-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {5c9ccd07-b67a-11e3-9cda-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {5c9ccd09-b67a-11e3-9cda-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {5c9ccd0d-b67a-11e3-9cda-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {5c9ccd0f-b67a-11e3-9cda-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {627a7a26-a926-11e3-990e-806e6f6e6963} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {64bb57a2-a4c3-11e3-add2-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {64bb57a7-a4c3-11e3-add2-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {684402d8-aec6-11e3-8084-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {684402dd-aec6-11e3-8084-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {6bf2cc7f-85d1-11e3-8e04-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {6c32cd41-1d60-11e4-9896-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {6c32cd57-1d60-11e4-9896-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {6fe376f2-6647-11e3-a2dc-00248cd00264} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {6fe376f6-6647-11e3-a2dc-00248cd00264} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {7ec99124-4ca6-11e3-8cc1-806e6f6e6963} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {7ec99143-4ca6-11e3-8cc1-00158307c667} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {8e5c945d-6838-11e3-a83d-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {9f77dfcd-426c-11e4-989e-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {9f77dfd2-426c-11e4-989e-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {a22ba801-fd39-11e3-8e4e-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {a3b3cddc-429a-11e4-a996-00248cd00264} - E:\Windows/AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {a40f5e3f-e6ad-11e3-b685-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {a40f5e44-e6ad-11e3-b685-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {a6558883-bb83-11e3-8e13-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {a6558893-bb83-11e3-8e13-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {aca10495-4c7c-11e3-9f28-00158307c667} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {aca10499-4c7c-11e3-9f28-00158307c667} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {b404fdbd-41c8-11e4-b6b3-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {b404fdcb-41c8-11e4-b6b3-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {bd96ee5a-219e-11e4-992a-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {beef1c1b-6967-11e3-a4bb-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {beefb902-696d-11e3-947c-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {c0c16841-4b97-11e3-ba2f-00158307c667} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {c4246656-219c-11e4-9d3c-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {c462d889-6434-11e3-a823-00158307c667} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {c462d892-6434-11e3-a823-00158307c667} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {c462d896-6434-11e3-a823-00158307c667} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {c8445320-ccc4-11e3-ade1-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {c8445327-ccc4-11e3-ade1-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {cfd73058-c19c-11e3-9c94-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {cfd7305e-c19c-11e3-9c94-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {d36cbdc3-ec07-11e3-bc24-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {d36cbdc8-ec07-11e3-bc24-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {d3969f2e-64d8-11e3-92f5-00158307c667} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {d3969f32-64d8-11e3-92f5-00158307c667} - F:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {d41b56aa-215a-11e4-bca8-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {d41b56ae-215a-11e4-bca8-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {d41b56b0-215a-11e4-bca8-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {d41b56b3-215a-11e4-bca8-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {d4e098dd-3437-11e4-9a51-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {d7b51dac-3063-11e4-aa66-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {d7b51db1-3063-11e4-aa66-00158307c667} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {e22c68a0-ccb9-11e3-aa2e-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {e22c68a6-ccb9-11e3-aa2e-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {e395ff1c-696e-11e3-af29-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {f8af15e2-e6af-11e3-851a-00248cd00264} - E:\AutoRun.exe HKU\S-1-5-21-1793361252-1642306814-3946400002-1000\...\MountPoints2: {f8af15f3-e6af-11e3-851a-00248cd00264} - E:\AutoRun.exe Startup: C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk [2013-12-27] ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-02] (Google Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-02] (Google Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-02] (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-02] (Google Inc.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Tcpip\..\Interfaces\{29A9EFF4-50E9-457C-BB2A-FD98BD5ACFD4}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{9409F66E-80AD-4114-A5D6-6D0E60E50B28}: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\lxqp4ukn.default FF Homepage: www.netvibes.com/ivansc FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll [2015-07-08] () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-08] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll [2013-06-26] (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-05] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-05] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1793361252-1642306814-3946400002-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ivan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-24] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml [2014-07-22] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml [2014-07-22] FF Extension: Avira Browser Safety - C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\lxqp4ukn.default\Extensions\abs@avira.com [2015-07-02] FF Extension: Print pages to PDF - C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\lxqp4ukn.default\Extensions\printPages2Pdf@reinhold.ripper [2015-05-29] FF Extension: web2pdf - C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\lxqp4ukn.default\Extensions\jid1-Y5yNCPQbxaTICw@jetpack.xpi [2014-07-28] FF Extension: printpdf - C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\lxqp4ukn.default\Extensions\printpdf@pavlov.net.xpi [2014-07-28] FF Extension: LeechBlock - C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\lxqp4ukn.default\Extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}.xpi [2014-02-10] FF Extension: Video DownloadHelper - C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\lxqp4ukn.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-16] FF Extension: Adblock Plus - C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\lxqp4ukn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-10] FF Extension: Web2PDF converter - C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\lxqp4ukn.default\Extensions\{e8f509f0-b677-11de-8a39-0800200c9a66}.xpi [2014-07-28] Chrome: ======= CHR Profile: C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Dr.Web Anti-Virus Link Checker) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aleggpabliehgbeagmfhnodcijcmbonb [2014-10-04] CHR Extension: (Google Docs) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-20] CHR Extension: (Lucidchart Diagrams - Online) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apboafhkiegglekeafbckfjldecefkhn [2014-04-25] CHR Extension: (Google Drive) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-20] CHR Extension: (YouTube) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-20] CHR Extension: (McAfee Security Scan+) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-04-25] CHR Extension: (Adblock Plus) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-25] CHR Extension: (Wireframe.cc) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ckdndemedapacbnpapaickknpmojjpmn [2014-04-29] CHR Extension: (Block Story) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cmeafgdapgpfjaboggonddfadfkkabaa [2014-10-17] CHR Extension: (Google Search) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-20] CHR Extension: (ToolUx) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cpbdjakihiefljkahjcmegbekgipagbn [2014-04-25] CHR Extension: (Chromebleed) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eeoekjnjgppnaegdjbcafdggilajhpic [2014-04-25] CHR Extension: (Avira Browser Safety) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-20] CHR Extension: (Bookmark Manager) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-22] CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hokdglbhghcebcopdbanieangmcamaak [2014-04-25] CHR Extension: (Battlestar Galactica Online) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihbmdfdhanakpfoiaomnelodiejioflb [2014-10-17] CHR Extension: (PIX Image Viewer) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jhiefdhfagmopanfdhcboijgjacllafi [2014-08-12] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-19] CHR Extension: (Google Wallet) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-25] CHR Extension: (Gmail) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-20] CHR Profile: C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 2 CHR Extension: (Google Slides) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-02] CHR Extension: (Dr.Web Anti-Virus Link Checker) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aleggpabliehgbeagmfhnodcijcmbonb [2015-05-04] CHR Extension: (Google Docs) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-02] CHR Extension: (Lucidchart Diagrams - Online) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apboafhkiegglekeafbckfjldecefkhn [2015-05-04] CHR Extension: (Google Drive) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-02] CHR Extension: (YouTube) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-02] CHR Extension: (Adblock Plus) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-02] CHR Extension: (Wireframe.cc) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ckdndemedapacbnpapaickknpmojjpmn [2015-05-04] CHR Extension: (Google Search) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-02] CHR Extension: (ToolUx) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cpbdjakihiefljkahjcmegbekgipagbn [2015-05-04] CHR Extension: (Chromebleed) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eeoekjnjgppnaegdjbcafdggilajhpic [2015-05-04] CHR Extension: (Google Sheets) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-02] CHR Extension: (Avira Browser Safety) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-05-02] CHR Extension: (Bookmark Manager) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-02] CHR Extension: (Battlestar Galactica Online) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ihbmdfdhanakpfoiaomnelodiejioflb [2015-05-04] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-02] CHR Extension: (Google Wallet) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-02] CHR Extension: (Gmail) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-02] CHR Profile: C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 3 CHR Extension: (Google Slides) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-07] CHR Extension: (Google Docs) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-07] CHR Extension: (Google Drive) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-07] CHR Extension: (YouTube) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-07] CHR Extension: (Adblock Plus) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-08] CHR Extension: (Google Search) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-07] CHR Extension: (Google Sheets) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-07] CHR Extension: (Avira Browser Safety) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-05-07] CHR Extension: (Bookmark Manager) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-08] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-07] CHR Extension: (Google Wallet) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-07] CHR Extension: (Gmail) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-07] CHR Profile: C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 4 CHR Extension: (Adblock Plus) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-11] CHR Extension: (Avira Browser Safety) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-05-10] CHR Extension: (Bookmark Manager) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-10] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-10] CHR Extension: (Google Wallet) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-10] CHR Profile: C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 6 CHR Extension: (Dr.Web Anti-Virus Link Checker) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aleggpabliehgbeagmfhnodcijcmbonb [2015-05-13] CHR Extension: (Google Docs) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-12] CHR Extension: (Lucidchart Diagrams - Online) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apboafhkiegglekeafbckfjldecefkhn [2015-05-13] CHR Extension: (Adblock Plus) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-13] CHR Extension: (Wireframe.cc) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ckdndemedapacbnpapaickknpmojjpmn [2015-05-13] CHR Extension: (ToolUx) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\cpbdjakihiefljkahjcmegbekgipagbn [2015-05-13] CHR Extension: (Chromebleed) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\eeoekjnjgppnaegdjbcafdggilajhpic [2015-05-13] CHR Extension: (Avira Browser Safety) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-05-13] CHR Extension: (Battlestar Galactica Online) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ihbmdfdhanakpfoiaomnelodiejioflb [2015-05-13] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-13] CHR Extension: (Google Wallet) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-14] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-18] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [450808 2015-06-18] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-18] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-18] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [217280 2015-06-02] (Avira Operations GmbH & Co. KG) R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2010-09-17] (Firebird Project) [File not signed] R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3735552 2010-09-17] (Firebird Project) [File not signed] S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation) R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-18] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132656 2015-06-18] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-13] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] () R3 smserial; C:\Windows\System32\DRIVERS\SmSerl64.sys [1227776 2009-06-10] (Motorola Inc.) R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [32472 2014-06-12] (VMware, Inc.) R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.) S3 wdf_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [43128 2011-12-05] (MediaTek Inc.) [File not signed] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Three Months Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-13 22:38 - 2015-07-13 22:38 - 00033431 _____ C:\Users\Ivan\Desktop\FRST.txt 2015-07-13 22:38 - 2015-07-13 22:38 - 00000000 ____D C:\FRST 2015-07-13 22:36 - 2015-07-13 22:36 - 02133504 _____ (Farbar) C:\Users\Ivan\Desktop\FRST64.exe 2015-07-11 17:59 - 2015-07-11 17:59 - 00001013 _____ C:\Users\Ivan\Desktop\AdwCleaner[s1] - Atalho.lnk 2015-07-10 21:06 - 2015-07-10 21:07 - 00012010 _____ C:\Users\Ivan\Desktop\ZHPCleaner.txt 2015-07-10 20:57 - 2015-07-10 20:57 - 01845248 _____ C:\Users\Ivan\Desktop\ZHPCleaner.exe 2015-07-10 20:29 - 2015-07-11 17:55 - 00000000 ____D C:\AdwCleaner 2015-07-10 20:26 - 2015-07-10 20:27 - 02248704 _____ C:\Users\Ivan\Desktop\AdwCleaner.exe 2015-07-09 21:27 - 2015-07-09 21:27 - 00001724 _____ C:\Users\Ivan\Desktop\ZHPFixReport.txt 2015-07-09 21:24 - 2015-07-09 21:26 - 00000000 ____D C:\Program Files (x86)\ZHPFix 2015-07-09 21:24 - 2015-07-09 21:24 - 00001853 _____ C:\Users\Public\Desktop\ZHPFix.lnk 2015-07-09 21:24 - 2015-07-09 21:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP 2015-07-09 21:23 - 2015-07-09 21:08 - 03522334 _____ (Nicolas Coolman ) C:\Users\Ivan\Desktop\ZHPFix.exe 2015-07-09 21:07 - 2015-07-09 21:08 - 03522334 _____ (Nicolas Coolman ) C:\Users\Ivan\Downloads\ZHPFix.exe 2015-07-08 00:48 - 2015-07-08 00:48 - 00067891 _____ C:\Users\Ivan\Desktop\ZHPDiag.txt 2015-07-08 00:44 - 2015-07-10 21:07 - 00000000 ____D C:\Users\Ivan\AppData\Roaming\ZHP 2015-07-08 00:43 - 2015-07-08 00:43 - 01836032 _____ C:\Users\Ivan\Downloads\ZHPDiag3.exe 2015-07-08 00:43 - 2015-07-08 00:43 - 01836032 _____ C:\Users\Ivan\Desktop\ZHPDiag3.exe 2015-07-07 19:36 - 2015-07-07 19:36 - 00000000 ____D C:\Users\Todos os Usuários\F-Secure 2015-07-07 19:36 - 2015-07-07 19:36 - 00000000 ____D C:\ProgramData\F-Secure 2015-07-03 17:56 - 2015-07-03 17:56 - 00001120 _____ C:\Users\Public\Desktop\Avira.lnk 2015-07-02 22:45 - 2015-07-04 15:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-06-20 18:58 - 2015-06-20 18:59 - 01125056 _____ (Adobe Systems Incorporated) C:\Users\Ivan\Downloads\flashplayer18au_gd_install.exe 2015-06-16 20:19 - 2015-07-13 21:34 - 00002072 _____ C:\Windows\setupact.log 2015-06-16 20:19 - 2015-07-10 16:24 - 00002382 _____ C:\Windows\PFRO.log 2015-06-16 20:19 - 2015-06-16 20:19 - 00000000 _____ C:\Windows\setuperr.log 2015-06-15 21:36 - 2015-06-15 21:36 - 00009216 ___SH C:\Users\Ivan\Thumbs.db 2015-06-15 16:18 - 2015-06-15 16:18 - 00131404 _____ C:\Users\Ivan\Documents\cc_20150615_161833.reg 2015-06-10 01:42 - 2015-06-01 16:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-06-10 01:42 - 2015-06-01 15:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-06-10 01:42 - 2015-05-27 11:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-06-10 01:42 - 2015-05-27 11:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-06-10 01:42 - 2015-05-23 00:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-06-10 01:42 - 2015-05-23 00:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-06-10 01:42 - 2015-05-23 00:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-06-10 01:42 - 2015-05-23 00:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-06-10 01:42 - 2015-05-23 00:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-06-10 01:42 - 2015-05-23 00:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-06-10 01:42 - 2015-05-23 00:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-06-10 01:42 - 2015-05-23 00:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-06-10 01:42 - 2015-05-23 00:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-06-10 01:42 - 2015-05-23 00:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-06-10 01:42 - 2015-05-23 00:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-06-10 01:42 - 2015-05-23 00:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-06-10 01:42 - 2015-05-23 00:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-06-10 01:42 - 2015-05-22 23:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-06-10 01:42 - 2015-05-22 23:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-06-10 01:42 - 2015-05-22 23:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-06-10 01:42 - 2015-05-22 23:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-06-10 01:42 - 2015-05-22 23:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-06-10 01:42 - 2015-05-22 23:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-06-10 01:42 - 2015-05-22 23:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-06-10 01:42 - 2015-05-22 23:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-06-10 01:42 - 2015-05-22 23:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-06-10 01:42 - 2015-05-22 23:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-06-10 01:42 - 2015-05-22 23:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-06-10 01:42 - 2015-05-22 23:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-06-10 01:42 - 2015-05-22 23:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-06-10 01:42 - 2015-05-22 16:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-06-10 01:42 - 2015-05-22 16:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-06-10 01:42 - 2015-05-22 16:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-06-10 01:42 - 2015-05-22 16:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-06-10 01:42 - 2015-05-22 16:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-06-10 01:42 - 2015-05-22 16:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-06-10 01:42 - 2015-05-22 16:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-06-10 01:42 - 2015-05-22 15:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-06-10 01:42 - 2015-05-22 15:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-06-10 01:42 - 2015-05-22 15:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-06-10 01:42 - 2015-05-22 15:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-06-10 01:42 - 2015-05-22 15:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-06-10 01:42 - 2015-05-22 15:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-06-10 01:42 - 2015-05-22 15:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-06-10 01:42 - 2015-05-22 15:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-06-10 01:42 - 2015-05-22 15:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-06-10 01:42 - 2015-05-22 15:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-06-10 01:42 - 2015-05-22 15:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-06-10 01:42 - 2015-05-22 15:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-06-10 01:42 - 2015-05-22 15:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-06-10 01:42 - 2015-05-22 15:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-06-10 01:42 - 2015-05-22 15:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-06-10 01:42 - 2015-05-22 15:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-06-10 01:42 - 2015-05-22 15:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-06-10 01:42 - 2015-05-22 15:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-06-10 01:42 - 2015-05-22 15:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-06-10 01:42 - 2015-05-22 14:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-06-10 01:42 - 2015-05-22 14:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-06-10 01:42 - 2015-05-22 14:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-06-10 01:42 - 2015-05-22 14:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-06-10 00:42 - 2015-05-22 15:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-06-10 00:42 - 2015-05-22 15:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-06-10 00:42 - 2015-05-22 15:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-06-10 00:42 - 2015-05-22 15:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-06-10 00:42 - 2015-05-22 15:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-06-10 00:42 - 2015-05-22 15:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-06-10 00:42 - 2015-05-22 15:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-06-10 00:42 - 2015-05-21 10:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-06-10 00:42 - 2015-04-29 15:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-06-10 00:42 - 2015-04-29 15:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-06-10 00:42 - 2015-04-29 15:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-06-10 00:42 - 2015-04-29 15:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-06-10 00:42 - 2015-04-29 15:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-06-10 00:42 - 2015-04-29 15:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2015-06-10 00:42 - 2015-04-29 15:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2015-06-10 00:42 - 2015-04-29 15:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2015-06-10 00:42 - 2015-04-29 15:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2015-06-10 00:42 - 2015-04-29 15:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2015-06-10 00:37 - 2015-05-25 15:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-06-10 00:37 - 2015-05-25 15:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-06-10 00:37 - 2015-05-25 15:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-06-10 00:37 - 2015-05-25 15:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-06-10 00:37 - 2015-05-25 15:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-06-10 00:37 - 2015-05-25 15:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2015-06-10 00:37 - 2015-05-25 15:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-06-10 00:37 - 2015-05-25 15:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2015-06-10 00:37 - 2015-05-25 15:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-06-10 00:37 - 2015-05-25 15:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-06-10 00:37 - 2015-05-25 15:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-06-10 00:37 - 2015-05-25 15:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-06-10 00:37 - 2015-05-25 15:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-06-10 00:37 - 2015-05-25 15:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-06-10 00:37 - 2015-05-25 15:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-06-10 00:37 - 2015-05-25 15:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-06-10 00:37 - 2015-05-25 15:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-06-10 00:37 - 2015-05-25 15:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-06-10 00:37 - 2015-05-25 15:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-06-10 00:37 - 2015-05-25 15:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll 2015-06-10 00:37 - 2015-05-25 15:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-06-10 00:37 - 2015-05-25 15:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-06-10 00:37 - 2015-05-25 15:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-06-10 00:37 - 2015-05-25 15:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-06-10 00:37 - 2015-05-25 15:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-06-10 00:37 - 2015-05-25 15:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-06-10 00:37 - 2015-05-25 15:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-06-10 00:37 - 2015-05-25 15:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe 2015-06-10 00:37 - 2015-05-25 15:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-06-10 00:37 - 2015-05-25 15:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-06-10 00:37 - 2015-05-25 15:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-06-10 00:37 - 2015-05-25 15:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe 2015-06-10 00:37 - 2015-05-25 15:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-06-10 00:37 - 2015-05-25 15:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe 2015-06-10 00:37 - 2015-05-25 15:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-06-10 00:37 - 2015-05-25 15:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe 2015-06-10 00:37 - 2015-05-25 15:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-06-10 00:37 - 2015-05-25 15:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-06-10 00:37 - 2015-05-25 15:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe 2015-06-10 00:37 - 2015-05-25 15:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-06-10 00:37 - 2015-05-25 15:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 15:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-06-10 00:37 - 2015-05-25 15:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-06-10 00:37 - 2015-05-25 15:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-06-10 00:37 - 2015-05-25 15:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2015-06-10 00:37 - 2015-05-25 15:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2015-06-10 00:37 - 2015-05-25 15:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-06-10 00:37 - 2015-05-25 15:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-06-10 00:37 - 2015-05-25 15:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-06-10 00:37 - 2015-05-25 15:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-06-10 00:37 - 2015-05-25 15:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-06-10 00:37 - 2015-05-25 15:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll 2015-06-10 00:37 - 2015-05-25 15:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-06-10 00:37 - 2015-05-25 15:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-06-10 00:37 - 2015-05-25 15:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-06-10 00:37 - 2015-05-25 15:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-06-10 00:37 - 2015-05-25 15:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-06-10 00:37 - 2015-05-25 15:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe 2015-06-10 00:37 - 2015-05-25 15:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe 2015-06-10 00:37 - 2015-05-25 15:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-06-10 00:37 - 2015-05-25 15:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe 2015-06-10 00:37 - 2015-05-25 15:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe 2015-06-10 00:37 - 2015-05-25 15:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-06-10 00:37 - 2015-05-25 15:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe 2015-06-10 00:37 - 2015-05-25 14:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-06-10 00:37 - 2015-05-25 14:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-06-10 00:37 - 2015-05-25 14:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-06-10 00:37 - 2015-05-25 14:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-06-10 00:37 - 2015-05-25 14:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-06-10 00:37 - 2015-05-25 14:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-06-10 00:37 - 2015-05-25 14:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-06-10 00:37 - 2015-05-25 14:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-06-10 00:37 - 2015-05-25 14:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 14:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 14:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 14:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 14:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 14:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 14:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 14:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 14:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 14:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 14:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 14:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 14:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 14:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 14:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 14:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 14:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 14:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 14:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 14:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 14:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 14:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 14:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 14:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 14:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2015-06-10 00:37 - 2015-05-25 13:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-06-10 00:37 - 2015-05-25 13:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-06-10 00:37 - 2015-05-25 13:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 13:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 13:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-06-10 00:37 - 2015-05-25 13:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-06-10 00:27 - 2015-04-24 15:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2015-06-10 00:27 - 2015-04-24 14:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2015-06-09 23:29 - 2015-05-25 14:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-06-09 23:19 - 2015-04-11 00:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys 2015-06-05 21:42 - 2015-06-05 21:42 - 00000000 ____D C:\Users\Ivan\AppData\Local\GWX 2015-05-15 23:42 - 2015-05-15 23:43 - 01081072 _____ (Unity Technologies ApS) C:\Users\Ivan\Downloads\UnityWebPlayer (2).exe 2015-05-12 23:50 - 2015-05-01 10:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-05-12 23:50 - 2015-05-01 10:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-05-12 21:20 - 2015-04-18 00:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-05-12 21:20 - 2015-04-17 23:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2015-05-12 21:15 - 2015-04-13 00:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2015-05-12 21:14 - 2015-04-20 00:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-05-12 21:14 - 2015-04-20 00:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-05-12 21:14 - 2015-04-19 23:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-05-12 21:14 - 2015-04-08 00:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2015-05-12 21:14 - 2015-04-08 00:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2015-05-12 21:14 - 2015-04-08 00:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2015-05-12 21:00 - 2015-01-29 00:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll 2015-05-12 21:00 - 2015-01-29 00:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll 2015-05-12 20:45 - 2015-02-18 04:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2015-05-12 20:45 - 2015-02-18 04:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2015-05-12 20:30 - 2015-03-04 01:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll 2015-05-12 20:30 - 2015-03-04 01:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll 2015-05-12 20:30 - 2015-03-04 01:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe 2015-05-12 20:30 - 2015-03-04 01:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll 2015-05-12 20:30 - 2015-03-04 01:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll 2015-05-12 20:30 - 2015-03-04 01:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll 2015-05-12 20:30 - 2015-03-04 01:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe 2015-05-11 22:19 - 2015-05-11 22:19 - 00304541 _____ C:\Users\Ivan\Downloads\NPF102-4.xls 2015-05-11 16:52 - 2015-05-11 16:52 - 00000000 ____D C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger 2015-05-05 23:41 - 2015-05-05 23:41 - 00561248 _____ (Oracle Corporation) C:\Users\Ivan\Downloads\jxpiinstall(2).exe 2015-05-05 23:40 - 2015-05-05 23:40 - 00561248 _____ (Oracle Corporation) C:\Users\Ivan\Downloads\jxpiinstall.exe 2015-05-05 23:40 - 2015-05-05 23:40 - 00561248 _____ (Oracle Corporation) C:\Users\Ivan\Downloads\jxpiinstall(1).exe 2015-05-04 17:37 - 2015-05-04 17:47 - 60939952 _____ (Microsoft Corporation) C:\Users\Ivan\Downloads\VSCodeSetup.exe 2015-05-01 02:19 - 2015-06-16 20:19 - 00289792 ___SH C:\Users\Ivan\Desktop\Thumbs.db 2015-04-17 16:54 - 2015-04-17 16:54 - 00000000 ____D C:\Users\Ivan\Downloads\certificado 2015-04-15 02:01 - 2015-03-25 00:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-04-15 02:01 - 2015-03-25 00:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-04-15 02:01 - 2015-03-25 00:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-04-15 02:01 - 2015-03-25 00:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-04-15 02:01 - 2015-03-25 00:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-04-15 02:01 - 2015-03-25 00:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-04-15 02:01 - 2015-03-25 00:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-04-15 02:01 - 2015-03-25 00:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-04-15 02:01 - 2015-03-25 00:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-04-15 02:01 - 2015-03-25 00:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-04-15 02:01 - 2015-03-25 00:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-04-15 02:01 - 2015-03-25 00:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-04-15 02:01 - 2015-03-25 00:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-04-15 02:01 - 2015-03-25 00:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-04-15 02:01 - 2015-03-25 00:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-04-15 02:01 - 2015-03-25 00:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-04-15 01:58 - 2015-03-05 02:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-04-15 01:58 - 2015-03-05 01:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-04-15 01:53 - 2015-03-10 00:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-04-15 01:53 - 2015-03-10 00:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2015-04-15 01:53 - 2015-03-10 00:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-04-15 01:53 - 2015-03-10 00:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2015-04-15 01:32 - 2015-02-25 00:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2015-04-15 01:25 - 2015-03-04 01:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2015-04-15 01:25 - 2015-03-04 01:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll 2015-04-15 01:25 - 2015-03-04 01:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll 2015-04-14 22:09 - 2015-04-14 22:09 - 00003180 _____ C:\Windows\System32\Tasks\{A89F789C-846C-41F6-944A-800668A6424C} 2015-04-14 21:50 - 2015-04-14 22:09 - 00000000 ____D C:\Users\Ivan\.receitanet 2015-04-14 21:26 - 2015-04-14 21:26 - 00000176 _____ C:\Windows\REC-NET.INI 2015-04-14 21:26 - 2015-04-14 21:26 - 00000000 ____D C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015 2015-04-14 21:26 - 2015-04-14 21:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB 2015-04-14 21:26 - 2015-04-14 21:26 - 00000000 ____D C:\Program Files (x86)\Programas RFB 2015-04-14 21:25 - 2015-04-14 21:26 - 00000000 ___HD C:\Program Files (x86)\InstallJammer Registry 2015-04-14 21:25 - 2015-04-14 21:26 - 00000000 ____D C:\Arquivos de Programas RFB 2015-04-14 21:25 - 2015-04-14 21:25 - 00000000 ____D C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014 2015-04-14 21:14 - 2015-07-02 18:55 - 00005004 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Ivan-PC-Ivan Ivan-PC ==================== Three Months Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-13 21:50 - 2009-07-14 01:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-07-13 21:50 - 2009-07-14 01:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-07-13 21:46 - 2014-02-12 18:54 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-07-13 21:45 - 2013-11-12 09:03 - 01310452 _____ C:\Windows\WindowsUpdate.log 2015-07-13 21:42 - 2013-11-12 09:17 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-07-13 21:35 - 2014-12-18 15:07 - 00000000 ____D C:\Users\Todos os Usuários\VMware 2015-07-13 21:35 - 2014-12-18 15:07 - 00000000 ____D C:\ProgramData\VMware 2015-07-13 21:35 - 2014-03-11 21:35 - 00065536 _____ C:\Windows\system32\Ikeext.etl 2015-07-13 21:35 - 2013-11-12 09:17 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-07-13 21:34 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-07-13 11:03 - 2009-07-14 14:55 - 00771824 _____ C:\Windows\system32\prfh0416.dat 2015-07-13 11:03 - 2009-07-14 14:55 - 00170442 _____ C:\Windows\system32\prfc0416.dat 2015-07-13 11:03 - 2009-07-14 02:13 - 01810598 _____ C:\Windows\system32\PerfStringBackup.INI 2015-07-12 23:49 - 2015-04-05 02:47 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-07-12 23:49 - 2015-04-05 02:47 - 00000000 ___SD C:\Windows\system32\GWX 2015-07-11 23:06 - 2013-12-20 19:35 - 00000000 ____D C:\Users\Ivan\AppData\Roaming\TS3Client 2015-07-11 17:43 - 2013-12-14 18:16 - 00154112 _____ C:\Users\Ivan\Desktop\Despesas 2013-2014-2015.xls 2015-07-10 21:50 - 2013-12-26 22:34 - 00000000 ____D C:\Users\Ivan\dwhelper 2015-07-09 17:24 - 2014-06-10 20:24 - 00000000 ____D C:\Program Files\McAfee Security Scan 2015-07-08 22:55 - 2014-02-12 18:54 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-07-08 22:55 - 2014-02-12 18:54 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-07-08 22:55 - 2014-02-12 18:54 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-07-08 13:39 - 2014-09-22 18:02 - 00000000 ____D C:\Program Files (x86)\Claro 3G 2015-07-07 20:01 - 2013-11-12 09:06 - 00000000 ____D C:\Users\Ivan\AppData\Local\VirtualStore 2015-07-04 15:44 - 2013-12-26 10:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-07-03 17:56 - 2014-02-06 13:45 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache 2015-07-03 17:56 - 2014-02-06 13:45 - 00000000 ____D C:\ProgramData\Package Cache 2015-07-03 17:56 - 2013-12-20 17:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-07-03 17:56 - 2013-12-20 17:17 - 00000000 ____D C:\Program Files (x86)\Avira 2015-06-23 13:30 - 2013-11-12 09:25 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-06-20 19:00 - 2014-06-28 11:11 - 00000000 ____D C:\Users\Ivan\AppData\Local\Adobe 2015-06-18 21:41 - 2013-12-20 17:17 - 00153256 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-06-18 21:41 - 2013-12-20 17:17 - 00132656 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-06-18 14:32 - 2013-12-16 23:43 - 00000000 ____D C:\Users\Ivan\AppData\Roaming\Media Player Classic 2015-06-16 20:19 - 2013-12-20 17:17 - 00000000 ____D C:\Users\Todos os Usuários\Avira 2015-06-16 20:19 - 2013-12-20 17:17 - 00000000 ____D C:\ProgramData\Avira 2015-06-15 21:53 - 2013-11-12 10:32 - 00000000 ____D C:\Users\Ivan\AppData\Local\Microsoft Help 2015-06-15 21:36 - 2013-11-12 09:06 - 00000000 ____D C:\Users\Ivan 2015-06-15 11:34 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\tracing ==================== Files in the root of some directories ======= 2014-08-18 17:19 - 2014-08-18 17:30 - 0000386 _____ () C:\Users\Ivan\AppData\Roaming\burnaware.ini 2014-10-29 19:19 - 2015-03-30 13:35 - 0000600 _____ () C:\Users\Ivan\AppData\Local\PUTTY.RND 2014-12-23 20:53 - 2014-12-23 20:53 - 0003487 _____ () C:\Users\Ivan\AppData\Local\recently-used.xbel 2013-12-16 10:16 - 2014-12-01 16:25 - 0007602 _____ () C:\Users\Ivan\AppData\Local\resmon.resmoncfg Some files in TEMP: ==================== C:\Users\Ivan\AppData\Local\Temp\avgnt.exe C:\Users\Ivan\AppData\Local\Temp\Quarantine.exe C:\Users\Ivan\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-16 11:32 ================================================
  6. # AdwCleaner v4.208 - Relatório criado 10/07/2015 às 20:50:18 # Atualizado 09/07/2015 por Xplode # Base de dados : 2015-07-10.1 [servidor] # Sistema operacional : Windows 7 Home Premium Service Pack 1 (x64) # Usuário : Ivan - IVAN-PC # Executando de : C:\Users\Ivan\Desktop\AdwCleaner.exe # Opção : Limpar ***** [ Serviços ] ***** ***** [ Arquivos / Pastas ] ***** Pasta Excluído : C:\Users\Ivan\Documents\radio ***** [ Tarefas agendadas ] ***** ***** [ Atalhos ] ***** Atalho Desinfectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\ivansc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk Atalho Desinfectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\ivansc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk Atalho Desinfectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\ivansc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk Atalho Desinfectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk Atalho Desinfectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk Atalho Desinfectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk Atalho Desinfectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\Administrador\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk Atalho Desinfectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\Administrador\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk Atalho Desinfectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\Administrador\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk ***** [ Registro ] ***** ***** [ Navegadores ] ***** -\\ Internet Explorer v11.0.9600.17840 -\\ Mozilla Firefox v39.0 (x86 pt-BR) -\\ Google Chrome v43.0.2357.132 ************************* AdwCleaner[R0].txt - [2472 bytes] - [10/07/2015 20:32:34] AdwCleaner[R1].txt - [2531 bytes] - [10/07/2015 20:46:33] AdwCleaner[s0].txt - [2474 bytes] - [10/07/2015 20:50:18] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2533 bytes] ##########
  7. Relatório correto # AdwCleaner v4.208 - Relatório criado 10/07/2015 às 20:50:18 # Atualizado 09/07/2015 por Xplode # Base de dados : 2015-07-10.1 [servidor] # Sistema operacional : Windows 7 Home Premium Service Pack 1 (x64) # Usuário : Ivan - IVAN-PC # Executando de : C:\Users\Ivan\Desktop\AdwCleaner.exe # Opção : Limpar ***** [ Serviços ] ***** ***** [ Arquivos / Pastas ] ***** Pasta Excluído : C:\Users\Ivan\Documents\radio ***** [ Tarefas agendadas ] ***** ***** [ Atalhos ] ***** Atalho Desinfectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\ivansc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk Atalho Desinfectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\ivansc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk Atalho Desinfectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\ivansc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk Atalho Desinfectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk Atalho Desinfectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk Atalho Desinfectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk Atalho Desinfectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\Administrador\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk Atalho Desinfectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\Administrador\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk Atalho Desinfectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\Administrador\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk ***** [ Registro ] ***** ***** [ Navegadores ] ***** -\\ Internet Explorer v11.0.9600.17840 -\\ Mozilla Firefox v39.0 (x86 pt-BR) -\\ Google Chrome v43.0.2357.132 ************************* AdwCleaner[R0].txt - [2472 bytes] - [10/07/2015 20:32:34] AdwCleaner[R1].txt - [2531 bytes] - [10/07/2015 20:46:33] AdwCleaner[s0].txt - [2474 bytes] - [10/07/2015 20:50:18] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2533 bytes] ##########
  8. Log AdwCleaner # AdwCleaner v4.208 - Relatório criado 10/07/2015 às 20:32:34 # Atualizado 09/07/2015 por Xplode # Base de dados : 2015-07-09.2 [servidor] # Sistema operacional : Windows 7 Home Premium Service Pack 1 (x64) # Usuário : Ivan - Ivan-PC # Executando de : C:\Users\ivan\Desktop\AdwCleaner.exe # Opção : Verificar ***** [ Serviços ] ***** ***** [ Arquivos / Pastas ] ***** Pasta Encontrado : C:\Users\Ivan\Documents\radio ***** [ Tarefas agendadas ] ***** ***** [ Atalhos ] ***** Atalho Infectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\ivansc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk Atalho Infectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\ivansc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk Atalho Infectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\ivansc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk Atalho Infectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk Atalho Infectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk Atalho Infectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk Atalho Infectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\Administrador\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk Atalho Infectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\Administrador\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk Atalho Infectado : C:\Users\Ivan\Desktop\Backup ivan\CASA\Desktop\backup\Users\Administrador\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk ***** [ Registro ] ***** ***** [ Navegadores ] ***** -\\ Internet Explorer v11.0.9600.17840 -\\ Mozilla Firefox v39.0 (x86 pt-BR) -\\ Google Chrome v43.0.2357.132 ************************* AdwCleaner[R0].txt - [2334 bytes] - [10/07/2015 20:32:34] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2393 bytes] ########## Log ZHPCleaner ~ ZHPCleaner v2015.7.10.293 by Nicolas Coolman (2015/07/10) ~ Run by ivan (Administrator) (10/07/2015 21:06:58) ~ Site : http://www.nicolascoolman.fr ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Reparo ~ Report : C:\Users\Ivan\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Ivan\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) ~ Windows 7, 64-bit Service Pack 1 (Build 7601) ---\\ Serviços (0) ~ Nenhum ítem malicioso foi encontrado. ---\\ Navegadores de Internet (0) ~ Nenhum ítem malicioso foi encontrado. ---\\ Arquivo hosts (1) ~ O arquivo hosts é legítimo (21) ---\\ Tarefas automáticas agendadas. (0) ~ Nenhum ítem malicioso foi encontrado. ---\\ Explorer ( Arquivos, Pastas) (179) MOVIDO pasta: C:\Users\Ivan\Downloads\SoftonicDownloader_para_eclipse.exe [softonic - Softonic Downloader] (PUP.Optional.Softonic) MOVIDO pasta: C:\Users\Ivan\Downloads\SoftonicDownloader_para_portabletor.exe [softonic - Softonic Downloader] (PUP.Optional.Softonic) MOVIDO arquivo: C:\Windows\Installer\MSI101C.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI1033.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI10A6.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI10C9.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI10EF.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI1121.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI11EE.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI1202.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI1238.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI1289.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI12F5.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI138E.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI1435.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI148A.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI14D2.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI151.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI1559.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI1769.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI1854.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI18BD.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI19EC.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI1B82.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI1C0C.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI2063.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI22C.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI2332.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI24D8.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI259E.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI25AA.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI2662.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI26C7.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI26DC.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI27B2.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI29F4.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI2ADF.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI2CB.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI2E1.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI31DE.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI347E.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI35F3.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI387C.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI38B2.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI3FB.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI4231.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI4BF3.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI4C3.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI501.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI506.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI515E.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI544E.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI56EB.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI5836.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI590E.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI5B3.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI5B60.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI5BAF.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI5E2E.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI60CE.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI6267.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI63A.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI63E0.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI6651.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI66.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI694F.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI6AA7.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI6AD1.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI6CC6.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI6D2.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI6DB4.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI6F85.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI7286.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI744B.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI7536.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI761B.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI7764.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI77A7.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI78AD.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI79AB.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI7DDC.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI7FD6.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI80DD.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI811C.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI81CB.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI8302.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI831A.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI840C.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI85A3.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI867D.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI867E.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI86D.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI8B7E.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI8D53.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI8E3E.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI8F0A.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI8FE6.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI906B.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI90B9.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI914D.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI91D3.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI9281.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI930E.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI9457.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI9689.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI9717.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI97B4.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI989F.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI993C.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI9A08.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI9B1.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIA1A.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIA3AE.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIA3B9.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIA4E2.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIA60D.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIA782.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIA7C4.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIABA7.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIB164.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIB625.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIBDAA.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIBEAC.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIC0C3.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIC208.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIC41A.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIC58.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIC7D.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSICA60.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSICA83.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSICAFD.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSICC08.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSICCC4.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSICD80.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSICF35.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSICFA3.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSID07E.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSID0CA.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSID13A.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSID215.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSID33F.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSID449.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSID534.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSID72.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIDA6.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIDC5.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIDDDD.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIDEB9.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIE094.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIE262.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIE39B.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIE762.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIE7C.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIE81E.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIE82.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIE976.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIEA32.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIEAAF.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIED3F.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIEDB3.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIEE1B.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIF38.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIF3D.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIF51.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIF526.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIF65F.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIF697.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIF77A.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIF817.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIFA88.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIFADD.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIFB63.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIFB93.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIFCCB.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIFD0D.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIFD28.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIFE13.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIFE71.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIFF3C.tmp- (Empty) ---\\ Registro ( Chaves, Valores, Dados ) (0) ~ Nenhum ítem malicioso foi encontrado. ---\\ Resultado de reparação Reparação efectuada com sucesso ~ Este navegador está faltando ! (Google Chrome) ~ Este navegador está faltando ! (Opera Software) ---\\ Estatísticas ~ Items scan : 1553 ~ Items encontrado : 0 ~ items cancelados : 0 ~ Items réparo : 179 End of clean at 21:07:25 =================== ZHPCleaner-[R]-10072015-21_07_25.txt ZHPCleaner--10072015-21_06_29.txt
  9. Segue relatório. Obrigado. Rapport de ZHPFix 2015.7.7.6 par Nicolas Coolman, Update du 07/07/2015 Fichier d'export Registre : Run by Ivan at 09/07/2015 21:27:33 High Elevated Privileges : OK Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Reciclagem vazia (00mn 08s) Prefetcher vazio ========== Chaves do Registo ========== ELIMINÉ: CLSID BHO: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} ELIMINÉ: CLSID BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ELIMINÉ: [HKLM\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] ELIMINÉ: CLSID BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} ELIMINÉ: [HKLM\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}] ELIMINÉ: HKCU\SOFTWARE\APN PIP ELIMINÉ: HKCU\SOFTWARE\Softonic ========== Valores do Registo ========== ProxyFix : Configuração proxy removida com sucesso ELIMINÉ ProxyServer Value ELIMINÉ ProxyEnable Value ELIMINÉ EnableHttp1_1 Value ELIMINÉ ProxyHttp1.1 Value ELIMINÉ ProxyOverride Value Ausente Valor Perfil Padrão: FirewallRaz : Ausente Valor Perfil Domínio FirewallRaz : ========== Pastas ========== Nenhuma pasta CLSID local utilizador vazia ELIMINÉ Temporários windows (50) ELIMINÉ Flash Cookies (0) ========== Ficheiros ========== ELIMINÉ Temporários windows (71) (10.841.707 octets) ELIMINÉ Flash Cookies (0) (0 octets) ========== Restauração Sistema ========== Ponto de restauro do sistema criado com sucesso ========== Recapitulativo ========== 7 : Chaves do Registo 8 : Valores do Registo 3 : Pastas 2 : Ficheiros 1 : Restauração Sistema End of clean in 00mn 56s ========== Caminho do ficheiro do relatório ========== C:\Users\Ivan\AppData\Roaming\ZHP\ZHPFix[R1].txt - 09/07/2015 21:27:44 [1645]
  10. ~ ZHPDiag v2015.7.7.85 Por Nicolas Coolman (2015\07\07) ~ iniciado por Ivan (Administrator) (2015/07/08 00:45:01) ~ Site: http://www.nicolascoolman.fr ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ Status da versão: Version OK ~ Modo: Scanner ~ Relatório: C:\Users\Ivan\Desktop\ZHPDiag.txt ~ Relatório: C:\Users\Ivan\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ Inicialização do sistema: Normal (Normal boot) ~ Windows 7, 64-bit Service Pack 1 (Build 7601) ---\\ Navegadores Internet (3) - 0s GCIE: Google Chrome v43.0.2357.132 MFIE: Mozilla v39.0 MSIE: Internet Explorer v11.0.9600.17843 ---\\ Informações sobre os produtos Windows (3) - 7s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Windows Activation Technologies : OK ---\\ Softwares de proteçao do sistema (1) - 1s Avira Antivirus v15.0.11.574 ---\\ Softwares de proteçao do sistema (Supérfluo) (1) - 1s McAfee Security Scan Plus v3.8.150.1 ---\\ Softwares d'optimização do sistema (1) - 1s CCleaner v3.28 ---\\ Monitoramento dos softwares (2) - 1s Adobe Flash Player 18 NPAPI Adobe Reader XI ---\\ Informações sobre o sistema (6) - 0s ~ Operating System: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) ~ Total physical RAM (KB): 4184248 ~ System Restore: Activé (Enable) ~ System drive C: has 351 GB free of 476 GB ---\\ Modo de conexão ao sistema (3) - 0s ~ Computer Name: IVAN-PC ~ User Name: Ivan ~ Logged in as Administrator ---\\ Enumeração das unidades dos discos (2) - 6s ~ Drive C: has 351 GB free of 476 GB (System) ~ Drive E: has GB free of 0 GB ---\\ Pesquisa particular de ficheiros genéricos (22) - 1s [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) () -- C:\Windows\Explorer.exe [2871808] [MD5.DD81D91FF3B0763C392422865C9AC12E] - (.Microsoft Corporation - Processo de host do Windows (Rundll32).) () -- C:\Windows\System32\rundll32.exe [45568] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) () -- C:\Windows\System32\Wininit.exe [129024] [MD5.417F80E4AFBA1AA9EBBD618F1C6D9165] - (.Microsoft Corporation - Internet Extensions para Win32.) () -- C:\Windows\System32\wininet.dll [2426880] [MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) () -- C:\Windows\System32\Winlogon.exe [455168] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) () -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [497152] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) () -- C:\Windows\System32\drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [261632] [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) () -- C:\Windows\System32\drivers\ntfs.sys [1684928] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) () -- C:\Windows\System32\drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [93184] [MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) () -- C:\Windows\System32\drivers\volsnap.sys [295808] ---\\ Processos lançados (9) - 1s [MD5.1A18EBD87AA9FBF6EFE8CFADA08D0275] - (.Firebird Project - Firebird SQL Server.) -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304] [PID.1756] [MD5.F13B73E932CACDDE5ED825BDF7AA9637] - (.VMware, Inc. - VMware NAT Service.) -- C:\Windows\SysWOW64\vmnat.exe [437976] [PID.1992] [MD5.05A869D1B12B08B5601487CA534B5021] - (.VMware, Inc. - VMware VMnet DHCP service.) -- C:\Windows\SysWOW64\vmnetdhcp.exe [359128] [PID.2116] [MD5.41FAE6618768DC93D98DDAF3F8282D3E] - (.VMware, Inc. - VMware USB Arbitration Service.) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [906432] [PID.2136] [MD5.34084D25BE6F48D072AA54DE630438FD] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896] [PID.2704] [MD5.05F32020F1687A074E53EA707A585762] - (.AVM Software Inc. - Paltalk Messenger.) -- C:\Program Files (x86)\Paltalk Messenger\paltalk.exe [8344144] [PID.2740] [MD5.53C740150C082AAF3C7D21C1D6A9FF98] - (.Firebird Project - Firebird SQL Server.) -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3735552] [PID.3636] [MD5.7588FCA776183DDDEBFB70BCAE95C85C] - (.ZTE - .) -- C:\Program Files (x86)\Claro 3G\UIMain.exe [10870528] [PID.3284] [MD5.4BC380F3A7DA81BEE0F954FC9DCE0377] - (...) -- C:\Program Files (x86)\Claro 3G\CMUpdater.exe [680192] [PID.5240] ---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3) (13) - 2s P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\buscape.xml P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\mercadolivre.xml P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\twitter.xml P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia-br.xml P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo-br.xml P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS.) -- C:\Users\Ivan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll P2 - FPN: [HKLM] [@java.com/DTPlugin,version=11.45.2] - (.Oracle Corporation.) -- C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=11.45.2] - (.Oracle Corporation.) -- C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll ---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4) (15) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer ---\\ Internet Explorer, Gestão do Proxy (R5) (3) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas (3) - 0s F2 - REG:system.ini: UserInit=C:\Windows\System32\Userinit.exe (.Microsoft Corporation.) F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) ---\\ Redireção do ficheiro Hosts (O1) (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (21) ---\\ Browser Helper Objects do navegador (O2) (3) - 0s O2 - BHO: Skype for Business Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} (Orphean) O2 - BHO: Java Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (Orphean) O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} (Orphean) ---\\ Aplicações iniciadas por registo & pastas (O4) (13) - 0s O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe O4 - HKCU\..\Run: [Adobe Reader Synchronizer] . (.Adobe Systems Incorporated - Adobe Collaboration Synchronizer 11.0.) -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe O4 - HKLM\..\Wow6432Node\Run: [Avira Systray] . (.Avira Operations GmbH & Co. KG - Avira.) -- C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-21-1793361252-1642306814-3946400002-1000\..\Run: [Adobe Reader Synchronizer] . (.Adobe Systems Incorporated - Adobe Collaboration Synchronizer 11.0.) -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe ---\\ Alteração Dominio/Clientes DNS (017) (8) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 200.169.117.221 200.169.117.222 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 200.169.117.221 200.169.117.222 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 ---\\ Lista dos serviços NT não Microsoft e não desativados (023) (12) - 1s O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Avira Mail Protection (AntiVirMailService) . (.Avira Operations GmbH & Co. KG - Antivirus MailScanner WFP Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe O23 - Service: Avira Agendamento (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira Service Host (Avira.ServiceHost) . (.Avira Operations GmbH & Co. KG - Avira.ServiceHost.) - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) . (.Firebird Project - Firebird SQL Server.) - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: VMware Authorization Service (VMAuthdService) . (.VMware, Inc. - VMware Authorization Service.) - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) . (...) - C:\Windows\System32\vmnetdhcp.exe (.not file.) O23 - Service: VMware USB Arbitration Service (VMUSBArbService) . (.VMware, Inc. - VMware USB Arbitration Service.) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe O23 - Service: VMware NAT Service (VMware NAT Service) . (...) - C:\Windows\System32\vmnat.exe (.not file.) ---\\ Tarefas planificadas automaticamente (039) (12) - 0s O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [902] O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1066] O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1070] O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [3886] O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3840] O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2770] O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3814] O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [4066] O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Ivan-PC-Ivan Ivan-PC [5004] O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{3B20EE6C-E0E6-4A2D-BDDD-183D79447EE2} [3090] O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{A89F789C-846C-41F6-944A-800668A6424C} [3180] O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{DFAF1978-31D7-4441-8CAD-C747513E1BB4} [3160] ---\\ Software instalados (042) (76) - 6s O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner O42 - Logiciel: GIMP 2.8.2 - (.The GIMP Team.) [HKLM][64Bits] -- GIMP-2_is1 O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM][64Bits] -- HDMI O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM][64Bits] -- McAfee Security Scan O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM][64Bits] -- TeamSpeak 3 Client O42 - Logiciel: Build Tools Language Resources - amd64 - (.Microsoft Corporation.) [HKLM][64Bits] -- {05198C22-FFCE-374A-B190-9F18CC99DAEA} O42 - Logiciel: Microsoft Web Platform Installer 4.6 - (.Microsoft Corporation.) [HKLM][64Bits] -- {16C7D2AD-20CA-491E-80BC-8607A9AACED9} O42 - Logiciel: 7-Zip 9.20 (x64 edition) - (.Igor Pavlov.) [HKLM][64Bits] -- {23170F69-40C1-2702-0920-000001000000} O42 - Logiciel: Microsoft Web Deploy 3.5 - (.Microsoft Corporation.) [HKLM][64Bits] -- {3674F088-9B90-473A-AAC3-20A00D8D810C} O42 - Logiciel: Java SE Development Kit 8 Update 11 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {64A3A4F4-B792-11D6-A78A-00B0D0180110} O42 - Logiciel: Microsoft Team Foundation Server 2013 Object Model (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {65C91666-C3E8-3A42-BDA8-87932DD34F89} O42 - Logiciel: IIS 8.0 Express - (.Microsoft Corporation.) [HKLM][64Bits] -- {7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: IIS Express Application Compatibility Database for x64 - (...) [HKLM][64Bits] -- {9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb O42 - Logiciel: Microsoft Team Foundation Server 2013 Object Model Language Pack (x64) - EN - (.Microsoft Corporation.) [HKLM][64Bits] -- {C41498FE-0BF8-3B22-9785-231CE53C728E} O42 - Logiciel: VMware Player - (.VMware, Inc..) [HKLM][64Bits] -- {E452E727-86B8-4233-8CC3-41FD817AFAFF} O42 - Logiciel: PHP Manager 1.2 for IIS 7 - (. .) [HKLM][64Bits] -- {E851486F-1FE2-44F0-85ED-F969088A68EE} O42 - Logiciel: Build Tools - amd64 - (.Microsoft Corporation.) [HKLM][64Bits] -- {F74753A3-C93C-34F5-A199-993CAF602B7D} O42 - Logiciel: IIS Express Application Compatibility Database for x86 - (...) [HKLM][64Bits] -- {fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR O42 - Logiciel: Adobe Flash Player 17 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 18 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI O42 - Logiciel: Adobe Shockwave Player 12.0 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player O42 - Logiciel: Avira Antivirus v15.0.11.574 - (.Avira Operations GmbH & Co. KG.) [HKLM][64Bits] -- Avira Antivirus O42 - Logiciel: BurnAware Free 6.4 - (.Burnaware.) [HKLM][64Bits] -- BurnAware Free_is1 O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM][64Bits] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5 O42 - Logiciel: Firebird 2.5.0.26074 (Win32) - (.Firebird Project.) [HKLM][64Bits] -- FBDBServer_2_5_is1 O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome O42 - Logiciel: IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2014 O42 - Logiciel: IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2015 O42 - Logiciel: K-Lite Codec Pack 10.0.0 Full - (...) [HKLM][64Bits] -- KLiteCodecPack_is1 O42 - Logiciel: Mozilla Firefox 39.0 (x86 pt-BR) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 39.0 (x86 pt-BR) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM][64Bits] -- Notepad++ O42 - Logiciel: Paltalk Messenger 11.6 - (.AVM Software Inc..) [HKLM][64Bits] -- Paltalk Messenger O42 - Logiciel: VMware Player - (.VMware, Inc.) [HKLM][64Bits] -- VMware_Player O42 - Logiciel: wc3270 3.3.9ga12 - (.Paul Mattes.) [HKLM][64Bits] -- wc3270_is1 O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0A5B39D2-7ED6-4779-BCC9-37F381139DB3} O42 - Logiciel: Tools for .Net 3.5 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1690CE56-2231-4E59-9006-A0876D949EA8} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} O42 - Logiciel: Skype™ 7.1 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} O42 - Logiciel: Java 8 Update 45 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218045F0} O42 - Logiciel: ConvertHelper 2.2 - (.DownloadHelper.) [HKLM][64Bits] -- {27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1 O42 - Logiciel: Prerequisites for SSDT - (.Microsoft Corporation.) [HKLM][64Bits] -- {35C1D9D6-87C0-46A3-B1B4-EDBCC063221C} O42 - Logiciel: AzureTools.Notifications.VwdExpress - (.Microsoft Corporation.) [HKLM][64Bits] -- {4C4FEB30-6A9F-402F-8E17-6C4C67AB3498} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} O42 - Logiciel: Microsoft Web Developer Tools 2013 - Visual Studio Express 2013 for Web - (.Microsoft Corporation.) [HKLM][64Bits] -- {71C8577C-B482-46A0-A89A-2527D5968A6C} O42 - Logiciel: Avira v1.1.40.29239 - (.Avira Operations GmbH & Co. KG.) [HKLM][64Bits] -- {8467e01f-0496-42ce-b247-88ef205b4880} O42 - Logiciel: Update for Skype for Business 2015 (KB3054791) 32-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{04ADDEC1-208F-4295-AA61-16789EA56814} O42 - Logiciel: Microsoft Access MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0015-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Excel MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0016-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft PowerPoint MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0018-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Publisher MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0019-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Outlook MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001A-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Word MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001B-0416-0000-0000000FF1CE} O42 - Logiciel: Update for Skype for Business 2015 (KB3054791) 32-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{04ADDEC1-208F-4295-AA61-16789EA56814} O42 - Logiciel: Microsoft InfoPath MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0044-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft DCF MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0090-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft OneNote MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00A1-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Groove MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00BA-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Lync MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-012B-0416-0000-0000000FF1CE} O42 - Logiciel: Update for Skype for Business 2015 (KB3054791) 32-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-0416-0000-0000000FF1CE}_Office15.PROPLUS_{04ADDEC1-208F-4295-AA61-16789EA56814} O42 - Logiciel: Update for Skype for Business 2015 (KB2889853) 32-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-0416-0000-0000000FF1CE}_Office15.PROPLUS_{B36586AD-3256-47B6-8AE7-FA0D8727D7C2} O42 - Logiciel: Build Tools Language Resources - x86 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9347889B-C22A-3905-901F-C05D8F73C929} O42 - Logiciel: Claro 3G - (...) [HKLM][64Bits] -- {93D34EE3-99B3-4DB1-8B0A-0A657466F90D} O42 - Logiciel: Avira v1.1.40.29239 - (.Avira Operations GmbH & Co. KG.) [HKLM][64Bits] -- {A4D3E7B8-410D-443A-B6AB-F32CDD4BD28C} O42 - Logiciel: MSI to redistribute MS VS2005 CRT libraries - (.The Firebird Project.) [HKLM][64Bits] -- {A8D93648-9F7F-407D-915C-62044644C3DA} O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001802114130} O42 - Logiciel: Adobe Reader XI (11.0.11) - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1033-7B44-AB0000000001} O42 - Logiciel: Microsoft NuGet - Visual Studio Express 2013 for Web - (.Microsoft Corporation.) [HKLM][64Bits] -- {C4CBD722-258D-4367-B3D7-9D11FBACB44A} O42 - Logiciel: Update for (KB2504637) - (.Microsoft Corporation.) [HKLM][64Bits] -- {CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637 O42 - Logiciel: Build Tools - x86 - (.Microsoft Corporation.) [HKLM][64Bits] -- {FB3A15FD-FC67-3A2F-892B-6890B0C56EA9} O42 - Logiciel: Gerenciador de Downloads - (.Level Up! Gerenciador.) [HKCU][64Bits] -- a54e16f5d00985b6 O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] -- UnityWebPlayer ---\\ HKCU & HKLM Software Keys (71) - 6s HKLM\SOFTWARE\Wow6432Node\Adobe HKLM\SOFTWARE\Wow6432Node\AppDataLow HKLM\SOFTWARE\Wow6432Node\Avira HKLM\SOFTWARE\Wow6432Node\Claro 3G HKLM\SOFTWARE\Wow6432Node\Data Fellows HKLM\SOFTWARE\Wow6432Node\DCoder HKLM\SOFTWARE\Wow6432Node\DownloadHelper HKLM\SOFTWARE\Wow6432Node\Firebird Project HKLM\SOFTWARE\Wow6432Node\GNU HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\HaaliMkx HKLM\SOFTWARE\Wow6432Node\Huawei technologies HKLM\SOFTWARE\Wow6432Node\IM Providers HKLM\SOFTWARE\Wow6432Node\Intel HKLM\SOFTWARE\Wow6432Node\JavaSoft HKLM\SOFTWARE\Wow6432Node\JreMetrics HKLM\SOFTWARE\Wow6432Node\KLCodecPack HKLM\SOFTWARE\Wow6432Node\LAV HKLM\SOFTWARE\Wow6432Node\Macromedia HKLM\SOFTWARE\Wow6432Node\Mozilla HKLM\SOFTWARE\Wow6432Node\mozilla.org HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\Notepad++ HKLM\SOFTWARE\Wow6432Node\NuGet HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\SAM2 HKLM\SOFTWARE\Wow6432Node\Skype HKLM\SOFTWARE\Wow6432Node\SpacialAudio HKLM\SOFTWARE\Wow6432Node\ThinPrint HKLM\SOFTWARE\Wow6432Node\VMware, Inc. HKLM\SOFTWARE\Wow6432Node\WinRAR HKLM\SOFTWARE\Wow6432Node\X-AVCSD HKLM\SOFTWARE\Wow6432Node\ZTEUSBDriverFlag HKLM\SOFTWARE\Wow6432Node\RegisteredApplications HKCU\SOFTWARE\7-Zip HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\Avira HKCU\SOFTWARE\Gabest HKCU\SOFTWARE\GNU HKCU\SOFTWARE\Google HKCU\SOFTWARE\Haali HKCU\SOFTWARE\Icaros HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\Intel HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\MCAFEE HKCU\SOFTWARE\MediaInfo HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\Overwolf HKCU\SOFTWARE\Paltalk HKCU\SOFTWARE\Piriform HKCU\SOFTWARE\pth264 HKCU\SOFTWARE\QtProject HKCU\SOFTWARE\SimonTatham HKCU\SOFTWARE\Skype HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\Unity HKCU\SOFTWARE\VMware, Inc. HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\Software\JavaSoft HKCU\SOFTWARE\AppDataLow\Software\Unity ---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43) (192) - 8s O43 - CFD: 2013/11/12 09:12:16 - [] D -- C:\Program Files (x86)\Adobe O43 - CFD: 2015/07/03 17:56:11 - [] D -- C:\Program Files (x86)\Avira O43 - CFD: 2013/11/12 09:10:55 - [] D -- C:\Program Files (x86)\BurnAware Free O43 - CFD: 2015/07/07 20:02:51 - [] D -- C:\Program Files (x86)\Claro 3G O43 - CFD: 2015/05/05 23:48:16 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 2014/01/23 15:27:42 - [] D -- C:\Program Files (x86)\ConvertHelper O43 - CFD: 2014/06/27 10:45:56 - [] D -- C:\Program Files (x86)\eclipse-SDK-4-2-1-win32-x86_64 O43 - CFD: 2014/02/22 02:08:05 - [] D -- C:\Program Files (x86)\Firebird O43 - CFD: 2014/06/23 12:43:49 - [] D -- C:\Program Files (x86)\Google O43 - CFD: 2014/02/06 23:45:36 - [] D -- C:\Program Files (x86)\IIS O43 - CFD: 2014/02/07 00:27:03 - [] D -- C:\Program Files (x86)\IIS Express O43 - CFD: 2014/09/22 18:02:48 - [] D -- C:\Program Files (x86)\InstallAffixationInfo O43 - CFD: 2015/04/14 21:26:55 - [] HD -- C:\Program Files (x86)\InstallJammer Registry O43 - CFD: 2014/09/22 18:02:12 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 2015/06/10 12:29:38 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 2015/05/05 23:46:34 - [] D -- C:\Program Files (x86)\Java O43 - CFD: 2013/11/12 09:11:08 - [] D -- C:\Program Files (x86)\K-Lite Codec Pack O43 - CFD: 2013/11/12 10:33:22 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services O43 - CFD: 2014/02/07 10:35:31 - [] D -- C:\Program Files (x86)\Microsoft ASP.NET O43 - CFD: 2014/02/06 22:40:16 - [] D -- C:\Program Files (x86)\Microsoft Help Viewer O43 - CFD: 2013/11/12 10:33:45 - [] D -- C:\Program Files (x86)\Microsoft Office O43 - CFD: 2014/02/07 15:16:54 - [] D -- C:\Program Files (x86)\Microsoft SDKs O43 - CFD: 2015/05/12 23:48:48 - [] D -- C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 2014/02/07 15:06:01 - [] D -- C:\Program Files (x86)\Microsoft SQL Server O43 - CFD: 2014/02/06 16:02:19 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 2014/02/07 15:41:45 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 12.0 O43 - CFD: 2014/02/07 00:19:54 - [] D -- C:\Program Files (x86)\Microsoft Web Tools O43 - CFD: 2014/05/20 16:15:16 - [] D -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 2014/09/22 22:51:05 - [] D -- C:\Program Files (x86)\Mobile Partner O43 - CFD: 2015/07/04 15:44:11 - [] D -- C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 2015/07/04 15:44:11 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service O43 - CFD: 2014/02/06 19:29:23 - [] D -- C:\Program Files (x86)\MSBuild O43 - CFD: 2014/10/16 17:59:25 - [] D -- C:\Program Files (x86)\Notepad++ O43 - CFD: 2014/02/07 00:30:03 - [] D -- C:\Program Files (x86)\NuGet O43 - CFD: 2013/12/14 17:00:22 - [] D -- C:\Program Files (x86)\Oi O43 - CFD: 2014/03/18 14:49:04 - [] D -- C:\Program Files (x86)\Overwolf O43 - CFD: 2015/05/11 16:52:24 - [] D -- C:\Program Files (x86)\Paltalk Messenger O43 - CFD: 2014/02/06 13:40:07 - [] D -- C:\Program Files (x86)\PHP O43 - CFD: 2015/04/14 21:26:45 - [] D -- C:\Program Files (x86)\Programas RFB O43 - CFD: 2009/07/14 02:32:38 - [] D -- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 2015/02/23 21:38:21 - [] RD -- C:\Program Files (x86)\Skype O43 - CFD: 2014/02/22 02:08:51 - [] D -- C:\Program Files (x86)\SpacialAudio O43 - CFD: 2009/07/14 01:57:06 - [0] HD -- C:\Program Files (x86)\Uninstall Information O43 - CFD: 2014/12/18 15:07:32 - [] D -- C:\Program Files (x86)\VMware O43 - CFD: 2015/03/02 09:38:41 - [] D -- C:\Program Files (x86)\wc3270 O43 - CFD: 2013/12/20 15:42:48 - [] D -- C:\Program Files (x86)\Windows Defender O43 - CFD: 2014/02/07 15:31:05 - [] D -- C:\Program Files (x86)\Windows Kits O43 - CFD: 2013/11/12 15:58:53 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 2015/06/10 12:29:56 - [] D -- C:\Program Files (x86)\Windows Media Player O43 - CFD: 2009/07/14 02:32:38 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 2013/11/12 15:58:53 - [] D -- C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 2013/11/12 15:58:53 - [] D -- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 2013/11/12 15:58:53 - [] D -- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 2013/11/12 09:10:03 - [] D -- C:\Program Files (x86)\WinRAR O43 - CFD: 2014/06/26 18:33:14 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip O43 - CFD: 2013/11/12 09:03:36 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 2014/02/05 19:25:52 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 2015/07/03 17:56:14 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira O43 - CFD: 2013/11/12 09:10:55 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free O43 - CFD: 2015/01/23 12:15:56 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner O43 - CFD: 2014/09/22 18:02:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Claro 3G O43 - CFD: 2014/02/22 02:08:07 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firebird 2.5 (Win32) O43 - CFD: 2013/11/12 09:03:34 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 2013/11/12 09:18:56 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 2014/08/05 17:11:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java O43 - CFD: 2014/09/03 19:08:54 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit O43 - CFD: 2013/11/12 09:11:15 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack O43 - CFD: 2009/07/14 01:57:09 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 2014/06/10 20:24:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus O43 - CFD: 2015/06/12 02:46:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 O43 - CFD: 2015/05/12 23:49:40 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 2014/02/12 13:57:41 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ O43 - CFD: 2015/04/14 21:26:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB O43 - CFD: 2014/02/22 02:08:53 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAM Broadcaster O43 - CFD: 2014/10/03 16:44:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 2014/06/10 20:24:40 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 2009/07/14 15:11:46 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 2013/12/20 19:34:30 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client O43 - CFD: 2014/02/06 23:11:31 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013 O43 - CFD: 2015/03/02 09:38:34 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wc3270 O43 - CFD: 2013/11/12 09:10:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 2014/09/06 00:34:13 - [] D -- C:\ProgramData\.mono O43 - CFD: 2013/12/13 18:51:07 - [] D -- C:\ProgramData\Adobe O43 - CFD: 2009/07/14 02:08:56 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 2015/06/16 20:19:12 - [] D -- C:\ProgramData\Avira O43 - CFD: 2013/11/12 09:06:26 - [0] SHD -- C:\ProgramData\Dados de aplicativos O43 - CFD: 2009/07/14 02:08:56 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 2013/11/12 09:06:26 - [0] SHD -- C:\ProgramData\Documentos O43 - CFD: 2009/07/14 02:08:56 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 2015/07/07 19:36:35 - [] D -- C:\ProgramData\F-Secure O43 - CFD: 2009/07/14 02:08:56 - [0] SHD -- C:\ProgramData\Favorites O43 - CFD: 2013/11/12 09:06:26 - [0] SHD -- C:\ProgramData\Favoritos O43 - CFD: 2014/05/25 21:39:02 - [] D -- C:\ProgramData\firebird O43 - CFD: 2014/06/23 12:43:52 - [] D -- C:\ProgramData\Google O43 - CFD: 2014/12/15 09:21:50 - [] D -- C:\ProgramData\levelup downloader O43 - CFD: 2013/12/14 16:56:59 - [] D -- C:\ProgramData\LightComm O43 - CFD: 2014/02/12 18:54:36 - [] D -- C:\ProgramData\McAfee O43 - CFD: 2014/06/10 20:24:40 - [] D -- C:\ProgramData\McAfee Security Scan O43 - CFD: 2013/11/12 09:06:26 - [0] SHD -- C:\ProgramData\Menu Iniciar O43 - CFD: 2015/04/13 17:02:57 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 2015/06/12 02:47:26 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 2013/11/12 09:06:26 - [0] SHD -- C:\ProgramData\Modelos O43 - CFD: 2013/12/26 10:20:55 - [] D -- C:\ProgramData\Mozilla O43 - CFD: 2014/02/07 00:30:03 - [] D -- C:\ProgramData\NuGet O43 - CFD: 2015/05/05 23:53:33 - [] D -- C:\ProgramData\Oracle O43 - CFD: 2014/02/05 12:13:46 - [] D -- C:\ProgramData\Overwolf O43 - CFD: 2015/07/03 17:56:22 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 2014/02/06 13:45:08 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft O43 - CFD: 2015/02/23 21:38:15 - [] D -- C:\ProgramData\Skype O43 - CFD: 2009/07/14 02:08:56 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 2014/02/15 12:32:43 - [] D -- C:\ProgramData\Sun O43 - CFD: 2009/07/14 02:08:56 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 2015/07/07 13:32:32 - [] D -- C:\ProgramData\VMware O43 - CFD: 2014/09/06 22:22:00 - [] D -- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 2013/11/12 09:11:59 - [] D -- C:\Program Files (x86)\Common Files\Adobe AIR O43 - CFD: 2013/11/12 10:34:00 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 2015/05/05 23:48:16 - [] D -- C:\Program Files (x86)\Common Files\Java O43 - CFD: 2014/05/20 16:14:50 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 2014/03/18 14:49:04 - [0] D -- C:\Program Files (x86)\Common Files\Overwolf O43 - CFD: 2009/07/14 00:20:08 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 2014/10/03 16:44:18 - [] D -- C:\Program Files (x86)\Common Files\Skype O43 - CFD: 2009/07/14 00:20:08 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 2013/12/20 15:42:55 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 2014/12/18 15:07:32 - [] D -- C:\Program Files (x86)\Common Files\VMware O43 - CFD: 2014/09/06 00:34:13 - [] D -- C:\Users\Ivan\AppData\Roaming\.mono O43 - CFD: 2014/12/11 13:29:05 - [] D -- C:\Users\Ivan\AppData\Roaming\Adobe O43 - CFD: 2015/04/07 11:27:38 - [] D -- C:\Users\Ivan\AppData\Roaming\Avira O43 - CFD: 2015/04/16 15:22:56 - [] D -- C:\Users\Ivan\AppData\Roaming\gtk-2.0 O43 - CFD: 2013/11/12 09:07:09 - [] D -- C:\Users\Ivan\AppData\Roaming\Identities O43 - CFD: 2014/10/22 13:36:21 - [] D -- C:\Users\Ivan\AppData\Roaming\KompoZer O43 - CFD: 2013/11/12 09:11:51 - [] D -- C:\Users\Ivan\AppData\Roaming\Macromedia O43 - CFD: 2009/07/14 15:11:46 - [0] D -- C:\Users\Ivan\AppData\Roaming\Media Center Programs O43 - CFD: 2015/06/18 14:32:25 - [] D -- C:\Users\Ivan\AppData\Roaming\Media Player Classic O43 - CFD: 2015/06/15 11:52:59 - [] SD -- C:\Users\Ivan\AppData\Roaming\Microsoft O43 - CFD: 2013/12/26 10:21:11 - [] D -- C:\Users\Ivan\AppData\Roaming\Mozilla O43 - CFD: 2014/10/17 15:32:33 - [] D -- C:\Users\Ivan\AppData\Roaming\Notepad++ O43 - CFD: 2014/02/10 11:50:31 - [] D -- C:\Users\Ivan\AppData\Roaming\NuGet O43 - CFD: 2015/05/11 16:58:23 - [] D -- C:\Users\Ivan\AppData\Roaming\Paltalk O43 - CFD: 2014/04/07 19:02:50 - [] D -- C:\Users\Ivan\AppData\Roaming\SecondLife O43 - CFD: 2015/03/09 15:59:12 - [] D -- C:\Users\Ivan\AppData\Roaming\Skype O43 - CFD: 2015/07/04 23:33:55 - [] D -- C:\Users\Ivan\AppData\Roaming\TS3Client O43 - CFD: 2013/12/20 20:31:26 - [] D -- C:\Users\Ivan\AppData\Roaming\Unity O43 - CFD: 2014/12/23 20:06:23 - [0] D -- C:\Users\Ivan\AppData\Roaming\VMware O43 - CFD: 2014/11/03 10:24:43 - [0] D -- C:\Users\Ivan\AppData\Roaming\wc3270 O43 - CFD: 2013/11/12 09:19:25 - [] D -- C:\Users\Ivan\AppData\Roaming\WinRAR O43 - CFD: 2015/07/08 00:45:24 - [] D -- C:\Users\Ivan\AppData\Roaming\ZHP O43 - CFD: 2015/06/20 19:00:11 - [] D -- C:\Users\Ivan\AppData\Local\Adobe O43 - CFD: 2014/08/30 20:23:20 - [] D -- C:\Users\Ivan\AppData\Local\Apps O43 - CFD: 2014/02/12 12:47:52 - [] D -- C:\Users\Ivan\AppData\Local\assembly O43 - CFD: 2014/08/16 16:46:16 - [] D -- C:\Users\Ivan\AppData\Local\Chat Republic Games O43 - CFD: 2013/11/12 09:06:38 - [0] SHD -- C:\Users\Ivan\AppData\Local\Dados de aplicativos O43 - CFD: 2015/03/02 17:07:10 - [0] D -- C:\Users\Ivan\AppData\Local\Deployment O43 - CFD: 2014/09/14 14:24:46 - [0] D -- C:\Users\Ivan\AppData\Local\Diagnostics O43 - CFD: 2014/01/15 13:23:08 - [0] D -- C:\Users\Ivan\AppData\Local\ElevatedDiagnostics O43 - CFD: 2014/11/18 18:00:11 - [] SHD -- C:\Users\Ivan\AppData\Local\EmieBrowserModeList O43 - CFD: 2014/04/22 23:14:37 - [] SHD -- C:\Users\Ivan\AppData\Local\EmieSiteList O43 - CFD: 2014/04/22 23:14:38 - [] SHD -- C:\Users\Ivan\AppData\Local\EmieUserList O43 - CFD: 2014/04/19 19:15:08 - [] D -- C:\Users\Ivan\AppData\Local\fontconfig O43 - CFD: 2014/04/19 19:15:06 - [] D -- C:\Users\Ivan\AppData\Local\gegl-0.2 O43 - CFD: 2013/11/12 09:18:58 - [] D -- C:\Users\Ivan\AppData\Local\Google O43 - CFD: 2015/06/05 21:42:33 - [] D -- C:\Users\Ivan\AppData\Local\GWX O43 - CFD: 2013/11/12 09:06:38 - [0] SHD -- C:\Users\Ivan\AppData\Local\Histórico O43 - CFD: 2014/12/15 09:22:06 - [] D -- C:\Users\Ivan\AppData\Local\IsolatedStorage O43 - CFD: 2014/02/12 21:09:35 - [] D -- C:\Users\Ivan\AppData\Local\Macromedia O43 - CFD: 2015/06/15 11:52:59 - [] D -- C:\Users\Ivan\AppData\Local\Microsoft O43 - CFD: 2014/08/09 22:03:33 - [] D -- C:\Users\Ivan\AppData\Local\Microsoft Games O43 - CFD: 2015/06/15 21:53:14 - [] D -- C:\Users\Ivan\AppData\Local\Microsoft Help O43 - CFD: 2013/12/26 10:21:11 - [] D -- C:\Users\Ivan\AppData\Local\Mozilla O43 - CFD: 2014/03/18 13:10:24 - [] D -- C:\Users\Ivan\AppData\Local\Overwolf O43 - CFD: 2013/11/12 09:10:31 - [] D -- C:\Users\Ivan\AppData\Local\Programs O43 - CFD: 2014/03/18 14:36:05 - [] D -- C:\Users\Ivan\AppData\Local\Purplizer O43 - CFD: 2014/04/07 19:03:55 - [] D -- C:\Users\Ivan\AppData\Local\SingularityViewer64 O43 - CFD: 2014/03/14 19:58:52 - [] D -- C:\Users\Ivan\AppData\Local\Skype O43 - CFD: 2015/07/08 00:44:57 - [] D -- C:\Users\Ivan\AppData\Local\Temp O43 - CFD: 2013/11/12 09:06:38 - [0] SHD -- C:\Users\Ivan\AppData\Local\Temporary Internet Files O43 - CFD: 2014/09/03 20:43:22 - [] D -- C:\Users\Ivan\AppData\Local\Unity O43 - CFD: 2015/07/07 20:01:37 - [] D -- C:\Users\Ivan\AppData\Local\VirtualStore O43 - CFD: 2014/12/23 20:06:31 - [0] D -- C:\Users\Ivan\AppData\Local\VMware O43 - CFD: 2014/04/19 20:40:57 - [] D -- C:\Users\Ivan\AppData\Local\webkit O43 - CFD: 2009/07/14 01:54:32 - [] RD -- C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 2015/03/10 21:37:53 - [] RD -- C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 2014/10/03 17:31:18 - [] D -- C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 2015/02/06 16:37:52 - [] D -- C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level up O43 - CFD: 2014/12/15 09:21:16 - [] D -- C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level Up! Gerenciador O43 - CFD: 2009/07/14 01:49:38 - [] RD -- C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 2014/02/12 13:57:41 - [0] D -- C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ O43 - CFD: 2015/05/11 16:52:27 - [] D -- C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger O43 - CFD: 2015/04/14 21:25:54 - [] D -- C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014 O43 - CFD: 2015/04/14 21:26:14 - [] D -- C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015 O43 - CFD: 2015/05/11 16:52:27 - [] RD -- C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 2014/08/16 16:46:22 - [] D -- C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Superstar Racing O43 - CFD: 2013/11/12 09:10:03 - [] D -- C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ---\\ Lista dos drivers do sistema (SDL) (O58) (64) - 4s O58 - SDL:2009/07/13 22:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] O58 - SDL:2009/07/13 22:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] O58 - SDL:2009/07/13 22:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] O58 - SDL:2009/07/13 22:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] O58 - SDL:2011/03/11 03:41:12 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] O58 - SDL:2009/07/13 22:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] O58 - SDL:2011/03/11 03:41:12 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] O58 - SDL:2009/07/13 22:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] O58 - SDL:2009/07/13 22:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] O58 - SDL:2005/03/29 00:30:38 A . (. - ATK0110 ACPI Utility.) -- C:\Windows\System32\drivers\ASACPI.sys [8192] O58 - SDL:2015/06/18 21:41:33 A . (.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) -- C:\Windows\System32\drivers\avgntflt.sys [153256] O58 - SDL:2015/06/18 21:41:33 A . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) -- C:\Windows\System32\drivers\avipbb.sys [132656] O58 - SDL:2013/12/13 14:11:18 A . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) -- C:\Windows\System32\drivers\avkmgr.sys [28600] O58 - SDL:2015/03/10 09:18:52 A . (.Avira Operations GmbH & Co. KG - Avira WFP Network Driver.) -- C:\Windows\System32\drivers\avnetflt.sys [44088] O58 - SDL:2009/06/10 17:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] O58 - SDL:2009/06/10 17:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] O58 - SDL:2009/06/10 17:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] O58 - SDL:2009/07/13 22:19:07 A . (.Brother Industries Ltd. - Brother Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] O58 - SDL:2009/06/10 17:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] O58 - SDL:2009/06/10 17:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] O58 - SDL:2009/06/10 17:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] O58 - SDL:2009/06/10 17:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] O58 - SDL:2009/07/13 22:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] O58 - SDL:2009/07/13 22:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] O58 - SDL:2009/06/10 17:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] O58 - SDL:2014/02/27 17:40:32 A . (.VMware, Inc. - VMware USB monitor.) -- C:\Windows\System32\drivers\hcmon.sys [54464] O58 - SDL:2009/06/10 17:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232] O58 - SDL:2010/11/20 04:33:36 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] O58 - SDL:2011/03/11 03:41:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] O58 - SDL:2009/09/23 18:23:02 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [6180832] O58 - SDL:2009/07/13 22:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] O58 - SDL:2009/07/13 22:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] O58 - SDL:2009/07/13 22:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] O58 - SDL:2009/07/13 22:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] O58 - SDL:2009/07/13 22:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] O58 - SDL:2011/08/29 11:42:56 A . (.MBB Incorporated - CDROM Filter.) -- C:\Windows\System32\drivers\massfilter.sys [11776] O58 - SDL:2009/07/13 22:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] O58 - SDL:2009/07/13 22:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] O58 - SDL:2009/07/13 22:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] O58 - SDL:2011/03/11 03:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] O58 - SDL:2011/03/11 03:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] O58 - SDL:2009/07/13 22:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] O58 - SDL:2009/07/13 22:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] O58 - SDL:2009/06/10 17:35:42 A . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS 6.20 64-bit Dr.) -- C:\Windows\System32\drivers\Rt64win7.sys [187392] O58 - SDL:2009/06/10 17:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] O58 - SDL:2009/07/13 22:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] O58 - SDL:2009/07/13 22:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] O58 - SDL:2009/06/10 18:01:14 A . (.Motorola Inc. - Motorola SM56 Modem WDM Driver.) -- C:\Windows\System32\drivers\SmSerl64.sys [1227776] O58 - SDL:2009/07/13 22:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] O58 - SDL:2011/12/05 10:39:50 A . (.MediaTek Inc. - MediaTek USB to Com Port Driver.) -- C:\Windows\System32\drivers\usb2ser.sys [43128] O58 - SDL:2009/07/13 22:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] O58 - SDL:2013/10/08 17:21:06 A . (.VMware, Inc. - VMware PCI VMCI Bus Device.) -- C:\Windows\System32\drivers\vmci.sys [85584] O58 - SDL:2014/06/12 17:21:58 A . (.VMware, Inc. - VMware keyboard filter driver (64-bit).) -- C:\Windows\System32\drivers\VMkbd.sys [33496] O58 - SDL:2014/06/12 17:22:02 A . (.VMware, Inc. - VMware virtual network driver (64-bit).) -- C:\Windows\System32\drivers\vmnet.sys [24656] O58 - SDL:2014/06/12 17:22:02 A . (.VMware, Inc. - VMware virtual network adapter driver (64-b.) -- C:\Windows\System32\drivers\vmnetadapter.sys [20560] O58 - SDL:2014/06/12 17:22:02 A . (.VMware, Inc. - VMware bridge driver (64-bit).) -- C:\Windows\System32\drivers\vmnetbridge.sys [46160] O58 - SDL:2014/06/12 17:22:50 A . (.VMware, Inc. - VMware network application interface driver.) -- C:\Windows\System32\drivers\vmnetuserif.sys [31448] O58 - SDL:2014/06/12 17:22:42 A . (.VMware, Inc. - VMware parallel port driver.) -- C:\Windows\System32\drivers\VMparport.sys [32472] O58 - SDL:2014/06/12 17:23:04 A . (.VMware, Inc. - VMware kernel driver.) -- C:\Windows\System32\drivers\vmx86.sys [64728] O58 - SDL:2009/07/13 22:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] O58 - SDL:2013/10/08 17:21:10 A . (.VMware, Inc. - VMware vSockets Service.) -- C:\Windows\System32\drivers\vsock.sys [73296] O58 - SDL:2011/08/29 11:42:56 A . (.ZTE Incorporated - ZTE Incorporated.) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys [123264] O58 - SDL:2011/08/29 11:42:56 A . (.ZTE Incorporated - ZTE Incorporated.) -- C:\Windows\System32\drivers\ZTEusbnmea.sys [123264] O58 - SDL:2011/08/29 11:42:56 A . (.ZTE Incorporated - ZTE Incorporated.) -- C:\Windows\System32\drivers\ZTEusbser6k.sys [123264] ---\\ Últimos ficheiros alterados ou criados (Utilizador) (061) (1) - 148s O61 - LFC: 2015/07/08 00:33:15 A . (..) -- C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849] ---\\ Associações Shell Spawning (O67) (9) - 0s O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S ---\\ Menu de inicialização Internet (068) (12) - 1s O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe ---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069) (1) - 5s O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ ---\\ Listagem dos serviços iniciados pelo Svchost (SSS) (O83) (32) - 2s O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\Windows\System32\aelupsvc.dll [72192] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\Windows\system32\srvsvc.dll [236032] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Diretiva de Grupo.) -- C:\Windows\System32\gpsvc.dll [777728] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\System32\ikeext.dll [859648] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Serviço de Áudio do Windows.) -- C:\Windows\System32\Audiosrv.dll [680960] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acess.) -- C:\Windows\System32\rasauto.dll [99328] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\Windows\System32\rasmans.dll [344064] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll [97792] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistem.) -- C:\Windows\System32\Sens.dll [64512] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\Windows\System32\ipnathlp.dll [359424] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft® Windo.) -- C:\Windows\System32\tapisrv.dll [316928] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gerenciador de Conexões Remotas do Servidor.) -- C:\Windows\System32\termsrv.dll [683520] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [2553856] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de pla.) -- C:\Windows\System32\qmgr.dll [849920] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [370688] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em u.) -- C:\Windows\System32\iphlpsvc.dll [569344] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\Windows\system32\seclogon.dll [30720] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\Windows\System32\appinfo.dll [70144] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\Windows\system32\iscsiexe.dll [156672] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço Agendador de Classes de Multimídia.) -- C:\Windows\system32\mmcss.dll [67584] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho.) -- C:\Windows\System32\SessEnv.dll [121856] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\Windows\System32\browser.dll [136704] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\Windows\System32\eapsvc.dll [111104] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\Windows\system32\schedsvc.dll [1110016] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\Windows\system32\kmsvc.dll [90624] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\Windows\System32\wercplsupport.dll [84480] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [210432] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\Windows\system32\themeservice.dll [44544] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\Windows\System32\bdesvc.dll [100864] ---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados) (17) - 10s SR - Auto [2014/12/19 07:48:18] [ 81088] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SS - Demand [2015/06/23 23:51:48] [ 268976] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SS - Auto [2015/06/18 20:48:55] [ 827184] Avira Mail Protection (AntiVirMailService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe SR - Auto [2015/06/18 21:06:30] [ 450808] Avira Agendamento (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe SR - Auto [2015/06/18 20:47:10] [ 450808] Avira Real-Time Protection (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe SS - Disabled [2015/06/18 20:51:19] [ 1188360] Avira Web Protection (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe SR - Auto [2015/06/02 17:14:58] [ 217280] Avira Service Host (Avira.ServiceHost) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe SR - Auto [2010/09/17 11:14:50] [ 98304] Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) . (.Firebird Project.) - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe SR - Demand [2010/09/17 11:14:42] [ 3735552] Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) . (.Firebird Project.) - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe SS - Auto [2013/11/12 09:17:33] [ 116648] Serviço do Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - Demand [2013/11/12 09:17:33] [ 116648] Serviço do Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - Demand [2014/06/23 12:43:48] [ 194032] Google Software Updater (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe SS - Demand [2014/04/09 10:13:48] [ 289256] McAfee Security Scan Component Host Service (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe SS - Demand [2015/07/02 22:45:24] [ 148136] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SS - Auto [2015/01/02 19:45:12] [ 315488] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe SS - Auto [2014/06/12 16:22:10] [ 86744] VMware Authorization Service (VMAuthdService) . (.VMware, Inc..) - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe SR - Auto [2014/02/27 17:40:46] [ 906432] VMware USB Arbitration Service (VMUSBArbService) . (.VMware, Inc..) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe ---\\ Scâner Aditional (088) (2) - 0s HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic ---\\ Sumário das deteções encontradas na sua estação (2) - 0s http://www.nicolascoolman.fr/toolbar-conduit/ =>PUP.Optional.Conduit http://www.nicolascoolman.fr/blog =>PUP.Optional.Softonic ~ End of the scan, 125005 items in 216 seconds (648)(0)()
  11. Recebi um aviso de possível malware e seguindo as instruções do Facebook, baixei o FSecure e executei. Abaixo segue log do Hijack para confirmar se a máquina ficou limpa. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:01:41, on 07/07/2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17840) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Paltalk Messenger\paltalk.exe C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe C:\ProgramData\Avira\Antivirus\TEMP\SELFUPDATE\updrgui.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Users\Ivan\Desktop\Backup ivan\ivansc\Downloads\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe O4 - HKCU\..\Run: [Adobe Reader Synchronizer] "C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe" O4 - Startup: PalTalk.lnk = C:\Program Files (x86)\Paltalk Messenger\paltalk.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office15\EXCEL.EXE/3000 O9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe O23 - Service: Avira Agendamento (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9761 bytes
  12. JOGO 01: INTERNACIONAL-RS JOGO 02: ATLETICO-PR JOGO 03: CORITIBA-PR JOGO 04: CRUZEIRO-MG JOGO 05: BAHIA-BA JOGO 06: FIGUEIRENSE-SC JOGO 07: FLUMINENSE-RJ JOGO 08: SPORT-PE JOGO 09: ATLETICO-MG JOGO 10: CORINTHIANS-SP x GOIAS-GO
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.