cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-04-2015 01
Ran by user (administrator) on I7 on 20-04-2015 11:27:03
Running from C:\Users\user\Desktop
Loaded Profiles: user (Available profiles: user)
Platform: Windows 8.1 Pro (X64) OS Language: Português (Brasil)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DiscSoftBusService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 276dw MFP\Bin\ScanToPCActivationApp.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 276dw MFP\Bin\HPNetworkCommunicatorCom.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKU\S-1-5-21-1492741941-2502510912-4033395641-1001\...\Run: [GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872 2015-04-13] (Google Inc.)
HKU\S-1-5-21-1492741941-2502510912-4033395641-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3761424 2014-11-10] (Disc Soft Ltd)
HKU\S-1-5-21-1492741941-2502510912-4033395641-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe [689304 2012-09-23] (Adobe Systems Incorporated)
HKU\S-1-5-21-1492741941-2502510912-4033395641-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-1492741941-2502510912-4033395641-1001\...\Run: [HP Officejet Pro 276dw MFP (NET)] => C:\Program Files\HP\HP Officejet Pro 276dw MFP\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett-Packard Co.)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2015-04-03]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1492741941-2502510912-4033395641-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pt-br/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-02] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.42.129

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\dgvckw3g.default
FF Homepage: hxxp://www.google.com//search.php?q=
FF Keyword.URL: hxxp://www.google.com//search.php?q=
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-26] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF user.js: detected! => C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\dgvckw3g.default\user.js [2015-04-18]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml [2015-03-21]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml [2015-03-21]
FF Extension: Segurança do navegador Avira - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\dgvckw3g.default\Extensions\abs@avira.com [2014-12-31]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-03-27]

Chrome:
=======
CHR HomePage: Profile 2 -> hxxp://oem.msn.com/
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-26]
CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-26]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-26]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-26]
CHR Extension: (Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-26]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-03-27]
CHR Extension: (Video Downloader professional) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-03-31]
CHR Extension: (Google Sheets) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-26]
CHR Extension: (Avira Browser Safety) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-26]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-15]
CHR Extension: (Skype Click to Call) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-03-28]
CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-26]
CHR Extension: (Evernote Web Clipper) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2015-04-03]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-26]
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-27]
CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-27]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-27]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-27]
CHR Extension: (Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-27]
CHR Extension: (Google Sheets) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-27]
CHR Extension: (Avira Browser Safety) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-27]
CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-27]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-27]
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-29]
CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-29]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-29]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-29]
CHR Extension: (Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-29]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-03-29]
CHR Extension: (Video Downloader professional) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-03-31]
CHR Extension: (Google Sheets) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-29]
CHR Extension: (Avira Browser Safety) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-29]
CHR Extension: (Bookmark Manager) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-15]
CHR Extension: (Skype Click to Call) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-03-29]
CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-29]
CHR Extension: (Evernote Web Clipper) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2015-04-03]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Google Slides) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-29]
CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-29]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-29]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-29]
CHR Extension: (Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-29]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-03-29]
CHR Extension: (Video Downloader professional) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-03-31]
CHR Extension: (Google Sheets) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-29]
CHR Extension: (Avira Browser Safety) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-29]
CHR Extension: (Bookmark Manager) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-03-30]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-15]
CHR Extension: (Skype Click to Call) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-03-29]
CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-29]
CHR Extension: (Evernote Web Clipper) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2015-04-03]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

Locked "WinDivert1.1" service could not be unlocked. <===== ATTENTION

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-04-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-07] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-04-07] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R3 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Pro\DiscSoftBusService.exe [2216208 2014-11-10] (Disc Soft Ltd)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [X]
S2 RichVideo; "C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-03-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-13] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-26] (Avira Operations GmbH & Co. KG)
R3 dtscsibus; C:\Windows\system32\DRIVERS\dtscsibus.sys [29864 2015-03-26] (Disc Soft Ltd)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1544704 2013-03-12] (Realtek Semiconductor Corporation )
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 RTL8192Ce; \SystemRoot\system32\DRIVERS\rtl8192Ce.sys [X]
S3 tap0901; \SystemRoot\system32\DRIVERS\tap0901.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-20 11:27 - 2015-04-20 11:27 - 00024010 _____ () C:\Users\user\Desktop\FRST.txt
2015-04-20 11:26 - 2015-04-20 11:27 - 00000000 ____D () C:\FRST
2015-04-20 10:44 - 2015-04-20 10:43 - 02098176 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2015-04-20 10:42 - 2015-04-20 10:43 - 02098176 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2015-04-19 23:03 - 2015-04-19 23:03 - 421788119 _____ () C:\Windows\MEMORY.DMP
2015-04-19 23:03 - 2015-04-19 23:03 - 00280856 _____ () C:\Windows\Minidump\041915-14828-01.dmp
2015-04-18 11:17 - 2015-04-18 11:17 - 00005710 _____ () C:\Users\user\Desktop\UsbFix_Report.txt
2015-04-18 11:10 - 2015-04-18 11:19 - 00000000 ____D () C:\UsbFix
2015-04-18 11:10 - 2015-04-18 11:10 - 00001456 _____ () C:\Users\user\Desktop\UsbFix.lnk
2015-04-18 11:10 - 2015-04-18 11:09 - 04307208 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\user\Desktop\UsbFix_7.923.exe
2015-04-18 11:08 - 2015-04-18 11:09 - 04307208 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\user\Downloads\UsbFix_7.923.exe
2015-04-18 11:03 - 2015-04-18 11:03 - 00002876 _____ () C:\Users\user\Desktop\ZHPFixReport.txt
2015-04-18 10:00 - 2015-04-18 10:00 - 00087225 _____ () C:\Users\user\Desktop\ZHPDiag.txt
2015-04-18 10:00 - 2015-04-18 10:00 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2015-04-18 09:58 - 2015-04-18 11:03 - 00000000 ____D () C:\Users\user\AppData\Roaming\ZHP
2015-04-18 09:58 - 2015-04-18 09:58 - 00002007 _____ () C:\Users\user\Desktop\ZHPFix.lnk
2015-04-18 09:58 - 2015-04-18 09:58 - 00001876 _____ () C:\Users\user\Desktop\ZHPDiag.lnk
2015-04-18 09:58 - 2015-04-18 09:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-04-18 09:58 - 2015-04-18 09:58 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2015-04-18 09:54 - 2015-04-18 09:55 - 06881977 _____ (Nicolas Coolman ) C:\Users\user\Downloads\ZHPDiag2.exe
2015-04-18 01:50 - 2015-04-18 09:36 - 00000000 ____D () C:\Users\user\Downloads\AVIINSEC2014
2015-04-18 01:46 - 2015-04-20 10:21 - 00018290 _____ () C:\Windows\WindowsUpdate.log
2015-04-18 00:32 - 2015-04-18 00:43 - 00000000 ____D () C:\AdwCleaner
2015-04-18 00:31 - 2015-04-18 00:31 - 02217984 _____ () C:\Users\user\Downloads\adwcleaner_4.201.exe
2015-04-18 00:12 - 2015-04-18 00:12 - 00000954 _____ () C:\Users\user\Downloads\antivirus.bat
2015-04-17 23:39 - 2015-04-17 23:36 - 00002765 _____ () C:\Users\user\Desktop\Eliminar Virus.rar
2015-04-17 23:39 - 2014-11-12 21:29 - 00013079 _____ () C:\Users\user\Desktop\Eliminar Virus.bat
2015-04-17 23:39 - 2013-11-29 21:10 - 00000000 ____D () C:\Users\user\Desktop\.minecraft
2015-04-17 23:38 - 2015-04-17 23:38 - 00000000 ____D () C:\Users\user\Downloads\Eliminar Virus
2015-04-17 23:36 - 2015-04-17 23:36 - 00002765 _____ () C:\Users\user\Downloads\Eliminar Virus.rar
2015-04-17 22:59 - 2015-04-17 22:59 - 00000000 ____D () C:\Program Files (x86)\avira_internet_security_suite_en
2015-04-17 22:25 - 2015-04-17 22:26 - 05344528 _____ (Piriform Ltd) C:\Users\user\Downloads\ccsetup504.exe
2015-04-17 09:52 - 2015-04-17 09:52 - 00028670 _____ () C:\Users\user\Downloads\Evne Projetos em TI Ltda - Qualificação do LEAD - LED ESTRUTURAS METALICAS.xlsx
2015-04-15 13:42 - 2015-04-15 13:42 - 00028689 _____ () C:\Users\user\Downloads\Evne Projetos em TI Ltda - Qualificação do LEAD - Industria de Moveis imperio.xlsx
2015-04-14 21:22 - 2015-04-16 00:55 - 00002523 _____ () C:\Users\Public\Desktop\Evernote.lnk
2015-04-14 21:22 - 2015-04-16 00:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2015-04-14 16:36 - 2015-04-14 16:36 - 00028589 _____ () C:\Users\user\Downloads\Evne Projetos em TI Ltda - Qualificação do LEAD - LP COUSEN METALURGICA.xlsx
2015-04-14 16:36 - 2015-04-14 16:36 - 00028574 _____ () C:\Users\user\Downloads\Evne Projetos em TI Ltda - Qualificação do LEAD - ENGENOX.xlsx
2015-04-14 10:17 - 2015-04-14 11:29 - 00000000 ____D () C:\Users\user\Desktop\Pré-Moldados
2015-04-10 22:18 - 2015-04-10 22:58 - 00000000 ____D () C:\Users\user\Desktop\TOWIN
2015-04-10 20:31 - 2015-04-10 20:31 - 00000000 ____D () C:\Users\Public\Documents\Hewlett-Packard
2015-04-10 20:22 - 2015-04-17 22:12 - 00000000 ____D () C:\Users\user\AppData\Roaming\HpUpdate
2015-04-10 20:22 - 2015-04-10 20:22 - 00003606 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Officejet Pro 276dw MFP
2015-04-10 20:22 - 2015-04-10 20:22 - 00002280 _____ () C:\Users\Public\Desktop\HP Officejet Pro 276dw MFP.lnk
2015-04-10 20:22 - 2015-04-10 20:22 - 00001207 _____ () C:\Users\Public\Desktop\Comprar suprimentos - HP Officejet Pro 276dw MFP.lnk
2015-04-10 20:22 - 2015-04-10 20:22 - 00000974 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registro OCR I.R.I.S..lnk
2015-04-10 20:22 - 2015-04-10 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-04-10 20:22 - 2015-04-10 20:22 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-04-10 20:22 - 2014-03-06 12:51 - 00763912 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPM6212.dll
2015-04-10 20:21 - 2015-04-10 20:22 - 00000000 ____D () C:\Program Files (x86)\HP
2015-04-10 20:21 - 2015-04-10 20:21 - 00000057 _____ () C:\Users\Todos os Usuários\Ament.ini
2015-04-10 20:21 - 2015-04-10 20:21 - 00000057 _____ () C:\ProgramData\Ament.ini
2015-04-10 20:21 - 2015-04-10 20:21 - 00000000 ____D () C:\Users\Todos os Usuários\HP
2015-04-10 20:21 - 2015-04-10 20:21 - 00000000 ____D () C:\Users\Todos os Usuários\Hewlett-Packard
2015-04-10 20:21 - 2015-04-10 20:21 - 00000000 ____D () C:\ProgramData\HP
2015-04-10 20:21 - 2015-04-10 20:21 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2015-04-10 20:21 - 2015-04-10 20:21 - 00000000 ____D () C:\Program Files\HP
2015-04-10 20:21 - 2013-06-11 10:42 - 00518432 _____ (HP) C:\Windows\SysWOW64\hpcdmc32.DLL
2015-04-10 20:21 - 2013-06-11 10:39 - 00442656 _____ (Hewlett-Packard Corporation) C:\Windows\system32\hpcpn155.dll
2015-04-10 20:21 - 2013-06-11 10:35 - 00440608 _____ () C:\Windows\SysWOW64\hpcc3155.DLL
2015-04-10 19:26 - 2015-04-10 20:22 - 00000000 ____D () C:\Users\user\AppData\Local\HP
2015-04-10 19:10 - 2015-04-10 19:10 - 00000000 ____D () C:\Users\user\Documents\Fax
2015-04-08 23:07 - 2015-04-13 17:14 - 00000000 ____D () C:\Users\user\Desktop\Desafio Oceano Limpo
2015-04-06 14:55 - 2015-04-06 14:56 - 55899576 _____ (Slack Technologies) C:\Users\user\Downloads\Setup.exe
2015-04-05 22:35 - 2015-04-11 12:15 - 00000000 ____D () C:\Users\user\Desktop\Tecnologia e Inovação
2015-04-03 17:56 - 2015-04-03 17:56 - 00000000 ____D () C:\Users\user\AppData\Local\Evernote
2015-04-03 17:55 - 2015-04-03 17:55 - 00000000 ____D () C:\Program Files (x86)\Evernote
2015-04-03 00:03 - 2015-04-03 00:03 - 00000849 _____ () C:\Users\user\Documents\Músicas - Atalho.lnk
2015-04-02 15:53 - 2015-04-11 18:04 - 00000000 ____D () C:\Users\user\Desktop\JULIANO
2015-03-31 12:37 - 2015-03-31 12:37 - 00000000 ____D () C:\Users\user\Documents\Modelos Personalizados do Office
2015-03-29 17:07 - 2015-03-29 17:07 - 00001390 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-03-29 17:07 - 2015-03-29 17:07 - 00001321 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-03-29 17:06 - 2015-03-29 17:06 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2015-03-29 17:06 - 2015-03-29 17:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-03-29 17:05 - 2015-03-29 17:12 - 00000000 ____D () C:\Users\user\AppData\Local\Windows Live
2015-03-29 17:05 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-03-29 17:05 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-03-29 17:05 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-03-29 17:05 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-03-29 17:05 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-03-29 17:05 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-03-29 17:05 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-03-29 17:05 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-03-29 17:05 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-03-29 17:05 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-03-29 17:05 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-03-29 17:05 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-03-29 15:03 - 2015-03-29 15:03 - 00002419 _____ () C:\Users\user\Desktop\TOWIN - Chrome.lnk
2015-03-29 15:03 - 2015-03-29 15:03 - 00002419 _____ () C:\Users\user\Desktop\Juliano Poletto - Chrome.lnk
2015-03-29 11:42 - 2015-03-29 11:42 - 00002375 _____ () C:\Users\user\Desktop\EVNE - Chrome.lnk
2015-03-29 11:10 - 2015-03-29 11:10 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2015-03-29 11:10 - 2015-03-29 11:10 - 00000000 ____D () C:\Program Files\Unlocker
2015-03-28 19:28 - 2015-03-28 19:28 - 00000000 ____D () C:\Users\user\Tracing
2015-03-28 19:26 - 2015-03-28 19:26 - 00002715 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-03-28 19:26 - 2015-03-28 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-03-28 19:01 - 2015-03-28 19:01 - 00003172 _____ () C:\Windows\System32\Tasks\{FC1B8AB1-464A-4F3E-9E5B-A81137CBA2A9}
2015-03-28 18:58 - 2015-03-28 18:58 - 00003172 _____ () C:\Windows\System32\Tasks\{EFC28294-EC32-45CD-9AA4-0D3C6A434F9D}
2015-03-28 18:49 - 2015-04-20 10:19 - 00000000 ___RD () C:\Users\user\SkyDrive
2015-03-28 18:18 - 2015-03-31 09:37 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-03-28 18:18 - 2015-03-28 18:18 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-03-28 17:43 - 2015-03-28 17:43 - 00003172 _____ () C:\Windows\System32\Tasks\{1D1CE419-2738-4F05-937E-D747A62BD596}
2015-03-28 17:42 - 2015-04-13 09:16 - 00000000 ____D () C:\Users\Todos os Usuários\Skype
2015-03-28 17:42 - 2015-04-13 09:16 - 00000000 ____D () C:\ProgramData\Skype
2015-03-28 17:38 - 2015-03-28 17:38 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-28 17:38 - 2015-03-28 17:38 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-28 17:38 - 2015-03-28 17:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-28 16:52 - 2015-03-28 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-03-28 16:51 - 2015-03-28 17:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-28 16:51 - 2015-03-28 16:51 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2015-03-28 16:51 - 2015-03-28 16:51 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-03-28 16:50 - 2015-03-28 16:51 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2015-03-28 16:48 - 2015-03-28 16:48 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2015-03-28 15:49 - 2015-03-28 19:09 - 00000000 ____D () C:\MATS
2015-03-28 11:44 - 2015-03-28 11:44 - 00003396 _____ () C:\Windows\System32\Tasks\{6E4C2198-888C-4384-A812-D6ED130D2D79}
2015-03-27 16:29 - 2015-03-28 18:19 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-03-27 11:43 - 2015-03-27 23:22 - 00000000 ____D () C:\Users\Todos os Usuários\{c52ed958-0506-e4be-c52e-ed9580506560}
2015-03-27 11:43 - 2015-03-27 23:22 - 00000000 ____D () C:\ProgramData\{c52ed958-0506-e4be-c52e-ed9580506560}
2015-03-27 10:35 - 2015-03-27 10:35 - 00000000 ____D () C:\Users\Todos os Usuários\regid.1986-12.com.adobe
2015-03-27 10:35 - 2015-03-27 10:35 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-03-27 10:23 - 2015-03-28 18:18 - 00000000 ____D () C:\Users\user\AppData\Local\Adobe
2015-03-27 10:22 - 2015-03-27 10:22 - 00002469 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2015-03-27 10:22 - 2015-03-27 10:22 - 00002230 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2015-03-27 10:22 - 2015-03-27 10:22 - 00002160 _____ () C:\Users\Public\Desktop\Adobe FormsCentral.lnk
2015-03-27 10:22 - 2015-03-27 10:22 - 00002069 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2015-03-27 10:22 - 2015-03-27 10:22 - 00002046 _____ () C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk
2015-03-27 08:00 - 2015-04-16 00:56 - 00000000 ____D () C:\Users\user\Downloads\PROGRAMAS
2015-03-27 01:12 - 2015-03-27 01:12 - 00004608 _____ () C:\Windows\SECOH-QAD.exe
2015-03-27 01:12 - 2015-03-27 01:12 - 00003584 _____ () C:\Windows\SECOH-QAD.dll
2015-03-27 01:11 - 2015-03-28 16:58 - 00003702 _____ () C:\Windows\System32\Tasks\AutoPico Daily Restart
2015-03-27 01:11 - 2015-03-28 16:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2015-03-26 21:42 - 2015-03-26 21:42 - 00000858 _____ () C:\Users\user\Desktop\µTorrent.lnk
2015-03-26 21:42 - 2015-03-26 21:42 - 00000000 ____D () C:\Users\user\AppData\Roaming\Macromedia
2015-03-26 17:50 - 2015-03-28 17:29 - 00000000 ____D () C:\Users\user\AppData\Roaming\DAEMON Tools Pro
2015-03-26 17:50 - 2015-03-26 17:58 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Pro
2015-03-26 17:50 - 2015-03-26 17:50 - 00029864 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtscsibus.sys
2015-03-26 17:50 - 2015-03-26 17:50 - 00001948 _____ () C:\Users\Public\Desktop\DAEMON Tools Pro.lnk
2015-03-26 17:50 - 2015-03-26 17:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro
2015-03-26 17:48 - 2015-03-26 17:49 - 00000000 ____D () C:\Users\Todos os Usuários\DAEMON Tools Pro
2015-03-26 17:48 - 2015-03-26 17:49 - 00000000 ____D () C:\ProgramData\DAEMON Tools Pro
2015-03-26 17:43 - 2015-03-26 17:43 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-26 17:43 - 2015-03-26 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-26 17:43 - 2015-03-26 17:43 - 00000000 ____D () C:\Program Files\WinRAR
2015-03-26 17:17 - 2015-03-26 17:17 - 00000000 ____D () C:\Users\Todos os Usuários\DAEMON Tools Lite
2015-03-26 17:17 - 2015-03-26 17:17 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2015-03-26 16:47 - 2015-03-26 16:47 - 00000000 ____D () C:\Users\Todos os Usuários\Oracle
2015-03-26 16:47 - 2015-03-26 16:47 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-26 16:47 - 2015-03-26 16:47 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-26 16:36 - 2015-04-14 20:24 - 00002201 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-26 16:36 - 2015-03-26 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-26 15:17 - 2015-04-20 11:22 - 00001070 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-26 15:17 - 2015-04-20 10:18 - 00001066 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-26 15:17 - 2015-03-26 16:29 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-26 15:17 - 2015-03-26 15:17 - 00004042 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-03-26 15:17 - 2015-03-26 15:17 - 00003806 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-03-26 15:15 - 2015-04-08 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-20 11:23 - 2015-01-26 10:19 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{97AE9F53-C5BB-4DB7-92CC-64E68A8ECB4D}
2015-04-20 11:00 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-20 10:40 - 2014-12-02 09:05 - 00000000 ____D () C:\Users\user\AppData\Roaming\Skype
2015-04-20 10:22 - 2014-12-02 08:33 - 01728476 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-20 10:22 - 2013-08-22 19:58 - 00743366 _____ () C:\Windows\system32\prfh0416.dat
2015-04-20 10:22 - 2013-08-22 19:58 - 00155618 _____ () C:\Windows\system32\prfc0416.dat
2015-04-20 10:18 - 2013-08-22 11:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-20 02:44 - 2013-08-22 10:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-04-19 23:40 - 2014-12-02 08:30 - 00000000 ____D () C:\Users\user\AppData\Local\Packages
2015-04-19 23:03 - 2014-12-31 08:32 - 00000000 ____D () C:\Windows\Minidump
2015-04-18 01:53 - 2013-08-22 12:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-16 23:26 - 2014-12-02 08:42 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1492741941-2502510912-4033395641-1001
2015-04-15 09:06 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-14 10:13 - 2015-03-10 13:44 - 00000000 ___RD () C:\Users\user\Desktop\EVNE
2015-04-11 18:01 - 2014-10-04 07:22 - 00000000 ____D () C:\Users\user\Desktop\LED
2015-04-08 18:56 - 2014-12-31 11:21 - 00001151 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-04-08 18:56 - 2014-12-31 11:21 - 00000000 ____D () C:\Users\Todos os Usuários\Package Cache
2015-04-08 18:56 - 2014-12-31 11:21 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-08 18:56 - 2014-12-02 09:01 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-04-07 09:38 - 2014-12-02 09:02 - 00000000 ____D () C:\Users\user\AppData\Roaming\Avira
2015-04-07 09:38 - 2014-12-02 09:01 - 00000000 ____D () C:\Users\Todos os Usuários\Avira
2015-04-07 09:38 - 2014-12-02 09:01 - 00000000 ____D () C:\ProgramData\Avira
2015-04-05 14:51 - 2014-08-17 14:48 - 00000000 ____D () C:\Users\user\Desktop\Trocas
2015-04-05 14:51 - 2014-08-17 14:45 - 00000000 ___RD () C:\Users\user\Desktop\NF Devolução Conserto
2015-04-05 14:51 - 2014-08-17 14:45 - 00000000 ___RD () C:\Users\user\Desktop\NF 36.845 Devolução defeito
2015-04-05 14:30 - 2014-05-29 12:10 - 00000000 ___RD () C:\Users\user\Desktop\FUNDERTEC
2015-03-30 13:57 - 2014-12-02 08:59 - 00000000 ____D () C:\Users\Todos os Usuários\Adobe
2015-03-30 13:57 - 2014-12-02 08:59 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-28 19:26 - 2014-12-02 09:05 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-28 18:50 - 2014-12-02 09:03 - 00000000 ____D () C:\Users\user\AppData\Roaming\uTorrent
2015-03-28 18:18 - 2014-12-02 09:11 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-28 17:38 - 2014-12-31 10:37 - 00000000 ____D () C:\Users\user\AppData\Local\Mozilla
2015-03-28 17:29 - 2014-12-02 09:25 - 00000000 ____D () C:\Windows\Panther
2015-03-28 17:27 - 2013-08-22 11:44 - 00483008 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-28 16:59 - 2014-12-02 08:54 - 00000000 ____D () C:\Program Files\KMSpico
2015-03-28 16:53 - 2014-12-02 08:55 - 00000000 ____D () C:\Users\Todos os Usuários\Microsoft Help
2015-03-28 16:53 - 2014-12-02 08:55 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-28 16:52 - 2013-08-22 19:59 - 00000000 ____D () C:\Windows\ShellNew
2015-03-28 16:51 - 2013-08-22 12:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-03-28 16:50 - 2014-12-02 08:55 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-03-28 16:48 - 2014-12-02 08:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-03-28 16:48 - 2013-08-22 12:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-03-28 16:48 - 2013-08-22 10:25 - 00000167 _____ () C:\Windows\win.ini
2015-03-27 10:46 - 2014-12-02 08:30 - 00000000 ____D () C:\Users\user\AppData\Roaming\Adobe
2015-03-26 15:10 - 2014-12-31 10:39 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-03-26 15:10 - 2014-12-31 10:39 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-03-26 15:10 - 2014-12-31 10:39 - 00043576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys

==================== Files in the root of some directories =======

2015-04-10 20:21 - 2015-04-10 20:21 - 0000057 _____ () C:\ProgramData\Ament.ini

Some content of TEMP:
====================
C:\Users\user\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-24 17:25

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité