Thanks for your help! Here's the FRST.txt file:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.04.2018
Ran by Sofiaa (administrator) on FAMILIASILVA-PC (15-04-2018 18:12:46)
Running from C:\Users\Sofiaa\Desktop
Loaded Profiles: Sofiaa (Available Profiles: Familia Silva & Sofiaa & Utilizador padrão & Convidado)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Português (Portugal)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Discord Inc.) C:\Users\Sofiaa\AppData\Local\Discord\app-0.0.300\Discord.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(Discord Inc.) C:\Users\Sofiaa\AppData\Local\Discord\app-0.0.300\Discord.exe
(Discord Inc.) C:\Users\Sofiaa\AppData\Local\Discord\app-0.0.300\Discord.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7174728 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2018-01-09] (AVAST Software)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [291056 2018-04-14] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [506864 2013-03-08] (MSI)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
HKLM-x32\...\Run: [Everything] => "C:\Users\Sofiaa\Desktop\Download\Everything\Everything.exe" -startup
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM-x32\...\Run: [chrome] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1589592 2018-03-20] (Google Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1268683879-3191997658-603331031-1023\...\Run: [Akamai NetSession Interface] => "C:\Users\Sofiaa\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-1268683879-3191997658-603331031-1023\...\Run: [Discord] => C:\Users\Sofiaa\AppData\Local\Discord\app-0.0.300\Discord.exe [57821176 2018-01-08] (Discord Inc.)
HKU\S-1-5-18\...\Run: [] => [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-05-14]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2014-05-14]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk [2014-05-14]
ShortcutTarget: Qualcomm Atheros Killer Network Manager.lnk -> C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe ()
Startup: C:\Users\Convidado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-09-06]
ShortcutTarget: Dropbox.lnk -> C:\Users\Sofiaa\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
Startup: C:\Users\Familia Silva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2018-04-05]
ShortcutTarget: Dropbox.lnk -> C:\Users\Sofiaa\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
GroupPolicy\User: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [196096 2013-05-07] (Bigfoot Networks, Inc.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [196096 2013-05-07] (Bigfoot Networks, Inc.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [196096 2013-05-07] (Bigfoot Networks, Inc.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [196096 2013-05-07] (Bigfoot Networks, Inc.)
Winsock: Catalog9 15 C:\Windows\SysWOW64\BfLLR.dll [196096 2013-05-07] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 01 C:\Windows\system32\BfLLR.dll [216064 2013-05-07] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 02 C:\Windows\system32\BfLLR.dll [216064 2013-05-07] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 03 C:\Windows\system32\BfLLR.dll [216064 2013-05-07] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 04 C:\Windows\system32\BfLLR.dll [216064 2013-05-07] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 15 C:\Windows\system32\BfLLR.dll [216064 2013-05-07] (Bigfoot Networks, Inc.)
Hosts: 127.0.0.1 www.r2rdownload.com
Tcpip\Parameters: [DhcpNameServer] 213.228.128.156 213.228.128.6
Tcpip\..\Interfaces\{45AB0677-433F-45BC-9418-220F29114B79}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6DB1AB0B-4D52-4B57-BBE9-B7065B8FF668}: [DhcpNameServer] 213.228.128.156 213.228.128.6
Tcpip\..\Interfaces\{A007068D-CBA1-4E72-8C54-9430241D32C6}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1268683879-3191997658-603331031-1023\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__180325__yaie
HKU\S-1-5-21-1268683879-3191997658-603331031-1023\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-pt/?ocid=iehp
SearchScopes: HKU\S-1-5-21-1268683879-3191997658-603331031-1023 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__180325__yaie&p={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-01-09] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-03-19] (McAfee, Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-09-04] (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\plugins\ArcPluginIE.dll => No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-01-09] (AVAST Software)
BHO-x32: Programa Auxiliar de Início de Sessão da conta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-03-19] (McAfee, Inc.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-04] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-03-19] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-03-19] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-03-19] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-03-19] (McAfee, Inc.)
Handler: WSWSVCUchrome - No CLSID Value
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-04-06]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-05-14] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_140.dll [2018-04-12] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_140.dll [2018-04-12] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2016-12-27] (Nexon)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\plugins\npArcPluginFF.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
Chrome:
=======
CHR res: Infected resources.pak (Adware script). Reinstall Chrome. <==== ATTENTION
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Backup Default [2017-02-13]
CHR Extension: (Adblock Plus) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-27]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-12-30]
CHR Extension: (Documentos do Google offline) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-30]
CHR Extension: (Avast Online Security) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-30]
CHR Extension: (BetterGaia) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\lmgjagdflhhfjflolfalapokbplfldna [2016-11-06]
CHR Extension: (Gaia Enhancement Suite) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\mgcnknfohcgfckjaebhijnpgdmngoceg [2016-11-06]
CHR Extension: (Pagamentos via Chrome Web Store) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-30]
CHR Extension: (MirrorTube) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\olomckflnlligkboahmaihmeaffjdbfm [2016-08-31]
CHR Extension: (Quick Searcher) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\pbdpajcdgknpendpmecafmopknefafha [2018-03-25]
CHR Extension: (Gmail) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-30]
CHR Extension: (RocketBolt: Email Tracking for Gmail) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\pkapfpgbgfcojflnfmhnplkkkcdcmkfj [2016-10-17]
CHR Extension: (Chrome Media Router) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-30]
CHR Profile: C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Default [2018-03-25]
CHR Extension: (Documentos do Google offline) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-31]
CHR Extension: (Avast Online Security) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-31]
CHR Extension: (Skype) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-12-31]
CHR Extension: (Pagamentos via Chrome Web Store) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-31]
CHR Extension: (MirrorTube) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\olomckflnlligkboahmaihmeaffjdbfm [2017-01-01]
CHR Extension: (Quick Searcher) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdpajcdgknpendpmecafmopknefafha [2018-03-25]
CHR Extension: (Gmail) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-31]
CHR Extension: (Chrome Media Router) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-31]
CHR Extension: (System Table) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Default\SystemTable\1.2_0 [2018-03-25]
CHR Profile: C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-04-15]
CHR Extension: (Apresentações) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Documentos) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-04]
CHR Extension: (YouTube) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-04]
CHR Extension: (Adblock Plus) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-26]
CHR Extension: (Plugins) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\chemohaemmfhjpmlgkmkanfpfbkaihop [2017-07-04]
CHR Extension: (Adobe Acrobat) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-06-21]
CHR Extension: (Folhas de cálculo) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-03-10]
CHR Extension: (Documentos do Google offline) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-06]
CHR Extension: (Avast Online Security) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-03-23]
CHR Extension: (BetterGaia) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmgjagdflhhfjflolfalapokbplfldna [2017-12-04]
CHR Extension: (AVG SafePrice) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2018-03-25]
CHR Extension: (Pagamentos via Chrome Web Store) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (MirrorTube) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\olomckflnlligkboahmaihmeaffjdbfm [2017-01-06]
CHR Extension: (Quick Searcher) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pbdpajcdgknpendpmecafmopknefafha [2018-03-25]
CHR Extension: (Gmail) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-04]
CHR Extension: (Chrome Media Router) - C:\Users\Sofiaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-23]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1268683879-3191997658-603331031-1023\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7538536 2018-01-09] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2018-01-09] (AVAST Software)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [314688 2018-04-14] (AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\x64\aswidsagenta.exe [7653992 2018-04-14] (AVG Technologies CZ, s.r.o.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-02-06] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [180200 2013-02-13] ()
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604312 2018-03-19] (McAfee, Inc.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161264 2013-02-20] (MSI)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [35616 2014-11-21] (Microsoft)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [503296 2013-05-07] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S4 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [185096 2018-01-09] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [321512 2018-01-09] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199448 2018-01-09] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343768 2018-01-09] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57696 2018-01-09] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [149344 2018-01-09] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2018-01-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [146648 2018-01-10] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110336 2018-01-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84384 2018-01-09] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1025176 2018-01-09] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [457896 2018-01-10] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [204456 2018-01-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [358672 2018-01-09] (AVAST Software)
S3 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [189032 2018-04-14] (AVG Technologies CZ, s.r.o.)
S3 avgbdisk; C:\Windows\System32\drivers\avgbdiska.sys [166064 2018-04-14] (AVG Technologies CZ, s.r.o.)
S3 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdrivera.sys [220600 2018-04-14] (AVG Technologies CZ, s.r.o.)
S3 avgbidsh; C:\Windows\System32\drivers\avgbidsha.sys [192536 2018-04-14] (AVG Technologies CZ, s.r.o.)
S3 avgblog; C:\Windows\System32\drivers\avgbloga.sys [336848 2018-04-14] (AVG Technologies CZ, s.r.o.)
S3 avgbuniv; C:\Windows\System32\drivers\avgbuniva.sys [50776 2018-04-14] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [39352 2018-04-14] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [139608 2018-04-14] (AVG Technologies CZ, s.r.o.)
S3 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [103744 2018-04-14] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [76760 2018-04-14] (AVG Technologies CZ, s.r.o.)
S3 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1019088 2018-04-14] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [452904 2018-04-14] (AVG Technologies CZ, s.r.o.)
S3 avgStm; C:\Windows\System32\drivers\avgStm.sys [198368 2018-04-14] (AVG Technologies CZ, s.r.o.)
S3 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [372920 2018-04-14] (AVG Technologies CZ, s.r.o.)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [66928 2013-05-07] (Qualcomm Atheros, Inc.)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-10-07] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-10-07] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [507984 2018-01-21] (Symantec Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-02-06] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-02-13] ()
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [165824 2013-05-07] (Qualcomm Atheros, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc.)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [394296 2016-10-07] (Duplex Secure Ltd.)
R3 TotRec8; C:\Windows\system32\drivers\TotRec8.sys [122640 2012-08-13] (High Criteria inc.)
S3 VOICEMOD_Driver; C:\Windows\System32\drivers\vmdrv.sys [27648 2018-03-15] (Windows ® Win 7 DDK provider)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2018-04-15] ()
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2016-12-31] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2016-12-31] (Zemana Ltd.)
S3 DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [X]
S3 MBfilt; system32\drivers\MBfilt64.sys [X]
S3 NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [X]
S3 VBAudioVMVAIOMME; system32\DRIVERS\vbaudio_vmvaio64_win7.sys [X]
S3 WacHidRouterPro; system32\DRIVERS\wachidrouter.sys [X]
S3 wacomrouterfilter; system32\DRIVERS\wacomrouterfilter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-04-15 18:12 - 2018-04-15 18:12 - 002403328 _____ (Farbar) C:\Users\Sofiaa\Desktop\FRST64.exe
2018-04-15 18:12 - 2018-04-15 18:12 - 000032156 _____ C:\Users\Sofiaa\Desktop\FRST.txt
2018-04-15 18:11 - 2018-04-15 18:12 - 000000000 ____D C:\FRST
2018-04-15 18:08 - 2018-04-15 18:08 - 000094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2018-04-15 15:36 - 2018-04-15 15:36 - 000000000 ____D C:\ProgramData\SWCUTemp
2018-04-14 22:28 - 2018-04-14 22:28 - 000000000 ____D C:\Users\Sofiaa\Documents\Guild Wars 2
2018-04-14 09:16 - 2018-04-14 09:16 - 000377584 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2018-04-12 22:01 - 2018-04-12 22:01 - 000000000 ___HD C:\Users\Sofiaa\AppData\Local\TeamViewer
2018-04-12 19:43 - 2018-04-12 19:43 - 000000000 ___HD C:\Users\Sofiaa\AppData\Local\Hewlett-Packard
2018-04-09 15:31 - 2018-04-09 15:32 - 000000000 ____D C:\Users\Familia Silva\Desktop\keygen
2018-04-09 15:31 - 2018-04-09 15:32 - 000000000 ____D C:\Users\Familia Silva\Desktop\Image-Line FL Studio Producer Edition 12.5.1 Build 5 + Patch [SadeemPC]
2018-04-09 15:26 - 2018-04-09 15:27 - 000068720 _____ C:\Users\Sofiaa\Desktop\untitled.flp
2018-04-09 15:26 - 2018-04-09 15:26 - 000068720 _____ C:\Users\Sofiaa\Desktop\q3we.flp
2018-04-09 15:10 - 2018-04-09 15:34 - 000002004 _____ C:\Users\Public\Desktop\FL Studio 12 (64bit).lnk
2018-04-09 15:10 - 2018-04-09 15:34 - 000001988 _____ C:\Users\Public\Desktop\FL Studio 12.lnk
2018-04-09 15:10 - 2018-04-09 15:10 - 000000000 ____D C:\Users\Familia Silva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2018-04-09 15:10 - 2018-04-09 15:10 - 000000000 ____D C:\Users\Familia Silva\AppData\Roaming\Image-Line
2018-04-08 12:49 - 2018-04-08 12:49 - 000000000 ___HD C:\Users\Sofiaa\AppData\Local\uTorrent
2018-04-06 23:02 - 2018-04-06 23:02 - 000004638 _____ C:\Users\Sofiaa\AppData\Roaming\VoiceMeeterDefault.xml
2018-04-06 22:51 - 2018-04-08 14:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio
2018-04-06 22:51 - 2018-04-08 14:12 - 000000000 ____D C:\Program Files\VB
2018-04-06 22:51 - 2018-04-06 22:51 - 000000000 ____D C:\Program Files (x86)\VB
2018-04-06 20:32 - 2018-04-08 14:11 - 000000000 ____D C:\Program Files\Voicemod Desktop
2018-04-06 20:32 - 2018-03-15 15:20 - 000027648 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\vmdrv.sys
2018-04-06 19:48 - 2018-04-06 19:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClownfishVoiceChanger
2018-04-06 19:47 - 2018-04-06 19:48 - 000000000 ____D C:\Program Files (x86)\ClownfishVoiceChanger
2018-04-06 19:29 - 2018-04-06 19:29 - 000000000 ___HD C:\Users\Sofiaa\AppData\Local\Canon
2018-04-05 14:23 - 2018-04-08 14:12 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2018-04-05 14:23 - 2018-04-05 14:23 - 000000000 ____D C:\Users\Familia Silva\AppData\Roaming\AVG
2018-04-05 14:22 - 2018-04-05 14:22 - 000000000 ____D C:\Users\Familia Silva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-04-05 14:21 - 2018-04-05 14:21 - 000000000 ____D C:\Users\Familia Silva\AppData\Local\AVG
2018-03-31 00:01 - 2018-03-31 00:01 - 000000000 ___HD C:\Users\Sofiaa\AppData\Local\BitTorrent
2018-03-25 22:48 - 2018-04-15 18:06 - 000527302 _____ C:\Windows\ntbtlog.txt
2018-03-25 22:44 - 2018-03-25 22:44 - 000000000 ____D C:\Windows\System32\Tasks\AVG
2018-03-25 22:44 - 2018-03-25 22:44 - 000000000 ____D C:\Users\Sofiaa\AppData\Roaming\AVG
2018-03-25 22:44 - 2018-03-25 22:44 - 000000000 ____D C:\Users\Sofiaa\AppData\Local\AVG
2018-03-25 22:44 - 2018-03-25 22:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2018-03-25 22:43 - 2018-04-14 09:16 - 001019088 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2018-03-25 22:43 - 2018-04-14 09:16 - 000452904 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2018-03-25 22:43 - 2018-04-14 09:16 - 000372920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2018-03-25 22:43 - 2018-04-14 09:16 - 000198368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2018-03-25 22:43 - 2018-04-14 09:16 - 000189032 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2018-03-25 22:43 - 2018-04-14 09:16 - 000139608 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2018-03-25 22:43 - 2018-04-14 09:16 - 000103744 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2018-03-25 22:43 - 2018-04-14 09:16 - 000076760 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2018-03-25 22:43 - 2018-04-14 09:16 - 000039352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
2018-03-25 22:43 - 2018-04-14 09:16 - 000003904 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2018-03-25 22:43 - 2018-04-14 09:15 - 000336848 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys
2018-03-25 22:43 - 2018-04-14 09:15 - 000220600 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys
2018-03-25 22:43 - 2018-04-14 09:15 - 000192536 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys
2018-03-25 22:43 - 2018-04-14 09:15 - 000166064 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbdiska.sys
2018-03-25 22:43 - 2018-04-14 09:15 - 000050776 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys
2018-03-25 22:43 - 2018-03-25 22:43 - 000000000 ____D C:\Program Files\Common Files\AVG
2018-03-25 22:42 - 2018-03-25 22:42 - 000000000 ____D C:\Program Files\AVG
2018-03-25 22:41 - 2018-03-25 23:45 - 000000000 ____D C:\ProgramData\AVG
2018-03-25 16:26 - 2018-03-25 16:26 - 000000000 ____D C:\Program Files (x86)\VstPlugins
2018-03-25 12:01 - 2018-03-25 22:46 - 000000004 _____ C:\ProgramData\lock.dat
2018-03-25 12:01 - 2018-03-25 14:34 - 000000008 _____ C:\ProgramData\rwi.jhad
2018-03-25 11:33 - 2018-03-25 11:33 - 000000000 ____D C:\Users\Sofiaa\AppData\Roaming\WidModule
2018-03-25 11:32 - 2018-03-25 11:32 - 000000000 ___HD C:\$AV_ASW
2018-03-25 11:31 - 2018-04-15 18:08 - 000000280 ____H C:\Windows\Tasks\{09EFC5AB-D230-AB81-74D2-4D2309EFC5AB}.job
2018-03-25 11:31 - 2018-03-25 22:48 - 000000000 ____D C:\ProgramData\dahjService
2018-03-25 11:31 - 2018-03-25 11:31 - 000003642 _____ C:\Windows\System32\Tasks\{DA409434-5703-FFF2-6EF2-C96686C95FC8}
2018-03-25 11:31 - 2018-03-25 11:31 - 000003476 _____ C:\Windows\System32\Tasks\{312B53AD-E943-9D18-CF8F-B118EE1C3B74}
2018-03-25 11:31 - 2018-03-25 11:31 - 000000003 _____ C:\Users\Sofiaa\AppData\Local\wbem.ini
2018-03-25 11:29 - 2018-03-25 14:49 - 000000000 ____D C:\Users\Sofiaa\AppData\Roaming\uTorrent
2018-03-25 11:29 - 2018-03-25 11:29 - 000000839 _____ C:\Users\Sofiaa\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2018-03-25 11:29 - 2018-03-25 11:29 - 000000000 ____D C:\Users\Sofiaa\AppData\Roaming\Lavasoft
2018-03-25 11:29 - 2018-03-25 11:29 - 000000000 ____D C:\Users\Sofiaa\AppData\Local\Lavasoft
2018-03-25 11:29 - 2018-03-25 11:29 - 000000000 ____D C:\ProgramData\Lavasoft
2018-03-25 11:29 - 2018-03-25 11:29 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2018-03-23 14:39 - 2018-04-15 18:12 - 000052714 _____ C:\Windows\ZAM.krnl.trace
2018-03-23 14:39 - 2018-04-15 18:12 - 000024060 _____ C:\Windows\ZAM_Guard.krnl.trace
2018-03-19 19:08 - 2018-04-12 19:43 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-04-15 18:08 - 2018-01-04 22:01 - 000000346 _____ C:\Windows\Tasks\Connect.job
2018-04-15 18:08 - 2017-10-31 20:57 - 000000000 ____D C:\Users\Sofiaa\AppData\Roaming\discord
2018-04-15 18:08 - 2017-04-05 18:37 - 000000412 _____ C:\Windows\Tasks\Final Media Player Update Checker.job
2018-04-15 18:08 - 2016-09-11 12:44 - 000000436 _____ C:\Windows\Tasks\simplitec Power Suite (Tray).job
2018-04-15 18:08 - 2016-08-30 19:52 - 000000000 ____D C:\Users\Sofiaa
2018-04-15 18:08 - 2014-05-14 12:08 - 000034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2018-04-15 18:08 - 2014-05-14 11:58 - 000000000 ____D C:\ProgramData\Bigfoot Networks
2018-04-15 18:08 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-04-15 18:06 - 2014-06-26 17:09 - 000000000 ____D C:\Windows\Minidump
2018-04-15 18:06 - 2013-11-05 23:46 - 000319827 ____N C:\Windows\Minidump\041518-6068-01.dmp
2018-04-15 17:59 - 2009-07-14 05:45 - 000027888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-04-15 17:59 - 2009-07-14 05:45 - 000027888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-04-15 17:57 - 2011-01-27 16:46 - 007419548 _____ C:\Windows\system32\prfh0816.dat
2018-04-15 17:57 - 2011-01-27 16:46 - 006569596 _____ C:\Windows\system32\prfc0816.dat
2018-04-15 17:57 - 2009-07-14 06:13 - 000006464 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-15 17:51 - 2013-11-05 23:46 - 000319891 ____N C:\Windows\Minidump\041518-5054-01.dmp
2018-04-15 17:21 - 2015-06-20 23:41 - 000000950 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1268683879-3191997658-603331031-1000UA.job
2018-04-14 16:59 - 2013-11-05 23:46 - 000319827 ____N C:\Windows\Minidump\041418-5959-01.dmp
2018-04-14 09:21 - 2015-06-20 23:41 - 000000898 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1268683879-3191997658-603331031-1000Core.job
2018-04-14 09:16 - 2017-03-25 16:48 - 000000000 ____D C:\Users\Utilizador padrão
2018-04-14 09:16 - 2014-05-15 14:35 - 000000000 ____D C:\Users\Convidado
2018-04-12 19:45 - 2013-11-05 23:46 - 000319883 ____N C:\Windows\Minidump\041218-4633-01.dmp
2018-04-12 19:43 - 2014-07-09 19:08 - 006158848 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2018-04-12 19:43 - 2014-05-14 12:21 - 000804864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-04-12 19:43 - 2014-05-14 12:21 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-04-12 19:43 - 2014-05-14 12:21 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-04-12 19:43 - 2014-05-14 12:21 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-04-12 19:43 - 2014-05-14 12:20 - 000000000 ____D C:\Windows\system32\Macromed
2018-04-10 17:01 - 2017-01-24 17:58 - 000000000 ____D C:\Users\Familia Silva\AppData\Roaming\vlc
2018-04-10 16:21 - 2014-05-22 20:10 - 000004006 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{10108F7D-6A99-4CFC-BFD7-43AF9EEAC872}
2018-04-10 16:18 - 2014-05-13 12:41 - 000000000 ____D C:\Users\Familia Silva
2018-04-09 21:13 - 2013-11-05 23:46 - 000319891 ____N C:\Windows\Minidump\040918-5226-01.dmp
2018-04-09 15:14 - 2017-01-24 17:49 - 000000000 ____D C:\Users\Familia Silva\AppData\LocalLow\Mozilla
2018-04-09 15:07 - 2014-11-28 16:56 - 000000000 ____D C:\Users\Familia Silva\AppData\Local\CrashDumps
2018-04-08 17:41 - 2013-11-05 23:46 - 000319827 ____N C:\Windows\Minidump\040818-5054-01.dmp
2018-04-08 17:19 - 2013-11-05 23:46 - 000319827 ____N C:\Windows\Minidump\040818-4430-01.dmp
2018-04-08 16:48 - 2013-11-05 23:46 - 000319827 ____N C:\Windows\Minidump\040818-4399-01.dmp
2018-04-08 16:01 - 2013-11-05 23:46 - 000319827 ____N C:\Windows\Minidump\040818-3837-01.dmp
2018-04-08 15:18 - 2013-11-05 23:46 - 000319827 ____N C:\Windows\Minidump\040818-5038-01.dmp
2018-04-08 14:42 - 2013-11-05 23:46 - 000319827 ____N C:\Windows\Minidump\040818-6520-01.dmp
2018-04-08 13:41 - 2013-11-05 23:46 - 000319827 ____N C:\Windows\Minidump\040818-4570-01.dmp
2018-04-08 12:56 - 2013-11-05 23:46 - 000319827 ____N C:\Windows\Minidump\040818-4368-01.dmp
2018-04-08 05:53 - 2013-11-05 23:46 - 000319827 ____N C:\Windows\Minidump\040818-5210-01.dmp
2018-04-07 01:03 - 2013-11-05 23:46 - 000319827 ____N C:\Windows\Minidump\040718-10155-01.dmp
2018-04-06 23:03 - 2014-11-28 20:02 - 000000000 ____D C:\ProgramData\Package Cache
2018-04-06 22:55 - 2013-11-05 23:46 - 000319827 ____N C:\Windows\Minidump\040618-7737-01.dmp
2018-04-06 22:51 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-04-06 12:52 - 2018-01-09 19:13 - 000004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-04-05 14:34 - 2009-07-14 06:08 - 000032568 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-04-05 14:22 - 2015-06-20 23:41 - 000000000 ____D C:\Users\Familia Silva\AppData\Local\Dropbox
2018-04-05 14:22 - 2014-05-16 19:29 - 000000000 ____D C:\Users\Familia Silva\AppData\Roaming\Dropbox
2018-04-05 12:58 - 2013-11-05 23:46 - 000319955 ____N C:\Windows\Minidump\040518-4321-01.dmp
2018-04-03 13:34 - 2013-11-05 23:46 - 000320019 ____N C:\Windows\Minidump\040318-16785-01.dmp
2018-04-02 20:04 - 2016-09-02 15:28 - 000000000 ____D C:\Users\Sofiaa\AppData\Local\CrashDumps
2018-04-01 01:54 - 2013-11-05 23:46 - 000319827 ____N C:\Windows\Minidump\040118-3650-01.dmp
2018-03-31 21:16 - 2013-11-05 23:46 - 000319827 ____N C:\Windows\Minidump\033118-4976-01.dmp
2018-03-31 00:40 - 2013-11-05 23:46 - 000319827 ____N C:\Windows\Minidump\033118-4243-01.dmp
2018-03-30 13:08 - 2013-11-05 23:46 - 000319827 ____N C:\Windows\Minidump\033018-3712-01.dmp
2018-03-30 00:36 - 2013-11-05 23:46 - 000319827 ____N C:\Windows\Minidump\033018-3681-01.dmp
2018-03-29 13:29 - 2013-11-05 23:46 - 000319827 ____N C:\Windows\Minidump\032918-3822-01.dmp
2018-03-29 00:36 - 2013-11-05 23:46 - 000319827 ____N C:\Windows\Minidump\032918-4274-01.dmp
2018-03-28 22:21 - 2013-11-05 23:46 - 000319827 ____N C:\Windows\Minidump\032818-5038-01.dmp
2018-03-28 00:09 - 2013-11-05 23:46 - 000319827 ____N C:\Windows\Minidump\032818-4352-01.dmp
2018-03-26 23:58 - 2016-02-15 19:44 - 000000000 ____D C:\Windows\rescache
2018-03-26 23:33 - 2013-11-05 23:46 - 000320275 ____N C:\Windows\Minidump\032618-4539-01.dmp
2018-03-26 13:51 - 2013-11-05 23:46 - 000319827 ____N C:\Windows\Minidump\032618-6162-01.dmp
2018-03-26 12:07 - 2016-08-30 19:55 - 000000000 ____D C:\Users\Sofiaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PaintTool SAI
2018-03-26 00:12 - 2013-11-05 23:46 - 000319827 ____N C:\Windows\Minidump\032618-3868-01.dmp
2018-03-25 23:23 - 2017-01-04 17:00 - 000000000 ____D C:\AdwCleaner
2018-03-25 22:48 - 2013-11-05 23:46 - 000320275 ____N C:\Windows\Minidump\032518-9828-01.dmp
2018-03-25 14:41 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Windows Sidebar
2018-03-25 14:33 - 2016-11-27 13:33 - 000000000 ____D C:\Users\Sofiaa\AppData\LocalLow\uTorrent
2018-03-25 14:33 - 2013-11-05 23:46 - 000320147 ____N C:\Windows\Minidump\032518-4243-01.dmp
2018-03-25 12:00 - 2017-05-17 19:31 - 000000000 ____D C:\Program Files (x86)\HyperCam 4
2018-03-25 11:33 - 2014-05-13 15:24 - 000000000 ____D C:\Program Files (x86)\Google
2018-03-25 01:27 - 2017-08-08 18:53 - 000000000 ____D C:\Users\Sofiaa\Desktop\Guild Wars 2
2018-03-24 23:37 - 2017-07-15 16:44 - 000000000 ____D C:\Users\Sofiaa\AppData\Local\Deployment
2018-03-23 14:51 - 2017-01-04 17:17 - 000002180 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-23 14:41 - 2014-05-16 19:32 - 000000000 ___RD C:\Users\Familia Silva\Dropbox
2018-03-23 14:39 - 2017-01-24 17:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-03-23 14:39 - 2016-12-30 19:54 - 000000000 ____D C:\Program Files (x86)\McAfee
2018-03-23 14:39 - 2015-05-29 16:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
==================== Files in the root of some directories =======
2018-03-25 12:01 - 2018-03-25 22:46 - 000000004 _____ () C:\ProgramData\lock.dat
2017-07-30 13:07 - 2017-07-30 13:07 - 000000048 ____H () C:\Program Files (x86)\q89etct4yc.dat
2014-05-22 20:18 - 2010-01-26 10:11 - 000444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
1623-04-04 11:37 - 1623-04-04 11:37 - 000073216 ____N (Microsoft Corporation) C:\Users\Sofiaa\AppData\Roaming\niZHaUI.exe
1623-04-04 11:37 - 1623-04-04 11:37 - 000186368 ____N (Microsoft Corporation) C:\Users\Sofiaa\AppData\Roaming\rCEajDayOvQ.exe
2018-04-06 23:02 - 2018-04-06 23:02 - 000004638 _____ () C:\Users\Sofiaa\AppData\Roaming\VoiceMeeterDefault.xml
2017-07-31 20:24 - 2017-07-31 20:24 - 000007605 _____ () C:\Users\Sofiaa\AppData\Local\Resmon.ResmonCfg
2018-03-25 11:31 - 2018-03-25 11:31 - 000000003 _____ () C:\Users\Sofiaa\AppData\Local\wbem.ini
Files to move or delete:
====================
C:\Windows\Tasks\{09EFC5AB-D230-AB81-74D2-4D2309EFC5AB}.job
Some files in TEMP:
====================
2017-08-08 18:52 - 2017-08-08 18:52 - 034201768 _____ (ArenaNet) C:\Users\Sofiaa\AppData\Local\Temp\Gw2.exe
2018-03-25 11:31 - 2018-03-25 11:31 - 000946351 _____ (1hU7MnMV8j9ACyBQdyeo ) C:\Users\Sofiaa\AppData\Local\Temp\installer.exe
2017-12-14 19:33 - 2017-12-14 19:33 - 000030208 _____ (Melloware Inc (www.melloware.com)) C:\Users\Sofiaa\AppData\Local\Temp\JIntellitype.dll
2018-03-25 11:31 - 2018-03-25 11:31 - 002180264 _____ (Adobe Systems Incorporated) C:\Users\Sofiaa\AppData\Local\Temp\poxes.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-04-08 00:15
==================== End of FRST.txt ============================
Here's the other file:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.04.2018
Ran by Sofiaa (15-04-2018 18:13:01)
Running from C:\Users\Sofiaa\Desktop
Windows 7 Professional Service Pack 1 (X64) (2014-05-13 11:41:23)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-1268683879-3191997658-603331031-500 - Administrator - Disabled)
Convidado (S-1-5-21-1268683879-3191997658-603331031-501 - Administrator - Disabled) => C:\Users\Convidado
Familia Silva (S-1-5-21-1268683879-3191997658-603331031-1000 - Administrator - Enabled) => C:\Users\Familia Silva
Sofiaa (S-1-5-21-1268683879-3191997658-603331031-1023 - Administrator - Enabled) => C:\Users\Sofiaa
Utilizador padrão (S-1-5-21-1268683879-3191997658-603331031-1025 - Limited - Enabled) => C:\Users\Utilizador padrão
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: AVG Antivirus (Disabled - Out of date) {C50510DE-367A-330C-FD5C-556ACFB11243}
AS: AVG Antivirus (Disabled - Out of date) {7E64F13A-1040-3C82-C7EC-6E18B43658FE}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1268683879-3191997658-603331031-1023\...\uTorrent) (Version: 3.5.3.44358 - BitTorrent Inc.)
5600 (HKLM-x32\...\{F2DC2589-C894-43DD-BA70-8FDCA7360584}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
5600_Help (HKLM-x32\...\{7DCBC3D8-8954-491D-A1B9-8C61C563B004}) (Version: 82.0.242.000 - Hewlett-Packard) Hidden
5600Trb (HKLM-x32\...\{2605461E-AB2E-49F5-8A16-64B7F3595030}) (Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
Actualização do Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0816-0000-0000000FF1CE}_ENTERPRISE_{CCDE3C71-5F35-477F-BA90-1A399C91C10C}) (Version: - Microsoft)
Actualização do Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0816-0000-0000000FF1CE}_ENTERPRISE_{CF0BC77F-1B63-44BF-BCFE-3A8CBB9077D1}) (Version: - Microsoft)
Actualização do Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0816-0000-0000000FF1CE}_ENTERPRISE_{A1A8C49E-BB40-4852-853E-B5A1F6BB2A3C}) (Version: - Microsoft)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (HKLM-x32\...\{E7112940-5F8E-4918-B9FE-251F2F8DC81F}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (HKLM-x32\...\{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (HKLM-x32\...\{104066F4-5897-4067-85D3-4C88B67CCF75}) (Version: 130.0.421.000 - Hewlett-Packard) Hidden
AliExpress version 1.1.0.5019 (HKLM-x32\...\70652e10-a720-11e6-bfea-d33ec8ab8d4f_is1) (Version: 1.1.0.5019 - )
Antares Autotune Evo VST RTAS v6.0.9 (HKLM-x32\...\Antares Autotune Evo VST RTAS_is1) (Version: - )
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.9.2322 - AVAST Software)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 18.3.3051 - AVG Technologies)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.69.1079 - AB Team, d.o.o.)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
Clownfish Voice Changer (HKLM\...\ClownfishVoiceChanger) (Version: - )
Connect (HKLM-x32\...\MAGIX_connector_is1) (Version: 2.6.1.117 - MAGIX Software GmbH)
Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DesignDoll (HKU\S-1-5-21-1268683879-3191997658-603331031-1023\...\a94d3e1b3ab3bea6) (Version: 1.4.0.0 - Terawell)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
Discord (HKU\S-1-5-21-1268683879-3191997658-603331031-1023\...\Discord) (Version: 0.0.300 - Discord Inc.)
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
doPDF (HKLM\...\{5873B699-892C-4EE6-93AE-333658910A09}) (Version: 8.1.920 - Softland) Hidden
doPDF 8 (HKLM-x32\...\{7ced5c6b-4b09-4bd7-8707-b3cce8eead22}) (Version: 8.1.920 - Softland)
Everything 1.2.1.371 (HKLM-x32\...\Everything) (Version: - )
Fax (HKLM-x32\...\{440B915A-0C85-45DB-92AE-75AE14704A64}) (Version: 130.0.418.000 - Hewlett-Packard) Hidden
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Free MP4 Player (HKLM-x32\...\{381D3191-01FA-4B56-BCF2-DADFE708BCA8}) (Version: 1.00.0000 - Media Freeware)
Free PC Audio Recorder 3.0 (HKLM-x32\...\Free PC Audio Recorder_is1) (Version: 3.0 - Cok Free Software)
fx-CG20 Series OS Update (HKLM-x32\...\{ED42EB6F-5D8C-4DEA-94E5-19CCCBB97174}) (Version: 3.10.0000 - CASIO COMPUTER CO., LTD.)
Galeria de Fotografias (HKLM-x32\...\{23079EF2-2617-4BFC-BDFF-E6AE8D79B734}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.326.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
GridinSoft Anti-Malware (HKLM\...\GridinSoft Anti-Malware) (Version: 3.0.69 - GridinSoft LLC)
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM-x32\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.29.01 - Hyperionics Technology LLC)
HyperCam 4 (HKLM-x32\...\HyperCam 4 4.0.1511.06) (Version: 4.0.1511.06 - Solveig Multimedia)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.2.1001 - Intel Corporation)
Intel® Smart Connect Technology 4.0 x64 (HKLM\...\{565CA964-C937-4634-8DD4-C95733724B56}) (Version: 4.0.41.2072 - Intel)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
IRS - Modelo 3 Impressos 2016 (HKLM-x32\...\pt.at.DM3IRSCLIv2016) (Version: 2016.2.6.0146 - AT)
IRS - Modelo 3 Impressos 2017 (HKLM-x32\...\pt.at.DM3IRSCLIv2017) (Version: 2017.1.3-0074 - AT)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
join.me (HKU\S-1-5-21-1268683879-3191997658-603331031-1023\...\JoinMe) (Version: 3.2.1.5223 - LogMeIn, Inc.)
LADSPA_plugins-win-0.4.15 (HKLM-x32\...\LADSPA_plugins-win_is1) (Version: - Audacity Team)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
MAGIX Conteúdo e Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Soundpool Music Maker - Feel good (HKLM\...\{32A69CB3-D657-4B43-8BB5-1A8CC6E93D3E}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.183 - McAfee, Inc.)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (Português) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2070) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3B5AAF87-531E-4163-BE79-8989FC249173}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 58.0.2 (x64 pt-PT) (HKLM\...\Mozilla Firefox 58.0.2 (x64 pt-PT)) (Version: 58.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 58.0.2.6611 - Mozilla)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.6.2.17 - Symantec Corporation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2 - Notepad++ Team)
novaPDF 8 add-in for Microsoft Office (x64) (HKLM\...\{17BD99A4-9C11-47D4-91AF-8814DD3FFCC2}) (Version: 8.1.920 - Softland)
novaPDF 8 add-in for Microsoft Office (x86) (HKLM-x32\...\{B6E0BB99-B532-4EC1-9D84-ACC8CED590B3}) (Version: 8.1.920 - Softland)
novaPDF 8 Printer Driver (HKLM\...\{3A1637B5-233D-47B1-B89F-EBF718C04CFD}) (Version: 8.1.920 - Softland)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Pacote de controladores do Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
PaintTool SAI (HKLM-x32\...\PaintTool SAI1.1.0) (Version: 1.1.0 - Eddie Sekiguchi Softwares)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
Pioneer DDJ_SR Driver (HKLM-x32\...\Pioneer DDJ_SR ASIO) (Version: 1.100.000.001 - Pioneer DJ Corporation.)
Qualcomm Atheros Killer Network Manager (HKLM\...\{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.591 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.591 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Screen Receiver (HKLM-x32\...\{B808CBB8-0436-48A5-A99B-E77B65FCE7C3}) (Version: 3.02.2001 - CASIO COMPUTER CO., LTD.)
Serato DJ (HKLM-x32\...\{8a5fa39a-fc35-443a-b1ae-b5d600daed1a}) (Version: 1.9.10.5170 - )
Serato DJ (HKLM-x32\...\{941AF1A8-32BA-4E7D-9D04-ADDB39F58B53}) (Version: 1.9.10.5170 - Serato) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-1268683879-3191997658-603331031-1023\...\Spotify) (Version: 1.0.59.395.ge6ca9946 - Spotify AB)
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.018 - MSI)
Suporte para Aplicações Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Sweet Home 3D version 4.4 (HKLM\...\Sweet Home 3D_is1) (Version: - eTeks)
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Total Recorder 8.3 Professional Edition (HKLM-x32\...\TotalRecorder) (Version: - )
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
Unknown File Handler (HKLM-x32\...\UFH_is1) (Version: 2015.12.29.0 - File.org)
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VDownloader 4.3.2190 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited)
VirtualDJ 8 (HKLM-x32\...\{E1962904-0960-42F6-9072-3EC7D66A5495}) (Version: 8.2.3994.0 - Atomix Productions)
Vita Concert Grand LE (HKLM\...\{C81BA934-5770-4610-A423-5CB7C9EEE548}) (Version: 2.4.0.95 - MAGIX Software GmbH) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1268683879-3191997658-603331031-1023_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\DirectConnect2015 (64-bit)\bin\Aruba\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-1268683879-3191997658-603331031-1023_Classes\CLSID\{44ebc444-24b6-4544-97cc-559155cde204}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1268683879-3191997658-603331031-1023_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\DirectConnect2015 (64-bit)\bin\Aruba\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-1268683879-3191997658-603331031-1023_Classes\CLSID\{C52B9871-E5E9-41FD-B84D-C5ACADBEC7AE}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1268683879-3191997658-603331031-1023_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\DirectConnect2015 (64-bit)\bin\Aruba\Inventor Server\Bin\TestServer.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-09] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-09] (AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-09] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Users\Sofiaa\Desktop\Notepad++\NppShell_06.dll -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-09] (AVAST Software)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShA64.dll [2018-04-14] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2015-02-27] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-09] (AVAST Software)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-09] (AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2014-01-25] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-09] (AVAST Software)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShA64.dll [2018-04-14] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08497E82-5F54-4749-BE0F-E84EF6C0E9DA} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1268683879-3191997658-603331031-1000Core => C:\Users\Familia Silva\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-06] (Dropbox, Inc.)
Task: {3073252B-F0A6-4A54-BB02-15451E7214A1} - \{09EFC5AB-D230-AB81-74D2-4D2309EFC5AB} -> No File <==== ATTENTION
Task: {30838BE9-C1B2-4DCB-895B-A9B95B23CCD0} - System32\Tasks\Connect => C:\Program Files (x86)\MAGIX\Connect\connect.exe [2017-08-02] (MAGIX Software GmbH)
Task: {311C9BB8-D70B-4506-B9D3-4EC2BC4B01B3} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_Plugin.exe [2018-04-12] (Adobe Systems Incorporated)
Task: {414F65F7-71B0-49FE-A86B-8D5DF29624DD} - System32\Tasks\CMPCUAC => C:\Program Files\CleanMyPC\CleanMyPC.exe
Task: {4700098B-62B1-4BC3-871E-473FA572DAE9} - System32\Tasks\simplitec Power Suite => C:\Program Files (x86)\simplitec\simpliclean\PowerSuite.exe
Task: {47B10365-62B9-496D-9C76-FE97D108B876} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {4A54B462-1864-4F25-B3DB-0E250E881E26} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1268683879-3191997658-603331031-1000UA => C:\Users\Familia Silva\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-06] (Dropbox, Inc.)
Task: {5015C151-AC81-4161-B7CD-DCC8C7850BF3} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [2014-11-21] ()
Task: {52B61CA4-C00D-481D-87D1-4CC4E49866CC} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe
Task: {59BCBE78-917D-4846-8829-4E33C36C529C} - System32\Tasks\{312B53AD-E943-9D18-CF8F-B118EE1C3B74} => C:\Users\Sofiaa\AppData\Roaming\niZHaUI.exe [1623-04-04] (Microsoft Corporation) <==== ATTENTION
Task: {75342112-D436-475A-BEC2-813AF6D9CF3B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd)
Task: {803DE3D3-6C3D-454B-98A5-C7411F39B868} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-01-09] (AVAST Software)
Task: {8225F97B-CF76-4146-ADF0-01EDB4715ED1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {85F2E412-CED6-491A-9F69-ED59F88681E1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {B128C5F9-9FE6-48A9-A919-5C96AF70645F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C46580CB-798A-4B06-A960-2116BD982E95} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2018-02-07] (AVAST Software)
Task: {C4F0DB51-BCD9-4E50-809C-E873CA174685} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-04-14] (AVG Technologies CZ, s.r.o.)
Task: {CDA69128-3697-4D53-BBB6-A524E835F776} - System32\Tasks\Final Media Player Update Checker => C:\Program Files (x86)\FinalMediaPlayer\FMPCheckForUpdates.exe
Task: {CF5174E5-5A77-41DE-8D16-A84FAE9D929F} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [2018-04-14] (AVG Technologies CZ, s.r.o.)
Task: {DD7FC4A1-443A-4A15-B38B-10E4A98AB3CB} - System32\Tasks\simplitec Power Suite (Tray) => C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
Task: {E64CE5ED-D949-477B-89FD-F7F5414E7106} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-04-13] (AVAST Software)
Task: {F4D3DA7E-C319-4BB0-A762-63164B22F620} - System32\Tasks\{DA409434-5703-FFF2-6EF2-C96686C95FC8} => C:\Windows\SysWOW64\PfeUpEF.exe [1623-04-04] (Microsoft Corporation)
Task: {F99FA9B2-F1EC-46DC-A5E7-4ED7696E7BBD} - System32\Tasks\Norton Security Scan for Familia Silva => C:\Program Files (x86)\Norton Security Scan\Engine\4.6.2.17\Nss.exe [2017-05-15] (Symantec Corporation)
Task: {FB265057-104D-4B1F-85A6-A215882B94ED} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-04-12] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Connect.job => C:\Program Files (x86)\MAGIX\Connect\connect.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1268683879-3191997658-603331031-1000Core.job => C:\Users\Familia Silva\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1268683879-3191997658-603331031-1000UA.job => C:\Users\Familia Silva\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\Final Media Player Update Checker.job => C:\Program Files (x86)\FinalMediaPlayer\FMPCheckForUpdates.exe
Task: C:\Windows\Tasks\simplitec Power Suite (Tray).job => C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
Task: C:\Windows\Tasks\simplitec Power Suite.job => C:\Program Files (x86)\simplitec\simpliclean\PowerSuite.exe
Task: C:\Windows\Tasks\{09EFC5AB-D230-AB81-74D2-4D2309EFC5AB}.job => C:\Program Files (x86)\NVIDIA Corporation\2.2\PhysXLoader.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Sofiaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\Sofiaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com
ShortcutWithArgument: C:\Users\Sofiaa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Sofiaa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\477ad49a64adfc24\Adblock Plus.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=cfhdojbkjhnklbpkdaibdccddilifddb
==================== Loaded Modules (Whitelisted) ==============
2013-02-13 10:35 - 2013-02-13 10:35 - 000180200 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2013-02-13 10:35 - 2013-02-13 10:35 - 000060392 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2014-11-21 21:06 - 2014-11-21 21:06 - 000137368 _____ () C:\Program Files\Softland\novaPDF 8\Server\AgileDotNetRT64.dll
2013-05-07 11:43 - 2013-05-07 11:43 - 000503296 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
2011-05-09 20:46 - 2011-05-09 20:46 - 002760192 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtCore4.dll
2011-05-09 20:56 - 2011-05-09 20:56 - 009856000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtGui4.dll
2011-05-09 20:47 - 2011-05-09 20:47 - 000416256 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtXml4.dll
2013-05-07 11:43 - 2013-05-07 11:43 - 000217600 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFCommon.dll
2011-05-10 12:32 - 2011-05-10 12:32 - 000731648 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\qwt5.dll
2011-05-09 20:48 - 2011-05-09 20:48 - 000990720 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtNetwork4.dll
2018-01-09 20:06 - 2018-01-09 20:06 - 000067920 _____ () c:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
2018-01-09 20:06 - 2018-01-09 20:06 - 000067984 _____ () C:\Program Files\AVAST Software\Avast\x64\dll_loader.dll
2018-01-09 20:06 - 2018-01-09 20:06 - 000236840 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2018-01-09 20:06 - 2018-01-09 20:06 - 000902824 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2018-01-09 20:06 - 2018-01-09 20:06 - 000349568 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2018-01-09 20:06 - 2018-01-09 20:06 - 000337096 _____ () C:\Program Files\AVAST Software\Avast\x64\tasks_core.dll
2017-01-07 11:22 - 2015-02-27 15:38 - 000721263 _____ () C:\Windows\SysWOW64\WSCM64.dll
2013-05-07 11:43 - 2013-05-07 11:43 - 000554496 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
2013-05-07 11:43 - 2013-05-07 11:43 - 000404992 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modApplications.dll
2013-05-07 11:43 - 2013-05-07 11:43 - 000036864 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFeatures.dll
2013-05-07 11:43 - 2013-05-07 11:43 - 000025088 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFraps.dll
2013-05-07 11:43 - 2013-05-07 11:43 - 000240128 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modGraph.dll
2013-05-07 11:43 - 2013-05-07 11:43 - 000062464 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modlcd.dll
2013-05-07 11:43 - 2013-05-07 11:43 - 000291328 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNetwork.dll
2013-05-07 11:43 - 2013-05-07 11:43 - 000184832 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNpu.dll
2013-05-07 11:43 - 2013-05-07 11:43 - 000211456 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOptions.dll
2013-05-07 11:43 - 2013-05-07 11:43 - 000064000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOverview.dll
2013-05-07 11:43 - 2013-05-07 11:43 - 000317440 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modSystemInfo.dll
2018-03-23 14:51 - 2018-03-20 07:00 - 002683224 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\swiftshader\libglesv2.dll
2018-03-23 14:51 - 2018-03-20 07:00 - 000127832 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\swiftshader\libegl.dll
2018-03-23 14:51 - 2018-03-20 07:00 - 004435288 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libglesv2.dll
2018-03-23 14:51 - 2018-03-20 07:00 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libegl.dll
2018-01-09 20:06 - 2018-01-09 20:06 - 000058016 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2018-01-09 20:06 - 2018-01-09 20:06 - 000057504 _____ () C:\Program Files\AVAST Software\Avast\dll_loader.dll
2018-01-09 20:06 - 2018-01-09 20:06 - 000206152 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2018-01-09 20:06 - 2018-01-09 20:06 - 000289272 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-01-09 20:06 - 2018-01-09 20:06 - 000196248 _____ () C:\Program Files\AVAST Software\Avast\network_notifications.dll
2018-04-14 16:08 - 2018-04-14 16:08 - 005817488 _____ () C:\Program Files\AVAST Software\Avast\defs\18041402\algo.dll
2018-01-09 20:06 - 2018-01-09 20:06 - 000745408 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2018-01-09 20:06 - 2018-01-09 20:06 - 000148936 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-01-09 20:06 - 2018-01-09 20:06 - 000293944 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-04-14 09:16 - 2018-04-14 09:16 - 000348400 _____ () C:\Program Files\AVG\Antivirus\streamback_avast.dll
2018-04-14 09:16 - 2018-04-14 09:16 - 000296688 _____ () C:\Program Files\AVG\Antivirus\streamback.dll
2018-04-14 09:16 - 2018-04-14 09:16 - 000283888 _____ () C:\Program Files\AVG\Antivirus\tasks_core.dll
2018-04-14 16:07 - 2018-04-14 16:07 - 005813488 _____ () C:\Program Files\AVG\Antivirus\defs\18041402\algo.dll
2018-04-14 09:16 - 2018-04-14 09:16 - 000764656 _____ () C:\Program Files\AVG\Antivirus\ffl2.dll
2018-04-14 09:16 - 2018-04-14 09:16 - 000912112 _____ () C:\Program Files\AVG\Antivirus\anen.dll
2018-04-14 09:16 - 2018-04-14 09:16 - 000970992 _____ () C:\Program Files\AVG\Antivirus\shepherdsync.dll
2018-04-14 09:16 - 2018-04-14 09:16 - 000502512 _____ () C:\Program Files\AVG\Antivirus\gui_cache.dll
2018-01-09 20:06 - 2018-01-09 20:06 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-01-09 20:06 - 2018-01-09 20:06 - 000282560 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2018-01-09 19:58 - 2018-01-08 18:52 - 001891832 _____ () C:\Users\Sofiaa\AppData\Local\Discord\app-0.0.300\ffmpeg.dll
2018-01-09 19:59 - 2018-02-10 16:30 - 001780216 _____ () \\?\C:\Users\Sofiaa\AppData\Roaming\discord\0.0.300\modules\discord_overlay2\discord_overlay2.node
2018-03-25 22:43 - 2018-03-25 22:43 - 067127976 _____ () C:\Program Files\AVG\Antivirus\libcef.dll
2018-01-09 19:58 - 2018-01-08 18:52 - 001937912 _____ () C:\Users\Sofiaa\AppData\Local\Discord\app-0.0.300\libglesv2.dll
2018-01-09 19:58 - 2018-01-08 18:52 - 000095736 _____ () C:\Users\Sofiaa\AppData\Local\Discord\app-0.0.300\libegl.dll
2018-01-09 19:59 - 2018-01-09 19:59 - 002662904 _____ () \\?\C:\Users\Sofiaa\AppData\Roaming\discord\0.0.300\modules\discord_rpc\discord_rpc.node
2018-01-09 19:59 - 2018-03-22 20:07 - 009623896 _____ () \\?\C:\Users\Sofiaa\AppData\Roaming\discord\0.0.300\modules\discord_voice\discord_voice.node
2018-01-09 19:59 - 2018-02-01 20:10 - 001508344 _____ () \\?\C:\Users\Sofiaa\AppData\Roaming\discord\0.0.300\modules\discord_utils\discord_utils.node
2018-01-09 19:59 - 2018-01-09 19:59 - 000513016 _____ () \\?\C:\Users\Sofiaa\AppData\Roaming\discord\0.0.300\modules\discord_erlpack\discord_erlpack.node
2018-01-09 19:59 - 2018-03-13 21:53 - 001517560 _____ () \\?\C:\Users\Sofiaa\AppData\Roaming\discord\0.0.300\modules\discord_game_utils\discord_game_utils.node
2018-01-09 19:59 - 2018-03-10 10:54 - 002749944 _____ () \\?\C:\Users\Sofiaa\AppData\Roaming\discord\0.0.300\modules\discord_contact_import\discord_contact_import.node
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Familia Silva\Desktop\fx9860emulator.exe:com.dropbox.attributes [166]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1268683879-3191997658-603331031-1023\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1268683879-3191997658-603331031-1023\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2018-04-09 15:31 - 000000869 _____ C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.r2rdownload.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1268683879-3191997658-603331031-1023\Control Panel\Desktop\\Wallpaper -> C:\Users\Sofiaa\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.228.128.156 - 213.228.128.6
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Sofiaa\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Spotify => C:\Users\Sofiaa\AppData\Roaming\Spotify\Spotify.exe --autostart
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\Sofiaa\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: uTorrent => "C:\Users\Sofiaa\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: VDownloader => C:\Program Files\VDownloader\VDownloader.exe /silent
MSCONFIG\startupreg: Web Companion => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{C67140EF-5DF3-455D-9E26-AE6094DA51EF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F3E823A2-CB90-4CEB-94DA-FA675920D14E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{8A425A9B-0FFE-4BE8-AC1E-54F3ED616122}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{840D0E23-D647-47BE-9CB1-973C9DA74150}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{0D59C7BB-42FE-4C39-B1A9-1DB359C83977}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{33228555-8ABA-4EDA-8B91-6F929F1DB606}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{71604EDB-8770-49BC-9426-915E145697C5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{8BBBB3E2-CC63-4766-9BF5-6B9ED65E9428}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{11FFFDF8-B54A-45D4-BFAB-C2326C44C838}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{838A94FD-6061-4A48-8E73-49622F526094}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{47C44C35-6466-46A9-8D60-47142926D4AD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{B5E42672-2818-4414-A5FD-4C5EEDADD65F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{3EC69148-6D3D-4085-8AAD-ED0D07039D97}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{7F46D5AA-98FA-46F6-9E6E-79DC5517C911}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{7C5F1AB5-F077-48F3-9E7E-B5DCD067AB21}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{E763C450-F5CA-4E8A-98C1-EB9ED4E8418F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{D96732B2-DCA8-4656-9E31-28F3C85BC1F4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{D70AEDB2-51A7-4D6F-B500-674A883A39A4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{76FCA29B-3DB7-4AA3-ACAB-B16C3D6BD17B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{542A92D4-B012-40DB-837A-0218F57FC227}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{04F3C738-A517-4EDE-BF7C-D7C87122AA83}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{907F0FC2-0C8B-4DE1-B484-E0E9E268FFFE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{2DBC973E-D0EB-4F03-8A2D-4F3D326952B8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{316B65D9-FAAC-480F-B51C-DB76D81B226A}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{F5D9CD8C-A274-4A8B-82A6-DDE538652EE0}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{5951DC9C-C1C7-4AFF-91BC-C799D6EB853B}] => (Allow) C:\Users\Familia Silva\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D0666F42-FF6B-4DC1-9D19-CC8D72892AB0}] => (Allow) C:\Users\Familia Silva\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7A65F2DF-EB9D-4BF6-8ADB-610880A6FC09}] => (Allow) LPort=8501
FirewallRules: [{F6537A48-8B30-43AD-914A-5E84EA0294FF}] => (Allow) LPort=8501
FirewallRules: [TCP Query User{D149C3BE-597F-437C-98FC-AEA998F1DB3A}C:\users\familia silva\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\familia silva\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{1639941B-CD15-4E7A-9E80-77A04B5E33F2}C:\users\familia silva\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\familia silva\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{880E547E-E15C-4724-94C2-1EE52085F72D}C:\users\convidado\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\convidado\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{182A285E-8AB3-4F12-B6BC-8698C1F9146C}C:\users\convidado\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\convidado\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{988BDDA5-4AB6-4348-B908-E13AA8318522}C:\users\convidado\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\convidado\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{6653C395-E484-4064-B52A-B062BE0E6BB2}C:\users\convidado\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\convidado\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{0CE6D119-D4E0-4DFB-9988-9679EFF53544}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CED0B1BC-F27D-478A-B136-3A1CC42C994C}] => (Allow) LPort=2869
FirewallRules: [{3BA98B37-4C76-46FF-B774-D49707D48E93}] => (Allow) LPort=1900
FirewallRules: [{926C4681-EAB1-462E-8811-EBA5CFA1B73D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{052B0E77-40F6-4EF0-A992-BDCEFD9E72B4}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{A0C3CD33-4CC5-4A8C-96A4-48052F6E24B0}] => (Allow) C:\Program Files (x86)\simplitec\simpliclean\PowerSuite.exe
FirewallRules: [{84A6799B-ADFB-4AC2-A873-083BBC8ACD61}] => (Allow) C:\Program Files (x86)\simplitec\simpliclean\PowerSuite.exe
FirewallRules: [{981695F6-5EC1-41D6-B3F8-04031FBDF6EC}] => (Allow) C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
FirewallRules: [{A2E22CF1-98FA-4F45-A266-25E3293E7412}] => (Allow) C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
FirewallRules: [{404EED37-895E-4F25-B7D9-6217D40CF254}] => (Allow) C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
FirewallRules: [{81FDF65F-9B59-4930-B6B9-40419DB69DC8}] => (Allow) C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
FirewallRules: [{B88ABD96-E3DE-473E-83ED-008EDDADA5AE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{95F7D95C-E9A4-4013-A918-2414B173694C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{A88B179B-FBA1-4DF7-9D18-64CDA974F1CD}C:\users\sofiaa\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\sofiaa\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{A8D70E01-4B91-4751-B2CB-00BB0A0BA5A1}C:\users\sofiaa\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\sofiaa\appdata\local\akamai\netsession_win.exe
FirewallRules: [{D0916C3F-08C2-4F63-8D0D-57A67788CA43}] => (Allow) C:\Program Files (x86)\Yeahseed\Application\chrome.exe
FirewallRules: [{6CF9DA0E-F993-4083-AE2E-1729D4E55451}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{A01E2D75-7BF4-4D07-91B8-B963959E3150}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{B3A291D3-84A7-44EA-9520-A9D7BE385359}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C3DC3B82-3AF1-4F6B-8A08-07362AD175A8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A7F1FE9D-D6D7-480F-A8A2-AB597720342F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CrushCrush\CrushCrush.exe
FirewallRules: [{ABEA907B-B99E-4C0C-875B-47885D81DC04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CrushCrush\CrushCrush.exe
FirewallRules: [{7AD5BFE7-6535-4424-9694-7D991F56EF60}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B08B3CC6-CDCF-4388-9BFE-0900F542E758}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{191E4C52-5907-43C1-9ED6-45A55124A2EA}F:\vlcportable\app\vlc\vlc.exe] => (Allow) F:\vlcportable\app\vlc\vlc.exe
FirewallRules: [UDP Query User{730C380C-2735-44C4-8935-F0CE73572469}F:\vlcportable\app\vlc\vlc.exe] => (Allow) F:\vlcportable\app\vlc\vlc.exe
FirewallRules: [{BE88A69F-766A-4E9E-B764-A8B9E76E58EC}] => (Allow) C:\Users\Sofiaa\Downloads\bin\BlackDesert32.exe
FirewallRules: [{47AB7FB2-E50F-4FE4-BD6A-5C9DC7B4370F}] => (Allow) C:\Users\Sofiaa\Downloads\bin64\BlackDesert64.exe
FirewallRules: [{2A3E9DBF-F02C-41DB-8A7E-C369B75C6121}] => (Allow) C:\Users\Sofiaa\Downloads\BlackDesert_Launcher.exe
FirewallRules: [{4E2F4023-114E-46D9-8FE9-09898402868E}] => (Allow) C:\Users\Sofiaa\Downloads\BlackDesert_Downloader.exe
FirewallRules: [{B63BB0FB-F4C0-4260-BB4B-8376AD23A012}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe
FirewallRules: [{FCCF547C-2F3A-4FC2-903B-F9E26C43F52F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe
FirewallRules: [{8B6ADF7D-D63B-4299-968E-91EC492EB88B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\NMService.exe
FirewallRules: [{7ECD855E-2765-428D-A8A9-0F088ADB7EB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\NMService.exe
FirewallRules: [TCP Query User{C8D2703E-8860-4BE0-8EA8-FCA50A62CFDA}C:\users\sofiaa\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sofiaa\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{9FB99784-20EF-4EDE-80B2-964F66B9FB26}C:\users\sofiaa\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sofiaa\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{525225C1-4C6F-4A0F-B59C-D36CB9B463CA}C:\users\sofiaa\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\sofiaa\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E1CC4466-2C4D-48BE-8925-A4F923BE8B28}C:\users\sofiaa\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\sofiaa\appdata\roaming\spotify\spotify.exe
FirewallRules: [{B16A2447-DE7A-4FC2-9310-7E1260350D06}] => (Allow) C:\Users\Sofiaa\Desktop\Limpa o LIXO E ORGANIZA O COMPUTADOR PRECISA DE ESPAÇO\Guild Wars 2\Gw2-64.exe
FirewallRules: [{10DFC8AA-7603-41E8-AE05-6E89E142853A}] => (Allow) C:\Users\Sofiaa\Desktop\Limpa o LIXO E ORGANIZA O COMPUTADOR PRECISA DE ESPAÇO\Guild Wars 2\Gw2-64.exe
FirewallRules: [{D83DC2A7-C3A1-483E-9D75-E1194B8FAAB9}] => (Allow) C:\Users\Sofiaa\Desktop\Limpa o LIXO E ORGANIZA O COMPUTADOR PRECISA DE ESPAÇO\Guild Wars 2\Gw2-64.exe
FirewallRules: [{5C0F3939-C458-41A7-82B9-983CEEBEA2ED}] => (Allow) C:\Users\Sofiaa\Desktop\Limpa o LIXO E ORGANIZA O COMPUTADOR PRECISA DE ESPAÇO\Guild Wars 2\Gw2-64.exe
FirewallRules: [{224384AB-7EFA-49D0-9777-C4A60D6D41B3}] => (Allow) C:\Users\Sofiaa\Desktop\Limpa o LIXO E ORGANIZA O COMPUTADOR PRECISA DE ESPAÇO\Guild Wars 2\bin64\CoherentUI_Host.exe
FirewallRules: [{22C3AD69-1C03-485D-8004-68BC02BB7F33}] => (Allow) C:\Users\Sofiaa\Desktop\Limpa o LIXO E ORGANIZA O COMPUTADOR PRECISA DE ESPAÇO\Guild Wars 2\bin64\CoherentUI_Host.exe
FirewallRules: [{995DABFF-5807-4B20-9EE7-AF8CFDF33944}] => (Allow) C:\Users\Sofiaa\Desktop\Limpa o LIXO E ORGANIZA O COMPUTADOR PRECISA DE ESPAÇO\Guild Wars 2\bin64\CoherentUI_Host.exe
FirewallRules: [{0AC821E3-34E3-408F-8067-61A937EC11D7}] => (Allow) C:\Users\Sofiaa\Desktop\Limpa o LIXO E ORGANIZA O COMPUTADOR PRECISA DE ESPAÇO\Guild Wars 2\bin64\CoherentUI_Host.exe
FirewallRules: [{F1CBB304-D877-497B-B8BC-14395EE3573F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{1355A41D-D3BD-47D6-8185-5381EFD28395}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{4D5D0849-B232-43BB-8A0C-8F8DC05F5864}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{680F79D1-7A9D-495C-8170-A8BBC59F0336}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1ECC4761-3704-40C4-9D62-E64D2D075C9F}] => (Allow) C:\Users\Sofiaa\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{03E5A32D-1C6A-4D91-9402-D11D00919E02}] => (Allow) C:\Users\Sofiaa\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{80B8B0FA-B072-497E-B304-0956109D4684}C:\program files (x86)\vb\voicemeeter\voicemeeter.exe] => (Block) C:\program files (x86)\vb\voicemeeter\voicemeeter.exe
FirewallRules: [UDP Query User{33C90D6B-2713-4235-A369-01533BF992F4}C:\program files (x86)\vb\voicemeeter\voicemeeter.exe] => (Block) C:\program files (x86)\vb\voicemeeter\voicemeeter.exe
FirewallRules: [TCP Query User{BD476AC9-1465-48CE-8CD0-FE5603FFF970}C:\program files (x86)\vb\voicemeeter\voicemeetermacrobuttons.exe] => (Allow) C:\program files (x86)\vb\voicemeeter\voicemeetermacrobuttons.exe
FirewallRules: [UDP Query User{6F4B5F1B-1DDC-4384-B337-4775A8EC70C4}C:\program files (x86)\vb\voicemeeter\voicemeetermacrobuttons.exe] => (Allow) C:\program files (x86)\vb\voicemeeter\voicemeetermacrobuttons.exe
FirewallRules: [TCP Query User{C7D2EA54-1640-44D4-8581-22E25A8370FA}C:\program files (x86)\vb\voicemeeter\vban2midi.exe] => (Allow) C:\program files (x86)\vb\voicemeeter\vban2midi.exe
FirewallRules: [UDP Query User{DC71DC7E-C4B7-4A25-A720-49DC5B195D12}C:\program files (x86)\vb\voicemeeter\vban2midi.exe] => (Allow) C:\program files (x86)\vb\voicemeeter\vban2midi.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name: Adaptador de Túnel Teredo da Microsoft
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/15/2018 06:08:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/15/2018 05:57:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: O descarregamento das cadeias do contador de desempenho do serviço WmiApRpl (WmiApRpl) falhou. A primeira DWORD na secção Data contém o código de erro.
Error: (04/15/2018 05:57:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: As cadeias de desempenho no valor de registo de desempenho estão danificadas para o fornecedor de contadores de extensão do processo Performance. O valor de BaseIndex do registo de desempenho é a primeira DWORD na secção Data, o valor de LastCounter é a segunda DWORD na secção Data e o valor LastHelp é a terceira DWORD na secção Data.
Error: (04/15/2018 05:57:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: As cadeias de desempenho no valor de registo de desempenho estão danificadas para o fornecedor de contadores de extensão do processo Performance. O valor de BaseIndex do registo de desempenho é a primeira DWORD na secção Data, o valor de LastCounter é a segunda DWORD na secção Data e o valor LastHelp é a terceira DWORD na secção Data.
Error: (04/15/2018 05:52:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/15/2018 03:42:27 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: O descarregamento das cadeias do contador de desempenho do serviço WmiApRpl (WmiApRpl) falhou. A primeira DWORD na secção Data contém o código de erro.
Error: (04/15/2018 03:42:27 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: As cadeias de desempenho no valor de registo de desempenho estão danificadas para o fornecedor de contadores de extensão do processo Performance. O valor de BaseIndex do registo de desempenho é a primeira DWORD na secção Data, o valor de LastCounter é a segunda DWORD na secção Data e o valor LastHelp é a terceira DWORD na secção Data.
Error: (04/15/2018 03:42:27 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: As cadeias de desempenho no valor de registo de desempenho estão danificadas para o fornecedor de contadores de extensão do processo Performance. O valor de BaseIndex do registo de desempenho é a primeira DWORD na secção Data, o valor de LastCounter é a segunda DWORD na secção Data e o valor LastHelp é a terceira DWORD na secção Data.
System errors:
=============
Error: (04/15/2018 06:10:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: O serviço Serviço Google Update (gupdate) falhou o arranque devido ao seguinte erro:
O sistema não conseguiu localizar o ficheiro especificado.
Error: (04/15/2018 06:09:13 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: O serviço avgbIDSAgent terminou com o erro específico do serviço %%-536753635.
Error: (04/15/2018 06:08:31 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1096) (User: FamiliaSilva-PC)
Description: Falha no processamento da Política de Grupo. O Windows não conseguiu aplicar as definições de política baseadas no registo para o objecto LocalGPO da Política de Grupo. As definições da Política de Grupo não serão resolvidas enquanto este evento não for resolvido. Consulte os detalhes do evento para obter mais informações sobre o nome do ficheiro e o caminho que causaram a falha.
Error: (04/15/2018 06:06:59 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: O servidor {3EB3C877-1F16-487C-9050-104DBCD66683} não foi registado no DCOM dentro do tempo de espera requerido.
Error: (04/15/2018 06:06:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Serviço de Lista de Redes depende do serviço Identificação da localização na rede o qual falhou o arranque devido ao seguinte erro:
O serviço ou grupo de dependência não conseguiu ser iniciado.
Error: (04/15/2018 06:06:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Serviço de Lista de Redes depende do serviço Identificação da localização na rede o qual falhou o arranque devido ao seguinte erro:
O serviço ou grupo de dependência não conseguiu ser iniciado.
Error: (04/15/2018 06:06:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Serviço de Lista de Redes depende do serviço Identificação da localização na rede o qual falhou o arranque devido ao seguinte erro:
O serviço ou grupo de dependência não conseguiu ser iniciado.
Error: (04/15/2018 06:06:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Serviço de Lista de Redes depende do serviço Identificação da localização na rede o qual falhou o arranque devido ao seguinte erro:
O serviço ou grupo de dependência não conseguiu ser iniciado.
Windows Defender:
===================================
Date: 2017-06-04 10:17:42.757
Description:
A análise de Windows Defender parou antes de ser concluída.
ID de Análise:{0033705D-124C-4F1E-B0B7-1EB68D25C020}
Tipo de Análise:AntiSpyware
Parâmetros de Análise:Análise Rápida
Utilizador:NT AUTHORITY\Serviço de rede
Date: 2016-12-16 15:13:29.252
Description:
A análise de Windows Defender parou antes de ser concluída.
ID de Análise:{43487DE1-6239-4C73-959B-FC125B86647B}
Tipo de Análise:AntiSpyware
Parâmetros de Análise:Análise Rápida
Utilizador:NT AUTHORITY\Serviço de rede
Date: 2016-11-13 07:48:31.175
Description:
Windows Defender detectou spyware ou outro software potencialmente indesejável.
Para mais informações, consulte:
Nome:BrowserModifier:Win32/SupTab
ID:214126
Gravidade:Alto
Categoria:Modificador de Browser
Caminho Encontrado:file:C:\ProgramData\UvConverter\UvConverter.exe;file:c:\users\familia silva\AppData\Roaming\Corner Sunshine\b_2643743_EN.json;file:c:\users\familia silva\AppData\Roaming\Corner Sunshine\b_autoip_EN.json;file:c:\users\familia silva\AppData\Roaming\Corner Sunshine\picture\cloudy_e17e6047cf929e7ea4c815f67132b949\cloudy00.png;file:c:\users\familia silva\AppData\Roaming\Corner Sunshine\picture\cloudy_e17e6047cf929e7ea4c815f67132b949\cloudy01.png;file:c:\users\familia silva\AppData\Roaming\Corner Sunshine\picture\cloudy_e17e6047cf929e7ea4c815f67132b949\cloudy02.png;file:c:\users\familia silva\AppData\Roaming\Corner Sunshine\picture\cloudy_e17e6047cf929e7ea4c815f67132b949\cloudy03.png;file:c:\users\familia silva\AppData\Roaming\Corner Sunshine\picture\cloudy_e17e6047cf929e7ea4c815f67132b949\cloudy04.png;file:c:\users\familia silva\AppData\Roaming\Corner Sunshine\picture\cloudy_e17e6047cf929e7ea4c815f67132b949\cloudy05.png;file:c:\users\familia silva\AppData\Roaming\Corner Sunshine\picture\cloudy_e17e6047cf929e7ea4c
Tipo de Detecção:Concreto
Origem da Detecção:Sistema
Estado:Desconhecido
Utilizador:NT AUTHORITY\SYSTEM
Nome do Processo:
Date: 2016-11-12 18:41:14.962
Description:
Windows Defender detectou spyware ou outro software potencialmente indesejável.
Para mais informações, consulte:
Nome:BrowserModifier:Win32/SupTab
ID:214126
Gravidade:Alto
Categoria:Modificador de Browser
Caminho Encontrado:file:C:\ProgramData\UvConverter\UvConverter.exe;file:c:\users\familia silva\AppData\Roaming\Corner Sunshine\b_2643743_EN.json;file:c:\users\familia silva\AppData\Roaming\Corner Sunshine\b_autoip_EN.json;file:c:\users\familia silva\AppData\Roaming\Corner Sunshine\picture\cloudy_e17e6047cf929e7ea4c815f67132b949\cloudy00.png;file:c:\users\familia silva\AppData\Roaming\Corner Sunshine\picture\cloudy_e17e6047cf929e7ea4c815f67132b949\cloudy01.png;file:c:\users\familia silva\AppData\Roaming\Corner Sunshine\picture\cloudy_e17e6047cf929e7ea4c815f67132b949\cloudy02.png;file:c:\users\familia silva\AppData\Roaming\Corner Sunshine\picture\cloudy_e17e6047cf929e7ea4c815f67132b949\cloudy03.png;file:c:\users\familia silva\AppData\Roaming\Corner Sunshine\picture\cloudy_e17e6047cf929e7ea4c815f67132b949\cloudy04.png;file:c:\users\familia silva\AppData\Roaming\Corner Sunshine\picture\cloudy_e17e6047cf929e7ea4c815f67132b949\cloudy05.png;file:c:\users\familia silva\AppData\Roaming\Corner Sunshine\picture\cloudy_e17e6047cf929e7ea4c
Tipo de Detecção:Concreto
Origem da Detecção:Sistema
Estado:Desconhecido
Utilizador:NT AUTHORITY\SYSTEM
Nome do Processo:
Date: 2016-11-11 21:48:48.847
Description:
Windows Defender detectou spyware ou outro software potencialmente indesejável.
Para mais informações, consulte:
Nome:BrowserModifier:Win32/SupTab
ID:214126
Gravidade:Alto
Categoria:Modificador de Browser
Caminho Encontrado:file:C:\ProgramData\UvConverter\UvConverter.exe;file:C:\Users\Familia Silva\AppData\Roaming\Corner Sunshine\b_2643743_EN.json;file:C:\Users\Familia Silva\AppData\Roaming\Corner Sunshine\b_autoip_EN.json;file:C:\Users\Familia Silva\AppData\Roaming\Corner Sunshine\picture\cloudy_e17e6047cf929e7ea4c815f67132b949\cloudy00.png;file:C:\Users\Familia Silva\AppData\Roaming\Corner Sunshine\picture\cloudy_e17e6047cf929e7ea4c815f67132b949\cloudy01.png;file:C:\Users\Familia Silva\AppData\Roaming\Corner Sunshine\picture\cloudy_e17e6047cf929e7ea4c815f67132b949\cloudy02.png;file:C:\Users\Familia Silva\AppData\Roaming\Corner Sunshine\picture\cloudy_e17e6047cf929e7ea4c815f67132b949\cloudy03.png;file:C:\Users\Familia Silva\AppData\Roaming\Corner Sunshine\picture\cloudy_e17e6047cf929e7ea4c815f67132b949\cloudy04.png;file:C:\Users\Familia Silva\AppData\Roaming\Corner Sunshine\picture\cloudy_e17e6047cf929e7ea4c815f67132b949\cloudy05.png;file:C:\Users\Familia Silva\AppData\Roaming\Corner Sunshine\picture\cloudy_e17e6047cf929e7ea4c
Tipo de Detecção:Concreto
Origem da Detecção:Sistema
Estado:Desconhecido
Utilizador:NT AUTHORITY\SYSTEM
Nome do Processo:
Date: 2016-09-02 15:28:22.431
Description:
O motor de %1 foi terminado devido a um erro inesperado.
Tipo de Falha:%5
Código de Excepção:%6
Recurso:%3
Date: 2016-07-08 16:20:30.984
Description:
Windows Defender encontrou um erro ao tentar carregar assinaturas e irá tentar reverter para um conjunto de assinaturas em condições conhecido.
Assinaturas Tentadas:Actual
Código de Erro:0x8050800d
Descrição do Erro:Não foi possível apresentar alguns itens do histórico. Aguarde alguns minutos e volte a tentar. Se tal não funcionar, limpe o histórico e volte a tentar.
Versão de Assinatura:1.225.793.0
Versão de Motor:1.1.12902.0
==================== Memory info ===========================
Processor: Intel® Core i5-4670 CPU @ 3.40GHz
Percentage of memory in use: 43%
Total physical RAM: 7862.01 MB
Available physical RAM: 4436.25 MB
Total Virtual: 15722.21 MB
Available Virtual: 12127.46 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:13.05 GB) NTFS
Drive e: (Sistema Reservado) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Novo volume) (Fixed) (Total:1863.01 GB) (Free:1856.68 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: E402D98B)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=42)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: D238DA12)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================