Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-10-2021 Ran by Jtug (administrator) on AV_Est (LENOVO 80G0) (03-10-2021 09:56:39) Running from C:\Users\Jtug\Desktop\comboF Loaded Profiles: Jtug Platform: Windows 8.1 (Update) (X64) Language: Inglês (Estados Unidos) -> Português (Portugal) Default browser: FF Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\COMODO Secure Shopping\csssrv64.exe (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2> (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxTray.exe (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe (Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe (Lenovo (Beijing) Limited -> ) C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc. -> Conexant Systems, Inc.) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> ) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) [File not signed] HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3276104 2014-05-22] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7818552 2013-11-07] (Motorola Solutions Inc. -> Motorola Solutions, Inc.) HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2014-01-21] (Realtek Semiconductor Corp -> Realtek semiconductor) HKLM\...\Run: [vdcss] => C:\Program Files (x86)\COMODO\COMODO Secure Shopping\vdcss.exe [10140904 2019-08-21] (Comodo Security Solutions, Inc. -> COMODO) HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> ) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-223814551-1140071388-4042786358-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [114017640 2021-08-10] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-223814551-1140071388-4042786358-1001\...\Run: [utweb] => C:\Users\Jtug\AppData\Roaming\uTorrent Web\utweb.exe [5898272 2021-07-26] (BitTorrent Inc -> BitTorrent Inc.) HKU\S-1-5-21-223814551-1140071388-4042786358-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35093120 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd) HKLM\...\Windows x64\Print Processors\sxa9mPC: C:\Windows\System32\spool\prtprocs\x64\sxa9mpc.dll [65256 2019-04-04] (联想图像(天津)科技有限公司 -> Windows (R) Codename Longhorn DDK provider) HKLM\...\Print\Monitors\sxa9m Langmon: C:\WINDOWS\system32\sxa9mlm.dll [44264 2019-04-04] (联想图像(天津)科技有限公司 -> ) HKLM\Software\...\Authentication\Credential Providers: [{d0869df6-64b0-4289-b483-9bff61394420}] -> C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfCredProv.dll [2015-06-18] (Lenovo (Beijing) Limited -> ) ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {044B8B59-15B0-4D90-A17B-BD41584A4048} - System32\Tasks\Lenovo\Experience Improvement Logon => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe Task: {098201C4-87B1-4983-9853-2DDBAEF96F2C} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {0B888A16-36AD-45BB-AA0F-764B7E67D5A2} - System32\Tasks\Xerox\Xerox PowerENGAGE Update => C:\Program Files (x86)\Xerox PowerENGAGE\xeroxreg.exe [117984 2016-09-13] (Aviata Inc -> Aviata Inc) Task: {136A88BC-453B-41BF-955C-EDE3EA25C3F8} - System32\Tasks\Xerox\Xerox PowerENGAGE => C:\Program Files (x86)\Xerox PowerENGAGE\xeroxreg.exe [117984 2016-09-13] (Aviata Inc -> Aviata Inc) Task: {169AF63C-2135-482B-B08F-EC580BEF06A6} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {1FBD4546-F479-4C95-9A54-DB2E020BB14B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.) Task: {21D928E7-4C31-4D72-B799-9F62B9D10C28} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-09-10] (Piriform Software Ltd -> Piriform) Task: {34DDB71F-A4BE-481F-8C98-DF10154978CE} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [95192 2013-03-08] (CyberLink Corp. -> CyberLink Corp.) Task: {3C7D0669-1011-4889-9FFB-51ED57F37630} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe Task: {4D5486C2-4060-4BEE-8486-AEA914A3D317} - System32\Tasks\CCleanerSkipUAC - Jtug => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd) Task: {739FDB70-4DBF-4EFC-98BB-3351EFC8AFE2} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: ) Task: {7D1A3F05-7ACE-4F5F-9DD8-400DD052FB63} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {9C8A000E-3640-4BAE-A21D-94B297051B5F} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {9C9AC907-E361-4B77-AF51-CB2AE391B33B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-09-29] (Mozilla Corporation -> Mozilla Foundation) Task: {9EAD68DA-448C-4356-BB1B-ED0363BC52A2} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy Task: {A805546E-F114-4D8A-A5CC-30A730D273A6} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {B9ADEBF0-8CBF-4153-9D86-C9E2E3AA3C7C} - System32\Tasks\update-S-1-5-21-223814551-1140071388-4042786358-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: ) Task: {C1F1FA78-E0B8-4AA7-A918-943F280150AD} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184 2014-09-10] (LENOVO -> Lenovo) Task: {D63B37DE-921C-49A8-881A-C7FC5EF84EAB} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {D8D967FD-45A6-4DB4-A532-0151F7F661A9} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {E6F9999D-8C63-41EC-A771-E120DB6AF656} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [17152 2014-11-21] (LENOVO -> Lenovo) Task: {F080E6AE-B1C4-495E-93EE-EBAC5ACE2DA0} - System32\Tasks\Lenovo App Services => C:\ProgramData\Lenovo App Services\Engine\LenovoAppServices.exe [7657160 2020-12-31] (SweetLabs Inc. -> Lenovo) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\update-S-1-5-21-223814551-1140071388-4042786358-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: [S-1-5-21-223814551-1140071388-4042786358-1001] => Proxy is enabled. ProxyServer: [S-1-5-21-223814551-1140071388-4042786358-1001] => 127.0.0.1:19669 Tcpip\Parameters: [DhcpNameServer] 81.20.240.33 81.20.240.34 192.168.1.1 Tcpip\..\Interfaces\{4C6E52AC-8CCC-480B-AA7C-518F718A0460}: [DhcpNameServer] 150.204.1.3 Tcpip\..\Interfaces\{E0AEE99C-9202-42CB-A71D-76D8589E8982}: [DhcpNameServer] 81.20.240.33 81.20.240.34 192.168.1.1 ManualProxies: 1127.0.0.1:19669 FireFox: ======== FF DefaultProfile: awehgdu3.default FF ProfilePath: C:\Users\Jtug\AppData\Roaming\Mozilla\Firefox\Profiles\awehgdu3.default [2021-10-02] FF ProfilePath: C:\Users\Jtug\AppData\Roaming\Mozilla\Firefox\Profiles\l8xjodc1.default-release [2021-10-03] FF Homepage: Mozilla\Firefox\Profiles\l8xjodc1.default-release -> about:blank FF NetworkProxy: Mozilla\Firefox\Profiles\l8xjodc1.default-release -> type", 0 FF Extension: (Proxy Failover) - C:\Users\Jtug\AppData\Roaming\Mozilla\Firefox\Profiles\l8xjodc1.default-release\features\{82eb8f34-4d71-4c32-887a-de1fe73455db}\proxy-failover@mozilla.com.xpi [2021-09-30] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-25] (Adobe Inc. -> Adobe Systems Inc.) ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.) R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) R2 csssrv; C:\Program Files (x86)\COMODO\COMODO Secure Shopping\csssrv64.exe [4054248 2019-08-21] (Comodo Security Solutions, Inc. -> COMODO) R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2259768 2021-08-13] (Comodo Security Solutions -> Comodo) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed] R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO) S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-22] (LENOVO -> Lenovo) R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-06-18] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> ) S2 UESDK1.0; C:\Program Files (x86)\Lenovo\UESDK\UESDK.exe [329688 2014-12-26] (LENOVO -> Lenovo) R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [68880 2015-06-18] (Lenovo (Beijing) Limited -> ) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation -> Microsoft Corporation) S3 XeroxProdRegManager; C:\Program Files (x86)\Xerox PowerENGAGE\EngageService.exe [293608 2016-09-13] (Aviata Inc -> Aviata, Inc.) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 btmaux; C:\WINDOWS\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions Inc. -> Motorola Solutions, Inc.) R3 btmhsf; C:\WINDOWS\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions Inc. -> Motorola Solutions, Inc.) R1 cmdcss; C:\WINDOWS\system32\drivers\cmdcss.sys [125000 2018-02-28] (Comodo Security Solutions, Inc. -> COMODO) R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [29600 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [834720 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [37824 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [120976 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-29] (Comodo Security Solutions, Inc. -> COMODO) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [35320 2014-09-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [258368 2014-09-22] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Windows -> Microsoft Corporation) S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2021-10-03 09:11 - 2021-10-03 09:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware 2021-10-03 09:11 - 2021-10-03 09:11 - 000000000 ____D C:\ProgramData\GridinSoft 2021-10-03 09:10 - 2021-10-03 09:42 - 000000000 ____D C:\Program Files\GridinSoft Anti-Malware 2021-10-03 09:04 - 2021-10-03 09:04 - 000989584 _____ (GridinSoft LLC) C:\Users\Jtug\Downloads\install-antimalware-gsa.exe 2021-10-03 08:28 - 2021-10-03 08:28 - 001182144 _____ (Emsisoft Ltd.) C:\Users\Jtug\Downloads\decrypt_STOPDjvu.exe 2021-10-02 22:29 - 2021-10-02 22:31 - 000009770 _____ C:\Users\Jtug\Desktop\Eset_log.txt 2021-10-02 19:13 - 2021-10-03 09:10 - 000000308 _____ C:\Users\Jtug\Desktop\ID ramson_results.txt 2021-10-02 19:07 - 2021-10-02 19:07 - 000001225 _____ C:\Users\Jtug\Desktop\ESET Online Scanner.lnk 2021-10-02 19:07 - 2021-10-02 19:07 - 000000000 ____D C:\Users\Jtug\AppData\Local\ESET 2021-10-02 19:06 - 2021-10-02 19:06 - 011697056 _____ (ESET) C:\Users\Jtug\Desktop\esetonlinescanner.exe 2021-10-02 16:40 - 2021-10-03 09:59 - 000000000 ____D C:\FRST 2021-10-02 15:27 - 2021-10-02 15:41 - 000000000 ____D C:\Users\Jtug\Desktop\mbar 2021-10-02 15:27 - 2021-10-02 15:41 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2021-10-02 15:27 - 2021-10-02 15:27 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\1443A1E9.sys 2021-10-02 15:27 - 2021-10-02 15:27 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2021-10-02 15:27 - 2021-10-02 15:27 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-10-02 10:54 - 2021-10-02 16:37 - 000000000 ____D C:\Users\Jtug\AppData\Local\FSDART 2021-10-02 10:54 - 2021-10-02 10:54 - 000000000 ____D C:\Users\Jtug\AppData\Local\F-Secure 2021-10-02 10:48 - 2021-10-02 10:48 - 000000036 _____ C:\Users\Jtug\AppData\Local\housecall.guid.cache 2021-10-02 10:34 - 2021-10-02 10:34 - 000000000 ____D C:\Users\Jtug\AppData\Local\Zemana 2021-10-02 10:33 - 2021-10-02 12:48 - 000000000 ____D C:\Users\Jtug\AppData\Local\AMSDK 2021-10-02 09:55 - 2021-10-03 08:39 - 000000000 ____D C:\Users\Jtug\Desktop\comboF 2021-10-01 19:26 - 2021-10-01 19:26 - 000000000 ____D C:\Users\Jtug\AppData\Local\CEF 2021-10-01 18:55 - 2021-10-01 19:37 - 000000000 ____D C:\Users\Jtug\AppData\Roaming\Intel Rapid 2021-10-01 18:51 - 2021-10-01 18:51 - 000000000 ____D C:\Users\Jtug\AppData\Roaming\calaba 2021-10-01 18:30 - 2021-10-01 19:37 - 000000000 ____D C:\ProgramData\Microsoft Network 2021-10-01 18:30 - 2021-10-01 18:30 - 000000001 _____ C:\ProgramData\check.txt 2021-10-01 18:30 - 2021-10-01 18:30 - 000000000 ____D C:\ProgramData\Data 2021-10-01 18:29 - 2021-10-02 20:35 - 000000000 ____D C:\Users\Jtug\AppData\Local\e9c329ea-2afc-41e9-92cf-f5eb6febe253 2021-10-01 18:29 - 2021-10-01 19:32 - 000000000 ____D C:\Users\Jtug\AppData\Local\aab6d2d4-4ebf-4bee-bef7-007a986d6986 2021-10-01 18:29 - 2021-10-01 18:30 - 000000000 ____D C:\SystemID 2021-10-01 18:29 - 2021-10-01 18:29 - 000000559 _____ C:\Users\Jtug\AppData\Local\bowsakkdestx.txt 2021-10-01 18:29 - 2021-10-01 18:29 - 000000000 ____D C:\Users\Jtug\AppData\Local\Yandex 2021-10-01 18:28 - 2021-10-01 19:37 - 000000000 ___HD C:\Users\Jtug\AppData\Roaming\WinHost 2021-10-01 18:28 - 2021-10-01 18:28 - 000068608 _____ (Hoting) C:\Users\Jtug\AppData\Roaming\6999437.scr 2021-09-30 09:14 - 2021-09-30 09:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-09-29 10:08 - 2021-10-01 18:41 - 000000000 ____D C:\Program Files\Mozilla Thunderbird 2021-09-29 10:05 - 2021-10-01 18:41 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-09-16 14:32 - 2021-09-16 14:32 - 000000000 ____D C:\Users\Jtug\AppData\Roaming\XEROX 2021-09-16 14:25 - 2021-09-16 14:25 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2021-09-16 14:24 - 2021-09-16 14:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Xerox 2021-09-16 14:24 - 2021-09-16 14:24 - 000000000 ____D C:\Users\Jtug\AppData\Local\Aviata 2021-09-16 14:24 - 2021-09-16 14:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xerox PowerENGAGE 2021-09-16 14:24 - 2021-09-16 14:24 - 000000000 ____D C:\ProgramData\Aviata 2021-09-16 14:24 - 2021-09-16 14:24 - 000000000 ____D C:\Program Files (x86)\Xerox PowerENGAGE 2021-09-16 14:22 - 2021-09-16 14:22 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xerox Printers 2021-09-16 14:22 - 2018-08-29 13:00 - 000420352 _____ C:\WINDOWS\system32\SaMinDrv.dll 2021-09-16 14:22 - 2018-08-29 13:00 - 000151040 _____ C:\WINDOWS\system32\SaImgFlt.dll 2021-09-16 14:22 - 2018-08-29 13:00 - 000068096 _____ C:\WINDOWS\system32\SaErHdlr.dll 2021-09-16 14:22 - 2017-11-13 00:05 - 000146432 ____R C:\WINDOWS\Wiainst64.exe 2021-09-16 14:21 - 2021-09-16 14:21 - 000000000 ____D C:\ProgramData\Xerox 2021-09-16 14:20 - 2021-09-16 14:21 - 000000000 ____D C:\Program Files (x86)\Xerox 2021-09-16 14:20 - 2019-04-04 15:47 - 000102776 _____ C:\WINDOWS\SysWOW64\Ssdevm.dll 2021-09-16 14:20 - 2019-04-04 15:47 - 000096120 _____ C:\WINDOWS\system32\Ssdevm64.dll 2021-09-16 14:20 - 2019-04-04 15:47 - 000061816 _____ C:\WINDOWS\SysWOW64\Ssusbpn.dll 2021-09-16 14:20 - 2019-04-04 15:47 - 000057720 _____ C:\WINDOWS\system32\Ssusbp64.dll 2021-09-16 14:20 - 2019-04-04 15:44 - 000173288 _____ C:\WINDOWS\system32\sxa9mci.exe 2021-09-16 14:20 - 2019-04-04 15:44 - 000111336 _____ (SS) C:\WINDOWS\system32\sxa9mci.dll 2021-09-16 14:20 - 2019-04-04 15:44 - 000044264 _____ () C:\WINDOWS\system32\sxa9mlm.dll 2021-09-16 14:19 - 2018-10-22 03:11 - 002847744 ____N C:\WINDOWS\system32\DlgSearchEngine.dll 2021-09-16 14:18 - 2018-10-22 03:11 - 002094592 ____N C:\WINDOWS\SysWOW64\DlgSearchEngine.dll 2021-09-16 14:18 - 2018-09-17 05:04 - 000011576 ____N (Samsung Electronics) C:\WINDOWS\system32\Drivers\SSPORT.SYS 2021-09-14 07:24 - 2021-09-14 07:24 - 000000000 ____D C:\ProgramData\Comodo Downloader 2021-09-13 11:53 - 2021-09-13 11:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint 2021-09-13 11:53 - 2021-09-13 11:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2021-09-13 11:49 - 2021-09-13 11:49 - 000000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services 2021-09-13 11:47 - 2021-09-13 11:47 - 000000000 ____D C:\WINDOWS\PCHEALTH 2021-09-13 11:47 - 2021-09-13 11:47 - 000000000 ____D C:\Program Files (x86)\Microsoft Sync Framework 2021-09-13 11:47 - 2021-09-13 11:47 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2021-09-13 11:41 - 2021-09-13 11:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\OfficeSoftwareProtectionPlatform 2021-09-13 11:37 - 2021-09-13 11:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8 2021-09-13 11:36 - 2021-09-13 11:36 - 000000000 ____D C:\Program Files\Microsoft Office 2021-09-13 11:34 - 2021-09-13 11:34 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services 2021-09-13 11:33 - 2021-09-13 11:33 - 000000000 ____D C:\Users\Jtug\AppData\Local\Microsoft Help 2021-09-13 11:26 - 2021-09-13 11:26 - 000001626 _____ C:\Users\Public\Desktop\LibreOffice 7.2.lnk 2021-09-13 11:26 - 2021-09-13 11:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.2 2021-09-13 11:14 - 2021-09-13 11:22 - 000000000 ____D C:\Program Files\LibreOffice 2021-09-13 09:57 - 2021-09-13 09:57 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll 2021-09-12 07:38 - 2021-10-01 18:06 - 000000000 ____D C:\Users\Jtug\AppData\Local\BitTorrentHelper 2021-09-12 07:37 - 2021-09-12 07:37 - 000000000 ____D C:\Users\Jtug\AppData\Roaming\Comodo 2021-09-11 23:32 - 2021-10-01 19:44 - 000000000 ____D C:\Users\Jtug\AppData\Local\CrashDumps 2021-09-11 19:40 - 2021-09-14 10:49 - 000000000 ____D C:\Windows.old 2021-09-11 19:40 - 2021-09-11 19:40 - 000262144 _____ C:\WINDOWS\system32\config\userdiff 2021-09-11 19:18 - 2021-09-11 12:41 - 000000000 ___HD C:\$SysReset 2021-09-11 18:01 - 2021-09-11 18:01 - 000000000 ____D C:\Program Files\Common Files\AV 2021-09-11 17:09 - 2021-10-01 18:19 - 000000000 ____D C:\Users\Jtug\AppData\Roaming\uTorrent Web 2021-09-11 17:09 - 2021-09-11 17:09 - 000001874 _____ C:\Users\Jtug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk 2021-09-11 17:09 - 2021-09-11 17:09 - 000000000 ____D C:\Users\Jtug\AppData\Local\UTW008 2021-09-11 16:44 - 2021-10-02 18:58 - 000129700 _____ C:\WINDOWS\system32\Drivers\fvstore.dat 2021-09-11 16:42 - 2021-09-11 16:42 - 000000000 ____D C:\Users\Jtug\AppData\Roaming\WinRAR 2021-09-11 16:42 - 2021-09-11 16:42 - 000000000 ____D C:\Users\Jtug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2021-09-11 16:42 - 2021-09-11 16:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2021-09-11 16:42 - 2021-09-11 16:42 - 000000000 ____D C:\Program Files\WinRAR 2021-09-11 16:29 - 2021-10-03 08:37 - 000000000 ____D C:\Program Files\CCleaner 2021-09-11 16:29 - 2021-10-01 19:40 - 000003870 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-09-11 16:29 - 2021-09-11 16:29 - 000002832 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Jtug 2021-09-11 16:29 - 2021-09-11 16:29 - 000000845 _____ C:\Users\Public\Desktop\CCleaner.lnk 2021-09-11 16:29 - 2021-09-11 16:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2021-09-11 16:27 - 2021-10-03 09:44 - 000000430 _____ C:\WINDOWS\Tasks\update-sys.job 2021-09-11 16:27 - 2021-10-02 16:01 - 000000430 _____ C:\WINDOWS\Tasks\update-S-1-5-21-223814551-1140071388-4042786358-1001.job 2021-09-11 16:27 - 2021-09-11 16:27 - 000003300 _____ C:\WINDOWS\system32\Tasks\update-sys 2021-09-11 16:27 - 2021-09-11 16:27 - 000003292 _____ C:\WINDOWS\system32\Tasks\update-S-1-5-21-223814551-1140071388-4042786358-1001 2021-09-11 16:27 - 2021-09-11 16:27 - 000000424 _____ C:\Users\Jtug\AppData\Local\UserProducts.xml 2021-09-11 16:26 - 2021-09-11 16:27 - 000000000 ____D C:\Program Files (x86)\Skillbrains 2021-09-11 16:26 - 2021-09-11 16:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot 2021-09-11 16:21 - 2021-09-30 22:56 - 000004476 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2021-09-11 16:18 - 2021-09-30 22:58 - 000002090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-09-11 16:18 - 2021-09-11 16:18 - 000002078 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2021-09-11 16:05 - 2021-09-11 16:05 - 000000000 _____ C:\ProgramData\UpdateLock-D78BF5DD33499EC2 2021-09-11 16:04 - 2021-09-11 16:04 - 000000000 ____D C:\Users\Jtug\AppData\Roaming\Thunderbird 2021-09-11 16:04 - 2021-09-11 16:04 - 000000000 ____D C:\Users\Jtug\AppData\Local\Thunderbird 2021-09-11 12:49 - 2021-09-11 12:49 - 000002149 _____ C:\Users\Public\Desktop\COMODO Internet Security Premium.lnk 2021-09-11 12:49 - 2021-09-11 12:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\COMODO 2021-09-11 12:48 - 2021-10-03 09:53 - 001474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat 2021-09-11 12:48 - 2021-09-11 12:48 - 000000000 ____D C:\Program Files\COMODO 2021-09-11 12:46 - 2021-09-11 12:46 - 000002092 _____ C:\Users\Public\Desktop\Comodo Secure Shopping.lnk 2021-09-11 12:46 - 2019-08-21 08:02 - 000454616 _____ (COMODO) C:\WINDOWS\system32\cssguard64.dll 2021-09-11 12:46 - 2019-08-21 08:02 - 000341224 _____ (COMODO) C:\WINDOWS\system32\cmdkbdcss64.dll 2021-09-11 12:46 - 2019-08-21 08:02 - 000337856 _____ (COMODO) C:\WINDOWS\SysWOW64\cssguard32.dll 2021-09-11 12:46 - 2019-08-21 08:02 - 000262376 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdkbdcss32.dll 2021-09-11 12:46 - 2019-01-29 08:42 - 000254440 _____ (COMODO) C:\WINDOWS\system32\iseguard64.dll 2021-09-11 12:46 - 2019-01-29 08:42 - 000205024 _____ (COMODO) C:\WINDOWS\SysWOW64\iseguard32.dll 2021-09-11 12:46 - 2018-08-29 22:55 - 000063256 _____ (COMODO) C:\WINDOWS\system32\Drivers\isedrv.sys 2021-09-11 12:46 - 2018-02-28 08:11 - 000125000 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdcss.sys 2021-09-11 12:45 - 2021-09-11 12:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo 2021-09-11 12:45 - 2021-09-11 12:45 - 000002135 _____ C:\Users\Public\Desktop\Comodo Dragon.lnk 2021-09-11 12:45 - 2021-09-11 12:45 - 000000000 ____D C:\Users\Jtug\AppData\Local\Comodo 2021-09-11 12:44 - 2021-09-11 12:46 - 000000000 ____D C:\Program Files (x86)\Comodo 2021-09-11 12:33 - 2021-09-11 12:46 - 000000000 ____D C:\ProgramData\Comodo 2021-09-11 12:33 - 2021-09-11 12:33 - 000000000 ____D C:\ProgramData\Shared Space 2021-09-11 12:16 - 2021-09-11 12:16 - 000001333 _____ C:\Users\Public\Desktop\Skype.lnk 2021-09-11 12:16 - 2021-09-11 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2021-09-11 12:14 - 2021-09-11 12:14 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk 2021-09-11 12:14 - 2021-09-11 12:14 - 000000997 _____ C:\Users\Public\Desktop\Thunderbird.lnk 2021-09-11 12:01 - 2021-10-03 09:50 - 000000000 ____D C:\ProgramData\Mozilla 2021-09-11 12:01 - 2021-10-01 18:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-09-11 12:01 - 2021-09-30 09:14 - 000000959 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-09-11 12:01 - 2021-09-11 12:01 - 000000000 ____D C:\Users\Jtug\AppData\Roaming\Mozilla 2021-09-11 12:01 - 2021-09-11 12:01 - 000000000 ____D C:\Users\Jtug\AppData\Local\Mozilla 2021-09-11 11:59 - 2021-10-02 10:12 - 000000000 ____D C:\Users\Jtug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo 2021-09-11 11:59 - 2021-09-11 11:59 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf 2021-09-11 11:59 - 2021-09-11 11:59 - 000000000 ____D C:\Users\Jtug\Documents\Os Meus Ficheiros Recebidos 2021-09-11 11:59 - 2021-09-11 11:59 - 000000000 ____D C:\Users\Jtug\AppData\Local\Power2Go8 2021-09-11 11:58 - 2021-10-03 09:47 - 000003596 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-223814551-1140071388-4042786358-1001 2021-09-11 11:57 - 2021-09-11 11:57 - 000000000 __SHD C:\Users\Jtug\AppData\Local\EmieUserList 2021-09-11 11:57 - 2021-09-11 11:57 - 000000000 __SHD C:\Users\Jtug\AppData\Local\EmieSiteList 2021-09-11 11:57 - 2021-09-11 11:57 - 000000000 __SHD C:\Users\Jtug\AppData\Local\EmieBrowserModeList 2021-09-11 11:56 - 2021-09-16 08:36 - 000000000 ____D C:\Users\Jtug\AppData\Local\Adobe 2021-09-11 11:56 - 2021-09-11 11:56 - 000000000 ____D C:\Users\Jtug\AppData\Roaming\LSC 2021-09-11 11:53 - 2021-10-01 18:53 - 000001279 _____ C:\Users\Jtug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk 2021-09-11 11:50 - 2021-10-01 18:49 - 000022536 _____ C:\Users\Jtug\Desktop\Aplicações Removidas.html.tisc 2021-09-11 11:49 - 2021-10-03 09:11 - 000000000 ____D C:\Users\Jtug\AppData\Local\VirtualStore 2021-09-11 11:49 - 2021-09-12 15:11 - 000000000 ____D C:\Users\Jtug\AppData\Roaming\Adobe 2021-09-11 11:49 - 2021-09-11 11:49 - 000001445 _____ C:\Users\Jtug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2021-09-11 11:49 - 2021-09-11 11:49 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2021-09-11 11:49 - 2021-09-11 11:49 - 000000020 ___SH C:\Users\Jtug\ntuser.ini 2021-09-11 11:49 - 2021-09-11 11:49 - 000000000 ____D C:\Users\Jtug\AppData\Roaming\Intel 2021-09-11 11:45 - 2021-09-11 11:45 - 000005992 _____ C:\Users\Administrator\AppData\Local\Application.xml 2021-09-11 11:44 - 2014-11-21 04:52 - 000000369 _____ C:\Users\Jtug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2021-09-11 11:44 - 2014-11-21 04:52 - 000000369 _____ C:\Users\Jtug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2021-09-11 11:43 - 2021-10-03 09:08 - 000000000 ____D C:\Users\Jtug 2021-09-11 11:43 - 2021-09-11 11:45 - 000024768 _____ C:\WINDOWS\diagwrn.xml 2021-09-11 11:43 - 2021-09-11 11:45 - 000024768 _____ C:\WINDOWS\diagerr.xml 2021-09-11 11:43 - 2015-06-18 20:03 - 000000000 ____D C:\Users\Jtug\AppData\Roaming\Macromedia 2021-09-11 06:59 - 2021-10-02 09:28 - 000005594 _____ C:\WirelessDiagLog.csv 2021-09-08 11:01 - 2021-10-01 18:49 - 000066726 _____ C:\Users\Jtug\Desktop\STK Eray LISBOA_Set21.pdf.tisc ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2021-10-03 09:55 - 2016-11-19 09:35 - 000000000 ____D C:\Users\Jtug\AppData\LocalLow\Mozilla 2021-10-03 09:08 - 2016-08-31 21:10 - 000000000 ____D C:\Users\Jtug\.android 2021-10-03 09:08 - 2015-11-16 12:48 - 000000000 ____D C:\Users\Jtug\.oracle_jre_usage 2021-10-03 08:47 - 2018-08-05 15:46 - 000000000 ____D C:\HP_1010 2021-10-03 08:47 - 2016-01-10 15:17 - 000000000 ____D C:\MicroVolts Package 2021-10-02 20:56 - 2016-03-23 11:17 - 000000000 ___HD C:\VTRoot 2021-10-02 19:20 - 2016-04-20 18:26 - 000000000 ____D C:\MappedFiles 2021-10-02 19:12 - 2016-08-31 21:11 - 000000000 __SHD C:\DrFoneCache 2021-10-02 19:12 - 2016-08-17 23:53 - 000000000 ____D C:\ANDROID USB DRIVER BACKUP 2021-10-02 19:11 - 2016-11-17 10:28 - 000000000 ___HD C:\$Windows.~WS 2021-10-02 19:07 - 2015-06-18 18:43 - 000788756 _____ C:\WINDOWS\system32\prfh0816.dat 2021-10-02 19:07 - 2015-06-18 18:43 - 000163828 _____ C:\WINDOWS\system32\prfc0816.dat 2021-10-02 19:07 - 2014-11-21 04:44 - 001816356 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-10-02 19:07 - 2013-08-22 13:36 - 000000000 ____D C:\WINDOWS\Inf 2021-10-02 18:59 - 2013-08-22 14:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-10-02 18:57 - 2015-06-18 19:55 - 000002560 _____ C:\WINDOWS\system32\VfService.trf 2021-10-02 10:12 - 2015-06-18 20:15 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo 2021-10-02 10:12 - 2015-06-18 19:54 - 000000000 ____D C:\ProgramData\Lenovo 2021-10-02 10:12 - 2015-06-18 19:54 - 000000000 ____D C:\Program Files\Lenovo 2021-10-02 10:12 - 2015-06-18 19:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo 2021-10-02 10:12 - 2015-06-18 19:53 - 000000000 ____D C:\Program Files (x86)\Lenovo 2021-10-02 09:39 - 2015-06-18 19:52 - 000000000 ____D C:\ProgramData\Lenovo App Services 2021-10-02 09:25 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-10-01 19:35 - 2015-10-29 17:40 - 000000000 __SHD C:\Users\Jtug\IntelGraphicsProfiles 2021-10-01 19:33 - 2013-08-22 13:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI 2021-10-01 18:54 - 2015-10-29 18:13 - 000000000 __SHD C:\Users\Jtug\AppData\LocalLow\EmieUserList 2021-10-01 18:54 - 2015-10-29 18:13 - 000000000 __SHD C:\Users\Jtug\AppData\LocalLow\EmieBrowserModeList 2021-10-01 18:54 - 2015-10-29 18:12 - 000000000 __SHD C:\Users\Jtug\AppData\LocalLow\EmieSiteList 2021-10-01 18:53 - 2021-02-07 19:30 - 000000000 ____D C:\Users\Jtug\Documents\Scan 2021-10-01 18:53 - 2020-11-18 20:49 - 000000000 ____D C:\Users\Jtug\Desktop\Seguros 2021-10-01 18:53 - 2020-10-09 11:25 - 000000000 ____D C:\Users\Jtug\Desktop\SANDRA 2021-10-01 18:53 - 2020-07-24 18:40 - 000000000 ____D C:\Users\Jtug\Documents\Ficheiros do Outlook 2021-10-01 18:53 - 2019-12-23 10:56 - 000000000 ____D C:\Users\Jtug\Desktop\Processo venda optimed 2021-10-01 18:53 - 2019-05-13 16:16 - 000000000 ____D C:\Users\Jtug\Desktop\Pendentes 2021-10-01 18:53 - 2019-04-11 10:43 - 000000000 ___SD C:\Users\Jtug\Documents\As minhas origens de dados 2021-10-01 18:53 - 2018-08-24 20:58 - 000000000 ____D C:\Users\Jtug\Desktop\pen vermelha JAndr 2021-10-01 18:53 - 2018-05-18 10:28 - 000000000 ____D C:\Users\Jtug\Desktop\Terreno 2021-10-01 18:53 - 2018-01-23 11:02 - 000000000 ___RD C:\Users\Jtug\Desktop\PROSM 2021-10-01 18:53 - 2017-07-20 23:01 - 000000000 ____D C:\Users\Jtug\Desktop\PAP 2021-10-01 18:53 - 2017-07-11 23:52 - 000000000 ____D C:\Users\Jtug\Desktop\Snapchat 2021-10-01 18:53 - 2017-06-09 11:34 - 000000000 ____D C:\Users\Jtug\Documents\FlowPaper 2021-10-01 18:53 - 2015-10-30 19:59 - 000000000 ____D C:\Users\Jtug\Desktop\RCVV 2021-10-01 18:53 - 2015-10-30 19:48 - 000000000 ___RD C:\Users\Jtug\Desktop\optimed 2021-10-01 18:53 - 2015-06-18 20:19 - 000000000 ____D C:\ProgramData\LU 2021-10-01 18:52 - 2021-02-15 19:55 - 000000000 ____D C:\Users\Jtug\Desktop\LEROY MERLIN 2021-10-01 18:52 - 2018-03-07 20:19 - 000000000 ____D C:\Users\Jtug\Desktop\mariana 2021-10-01 18:52 - 2017-08-12 10:33 - 000000000 ____D C:\Users\Jtug\Desktop\Medeor 2021-10-01 18:52 - 2017-07-31 07:52 - 000000000 ____D C:\Users\Jtug\Desktop\JEstev 2021-10-01 18:52 - 2017-06-28 09:33 - 000000000 ____D C:\Users\Jtug\Desktop\MUSICA 2021-10-01 18:52 - 2017-03-26 12:48 - 000000000 ____D C:\Users\Jtug\Desktop\office 2021-10-01 18:52 - 2017-03-01 15:52 - 000000000 ____D C:\Users\Jtug\Desktop\Jtug 2021-10-01 18:52 - 2016-05-16 09:54 - 000000000 ____D C:\Users\Jtug\Desktop\Isab_HH 2021-10-01 18:52 - 2015-12-12 19:52 - 000000000 ____D C:\Users\Jtug\Desktop\Isab 2021-10-01 18:51 - 2019-12-18 16:31 - 000000000 ____D C:\Users\Jtug\Desktop\EMPRESTIMO 2021-10-01 18:51 - 2019-10-06 16:52 - 000000000 ____D C:\Users\Jtug\Desktop\facebook page 2021-10-01 18:51 - 2016-08-17 23:58 - 000000000 ____D C:\Users\Jtug\Desktop\Fotos_Out16 2021-10-01 18:51 - 2016-06-07 14:15 - 000000000 ____D C:\Users\Jtug\Desktop\Flamengos 2021-10-01 18:50 - 2015-09-17 14:03 - 000000000 ____D C:\Users\Jtug\Desktop\100D3000 2021-10-01 18:49 - 2021-07-18 17:43 - 000012319 _____ C:\Users\Jtug\Desktop\Pendentes_CB.xlsx.tisc 2021-10-01 18:49 - 2021-02-01 18:31 - 000174345 _____ C:\Users\Jtug\Desktop\Gearbest_Fev2021.xlsx.tisc 2021-10-01 18:49 - 2021-02-01 18:31 - 000144188 _____ C:\Users\Jtug\Desktop\Gearbest_Fev2021.pdf.tisc 2021-10-01 18:49 - 2021-01-17 15:59 - 000000781 _____ C:\Users\Jtug\Desktop\Jan2021.txt.tisc 2021-10-01 18:49 - 2021-01-11 11:37 - 000161500 _____ C:\Users\Jtug\Desktop\Cópia de PROSM ANALISE 2020.xlsx.tisc 2021-10-01 18:49 - 2018-10-25 09:59 - 000001421 _____ C:\Users\Jtug\Documents\ALTERAÇÕES QUESTIONARISO.txt.tisc 2021-10-01 18:49 - 2016-02-18 16:57 - 000000000 ___RD C:\Users\Jtug\Dropbox 2021-10-01 18:49 - 2015-11-01 19:50 - 000155982 ___SH C:\Users\Jtug\Desktop\Thumbs.db.tisc 2021-09-28 08:52 - 2013-08-22 15:36 - 000000000 ___HD C:\Program Files\WindowsApps 2021-09-28 08:52 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-09-13 16:49 - 2013-08-22 14:44 - 000653632 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-09-13 16:12 - 2015-06-18 19:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo 2021-09-13 16:11 - 2015-06-18 19:14 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2021-09-13 16:09 - 2015-10-29 17:40 - 000000000 ____D C:\Users\Jtug\AppData\Local\Packages 2021-09-13 16:06 - 2014-12-10 01:49 - 000000000 ___DC C:\WINDOWS\Panther 2021-09-13 16:03 - 2015-06-18 20:13 - 000000000 ____D C:\ProgramData\Office2013 2021-09-13 16:03 - 2015-06-18 19:52 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2021-09-13 16:02 - 2013-08-22 15:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-09-13 12:33 - 2013-08-22 13:25 - 000000167 _____ C:\WINDOWS\win.ini 2021-09-13 11:51 - 2014-12-10 01:57 - 000000000 ____D C:\Program Files (x86)\MSBuild 2021-09-13 11:51 - 2014-11-21 04:20 - 000000000 ____D C:\WINDOWS\ShellNew 2021-09-13 11:40 - 2013-08-22 15:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2021-09-12 15:11 - 2015-11-02 22:02 - 000000000 ____D C:\Users\Jtug\AppData\LocalLow\Adobe 2021-09-12 08:34 - 2015-06-18 20:03 - 000000000 ____D C:\ProgramData\Adobe 2021-09-12 00:20 - 2013-08-22 15:36 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-09-11 19:40 - 2013-08-22 15:36 - 000262144 _____ C:\WINDOWS\system32\config\BCD-Template 2021-09-11 17:10 - 2015-06-18 19:26 - 000000000 ____D C:\ProgramData\Package Cache 2021-09-11 16:18 - 2013-08-22 15:20 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-09-11 16:15 - 2015-06-18 20:03 - 000000000 ____D C:\Program Files (x86)\Adobe 2021-09-11 12:15 - 2015-06-18 19:52 - 000003106 _____ C:\WINDOWS\system32\Tasks\Lenovo App Services 2021-09-11 11:55 - 2013-08-22 13:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM 2021-09-11 11:50 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\rescache 2021-09-11 11:45 - 2013-08-22 15:36 - 000000000 __RHD C:\Users\Public\Libraries ==================== Files in the root of some directories ======== 2021-10-01 18:28 - 2021-10-01 18:28 - 000068608 _____ (Hoting) C:\Users\Jtug\AppData\Roaming\6999437.scr 2021-10-01 18:29 - 2021-10-01 18:29 - 000000559 _____ () C:\Users\Jtug\AppData\Local\bowsakkdestx.txt 2021-10-02 10:48 - 2021-10-02 10:48 - 000000036 _____ () C:\Users\Jtug\AppData\Local\housecall.guid.cache 2021-09-11 16:27 - 2021-09-11 16:27 - 000000003 _____ () C:\Users\Jtug\AppData\Local\updater.log 2021-09-11 16:27 - 2021-09-11 16:27 - 000000424 _____ () C:\Users\Jtug\AppData\Local\UserProducts.xml ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) LastRegBack: 2021-09-29 11:27 ==================== End of FRST.txt ========================