So I hope I can explain all this right and I thank in advance to anyone that can help.
I´m sure my computer has some sort of virus or something like it and I need help to find it and remove it.
The computer keeps crashing and freezing and there´s no way to use it for anything. It ´s constantly blocking - It´s a nightmare and I really don´t know what to do.
Because of this I´ve been trying to figure out what is wrong in the last weeks without success. But I suspect the infection is much older than that.
Task Manager has too may programs running - more than 100.
Some I´m not even using and these programs are all there at startup. I´m sure it´s not right - I remember when I installed Windows 10 upgrade and it always had around 10 programs maximum, maybe less.
I have Kaspersky Internet Security and it has some kind of problem with the Verification scan. Reinstalling Kaspersky didn´t resolve it. The complete scan starts everyday, and drags for hours stopping the computer. The only solution: shut down. Despite definitions to work only once a month, the scan keeps coming back everyday and it never finishes or finds any threat.
This seems to have stopped in the last days, after installing the latest version. I´m waiting to see if it´s really resolved.
Also, a shortcut for Karspersky on desktop stopped working and only happened to this shortcut – this is now resolved.
I can´t update windows - many updates fail installation.
Adobe Acrobat also doesn´t update, always fails – unistalled it
I also unistalled Flash player.
Windows Protection like Defender and other similar services seem to turn off or stop working without warning and I don´t know why. I wonder if it has a conflict with Kaspersky, but maybe it´s something else.
None of the programs or scanners I used found anything that resolved this, but some found PUP programs:
- Kaspersky´s Internet Security “complete verification” - found a “HEUR:Trojan.Script.Miner.gen” object that couldn´t be quarantined – it doesn´t have a path for a file there is only a web address.
- Kaspersky Virus Removal tool, also tried in Safe mode, administrator rights – found a PUP program “WebToolbar.Win64.SearchSuite.yl”
- Hitman Pro - found ILIVID and I removed all the keys and files that it indicated. It had a persistent icon on the notification area to download ilivid
- ESET premium Security - the log said it was unable to open many files
- Windows Defender Offline
- Windows System File checker, Scan Disk (CHCK) and DISM didn´t find any problem.
- Panda Cloud Cleaner found PUP files
- Emsisoft Emergency Kit - found Adware.SearchSuite.AB (B) (krnl.xmd)
- Norton Power Eraser doesn´t complete the scan. It closes suddenly and without any message. I can´t see if it left any logs cause I don´t know which program reads them.
- CCleaner says some dll files are missing but I´m not sure they´re not obsolete.
- Adware also found PUP files.
Whatever it is, I´m sure it´s still in the computer. Lately, it´s taking even longer to shutdown and start. The computer seems sometimes overwhelmed just by opening a simple program and takes long to do it.
I also have a doubt: how many users should there be in the registry, besides the ones that are created by the users?
Cause I have this impression that there are more users in the registry than should be.
And also while on Safe mode I saw on Task manager a DWM-1 user and it seems to be a windows thing, but how many of those like “Local Authority” and “System” does Windows have? There´s also UMFD.
I hope someone here can help in anyway. I really don´t know what next step should I take. Right now I´m trying windows fixing tools before trying everything else.
Kaspersky also has a tool for getting system info - it has useful information. I´m nit sure if I should post it here. If you want to see it, please let me know.
...............................................................................................................
Here are the Farbar logs:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01
Ran by ACER (administrator) on ACER-PC (08-06-2018 19:17:09)
Running from C:\Users\ACER\Desktop
Loaded Profiles: ACER (Available Profiles: ACER & DefaultAppPool)
Platform: Windows 10 Home Version 1803 17134.48 (X64) Language: Português (Portugal)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\MsMpEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avpui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.22055.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-28] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-292349617-3537619796-2692666305-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-292349617-3537619796-2692666305-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-292349617-3537619796-2692666305-1000\...\Policies\Explorer: [NoLogoff] 0
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bit
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3de1fac4-b916-448f-a747-e5a362d2fc66}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{725606bd-e832-4f93-bb78-3c49e39e1486}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8c73366f-5326-4815-a1c3-8bc8a891ccef}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-292349617-3537619796-2692666305-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-04-19] (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-19] (Oracle Corporation)
BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2018-06-06] (AO Kaspersky Lab)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\IEExt\ie_plugin.dll [2018-06-06] (AO Kaspersky Lab)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2018-06-06] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\IEExt\ie_plugin.dll [2018-06-06] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-292349617-3537619796-2692666305-1000 -> No Name - {3CF6E6FA-62EE-449C-A8CF-43C9F9CD5703} - No File
FireFox:
========
FF DefaultProfile: g267n27h.default-1519990235465
FF ProfilePath: C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\g267n27h.default-1519990235465 [2018-06-08]
FF Extension: (TLS 1.3 gradual roll-out fallback-limit) - C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\g267n27h.default-1519990235465\features\{4d206da0-ac1c-4e89-9a83-8daf018c4e0b}\[email protected] [2018-06-07] [Legacy]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-06-06]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-19] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1232202.dll [2018-03-09] (Adobe Systems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll [2012-01-14] (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll [2012-01-14] (Veetle Inc)
FF Plugin HKU\S-1-5-21-292349617-3537619796-2692666305-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ACER\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> Not-active:"chrome-extension://nkbjepdnbaaiigmiahpomfppncejojko/newtab/newtab.html"
CHR Profile: C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default [2018-06-08]
CHR Extension: (Apresentações) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Kaspersky Protection) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2018-06-06]
CHR Extension: (Documentos) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-15]
CHR Extension: (YouTube) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-15]
CHR Extension: (Folhas de cálculo) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Documentos do Google offline) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-15]
CHR Extension: (Pagamentos via Chrome Web Store) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-15]
CHR Extension: (Chrome Media Router) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-06]
CHR Profile: C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-05-27]
CHR Profile: C:\Users\ACER\AppData\Local\Google\Chrome\User Data\System Profile [2018-05-28]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe [619640 2018-02-28] (AO Kaspersky Lab)
S4 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2016-11-08] (Seiko Epson Corporation)
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\vssbridge64.exe [416560 2018-06-06] (AO Kaspersky Lab)
S3 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
R2 osrss; C:\WINDOWS\system32\osrss.dll [108584 2018-01-09] (Microsoft Corporation)
S3 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269400 2017-01-17] (Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-06-03] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-06-03] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (The OpenVPN Project)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110096 2016-04-18] (Advanced Micro Devices)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (AO Kaspersky Lab)
R1 epp; C:\EEK\bin64\epp.sys [142448 2018-05-24] (Emsisoft Ltd)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [72904 2017-12-27] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [122560 2018-02-02] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [85704 2018-04-27] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29208 2017-03-30] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [220360 2018-06-06] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1191616 2018-05-05] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys [180984 2018-06-06] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1112256 2018-06-06] (AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57032 2018-02-12] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [58048 2018-01-15] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [83496 2017-12-11] (AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50648 2017-05-30] (AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [45784 2017-11-29] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [236488 2018-06-02] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2018-05-30] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [258864 2018-06-02] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [109248 2018-06-02] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [177848 2018-06-02] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [100552 2018-02-17] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [176328 2018-02-17] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [203968 2018-02-24] (AO Kaspersky Lab)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security, S.L.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-06-03] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [313384 2018-06-03] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-06-03] (Microsoft Corporation)
S3 hitmanpro37; \??\C:\WINDOWS\system32\drivers\hitmanpro37.sys [X]
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-06-08 19:17 - 2018-06-08 19:18 - 000018370 _____ C:\Users\ACER\Desktop\FRST.txt
2018-06-08 19:15 - 2018-06-08 19:13 - 002413056 _____ (Farbar) C:\Users\ACER\Desktop\FRST64.exe
2018-06-08 18:29 - 2018-06-08 18:48 - 000000000 ____D C:\ESD
2018-06-08 18:25 - 2018-06-08 18:25 - 000000000 ___HD C:\$Windows.~WS
2018-06-08 18:25 - 2018-06-08 18:25 - 000000000 ____D C:\$WINDOWS.~BT
2018-06-08 18:22 - 2018-06-08 18:22 - 000009298 _____ C:\Users\ACER\Desktop\MediaCreationTool1803.exe - Atalho.lnk
2018-06-08 11:14 - 2018-06-08 11:15 - 000009257 _____ C:\Users\ACER\Desktop\SoftwareRepairTool.exe - Atalho.lnk
2018-06-06 14:29 - 2018-06-06 14:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2018-06-06 14:29 - 2018-06-06 14:27 - 000002261 _____ C:\Users\Public\Desktop\Pagamento Seguro.lnk
2018-06-06 14:29 - 2018-06-06 14:27 - 000002215 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2018-06-04 17:46 - 2018-06-04 17:46 - 001138550 _____ C:\Users\ACER\Downloads\Task Manager.zip
2018-06-04 08:44 - 2018-06-04 08:44 - 000000000 ____D C:\ProgramData\s8tk
2018-06-04 08:41 - 2018-06-04 08:41 - 000000000 ____D C:\ProgramData\s8vc
2018-06-04 08:41 - 2018-06-04 08:41 - 000000000 ____D C:\ProgramData\s4gs
2018-06-04 08:41 - 2018-06-04 08:41 - 000000000 ____D C:\ProgramData\s4eo
2018-06-04 08:39 - 2018-06-04 08:39 - 000000000 ____D C:\ProgramData\sask
2018-06-04 08:39 - 2018-06-04 08:39 - 000000000 ____D C:\ProgramData\sa2k
2018-06-04 08:39 - 2018-06-04 08:39 - 000000000 ____D C:\ProgramData\s7pk
2018-06-03 09:17 - 2018-04-28 05:27 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-06-03 09:16 - 2018-04-28 15:19 - 021389360 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-06-03 09:16 - 2018-04-28 15:17 - 001634800 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-06-03 09:16 - 2018-04-28 15:04 - 012712960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-06-03 09:16 - 2018-04-28 15:03 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2018-06-03 09:16 - 2018-04-28 15:00 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-06-03 09:16 - 2018-04-28 14:59 - 003655168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-06-03 09:16 - 2018-04-28 14:58 - 001855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-06-03 09:16 - 2018-04-28 14:58 - 001664512 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-06-03 09:16 - 2018-04-28 14:58 - 000758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-06-03 09:16 - 2018-04-28 14:31 - 001454016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-06-03 09:16 - 2018-04-28 14:28 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-06-03 09:16 - 2018-04-28 14:17 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-06-03 09:16 - 2018-04-28 14:16 - 011903488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-06-03 09:16 - 2018-04-28 14:14 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-06-03 09:16 - 2018-04-28 14:13 - 002897408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-06-03 09:16 - 2018-04-28 14:12 - 001380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-06-03 09:16 - 2018-04-28 12:20 - 023862272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-06-03 09:16 - 2018-04-28 12:17 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-06-03 09:16 - 2018-04-28 12:04 - 000944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-06-03 09:16 - 2018-04-28 12:02 - 003732800 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-06-03 09:16 - 2018-04-28 11:58 - 000976384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-06-03 09:16 - 2018-04-28 10:33 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-06-03 09:16 - 2018-04-28 10:30 - 002841312 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-06-03 09:16 - 2018-04-28 07:18 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-06-03 09:16 - 2018-04-28 05:37 - 001034624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-06-03 09:16 - 2018-04-28 05:35 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-06-03 09:16 - 2018-04-28 05:35 - 000269216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-06-03 09:16 - 2018-04-28 05:31 - 001063320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-06-03 09:16 - 2018-04-28 05:31 - 000473496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-06-03 09:16 - 2018-04-28 05:30 - 001456616 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-06-03 09:16 - 2018-04-28 05:29 - 009159064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-06-03 09:16 - 2018-04-28 05:29 - 001565592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-06-03 09:16 - 2018-04-28 05:29 - 001174424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-06-03 09:16 - 2018-04-28 05:29 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-06-03 09:16 - 2018-04-28 05:29 - 000788216 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-06-03 09:16 - 2018-04-28 05:29 - 000776880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-06-03 09:16 - 2018-04-28 05:29 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2018-06-03 09:16 - 2018-04-28 05:29 - 000382872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-06-03 09:16 - 2018-04-28 05:29 - 000134552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-06-03 09:16 - 2018-04-28 05:28 - 007436624 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-06-03 09:16 - 2018-04-28 05:28 - 002753040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-06-03 09:16 - 2018-04-28 05:28 - 000709816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-06-03 09:16 - 2018-04-28 05:28 - 000170904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-06-03 09:16 - 2018-04-28 05:27 - 003283400 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-06-03 09:16 - 2018-04-28 05:27 - 002835864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-06-03 09:16 - 2018-04-28 05:27 - 002422168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-06-03 09:16 - 2018-04-28 05:27 - 001258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-06-03 09:16 - 2018-04-28 05:27 - 001191168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-06-03 09:16 - 2018-04-28 05:27 - 000733992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-06-03 09:16 - 2018-04-28 05:27 - 000604568 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-06-03 09:16 - 2018-04-28 05:14 - 002486976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-06-03 09:16 - 2018-04-28 05:14 - 000434584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2018-06-03 09:16 - 2018-04-28 05:13 - 006569952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-06-03 09:16 - 2018-04-28 05:13 - 006044104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-06-03 09:16 - 2018-04-28 05:13 - 001426328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-06-03 09:16 - 2018-04-28 05:13 - 000786168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-06-03 09:16 - 2018-04-28 05:13 - 000665320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-06-03 09:16 - 2018-04-28 05:13 - 000559968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-06-03 09:16 - 2018-04-28 05:12 - 002242208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-06-03 09:16 - 2018-04-28 05:12 - 000606448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-06-03 09:16 - 2018-04-28 05:12 - 000567136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-06-03 09:16 - 2018-04-28 05:11 - 025848832 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-06-03 09:16 - 2018-04-28 05:05 - 022002688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-06-03 09:16 - 2018-04-28 05:04 - 022707712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-06-03 09:16 - 2018-04-28 05:04 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-06-03 09:16 - 2018-04-28 05:04 - 004372992 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-06-03 09:16 - 2018-04-28 05:02 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-06-03 09:16 - 2018-04-28 05:00 - 007583232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-06-03 09:16 - 2018-04-28 05:00 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-06-03 09:16 - 2018-04-28 05:00 - 003389952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-06-03 09:16 - 2018-04-28 04:59 - 019399168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-06-03 09:16 - 2018-04-28 04:59 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-06-03 09:16 - 2018-04-28 04:59 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-06-03 09:16 - 2018-04-28 04:59 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-06-03 09:16 - 2018-04-28 04:59 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-06-03 09:16 - 2018-04-28 04:59 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2018-06-03 09:16 - 2018-04-28 04:58 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-06-03 09:16 - 2018-04-28 04:58 - 003086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-06-03 09:16 - 2018-04-28 04:58 - 002366976 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-06-03 09:16 - 2018-04-28 04:58 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-06-03 09:16 - 2018-04-28 04:58 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-06-03 09:16 - 2018-04-28 04:56 - 003440640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-06-03 09:16 - 2018-04-28 04:56 - 002700800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-06-03 09:16 - 2018-04-28 04:56 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-06-03 09:16 - 2018-04-28 04:56 - 001817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-06-03 09:16 - 2018-04-28 04:56 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-06-03 09:16 - 2018-04-28 04:56 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-06-03 09:16 - 2018-04-28 04:56 - 000775680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-06-03 09:16 - 2018-04-28 04:55 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-06-03 09:16 - 2018-04-28 04:55 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-06-03 09:16 - 2018-04-28 04:55 - 001160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-06-03 09:16 - 2018-04-28 04:55 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-06-03 09:16 - 2018-04-28 04:55 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-06-03 09:16 - 2018-04-28 04:55 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-06-03 09:16 - 2018-04-28 04:54 - 005782528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-06-03 09:16 - 2018-04-28 04:53 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-06-03 09:16 - 2018-04-28 04:52 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-06-03 09:16 - 2018-04-28 04:52 - 001636352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-06-03 09:16 - 2018-04-28 04:52 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-06-03 09:16 - 2018-04-28 04:52 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-06-03 09:16 - 2018-04-28 04:51 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-06-03 09:16 - 2018-04-28 04:51 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-06-03 09:16 - 2018-04-28 04:51 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-06-03 09:16 - 2018-04-28 03:43 - 001953280 _____ C:\WINDOWS\system32\rdpnano.dll
2018-06-03 09:15 - 2018-04-28 15:03 - 013570560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-06-03 09:15 - 2018-04-28 15:03 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-06-03 09:15 - 2018-04-28 15:02 - 008623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-06-03 09:15 - 2018-04-28 15:02 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-06-03 09:15 - 2018-04-28 15:01 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2018-06-03 09:15 - 2018-04-28 14:59 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-06-03 09:15 - 2018-04-28 14:58 - 004070400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-06-03 09:15 - 2018-04-28 14:18 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-06-03 09:15 - 2018-04-28 14:16 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-06-03 09:15 - 2018-04-28 14:14 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-06-03 09:15 - 2018-04-28 14:14 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-06-03 09:15 - 2018-04-28 14:13 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-06-03 09:15 - 2018-04-28 11:58 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Analog.dll
2018-06-03 09:15 - 2018-04-28 05:29 - 000885848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-06-03 09:15 - 2018-04-28 05:03 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs3.dll
2018-06-03 09:15 - 2018-04-28 05:03 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs1.dll
2018-06-03 09:15 - 2018-04-28 05:03 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2018-06-03 09:15 - 2018-04-28 05:03 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win81.dll
2018-06-03 09:15 - 2018-04-28 05:02 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs4.dll
2018-06-03 09:15 - 2018-04-28 05:02 - 000474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs2.dll
2018-06-03 09:15 - 2018-04-28 05:02 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-06-03 09:15 - 2018-04-28 05:02 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win8rtm.dll
2018-06-03 09:15 - 2018-04-28 05:01 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-06-03 09:15 - 2018-04-28 05:01 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-06-03 09:15 - 2018-04-28 05:01 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-06-03 09:15 - 2018-04-28 05:00 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-06-03 09:15 - 2018-04-28 04:59 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-06-03 09:15 - 2018-04-28 04:59 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-06-03 09:15 - 2018-04-28 04:57 - 005951488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-06-03 09:15 - 2018-04-28 04:57 - 002170368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-06-03 09:15 - 2018-04-28 04:57 - 001534976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-06-03 09:15 - 2018-04-28 04:57 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-06-03 09:15 - 2018-04-28 04:56 - 002961408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-06-03 09:15 - 2018-04-28 04:56 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-06-03 09:15 - 2018-04-28 04:56 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-06-03 09:15 - 2018-04-28 04:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-06-03 09:15 - 2018-04-28 04:55 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-06-03 09:15 - 2018-04-28 04:55 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-06-03 09:15 - 2018-04-28 04:54 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-06-03 09:15 - 2018-04-28 04:53 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-06-03 09:15 - 2018-04-28 04:53 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-06-03 09:15 - 2018-04-28 04:53 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-06-03 09:15 - 2018-04-28 04:53 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-06-03 09:15 - 2018-04-28 04:52 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-06-03 09:15 - 2018-04-28 03:42 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-06-02 22:57 - 2018-06-02 22:50 - 000225651 _____ C:\Users\ACER\Documents\secar-alimentos1.pdf
2018-06-02 22:54 - 2018-06-02 22:48 - 000357058 _____ C:\Users\ACER\Documents\figo cheio e estrela de figo_receita.pdf
2018-06-02 19:23 - 2018-06-02 19:27 - 000000000 ____D C:\AdwCleaner
2018-06-02 19:20 - 2018-06-02 19:20 - 000000000 ____D C:\Users\ACER\AppData\Local\AdAwareUpdater
2018-06-02 19:20 - 2018-06-02 19:20 - 000000000 ____D C:\Program Files\Common Files\adaware
2018-06-02 19:18 - 2018-06-02 19:18 - 000000000 ____D C:\ProgramData\adaware
2018-06-02 16:34 - 2018-06-02 16:34 - 000258864 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2018-06-02 16:33 - 2018-06-02 16:33 - 000236488 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2018-06-02 16:33 - 2018-06-02 16:33 - 000177848 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2018-06-02 16:33 - 2018-06-02 16:33 - 000109248 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2018-06-01 22:08 - 2018-06-01 22:08 - 000000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2018-06-01 10:58 - 2018-06-01 10:58 - 000003584 _____ C:\Users\ACER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-05-31 17:48 - 2018-05-31 17:48 - 000736822 _____ C:\Users\ACER\Downloads\kid-pants-by-made.pdf
2018-05-30 21:48 - 2018-05-30 21:48 - 000087584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2018-05-30 19:19 - 2018-06-01 10:23 - 000041800 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2018-05-30 17:05 - 2018-05-30 17:05 - 000000000 ____D C:\ProgramData\Emsisoft
2018-05-30 11:23 - 2018-05-30 11:23 - 000000000 ____D C:\ProgramData\Synaptics
2018-05-30 10:54 - 2018-05-30 10:54 - 000000000 ____D C:\ProgramData\s6gg
2018-05-30 10:47 - 2018-05-30 10:47 - 000000000 ____D C:\ProgramData\sb4g
2018-05-30 10:47 - 2018-05-30 10:47 - 000000000 ____D C:\ProgramData\s1cg
2018-05-30 10:44 - 2018-05-30 10:44 - 000000000 ____D C:\ProgramData\sbjs
2018-05-30 10:44 - 2018-05-30 10:44 - 000000000 ____D C:\ProgramData\sbho
2018-05-30 10:44 - 2018-05-30 10:44 - 000000000 ____D C:\ProgramData\s4lk
2018-05-30 10:07 - 2018-05-30 10:07 - 000000000 ____D C:\ProgramData\sa44
2018-05-30 10:00 - 2018-05-30 10:00 - 000000000 ____D C:\ProgramData\s9ec
2018-05-30 10:00 - 2018-05-30 10:00 - 000000000 ____D C:\ProgramData\s5f4
2018-05-30 09:56 - 2018-05-30 09:56 - 000000000 ____D C:\ProgramData\sp0
2018-05-30 09:56 - 2018-05-30 09:56 - 000000000 ____D C:\ProgramData\s5m4
2018-05-30 09:56 - 2018-05-30 09:56 - 000000000 ____D C:\ProgramData\s4k8
2018-05-29 15:07 - 2018-05-29 15:07 - 000161435 _____ C:\Users\ACER\Downloads\Politica_de_Privacidade.pdf
2018-05-28 20:17 - 2018-05-28 20:17 - 000000080 ___SH C:\bootTel.dat
2018-05-28 13:43 - 2018-06-08 19:17 - 000000000 ____D C:\FRST
2018-05-27 17:23 - 2018-05-27 17:23 - 000005968 _____ C:\WINDOWS\SysWOW64\BroomData.bit
2018-05-27 17:23 - 2013-04-08 15:30 - 000022752 _____ C:\WINDOWS\system32\PCloudBroom64.exe
2018-05-27 16:11 - 2018-06-04 09:50 - 000003638 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2018-05-27 15:33 - 2015-09-14 13:03 - 000039672 _____ C:\WINDOWS\system32\Drivers\DasPtct.SYS
2018-05-27 15:33 - 2015-01-29 18:21 - 000050320 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2018-05-27 15:31 - 2018-05-27 15:31 - 038191600 _____ (Panda Security ) C:\Users\ACER\Desktop\PandaCloudCleaner.exe
2018-05-27 12:49 - 2018-05-27 12:49 - 000000000 ____D C:\Users\ACER\AppData\Local\D3DSCache
2018-05-26 21:53 - 2018-05-26 21:53 - 000000000 ____D C:\ProgramData\ATI
2018-05-26 21:52 - 2018-05-26 21:52 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-05-26 21:48 - 2018-05-26 21:48 - 000000020 ___SH C:\Users\ACER\ntuser.ini
2018-05-26 21:46 - 2018-06-08 16:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-26 21:46 - 2018-06-03 09:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-05-26 21:46 - 2018-05-26 21:47 - 000003494 _____ C:\WINDOWS\System32\Tasks\EPSON XP-442 445 Series Update {3168F8E1-8176-40DB-AC77-178326BE3693}
2018-05-26 21:46 - 2018-05-26 21:46 - 000003456 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-26 21:46 - 2018-05-26 21:46 - 000003232 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-26 21:46 - 2018-05-26 21:46 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-292349617-3537619796-2692666305-1000
2018-05-26 21:46 - 2018-05-26 21:46 - 000002376 _____ C:\WINDOWS\System32\Tasks\{EE108CB9-0FD9-4617-8077-7A8F56237C89}
2018-05-26 21:46 - 2018-05-26 21:46 - 000002376 _____ C:\WINDOWS\System32\Tasks\{8D4E865F-5544-4FC5-84EF-C86B973AFFAA}
2018-05-26 21:46 - 2018-05-26 21:46 - 000002376 _____ C:\WINDOWS\System32\Tasks\{30D0762C-F47A-4744-AE86-A3EED836FD98}
2018-05-26 21:46 - 2018-05-26 21:46 - 000002348 _____ C:\WINDOWS\System32\Tasks\{4E279C54-51E4-407D-870A-E88055190A3D}
2018-05-26 21:46 - 2018-05-26 21:46 - 000002310 _____ C:\WINDOWS\System32\Tasks\{AD23E3EE-73DF-4C99-8C05-16F846F276D4}
2018-05-26 21:46 - 2018-05-26 21:46 - 000002280 _____ C:\WINDOWS\System32\Tasks\{14C11354-BA2B-4E67-A7CC-8A7CE3228917}
2018-05-26 21:46 - 2018-05-26 21:46 - 000002180 _____ C:\WINDOWS\System32\Tasks\{07AAB489-4446-428F-B7C4-1DA658579B63}
2018-05-26 21:46 - 2018-05-26 21:46 - 000000000 ____D C:\WINDOWS\System32\Tasks\WPD
2018-05-26 21:46 - 2018-05-26 21:46 - 000000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2018-05-26 21:46 - 2018-05-26 21:46 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2018-05-26 21:44 - 2018-05-26 21:46 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2018-05-26 21:44 - 2018-05-26 21:46 - 000011433 _____ C:\WINDOWS\diagerr.xml
2018-05-26 21:29 - 2018-05-26 21:29 - 000001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-05-26 21:25 - 2018-06-01 22:08 - 000000000 ____D C:\Users\DefaultAppPool
2018-05-26 21:25 - 2018-05-30 22:24 - 000000000 ____D C:\Users\ACER
2018-05-26 21:25 - 2018-05-26 21:25 - 000000000 _SHDL C:\Users\DefaultAppPool\Os Meus Documentos
2018-05-26 21:25 - 2018-05-26 21:25 - 000000000 _SHDL C:\Users\DefaultAppPool\Modelos
2018-05-26 21:25 - 2018-05-26 21:25 - 000000000 _SHDL C:\Users\DefaultAppPool\Menu Iniciar
2018-05-26 21:25 - 2018-05-26 21:25 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Os Meus Vídeos
2018-05-26 21:25 - 2018-05-26 21:25 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\As Minhas Imagens
2018-05-26 21:25 - 2018-05-26 21:25 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\A Minha Música
2018-05-26 21:25 - 2018-05-26 21:25 - 000000000 _SHDL C:\Users\DefaultAppPool\Definições Locais
2018-05-26 21:25 - 2018-05-26 21:25 - 000000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2018-05-26 21:25 - 2018-05-26 21:25 - 000000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Histórico
2018-05-26 21:25 - 2018-05-26 21:25 - 000000000 _SHDL C:\Users\ACER\Os Meus Documentos
2018-05-26 21:25 - 2018-05-26 21:25 - 000000000 _SHDL C:\Users\ACER\Modelos
2018-05-26 21:25 - 2018-05-26 21:25 - 000000000 _SHDL C:\Users\ACER\Menu Iniciar
2018-05-26 21:25 - 2018-05-26 21:25 - 000000000 _SHDL C:\Users\ACER\Documents\Os Meus Vídeos
2018-05-26 21:25 - 2018-05-26 21:25 - 000000000 _SHDL C:\Users\ACER\Documents\As Minhas Imagens
2018-05-26 21:25 - 2018-05-26 21:25 - 000000000 _SHDL C:\Users\ACER\Documents\A Minha Música
2018-05-26 21:25 - 2018-05-26 21:25 - 000000000 _SHDL C:\Users\ACER\Definições Locais
2018-05-26 21:25 - 2018-05-26 21:25 - 000000000 _SHDL C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2018-05-26 21:25 - 2018-05-26 21:25 - 000000000 _SHDL C:\Users\ACER\AppData\Local\Histórico
2018-05-26 21:25 - 2018-05-24 22:08 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\ATI
2018-05-26 21:25 - 2018-05-24 22:08 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Local\ATI
2018-05-26 21:25 - 2018-05-24 22:08 - 000000000 ____D C:\Users\ACER\AppData\Roaming\ATI
2018-05-26 21:25 - 2018-05-24 22:08 - 000000000 ____D C:\Users\ACER\AppData\Local\ATI
2018-05-26 21:25 - 2018-04-12 00:34 - 000001105 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-05-26 21:25 - 2018-04-12 00:34 - 000001105 _____ C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-05-26 21:25 - 2016-09-30 16:37 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs
2018-05-26 21:25 - 2016-09-30 16:37 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Macromedia
2018-05-26 21:25 - 2016-09-30 16:37 - 000000000 ____D C:\Users\ACER\AppData\Roaming\Media Center Programs
2018-05-26 21:25 - 2016-09-30 16:37 - 000000000 ____D C:\Users\ACER\AppData\Roaming\Macromedia
2018-05-26 21:21 - 2018-05-28 07:00 - 002028066 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-26 21:21 - 2018-05-26 21:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2018-05-26 21:21 - 2018-05-26 21:21 - 000000000 ____D C:\Program Files\ATI Technologies
2018-05-26 21:20 - 2018-05-26 21:20 - 000000000 ____D C:\ProgramData\USOShared
2018-05-26 21:19 - 2018-04-12 00:33 - 002752000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-05-26 21:16 - 2018-06-08 16:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-26 21:16 - 2018-06-03 11:08 - 000352840 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-26 20:45 - 2018-06-06 14:26 - 001112256 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2018-05-26 20:45 - 2018-06-06 14:26 - 000220360 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2018-05-26 20:45 - 2018-04-27 19:52 - 000085704 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kldisk.sys
2018-05-26 20:45 - 2018-02-24 05:17 - 000203968 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kneps.sys
2018-05-26 20:45 - 2018-02-17 02:50 - 000176328 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2018-05-26 20:45 - 2018-02-17 02:50 - 000100552 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwfp.sys
2018-05-26 20:45 - 2018-02-02 03:45 - 000122560 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klbackupflt.sys
2018-05-26 20:45 - 2018-01-15 05:13 - 000058048 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klkbdflt.sys
2018-05-26 20:45 - 2017-12-11 11:49 - 000083496 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klmouflt.sys
2018-05-26 20:45 - 2017-11-29 07:03 - 000045784 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpnpflt.sys
2018-05-26 20:45 - 2017-05-30 18:51 - 000050648 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpd.sys
2018-05-26 20:44 - 2018-05-26 20:44 - 000000000 ___DL C:\Users\Public\Recorded TV (2)
2018-05-26 20:43 - 2018-05-26 22:14 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-05-26 20:43 - 2018-05-26 20:43 - 000000000 ____D C:\Program Files\Common Files\SpeechEngines
2018-05-26 20:39 - 2018-05-26 20:43 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-05-26 20:29 - 2018-05-26 20:29 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2018-05-26 20:29 - 2018-05-26 20:29 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2018-05-26 20:29 - 2018-05-26 20:29 - 000000000 ____D C:\WINDOWS\system32\msmq
2018-05-26 20:29 - 2018-05-26 20:29 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2018-05-26 20:29 - 2018-05-26 20:29 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-05-26 20:29 - 2018-05-26 20:29 - 000000000 ____D C:\Program Files\MSBuild
2018-05-26 20:29 - 2018-05-26 20:29 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-05-26 20:29 - 2018-05-26 20:29 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-05-26 20:29 - 2018-05-26 20:29 - 000000000 ____D C:\inetpub
2018-05-26 20:26 - 2018-03-05 16:07 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-05-26 20:26 - 2018-03-05 16:07 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-05-26 20:26 - 2018-03-05 16:07 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-05-26 20:25 - 2018-02-14 16:21 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-05-26 20:25 - 2018-02-14 16:21 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-05-26 20:25 - 2018-02-14 16:21 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-05-26 20:11 - 2018-05-26 20:11 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-05-26 19:44 - 2018-06-08 18:48 - 000000000 ___DC C:\WINDOWS\Panther
2018-05-26 17:43 - 2018-05-27 13:40 - 000000000 ____D C:\Users\ACER\AppData\Local\PlaceholderTileLogoFolder
2018-05-25 19:36 - 2018-05-27 13:32 - 000000032 _____ C:\WINDOWS\SysWOW64\Eu(12-20170911).OD
2018-05-25 19:36 - 2018-05-25 19:36 - 000000000 ____D C:\ProgramData\SystemAcCrux
2018-05-25 19:36 - 2018-01-03 19:39 - 000075328 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\eubakup.sys
2018-05-25 19:36 - 2018-01-03 18:35 - 000206912 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\EuFdDisk.sys
2018-05-25 19:36 - 2018-01-03 18:35 - 000032832 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\eudskacs.sys
2018-05-25 19:36 - 2018-01-03 18:34 - 000062528 _____ C:\WINDOWS\system32\Drivers\EUBKMON.sys
2018-05-25 19:34 - 2018-05-27 13:36 - 000000000 ____D C:\Program Files (x86)\EaseUS
2018-05-25 18:48 - 2018-06-04 09:48 - 000000000 ____D C:\EEK
2018-05-25 18:40 - 2018-05-25 18:40 - 000000000 ____D C:\Users\ACER\AppData\Local\NPE
2018-05-25 18:25 - 2018-05-25 18:25 - 000000000 ____D C:\Users\ACER\AppData\Local\DBG
2018-05-25 18:22 - 2018-06-01 08:50 - 001125142 _____ C:\WINDOWS\ntbtlog.txt
2018-05-25 17:46 - 2018-05-25 17:46 - 000000000 ____D C:\Users\ACER\AppData\Local\Innovative Solutions
2018-05-25 13:58 - 2018-05-25 14:17 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2018-05-25 09:31 - 2018-05-25 09:31 - 000000000 ____D C:\Users\ACER\AppData\Local\Microsoft_Corporation
2018-05-25 08:58 - 2018-05-25 09:00 - 000004581 _____ C:\NetworkSettings.txt
2018-05-24 22:51 - 2018-05-24 22:51 - 000000000 ___DL C:\Users\Public\Recorded TV (1)
2018-05-24 22:44 - 2018-05-24 22:44 - 000000000 ___HD C:\Users\ACER\MicrosoftEdgeBackups
2018-05-24 22:40 - 2018-06-03 11:10 - 000000000 ___RD C:\Users\ACER\3D Objects
2018-05-24 22:15 - 2018-05-30 17:00 - 000000000 ____D C:\Users\ACER\AppData\Local\Packages
2018-05-24 22:08 - 2018-05-24 22:08 - 000000000 ____D C:\Users\Default\AppData\Roaming\ATI
2018-05-24 22:08 - 2018-05-24 22:08 - 000000000 ____D C:\Users\Default\AppData\Local\ATI
2018-05-24 22:08 - 2018-05-24 22:08 - 000000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2018-05-24 22:08 - 2018-05-24 22:08 - 000000000 ____D C:\Users\Default User\AppData\Local\ATI
2018-05-24 19:35 - 2018-05-24 19:35 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2018-05-24 18:57 - 2018-01-09 16:44 - 000108584 _____ (Microsoft Corporation) C:\WINDOWS\system32\osrss.dll
2018-05-24 09:15 - 2018-05-24 09:54 - 000000000 ____D C:\Users\ACER\AppData\Roaming\Panda Security
2018-05-24 09:12 - 2018-05-24 09:55 - 000000000 ____D C:\ProgramData\Panda Security
2018-05-23 10:55 - 2018-06-01 10:55 - 000000000 ____D C:\Users\ACER\Documents\Trabalho etc
2018-05-23 08:46 - 2018-05-23 08:46 - 000000831 _____ C:\WINDOWS\system32\Drivers\etc\hosts.txt
2018-05-22 19:24 - 2018-05-22 20:41 - 000000000 ____D C:\KVRT_Data
2018-05-22 17:10 - 2018-05-30 11:15 - 000000000 ____D C:\ProgramData\SecTaskMan
2018-05-22 17:10 - 2018-05-23 18:07 - 000000000 ____D C:\ProgramData\HitmanPro
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-06-08 19:16 - 2017-01-20 11:31 - 000000000 ____D C:\Users\ACER\AppData\LocalLow\Mozilla
2018-06-08 19:13 - 2017-06-13 08:43 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-06-08 19:06 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-06-08 19:04 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-06-08 16:29 - 2018-04-11 22:04 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2018-06-08 12:37 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-06-08 11:24 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-06-08 11:22 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2018-06-08 11:14 - 2017-01-27 13:45 - 000000000 ____D C:\Users\ACER\AppData\Local\ElevatedDiagnostics
2018-06-08 11:07 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2018-06-07 18:50 - 2015-11-27 08:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-06-07 11:53 - 2018-03-01 19:44 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-06-07 11:53 - 2018-03-01 19:44 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-06-06 18:33 - 2016-06-15 16:46 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-06 14:38 - 2017-06-13 08:44 - 000000000 ____D C:\Program Files\Common Files\AV
2018-06-06 14:36 - 2018-03-23 10:57 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-06-06 14:29 - 2018-03-23 11:04 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2018-06-06 14:27 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-06-06 10:21 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-06-06 00:29 - 2018-04-12 00:41 - 000835056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-06-06 00:29 - 2018-04-12 00:41 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-05 07:59 - 2011-06-06 09:11 - 000000000 ____D C:\Users\ACER\Documents\ANA
2018-06-04 20:36 - 2017-03-07 15:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-06-04 08:44 - 2011-04-30 22:36 - 000000000 ____D C:\Users\ACER\AppData\Roaming\SoftGrid Client
2018-06-03 11:10 - 2016-04-27 07:08 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\te-IN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\or-IN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\km-KH
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\is-IS
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\id-ID
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\be-BY
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\as-IN
2018-06-03 11:05 - 2018-04-12 17:43 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2018-06-03 11:05 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-06-03 11:05 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2018-06-03 11:05 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\ta-in
2018-06-03 11:05 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\si-lk
2018-06-03 11:05 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\setup
2018-06-03 11:05 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-06-03 11:05 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-06-03 11:05 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\am-et
2018-06-03 11:05 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Provisioning
2018-06-03 11:05 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-06-03 11:05 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-06-03 11:05 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-06-03 10:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-06-03 09:14 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Windows Defender
2018-06-01 18:52 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-06-01 08:45 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-06-01 08:45 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-05-31 21:49 - 2014-11-18 15:41 - 000000000 ____D C:\Users\ACER\AppData\Local\File Viewer
2018-05-30 16:56 - 2010-08-30 10:25 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-05-30 16:54 - 2011-04-30 22:52 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-05-30 16:46 - 2010-08-30 10:12 - 000000000 ____D C:\Program Files (x86)\Acer GameZone
2018-05-30 16:45 - 2011-12-04 14:56 - 000000000 ____D C:\ProgramData\CyberLink
2018-05-30 16:45 - 2010-08-30 10:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GameZone
2018-05-30 16:45 - 2010-08-30 10:03 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-05-30 10:58 - 2014-12-25 16:27 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-05-28 13:41 - 2018-04-11 22:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-05-28 07:00 - 2018-04-12 17:41 - 000867674 _____ C:\WINDOWS\system32\prfh0816.dat
2018-05-28 07:00 - 2018-04-12 17:41 - 000190008 _____ C:\WINDOWS\system32\prfc0816.dat
2018-05-27 19:50 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-05-27 11:14 - 2016-09-30 17:03 - 000000000 ____D C:\Users\ACER\AppData\Local\ConnectedDevicesPlatform
2018-05-27 07:53 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\appcompat
2018-05-26 22:15 - 2018-04-12 00:38 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-05-26 22:15 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2018-05-26 22:15 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2018-05-26 22:15 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-05-26 22:15 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-05-26 22:14 - 2018-05-08 09:00 - 000000000 ____D C:\WINDOWS\SysWOW64\%Data%
2018-05-26 22:14 - 2018-04-12 00:41 - 000000000 ____D C:\WINDOWS\Setup
2018-05-26 22:14 - 2018-04-12 00:38 - 000000000 __SHD C:\Program Files\Windows Sidebar
2018-05-26 22:14 - 2018-04-12 00:38 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2018-05-26 22:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\spool
2018-05-26 22:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\IME
2018-05-26 22:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\schemas
2018-05-26 22:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Resources
2018-05-26 22:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\L2Schemas
2018-05-26 22:14 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-05-26 22:14 - 2018-03-31 12:03 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.5
2018-05-26 22:14 - 2018-03-23 11:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2018-05-26 22:14 - 2018-01-12 15:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2018-05-26 22:14 - 2018-01-07 10:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Cleaner Pro
2018-05-26 22:14 - 2017-12-02 14:49 - 000000000 ____D C:\Program Files\UNP
2018-05-26 22:14 - 2014-11-18 15:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Viewer Lite
2018-05-26 22:14 - 2014-06-20 19:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-05-26 22:14 - 2014-06-18 18:01 - 000000000 ____D C:\WINDOWS\SysWOW64\%Report%
2018-05-26 22:14 - 2012-05-12 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2018-05-26 22:14 - 2012-05-12 16:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2018-05-26 22:14 - 2012-01-09 11:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Adobe
2018-05-26 22:14 - 2011-06-24 07:26 - 000000000 ____D C:\WINDOWS\system32\SPReview
2018-05-26 22:14 - 2011-06-24 07:24 - 000000000 ____D C:\WINDOWS\system32\EventProviders
2018-05-26 22:14 - 2011-05-04 10:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Português)
2018-05-26 22:14 - 2010-10-20 07:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker 9
2018-05-26 22:14 - 2010-10-20 07:02 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2018-05-26 22:14 - 2010-08-30 10:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Backup Manager
2018-05-26 22:14 - 2010-08-30 10:21 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2018-05-26 22:14 - 2010-08-30 10:21 - 000000000 ____D C:\WINDOWS\oem
2018-05-26 22:14 - 2010-08-30 10:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-05-26 22:14 - 2010-08-30 10:10 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSobi v2
2018-05-26 22:14 - 2010-08-30 10:04 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-05-26 22:14 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-05-26 22:14 - 2009-07-14 04:20 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2018-05-26 21:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Registration
2018-05-26 21:48 - 2016-06-16 13:07 - 000000000 ____D C:\Windows10Upgrade
2018-05-26 21:47 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\windows nt
2018-05-26 21:47 - 2016-06-16 13:07 - 000000000 ___HD C:\$GetCurrent
2018-05-26 21:39 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-05-26 21:38 - 2018-04-12 00:38 - 000000000 __RSD C:\WINDOWS\media
2018-05-26 21:38 - 2016-06-16 22:25 - 000023220 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-05-26 21:21 - 2016-09-30 16:25 - 000000000 ____D C:\Program Files (x86)\ATI Technologies
2018-05-26 21:20 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\USOPrivate
2018-05-26 21:20 - 2016-09-30 16:27 - 001941280 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2018-05-26 21:20 - 2016-06-16 22:45 - 000000000 ____D C:\AMD
2018-05-26 21:19 - 2016-09-30 16:23 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-05-26 20:53 - 2018-04-12 00:38 - 000000000 __RHD C:\Users\Public\Libraries
2018-05-26 20:44 - 2018-04-12 17:42 - 000000000 ____D C:\WINDOWS\OCR
2018-05-26 20:44 - 2018-01-12 15:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2018-05-26 20:44 - 2015-04-12 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Declarações Electrónicas
2018-05-26 20:43 - 2016-09-30 16:24 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2018-05-26 20:43 - 2016-09-30 16:24 - 000000000 ____D C:\Program Files\AMD
2018-05-26 20:43 - 2016-09-30 16:23 - 000000000 ____D C:\Program Files\Synaptics
2018-05-26 20:43 - 2016-09-30 16:23 - 000000000 ____D C:\Program Files\Realtek
2018-05-26 20:43 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Microsoft Games
2018-05-26 20:29 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2018-05-26 20:29 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2018-05-26 20:29 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\MUI
2018-05-26 20:29 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2018-05-26 20:28 - 2018-04-12 00:35 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2018-05-26 20:28 - 2018-04-12 00:35 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2018-05-26 20:28 - 2018-04-12 00:35 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2018-05-26 20:28 - 2018-04-12 00:35 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2018-05-26 20:28 - 2018-04-12 00:35 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2018-05-26 20:28 - 2018-04-12 00:35 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2018-05-26 20:28 - 2018-04-12 00:35 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2018-05-26 20:28 - 2018-04-12 00:35 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2018-05-26 20:28 - 2018-04-12 00:35 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2018-05-26 20:28 - 2018-04-12 00:35 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2018-05-26 20:28 - 2018-04-12 00:35 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2018-05-26 20:28 - 2018-04-12 00:35 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2018-05-26 20:28 - 2018-04-12 00:35 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2018-05-26 20:28 - 2018-04-12 00:35 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2018-05-26 20:28 - 2018-04-12 00:35 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2018-05-26 20:28 - 2018-04-12 00:35 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2018-05-26 20:28 - 2018-04-12 00:35 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2018-05-26 20:28 - 2018-04-12 00:35 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2018-05-26 20:28 - 2018-04-12 00:35 - 000009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2018-05-26 20:28 - 2018-04-12 00:33 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2018-05-26 20:28 - 2018-04-12 00:33 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-05-26 20:28 - 2018-04-12 00:33 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2018-05-26 20:28 - 2018-04-12 00:33 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2018-05-26 20:28 - 2018-04-12 00:33 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2018-05-26 20:27 - 2018-04-12 00:35 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2018-05-26 20:27 - 2018-04-12 00:35 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2018-05-26 20:27 - 2018-04-12 00:35 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2018-05-26 20:27 - 2018-04-12 00:35 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2018-05-26 20:27 - 2018-04-12 00:35 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2018-05-26 20:27 - 2018-04-12 00:33 - 001409536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2018-05-26 20:27 - 2018-04-12 00:33 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2018-05-26 20:27 - 2018-04-12 00:33 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2018-05-26 20:27 - 2018-04-12 00:33 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2018-05-26 20:27 - 2018-04-12 00:33 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2018-05-26 20:27 - 2018-04-12 00:33 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2018-05-26 20:27 - 2018-04-12 00:33 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2018-05-26 20:27 - 2018-04-12 00:33 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2018-05-26 20:27 - 2018-04-12 00:33 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2018-05-26 20:27 - 2018-04-12 00:33 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2018-05-26 20:27 - 2018-04-12 00:33 - 000009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2018-05-26 19:26 - 2016-06-16 14:28 - 000000066 _____ C:\WINDOWS\progress.ini
2018-05-26 18:00 - 2016-06-16 13:07 - 000000723 _____ C:\Users\ACER\Desktop\Assistente de Atualização do Windows 10.lnk
2018-05-26 17:56 - 2016-06-16 13:07 - 000000735 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistente de Atualização do Windows 10.lnk
2018-05-26 09:36 - 2018-05-02 17:56 - 000000000 ____D C:\found.002
2018-05-25 22:44 - 2017-12-02 20:43 - 000000000 ____D C:\Users\ACER\Documents\contas ban
2018-05-25 18:40 - 2012-03-23 15:49 - 000000000 ____D C:\ProgramData\Norton
2018-05-25 09:27 - 2016-06-16 22:43 - 000000000 ___RD C:\Users\ACER\OneDrive
2018-05-24 23:00 - 2011-06-04 22:43 - 000000000 ____D C:\Program Files\Windows Live
2018-05-24 23:00 - 2010-10-20 07:02 - 000000000 ____D C:\Program Files (x86)\Windows Live
2018-05-24 22:41 - 2016-06-16 22:35 - 000000000 ____D C:\Users\ACER\AppData\Local\TileDataLayer
2018-05-24 19:35 - 2017-12-03 11:03 - 000000000 ____D C:\Program Files\rempl
2018-05-24 19:35 - 2017-07-02 17:39 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
2018-05-24 11:58 - 2017-12-03 10:04 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-24 11:57 - 2011-06-04 22:37 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-05-22 17:09 - 2013-06-23 08:06 - 000000000 ____D C:\Program Files (x86)\Java
2018-05-17 22:52 - 2011-06-15 22:19 - 000002921 _____ C:\WINDOWS\wininit.ini
==================== Files in the root of some directories =======
2018-06-01 10:58 - 2018-06-01 10:58 - 000003584 _____ () C:\Users\ACER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-13 11:35 - 2012-04-28 10:00 - 000017408 _____ () C:\Users\ACER\AppData\Local\WebpageIcons.db
2016-06-13 11:35 - 2014-11-10 09:13 - 000000000 _____ () C:\Users\ACER\AppData\Local\{35606BAC-89AC-40FE-8F0F-EAD6D0104D73}
2016-06-13 11:35 - 2015-01-11 08:57 - 000000000 _____ () C:\Users\ACER\AppData\Local\{B2C4ECFA-4248-4E24-925F-61B9B8D51142}
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-26 21:16
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01
Ran by ACER (08-06-2018 19:19:06)
Running from C:\Users\ACER\Desktop
Windows 10 Home Version 1803 17134.48 (X64) (2018-05-26 20:48:09)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
ACER (S-1-5-21-292349617-3537619796-2692666305-1000 - Administrator - Enabled) => C:\Users\ACER
Administrador (S-1-5-21-292349617-3537619796-2692666305-500 - Administrator - Disabled)
Convidado (S-1-5-21-292349617-3537619796-2692666305-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-292349617-3537619796-2692666305-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-292349617-3537619796-2692666305-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-292349617-3537619796-2692666305-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Internet Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0707.2010 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 29.0.0.112 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.2.202 - Adobe Systems, Inc.)
Airport Mania First Flight (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}) (Version: - Oberon Media)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22452 - Microsoft Corporation)
ATI Catalyst Install Manager (HKLM\...\{BAF4695F-7867-D8B2-528A-A1EF2EE0A9EF}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
Backup Manager Basic (HKLM-x32\...\{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems) Hidden
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.0.2.3 - Broadcom Corporation)
ccc-core-static (HKLM-x32\...\{28849F27-E11E-F067-C4B5-7F4CDB75D473}) (Version: 2010.0825.2205.37769 - Nome de sua empresa:) Hidden
Complemento Messenger (HKLM-x32\...\{3A09ED0F-8DDF-47BB-B53D-841AB9D1D3A7}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Creative Mass Storage Drivers (HKLM-x32\...\Creative Mass Storage Drivers) (Version: - )
Creative Mass Storage Drivers (HKLM-x32\...\MuVo Driver) (Version: - )
Creative System Information (HKLM-x32\...\SysInfo) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media)
Duplicate Cleaner Pro 4.1.0 (HKLM-x32\...\Duplicate Cleaner Pro) (Version: 4.1.0 - DigitalVolcano Software Ltd)
Easy Photo Scan (HKLM-x32\...\{BB6241FF-8B76-45A5-95B9-888EDE8E47DC}) (Version: 1.00.0010 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{F05A434E-D3CF-4B44-9D3E-779D42090781}) (Version: 2.8.0.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION)
EPSON XP-442 445 Series Printer Uninstall (HKLM\...\EPSON XP-442 445 Series) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
eSobi v2 (HKLM-x32\...\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.) Hidden
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media)
File Identifier (HKLM-x32\...\{C257E434-E8F1-4E06-A616-598E4933553E}_is1) (Version: 1.0.6 - Sharpened Productions)
File Viewer Lite (HKLM-x32\...\{C8B24B83-920A-446E-B027-38F72C9D8898}_is1) (Version: 1.2 - Sharpened Productions)
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.62 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
IRS - Modelo 3 2015.0.21.0018 (HKLM-x32\...\4041-6604-5356-9627) (Version: 2015.0.21.0018 - AT)
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.14 - Acer Inc.)
Manuais EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.54.0.0 - Seiko Epson Corporation)
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version: - Oberon Media)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Clique-e-Use 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1006 - Microsoft Corporation)
Microsoft Office Starter 2010 - Português (HKLM-x32\...\{90140011-0066-0816-0000-0000000FF1CE}) (Version: 14.0.4763.1006 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-292349617-3537619796-2692666305-1000\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 60.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 60.0.2 (x64 en-US)) (Version: 60.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0 - Mozilla)
Mozilla Thunderbird 52.8.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.8.0 (x86 en-US)) (Version: 52.8.0 - Mozilla)
NTI Media Maker 9 (HKLM-x32\...\{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8928 - NTI Corporation) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8928 - NTI Corporation)
OpenOffice 4.1.5 (HKLM-x32\...\{ABCAD346-4F4B-49E9-9AA1-28EF8C26059D}) (Version: 4.15.9789 - Apache Software Foundation)
paint.net (HKLM\...\{E8FA8815-3817-4128-A814-E2EAC456ADF0}) (Version: 4.0.21 - dotPDN LLC)
PX Profile Update (HKLM-x32\...\{98A26988-E99C-2EA6-684A-3FFE6F3A90F9}) (Version: 1.00.1. - AMD) Hidden
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.1.3.6 - Synaptics Incorporated)
TuneUp Utilities Language Pack (de-DE) (HKLM-x32\...\{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}) (Version: 12.0.3500.13 - TuneUp Software) Hidden
Unity Web Player (HKU\S-1-5-21-292349617-3537619796-2692666305-1000\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{DA171DF3-18B3-446E-BCA6-C08069850FD2}) (Version: 2.36.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{57D07AAD-97E2-4E16-89C4-1A3C51BC9C98}) (Version: 1.16.0.0 - Microsoft Corporation) Hidden
Veetle TV (HKLM-x32\...\Veetle TV) (Version: 0.9.19 - Veetle, Inc)
Visualizador do Microsoft PowerPoint (HKLM-x32\...\{95140000-00AF-0816-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3004 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{587139F5-9B76-4D5A-94C6-76E6B219BF7F}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-292349617-3537619796-2692666305-1000_Classes\CLSID\{F09690BD-582D-4439-B6ED-5C2545D2F424}\InprocServer32 -> C:\WINDOWS\system32\kernel32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [4SyncOverlay1] -> {2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} => -> No File
ShellIconOverlayIdentifiers: [4SyncOverlay2] -> {C72C6188-BEF2-46E5-A89A-52F0ED75219E} => -> No File
ShellIconOverlayIdentifiers: [4SyncOverlay3] -> {C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} => -> No File
ContextMenuHandlers1: [CopyPathExt] -> {7E41911F-13AA-11D3-A831-00104B9E30B5} => -> No File
ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-06-06] (AO Kaspersky Lab)
ContextMenuHandlers2: [CopyPathExt] -> {7E41911F-13AA-11D3-A831-00104B9E30B5} => -> No File
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-06-06] (AO Kaspersky Lab)
ContextMenuHandlers4: [CopyPathExt] -> {7E41911F-13AA-11D3-A831-00104B9E30B5} => -> No File
ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-06-06] (AO Kaspersky Lab)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-06-06] (AO Kaspersky Lab)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0B3D94A9-1C4F-4331-B0A1-65C3E29FD758} - System32\Tasks\{4E279C54-51E4-407D-870A-E88055190A3D} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Creative\Support\System Information\CTSI.exe"
Task: {1328B193-7830-455A-BF1C-C1D49756CCF6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-06-03] (Microsoft Corporation)
Task: {16910690-5FE7-4BD1-8F28-C15AA8EFF2D4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-06-03] (Microsoft Corporation)
Task: {36C036CB-EEBF-4D1D-8CE2-11EE8F921333} - System32\Tasks\{EE108CB9-0FD9-4617-8077-7A8F56237C89} => C:\Windows\system32\pcalua.exe -a C:\Users\ACER\AppData\Local\Temp\jre-8u66-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {97321992-C161-4735-869A-F4CA1C3598D0} - System32\Tasks\{8D4E865F-5544-4FC5-84EF-C86B973AFFAA} => C:\Windows\system32\pcalua.exe -a C:\Users\ACER\AppData\Local\Temp\jre-8u71-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {9862F9F8-432E-4928-ACD9-DD76084C9667} - System32\Tasks\{AD23E3EE-73DF-4C99-8C05-16F846F276D4} => C:\Windows\system32\pcalua.exe -a C:\Users\ACER\AppData\Local\TNT2\2.0.0.1895\TNT2User.exe -c /UNINSTALL PARTNER=11147
Task: {A17AC0F7-77B0-4730-8E94-E293354B0503} - System32\Tasks\{30D0762C-F47A-4744-AE86-A3EED836FD98} => C:\Windows\system32\pcalua.exe -a C:\Users\ACER\AppData\Local\Temp\jre-8u73-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {A9E41B88-EBEF-47B1-84F2-78D197736BEA} - System32\Tasks\{14C11354-BA2B-4E67-A7CC-8A7CE3228917} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\ACER\Searches\setup_basic_2436.exe -d C:\Users\ACER\Searches
Task: {B139E471-282A-4649-8462-959257D086E2} - System32\Tasks\{07AAB489-4446-428F-B7C4-1DA658579B63} => C:\Windows\system32\pcalua.exe -a D:\SETUP.EXE -d D:\
Task: {B50623BD-B489-4071-862C-03D4C8E5E4A4} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {C09E8E74-8F7E-4CCC-BE1D-DC5589CB934D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-06-03] (Microsoft Corporation)
Task: {C117BAEE-FABA-4E6D-BC8F-F11559FD65F5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-15] (Google Inc.)
Task: {C9D7C0DA-5849-4F43-9578-BC38AFD143E6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-06-03] (Microsoft Corporation)
Task: {CF01B094-0975-458C-AE7B-564165962AA2} - System32\Tasks\EPSON XP-442 445 Series Update {3168F8E1-8176-40DB-AC77-178326BE3693} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRDE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {D4951A5F-86A1-4762-B6AC-26AB0AA61A69} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-15] (Google Inc.)
Task: {E59D220E-E17F-4452-A8C4-B339F23CA7DE} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {EC8DB41E-4CD8-41AF-B775-0001236A1883} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\EPSON XP-442 445 Series Update {3168F8E1-8176-40DB-AC77-178326BE3693}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRDE.EXE:/EXE:{3168F8E1-8176-40DB-AC77-178326BE3693} /F:UpdateWORKGROUP\ACER-PC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-04-12 00:35 - 2018-04-12 17:43 - 002184704 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2010-06-28 23:20 - 2010-06-28 23:20 - 000465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-06-28 23:12 - 2010-06-28 23:12 - 001081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0 [121]
AlternateDataStreams: C:\ProgramData\Temp:1A60DE96 [134]
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2 [146]
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F [144]
AlternateDataStreams: C:\ProgramData\Temp:798A3728 [118]
AlternateDataStreams: C:\ProgramData\Temp:93EB7685 [143]
AlternateDataStreams: C:\ProgramData\Temp:CDFF58FE [149]
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D [129]
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57 [272]
AlternateDataStreams: C:\ProgramData\Temp:E3C56885 [119]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2017-09-29 14:44 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-292349617-3537619796-2692666305-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ACER\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\Amazing-Lighthouse-Wallpaper-05-2560x1600.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: EpsonScanSvc => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MozillaMaintenance => 3
HKLM\...\StartupApproved\Run: => "PLFSetI"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LManager"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKU\S-1-5-21-292349617-3537619796-2692666305-1000\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
03-06-2018 15:12:14 Cópia de Segurança do Windows
03-06-2018 19:00:05 Cópia de Segurança do Windows
08-06-2018 11:15:57 Microsoft Software Repair Tool
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/08/2018 05:24:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: MicrosoftEdgeCP.exe, versão: 11.0.17134.48, carimbo de data/hora: 0x5ae3f17b
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000409
Desvio de falha: 0x000000000000008c
ID do processo com falha: 0x110c
Hora de início da aplicação com falha: 0x01d3ff451dbcb8ce
Caminho da aplicação com falha: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Caminho do módulo com falha: unknown
ID do Relatório: 5b5d8a86-8480-48c7-9ebc-748b79b16a77
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe
ID da aplicação relativa ao pacote com falha: ContentProcess
Error: (06/08/2018 11:40:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: MicrosoftEdgeCP.exe, versão: 11.0.17134.48, carimbo de data/hora: 0x5ae3f17b
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000409
Desvio de falha: 0x000000000000008c
ID do processo com falha: 0x217c
Hora de início da aplicação com falha: 0x01d3ff151e06f1ab
Caminho da aplicação com falha: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Caminho do módulo com falha: unknown
ID do Relatório: e1b3278f-0f20-4d4e-b468-7ee5e6747be3
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe
ID da aplicação relativa ao pacote com falha: ContentProcess
Error: (06/08/2018 10:52:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa explorer.exe versão 10.0.17134.1 deixou de interagir com o Windows e foi fechado. Para verificar se existem mais informações disponíveis sobre o problema, consulte o histórico de problemas no painel de controlo de Segurança e Manutenção.
ID do Processo: 1838
Hora de Início: 01d3ff0dc1802159
Hora de Cessação: 56842
Caminho da Aplicação: C:\Windows\explorer.exe
ID do Relatório: 97c26bda-6904-468f-aa71-920c2be4a858
Nome completo do pacote com falha:
ID da aplicação relativa ao pacote com falha:
Error: (06/06/2018 02:58:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: MicrosoftEdgeCP.exe, versão: 11.0.17134.48, carimbo de data/hora: 0x5ae3f17b
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000409
Desvio de falha: 0x000000000000008c
ID do processo com falha: 0x76c
Hora de início da aplicação com falha: 0x01d3fd9e70560c15
Caminho da aplicação com falha: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Caminho do módulo com falha: unknown
ID do Relatório: 269e5a7e-a182-430b-a348-5bac3910de90
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe
ID da aplicação relativa ao pacote com falha: ContentProcess
Error: (06/05/2018 07:51:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: MicrosoftEdgeCP.exe, versão: 11.0.17134.48, carimbo de data/hora: 0x5ae3f17b
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000409
Desvio de falha: 0x000000000000008c
ID do processo com falha: 0x178c
Hora de início da aplicação com falha: 0x01d3fc999c83662d
Caminho da aplicação com falha: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Caminho do módulo com falha: unknown
ID do Relatório: 25949d57-ec78-44f4-8c66-635f711b0975
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe
ID da aplicação relativa ao pacote com falha: ContentProcess
Error: (06/04/2018 02:59:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: MicrosoftEdgeCP.exe, versão: 11.0.17134.48, carimbo de data/hora: 0x5ae3f17b
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000409
Desvio de falha: 0x000000000000008c
ID do processo com falha: 0x147c
Hora de início da aplicação com falha: 0x01d3fc0c3cf2119c
Caminho da aplicação com falha: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Caminho do módulo com falha: unknown
ID do Relatório: a0fd91fd-f052-49f9-a744-19d1b1130e15
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe
ID da aplicação relativa ao pacote com falha: ContentProcess
Error: (06/04/2018 08:56:11 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Apenas informações.
(Patch task for {90140011-0066-0816-0000-0000000FF1CE}): DownloadLatest Failed: Não existem ligações de rede ativas presentemente. O 'Serviço de transferência inteligente em segundo plano' (BITS) tentará novamente quando estiver ligado um adaptador.
Error: (06/04/2018 07:18:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: MicrosoftEdgeCP.exe, versão: 11.0.17134.48, carimbo de data/hora: 0x5ae3f17b
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000409
Desvio de falha: 0x000000000000008c
ID do processo com falha: 0x6ac
Hora de início da aplicação com falha: 0x01d3fbcbe0546559
Caminho da aplicação com falha: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Caminho do módulo com falha: unknown
ID do Relatório: 4dd67bc7-47c2-44c8-9112-75f0ae9f1658
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe
ID da aplicação relativa ao pacote com falha: ContentProcess
System errors:
=============
Error: (06/08/2018 04:53:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: As definições de permissão de específico/a(s) da aplicação não concedem permissão de Local Iniciação para a aplicação de Servidor COM com CLSID
Windows.SecurityCenter.WscBrokerManager
e APPID
Indisponível
ao SID (S-1-5-18) de utilizador NT AUTHORITY\SYSTEM a partir do endereço LocalHost (Com LRPC) em execução no SID (Indisponível) de contentor aplicacional Indisponível. Esta permissão de segurança pode ser modificada utilizando a ferramenta administrativa de Serviços de Componentes.
Error: (06/08/2018 04:53:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: As definições de permissão de específico/a(s) da aplicação não concedem permissão de Local Iniciação para a aplicação de Servidor COM com CLSID
Windows.SecurityCenter.WscBrokerManager
e APPID
Indisponível
ao SID (S-1-5-18) de utilizador NT AUTHORITY\SYSTEM a partir do endereço LocalHost (Com LRPC) em execução no SID (Indisponível) de contentor aplicacional Indisponível. Esta permissão de segurança pode ser modificada utilizando a ferramenta administrativa de Serviços de Componentes.
Error: (06/08/2018 04:53:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: As definições de permissão de específico/a(s) da aplicação não concedem permissão de Local Iniciação para a aplicação de Servidor COM com CLSID
Windows.SecurityCenter.WscBrokerManager
e APPID
Indisponível
ao SID (S-1-5-18) de utilizador NT AUTHORITY\SYSTEM a partir do endereço LocalHost (Com LRPC) em execução no SID (Indisponível) de contentor aplicacional Indisponível. Esta permissão de segurança pode ser modificada utilizando a ferramenta administrativa de Serviços de Componentes.
Error: (06/08/2018 04:50:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: As definições de permissão de específico/a(s) da aplicação não concedem permissão de Local Iniciação para a aplicação de Servidor COM com CLSID
Windows.SecurityCenter.WscDataProtection
e APPID
Indisponível
ao SID (S-1-5-18) de utilizador NT AUTHORITY\SYSTEM a partir do endereço LocalHost (Com LRPC) em execução no SID (Indisponível) de contentor aplicacional Indisponível. Esta permissão de segurança pode ser modificada utilizando a ferramenta administrativa de Serviços de Componentes.
Error: (06/08/2018 04:26:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: As definições de permissão de específico/a(s) da aplicação não concedem permissão de Local Iniciação para a aplicação de Servidor COM com CLSID
Windows.SecurityCenter.WscDataProtection
e APPID
Indisponível
ao SID (S-1-5-18) de utilizador NT AUTHORITY\SYSTEM a partir do endereço LocalHost (Com LRPC) em execução no SID (Indisponível) de contentor aplicacional Indisponível. Esta permissão de segurança pode ser modificada utilizando a ferramenta administrativa de Serviços de Componentes.
Error: (06/08/2018 02:25:51 PM) (Source: DCOM) (EventID: 10016) (User: ACER-PC)
Description: As definições de permissão de específico/a(s) da aplicação não concedem permissão de Local Ativação para a aplicação de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao SID (S-1-5-21-292349617-3537619796-2692666305-1000) de utilizador ACER-PC\ACER a partir do endereço LocalHost (Com LRPC) em execução no SID (Indisponível) de contentor aplicacional Indisponível. Esta permissão de segurança pode ser modificada utilizando a ferramenta administrativa de Serviços de Componentes.
Error: (06/08/2018 02:21:52 PM) (Source: DCOM) (EventID: 10016) (User: ACER-PC)
Description: As definições de permissão de específico/a(s) da aplicação não concedem permissão de Local Ativação para a aplicação de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao SID (S-1-5-21-292349617-3537619796-2692666305-1000) de utilizador ACER-PC\ACER a partir do endereço LocalHost (Com LRPC) em execução no SID (Indisponível) de contentor aplicacional Indisponível. Esta permissão de segurança pode ser modificada utilizando a ferramenta administrativa de Serviços de Componentes.
Error: (06/08/2018 02:20:46 PM) (Source: DCOM) (EventID: 10016) (User: ACER-PC)
Description: As definições de permissão de específico/a(s) da aplicação não concedem permissão de Local Ativação para a aplicação de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao SID (S-1-5-21-292349617-3537619796-2692666305-1000) de utilizador ACER-PC\ACER a partir do endereço LocalHost (Com LRPC) em execução no SID (Indisponível) de contentor aplicacional Indisponível. Esta permissão de segurança pode ser modificada utilizando a ferramenta administrativa de Serviços de Componentes.
Windows Defender:
===================================
Date: 2018-06-08 16:06:07.843
Description:
A análise de Antivírus do Windows Defender foi parada antes de ser concluída.
ID de Análise: {A09C3E2C-AFEF-4050-ACF1-9B4C6CB05BBA}
Tipo de Análise: Antimalware
Parâmetros de Análise: Análise Rápida
Utilizador: NT AUTHORITY\SYSTEM
Date: 2018-06-08 14:16:40.542
Description:
A análise de Antivírus do Windows Defender foi parada antes de ser concluída.
ID de Análise: {053672F0-0C4D-4828-A4A3-B76E1C55DB70}
Tipo de Análise: Antimalware
Parâmetros de Análise: Análise Rápida
Utilizador: NT AUTHORITY\SYSTEM
Date: 2018-06-08 10:20:40.847
Description:
A análise de Antivírus do Windows Defender foi parada antes de ser concluída.
ID de Análise: {A8333381-C3D4-48D9-A834-BBFE0205D09E}
Tipo de Análise: Antimalware
Parâmetros de Análise: Análise Rápida
Utilizador: NT AUTHORITY\SYSTEM
Date: 2018-06-08 10:13:44.587
Description:
A análise de Antivírus do Windows Defender foi parada antes de ser concluída.
ID de Análise: {8AD9CE7C-A944-4D48-8B29-2FEA17304BC3}
Tipo de Análise: Antimalware
Parâmetros de Análise: Análise Rápida
Utilizador: NT AUTHORITY\SYSTEM
Date: 2018-06-06 15:43:31.110
Description:
A análise de Antivírus do Windows Defender foi parada antes de ser concluída.
ID de Análise: {8AF15F7B-065D-40A6-AB15-314E79DCD36D}
Tipo de Análise: Antimalware
Parâmetros de Análise: Análise Rápida
Utilizador: NT AUTHORITY\SYSTEM
Date: 2018-06-05 10:44:22.003
Description:
Antivírus do Windows Defender encontrou um erro ao tentar atualizar assinaturas.
Nova Versão de Assinatura:
Versão de Assinatura Anterior: 1.269.518.0
Origem de Atualização: Centro Microsoft de Proteção Contra Software Maligno
Tipo de Assinatura: Antivírus
Tipo de Atualização: Completo
Utilizador: NT AUTHORITY\Serviço de rede
Versão de Motor Atual:
Versão de Motor Anterior: 1.1.14901.4
Código de Erro: 0x80072ee7
Descrição do Erro: Não foi possível processar o nome ou o endereço do servidor
Date: 2018-06-05 10:44:22.002
Description:
Antivírus do Windows Defender encontrou um erro ao tentar atualizar assinaturas.
Nova Versão de Assinatura:
Versão de Assinatura Anterior: 1.269.518.0
Origem de Atualização: Centro Microsoft de Proteção Contra Software Maligno
Tipo de Assinatura: AntiSpyware
Tipo de Atualização: Completo
Utilizador: NT AUTHORITY\Serviço de rede
Versão de Motor Atual:
Versão de Motor Anterior: 1.1.14901.4
Código de Erro: 0x80072ee7
Descrição do Erro: Não foi possível processar o nome ou o endereço do servidor
Date: 2018-06-05 10:44:22.001
Description:
Antivírus do Windows Defender encontrou um erro ao tentar atualizar assinaturas.
Nova Versão de Assinatura:
Versão de Assinatura Anterior: 1.269.518.0
Origem de Atualização: Centro Microsoft de Proteção Contra Software Maligno
Tipo de Assinatura: Antivírus
Tipo de Atualização: Completo
Utilizador: NT AUTHORITY\Serviço de rede
Versão de Motor Atual:
Versão de Motor Anterior: 1.1.14901.4
Código de Erro: 0x80072ee7
Descrição do Erro: Não foi possível processar o nome ou o endereço do servidor
Date: 2018-06-05 10:44:21.977
Description:
Antivírus do Windows Defender encontrou um erro ao tentar atualizar assinaturas.
Nova Versão de Assinatura:
Versão de Assinatura Anterior: 1.269.518.0
Origem de Atualização: Centro Microsoft de Proteção Contra Software Maligno
Tipo de Assinatura: Antivírus
Tipo de Atualização: Completo
Utilizador: NT AUTHORITY\Serviço de rede
Versão de Motor Atual:
Versão de Motor Anterior: 1.1.14901.4
Código de Erro: 0x80072ee7
Descrição do Erro: Não foi possível processar o nome ou o endereço do servidor
Date: 2018-06-05 10:44:21.976
Description:
Antivírus do Windows Defender encontrou um erro ao tentar atualizar assinaturas.
Nova Versão de Assinatura:
Versão de Assinatura Anterior: 1.269.518.0
Origem de Atualização: Centro Microsoft de Proteção Contra Software Maligno
Tipo de Assinatura: AntiSpyware
Tipo de Atualização: Completo
Utilizador: NT AUTHORITY\Serviço de rede
Versão de Motor Atual:
Versão de Motor Anterior: 1.1.14901.4
Código de Erro: 0x80072ee7
Descrição do Erro: Não foi possível processar o nome ou o endereço do servidor
CodeIntegrity:
===================================
Date: 2018-06-01 17:51:26.322
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\$Recycle.Bin\S-1-5-21-292349617-3537619796-2692666305-1000\$RZ0XOOI.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-06-01 17:51:26.282
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\$Recycle.Bin\S-1-5-21-292349617-3537619796-2692666305-1000\$RZ0XOOI.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-06-01 17:51:26.252
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\$Recycle.Bin\S-1-5-21-292349617-3537619796-2692666305-1000\$RZ0XOOI.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-06-01 17:51:26.230
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\$Recycle.Bin\S-1-5-21-292349617-3537619796-2692666305-1000\$RZ0XOOI.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-06-01 17:51:20.151
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\ACER\Pictures\Saved Pictures\Windows.old\WINDOWS\System32\Windows.Devices.Perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-06-01 17:51:20.114
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\ACER\Pictures\Saved Pictures\Windows.old\WINDOWS\System32\Windows.Devices.Perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-06-01 17:51:20.087
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\ACER\Pictures\Saved Pictures\Windows.old\WINDOWS\System32\Windows.Devices.Perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-06-01 17:51:20.058
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\ACER\Pictures\Saved Pictures\Windows.old\WINDOWS\System32\Windows.Devices.Perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel® Core i3 CPU M 370 @ 2.40GHz
Percentage of memory in use: 48%
Total physical RAM: 3958.71 MB
Available physical RAM: 2038.16 MB
Total Virtual: 7926.71 MB
Available Virtual: 5749.07 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:284.99 GB) (Free:207.22 GB) NTFS
\\?\Volume{703b65b1-dc0b-11df-94e5-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{703b65b0-dc0b-11df-94e5-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:13 GB) (Free:1.65 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 1E308DF6)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Edited by Skybluesky, 09 June 2018 - 04:41 AM.