Ir ao conteúdo
  • Cadastre-se
Sérgio Ricardo Bulhôes Carvalho

Acredito que minha maquina esta infectada com VSnapshotServ

Recommended Posts

Acredito que minha maquina esta infectada com VSnapshotServ pelo menos o anti virus 360 diz que ele foi processado porém o teclado se porta de maneira estranha as teclas principalmente de atalho executam tarefas diferentes do que é solicitado.Náo sei realmente o que ocorreu não sei se foi o backup que fiz de meu cel antigo mais não entendo como o antivirus não indicou e só encontrou quando fiz uma varredura completa. Me ajude por favor.

 

Fico no aguardo

Relatorio Virus 17-05-18.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Sérgio Ricardo Bulhôes Carvalho

 

Por favor, atente para o seguinte:

  • Sobre o Fórum: Este é um espaço privado, não público. Seu uso é um privilégio, não um direito;
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • IMPORTANTE: Caso tenha programas de ativação do windows ou de compartilhamento de torrent, sugiro desinstalar. Só irei dar procedimento na analise após a remoção. Regras do forum;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Respeite a ordem das instruções passadas;
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Ao invés de criar um novo tópico, peço que continue com este e faça uma resposta anexando o log do ZA-Scan, de acordo com as instruções do link abaixo.


http://www.clubedohardware.com.br/forums/topic/558719-leia-antes-de-postar/

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa tarde obrigado por me responder. Desculpe a demora mais estava fazendo as verificações:Já baixei o ZA-Scan

 

Vamos lá posso fazer o backup ou esse tipo de virus pode danificar esses arquivos ou só de sistema.

Meu windows é o 10 e em aplicativos e recursos encontrei alguns programas como listados abaixo:

- VSnapshot 1.2.0

- KMSpico

-Weather Lite 2.0.1.5000183

- VdhCoApp 1.1.3

- Converthelper 3.2

- Vuze

Os em vermelhos foram instalados por mim para fazer o download de videos aulas e filmes os demais não sei como foram instalados. Quais preciso desinstalar e basta fazê-lo em aplicativos e recursos ou tenho que fazer mais outros procedimentos?

Rodo o ZA-Scan antes desses procedimentos ou antes.

 

Fico no aguardo e desde já agradeço sua atenção.

 

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia!  

Estou rodando o ZA-Scan porém esta demorando isso é normal?

Outro detalhe hoje pensei q a maquina não iria ligar demorou muito e quando ligou o ZA-Scan q eu tinha salvo na área de trabalho havia sumido.

Descompactei o ZA-Scan na area de trabalho e apareceu e aquivos: 

Z-Analyse

Zoek

ZA-SCAN

É isso mesmo?

 

 

adicionado 6 minutos depois

Outro detalhe rodo ZA-Scan conectado na internet ou não?

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Sérgio Ricardo Bulhôes Carvalho

 

1 hora atrás, Sérgio Ricardo Bulhôes Carvalho disse:

Ok. Mais ja tem 8 horas e esta na mesma demora muito assim?

 

A principio não poderia demorar desta forma.

 

Baixe o Farbar Recovery Scan do link abaixo e salve na sua área de trabalho.
NOTA: Faça o download de acordo com sua arquitetura (32 bits ou 64 bits)


https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/

 

** Usuários do Windows Vista, Windows 7, 8/8.1 e windows 10:
Clique com o direito sobre o arquivo FRST64.EXE, depois clique em VRIfczU.png .
Aceite o contrato e depois clique no botão Scan.

Aguarde e ao final, os logs FRST.txt e Addition.txt serão salvos no seu desktop.

Abra cada arquivo em separado, copie seu conteúdo e cole na sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom após cancelar o ZA-Scan a maquina reiniciou e instalou atualizações do windows não sei qual e a maquina demorou muito para reiniciar aproximadamente 20 minutos e só reiniciou porque acessei o boot e confirmei pelo hd

 

Executei como pedido porém não achei a opção scan cliquei em verificar.

Segue arquivos

Addition.txt

FRST.txt

adicionado 3 minutos depois

Desculpe não tinha lido direito

FRST

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 16.05.2018 01
Executado por Sergio (administrador) em DESKTOP-LVNCMR9 (18-05-2018 20:30:08)
Executando a partir de C:\Users\Sergio\Desktop
Perfis Carregados: Sergio (Perfis Disponíveis: Sergio)
Platform: Windows 10 Pro Versão 1709 16299.431 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Edge)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(3DSP corporation) C:\Program Files (x86)\3DSP\BluetoothWLAN_usb\Utilities\USBMS.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
() C:\Program Files (x86)\WeatherTool\2.0.1.5000183\WeatherService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(ShenZhen Enode Techology co,.Ltd) C:\Program Files (x86)\WeatherTool\2.0.1.5000183\weather_lite.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(3DSP corporation) C:\Program Files (x86)\3DSP\BluetoothWLAN_usb\Utilities\USBMa.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.16299.428_none_1704c21831ffb4a8\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe

==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM-x32\...\Run: [USBMaLoader.exe] => C:\Program Files (x86)\3DSP\BluetoothWLAN_usb\Utilities\USBMaLoader.exe [20480 2009-06-30] (3DSP corporation)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [345000 2018-03-01] (QIHU 360 SOFTWARE CO. LIMITED)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4183691096-495758405-3866567720-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 177.85.203.69
Tcpip\..\Interfaces\{4061cc1f-2627-469e-9c06-ec3189acdcdc}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{78a773ae-b5d7-4acd-850d-2bbf7604953d}: [DhcpNameServer] 8.8.8.8 177.85.203.69
Tcpip\..\Interfaces\{93de7de0-e7f5-45fd-bdf8-9a49642ff8af}: [DhcpNameServer] 8.8.8.8 177.85.203.69

Internet Explorer:
==================
HKU\S-1-5-21-4183691096-495758405-3866567720-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://imp.searchetg.com/impression.do?source=732691&sub_id=20170809&user_id=34309cf2-43e5-44b2-9eb8-2f05c93697c2&traffic_source=Spigot&event=ro_homepage&implementation_id=Vuze+Core&redir=https%3A%2F%2Fbr.search.yahoo.com%2F%3Ftype%3D732691%26fr%3Dspigot-yhp-ie
SearchScopes: HKU\S-1-5-21-4183691096-495758405-3866567720-1001 -> {CAC16352-1906-4B8D-99B5-05EC9B444ADC} URL = hxxp://imp.searchetg.com/impression.do?source=732691&sub_id=20170809&user_id=34309cf2-43e5-44b2-9eb8-2f05c93697c2&traffic_source=Spigot&event=ro_inb_search&implementation_id=Vuze+Core&redir=https%3A%2F%2Fbr.search.yahoo.com%2Fsearch%3Ffr%3Dchr-greentree_ie%26ei%3Dutf-8%26ilc%3D12%26type%3D732691%26p%3D&st={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 1uxhxiyc.default
FF ProfilePath: C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\1uxhxiyc.default [2018-05-18]
FF Homepage: Mozilla\Firefox\Profiles\1uxhxiyc.default -> hxxp://www.google.com.br/
FF Extension: (Video DownloadHelper) - C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\1uxhxiyc.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-03-17]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-10] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp:www.fidonav.com
CHR StartupUrls: Default -> "hxxp:www.fidonav.com"
CHR DefaultSearchURL: Default -> hxxp://search.searchvzc.com/s?remove=remove&query={searchTerms}
CHR Profile: C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default [2018-05-17]
CHR Extension: (Apresentações) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-23]
CHR Extension: (Documentos) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-23]
CHR Extension: (Google Drive) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-12]
CHR Extension: (YouTube) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-12]
CHR Extension: (Adobe Acrobat) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-07-12]
CHR Extension: (Planilhas) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-23]
CHR Extension: (SearchVZ) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhmeggicckjohfhgocjieomdmmanmocd [2017-08-09]
CHR Extension: (Documentos Google off-line) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-12]
CHR Extension: (360 Internet Protection) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2018-05-11]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-11]
CHR Extension: (Gmail) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-12]
CHR Extension: (Chrome Media Router) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-11]
CHR HKU\S-1-5-21-4183691096-495758405-3866567720-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fhmeggicckjohfhgocjieomdmmanmocd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [glcimepnljoholdmjchkloafkggfoijh] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (360 Internet Protection) - C:\Users\Sergio\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnpeghmjdfdmneiljeibjnemfdkojdhl [2018-03-20]

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 3DSP Corporation Monitor Service; C:\Program Files (x86)\3DSP\BluetoothWLAN_usb\Utilities\USBMS.exe [32768 2009-06-22] (3DSP corporation) [Arquivo não assinado]
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [929888 2018-03-01] (QIHU 360 SOFTWARE CO. LIMITED)
S3 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [Arquivo não assinado]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-11-26] (Microsoft Corporation)
S3 UsbCS; C:\Program Files (x86)\3DSP\BluetoothWLAN_usb\Utilities\UsbCS.exe [90112 2009-07-15] (3DSP corporation) [Arquivo não assinado]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
R2 WeatherLiteService; C:\Program Files (x86)\WeatherTool\2.0.1.5000183\WeatherService.exe [149136 2017-03-31] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
S2 ThevSnapshotService; C:\Program Files (x86)\vSnapshot\1.2.0.0\vSnapshotServ.exe [X]

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 360AntiHacker; C:\WINDOWS\System32\Drivers\360AntiHacker64.sys [192176 2018-03-01] (360.cn)
R3 360AvFlt; C:\WINDOWS\System32\DRIVERS\360AvFlt.sys [95232 2017-09-28] (360.cn)
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [95232 2018-03-01] (360.cn)
R1 360Box64; C:\WINDOWS\System32\DRIVERS\360Box64.sys [339456 2018-03-01] (360.cn)
R1 360Camera; C:\WINDOWS\System32\Drivers\360Camera64.sys [57848 2017-05-17] (360.cn)
R1 360FsFlt; C:\WINDOWS\System32\DRIVERS\360FsFlt.sys [442544 2018-03-01] (360.cn)
R1 360netmon; C:\WINDOWS\System32\DRIVERS\360netmon.sys [96424 2018-03-01] (360.cn)
R1 BAPIDRV; C:\WINDOWS\System32\DRIVERS\BAPIDRV64.sys [210064 2018-03-01] (360.cn)
R3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2017-09-29] (MediaTek Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2018-05-18 20:30 - 2018-05-18 20:31 - 000012261 _____ C:\Users\Sergio\Desktop\FRST.txt
2018-05-18 20:28 - 2018-05-18 20:30 - 000000000 ____D C:\FRST
2018-05-18 20:25 - 2018-05-18 20:25 - 000391480 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-18 20:03 - 2018-05-18 20:03 - 002413056 _____ (Farbar) C:\Users\Sergio\Desktop\FRST64.exe
2018-05-18 17:29 - 2018-05-04 06:37 - 000278448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Notifier.exe
2018-05-18 10:42 - 2018-05-18 10:46 - 000000403 _____ C:\runcheck.txt
2018-05-18 10:42 - 2018-05-18 10:42 - 000000000 ____D C:\zoek_backup
2018-05-18 10:41 - 2018-04-19 22:18 - 002041445 _____ C:\Users\Sergio\Desktop\Z-Analyse.exe
2018-05-18 10:41 - 2018-04-18 00:39 - 002038755 _____ C:\Users\Sergio\Desktop\zoek.exe
2018-05-18 10:41 - 2018-04-18 00:39 - 002038755 _____ C:\Users\Sergio\Desktop\ZA-Scan.exe
2018-05-18 10:40 - 2018-05-18 10:40 - 000000000 ____D C:\Users\Sergio\Desktop\ZA-Scan
2018-05-18 10:39 - 2018-05-18 10:39 - 000000000 ____D C:\Users\Sergio\Downloads\ZA-Scan
2018-05-17 17:17 - 2018-05-18 10:33 - 000000000 ____D C:\Users\Sergio\Downloads\Programas Limpeza
2018-05-17 11:27 - 2018-05-17 11:27 - 000003958 _____ C:\Users\Sergio\Desktop\Relatorio Virus 17-05-18.txt
2018-05-12 19:36 - 2018-05-12 19:36 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2018-05-11 23:44 - 2018-05-11 23:44 - 000336305 _____ C:\Users\Sergio\Desktop\resultado-de-pericia-1.pdf
2018-05-11 19:36 - 2018-05-11 20:05 - 000000000 ____D C:\Users\Sergio\Desktop\Manual LG G3
2018-05-11 19:33 - 2018-05-11 19:34 - 014487606 _____ C:\Users\Sergio\Downloads\UG_LG-D690n_Brazil_BRA_280814[ECO1].pdf
2018-05-09 19:04 - 2018-05-01 18:25 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-05-09 19:04 - 2018-05-01 18:25 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-09 11:15 - 2018-05-03 04:37 - 000408992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-05-09 11:15 - 2018-05-03 03:16 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-05-09 11:15 - 2018-05-03 03:16 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-05-09 11:15 - 2018-05-03 03:00 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-05-09 11:15 - 2018-05-03 03:00 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-05-09 11:15 - 2018-05-03 02:59 - 018924544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-05-09 11:15 - 2018-05-03 02:58 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-05-09 11:15 - 2018-05-03 02:57 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-05-09 11:15 - 2018-05-03 02:57 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-05-09 11:15 - 2018-05-03 02:56 - 002677248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-05-09 11:15 - 2018-05-03 02:56 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-05-09 11:15 - 2018-05-03 02:55 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-05-09 11:15 - 2018-05-03 02:54 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-05-09 11:15 - 2018-05-03 02:52 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-05-09 11:15 - 2018-05-03 02:52 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-05-09 11:15 - 2018-05-03 02:51 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-05-09 11:15 - 2018-05-03 02:48 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-05-09 11:15 - 2018-04-15 18:49 - 000382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-05-09 11:15 - 2018-04-15 18:25 - 001430768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-05-09 11:15 - 2018-04-15 17:47 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-05-09 11:15 - 2018-04-15 17:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-05-09 11:15 - 2018-04-15 17:47 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-05-09 11:15 - 2018-04-15 17:14 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-05-09 11:15 - 2018-04-15 17:12 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-05-09 11:15 - 2018-04-15 17:12 - 013704704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-05-09 11:15 - 2018-04-15 17:08 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-05-09 11:15 - 2018-04-15 17:07 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-05-09 11:15 - 2018-04-15 17:07 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-05-09 11:15 - 2018-04-15 17:06 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-05-09 11:15 - 2018-04-15 17:05 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-05-09 11:15 - 2018-04-15 17:04 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-05-09 11:15 - 2018-04-15 17:03 - 002628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-05-09 11:15 - 2018-04-15 17:03 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-05-09 11:15 - 2018-04-15 17:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-05-09 11:15 - 2018-04-15 17:02 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-05-09 11:14 - 2018-05-03 04:57 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-05-09 11:14 - 2018-05-03 04:56 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-05-09 11:14 - 2018-05-03 04:56 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-05-09 11:14 - 2018-05-03 04:54 - 000748448 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-05-09 11:14 - 2018-05-03 04:54 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-05-09 11:14 - 2018-05-03 04:53 - 000461216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-05-09 11:14 - 2018-05-03 04:53 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-05-09 11:14 - 2018-05-03 04:52 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-05-09 11:14 - 2018-05-03 04:52 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-05-09 11:14 - 2018-05-03 04:52 - 000137112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-05-09 11:14 - 2018-05-03 04:51 - 001056152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-05-09 11:14 - 2018-05-03 04:50 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-05-09 11:14 - 2018-05-03 04:50 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-05-09 11:14 - 2018-05-03 04:50 - 000423328 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-05-09 11:14 - 2018-05-03 04:50 - 000069536 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-05-09 11:14 - 2018-05-03 04:49 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-05-09 11:14 - 2018-05-03 04:48 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-05-09 11:14 - 2018-05-03 04:48 - 000793960 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-05-09 11:14 - 2018-05-03 04:48 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-05-09 11:14 - 2018-05-03 04:48 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-05-09 11:14 - 2018-05-03 04:47 - 008600472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-05-09 11:14 - 2018-05-03 04:47 - 001209760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-05-09 11:14 - 2018-05-03 04:45 - 002395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-05-09 11:14 - 2018-05-03 04:45 - 000711936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-05-09 11:14 - 2018-05-03 04:43 - 000702568 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2018-05-09 11:14 - 2018-05-03 04:43 - 000373664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-05-09 11:14 - 2018-05-03 04:41 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-05-09 11:14 - 2018-05-03 04:38 - 002574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-05-09 11:14 - 2018-05-03 04:37 - 000749984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-05-09 11:14 - 2018-05-03 04:36 - 007675792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-05-09 11:14 - 2018-05-03 04:36 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-05-09 11:14 - 2018-05-03 04:36 - 000437664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-05-09 11:14 - 2018-05-03 04:36 - 000397728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2018-05-09 11:14 - 2018-05-03 04:36 - 000247200 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-05-09 11:14 - 2018-05-03 04:35 - 002472864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-05-09 11:14 - 2018-05-03 04:35 - 001628064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2018-05-09 11:14 - 2018-05-03 04:35 - 000831392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2018-05-09 11:14 - 2018-05-03 04:35 - 000645536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-05-09 11:14 - 2018-05-03 04:35 - 000358496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-05-09 11:14 - 2018-05-03 04:34 - 021356824 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-05-09 11:14 - 2018-05-03 04:34 - 000070864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-05-09 11:14 - 2018-05-03 04:32 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-05-09 11:14 - 2018-05-03 04:32 - 000744864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-05-09 11:14 - 2018-05-03 04:32 - 000670104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2018-05-09 11:14 - 2018-05-03 04:32 - 000231328 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2018-05-09 11:14 - 2018-05-03 04:31 - 001420704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-05-09 11:14 - 2018-05-03 04:30 - 001778584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-05-09 11:14 - 2018-05-03 04:30 - 000819096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2018-05-09 11:14 - 2018-05-03 04:30 - 000813984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-05-09 11:14 - 2018-05-03 04:30 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2018-05-09 11:14 - 2018-05-03 03:44 - 000595448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2018-05-09 11:14 - 2018-05-03 03:43 - 000594056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-05-09 11:14 - 2018-05-03 03:39 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-05-09 11:14 - 2018-05-03 03:36 - 025254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-05-09 11:14 - 2018-05-03 03:31 - 006092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-05-09 11:14 - 2018-05-03 03:31 - 002193688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-05-09 11:14 - 2018-05-03 03:29 - 000285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-05-09 11:14 - 2018-05-03 03:28 - 000061024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-05-09 11:14 - 2018-05-03 03:26 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-05-09 11:14 - 2018-05-03 03:25 - 020290248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-05-09 11:14 - 2018-05-03 03:19 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-05-09 11:14 - 2018-05-03 03:19 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-05-09 11:14 - 2018-05-03 03:19 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-05-09 11:14 - 2018-05-03 03:18 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-09 11:14 - 2018-05-03 03:18 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-05-09 11:14 - 2018-05-03 03:18 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-05-09 11:14 - 2018-05-03 03:18 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-05-09 11:14 - 2018-05-03 03:17 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-05-09 11:14 - 2018-05-03 03:16 - 023674880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-05-09 11:14 - 2018-05-03 03:16 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-05-09 11:14 - 2018-05-03 03:16 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
2018-05-09 11:14 - 2018-05-03 03:16 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-05-09 11:14 - 2018-05-03 03:16 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-05-09 11:14 - 2018-05-03 03:16 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-05-09 11:14 - 2018-05-03 03:16 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2018-05-09 11:14 - 2018-05-03 03:16 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-05-09 11:14 - 2018-05-03 03:15 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\itircl.dll
2018-05-09 11:14 - 2018-05-03 03:15 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-05-09 11:14 - 2018-05-03 03:15 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2018-05-09 11:14 - 2018-05-03 03:14 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-09 11:14 - 2018-05-03 03:14 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-05-09 11:14 - 2018-05-03 03:14 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-05-09 11:14 - 2018-05-03 03:13 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-05-09 11:14 - 2018-05-03 03:13 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-05-09 11:14 - 2018-05-03 03:12 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-05-09 11:14 - 2018-05-03 03:12 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-05-09 11:14 - 2018-05-03 03:12 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-05-09 11:14 - 2018-05-03 03:12 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-05-09 11:14 - 2018-05-03 03:11 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-05-09 11:14 - 2018-05-03 03:09 - 008432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-05-09 11:14 - 2018-05-03 03:09 - 008068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-05-09 11:14 - 2018-05-03 03:09 - 004723712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-05-09 11:14 - 2018-05-03 03:09 - 003405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-05-09 11:14 - 2018-05-03 03:09 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-05-09 11:14 - 2018-05-03 03:09 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-05-09 11:14 - 2018-05-03 03:09 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-05-09 11:14 - 2018-05-03 03:09 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-05-09 11:14 - 2018-05-03 03:09 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-05-09 11:14 - 2018-05-03 03:09 - 001344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-05-09 11:14 - 2018-05-03 03:08 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-05-09 11:14 - 2018-05-03 03:08 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-05-09 11:14 - 2018-05-03 03:07 - 001822720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-05-09 11:14 - 2018-05-03 03:06 - 003630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-05-09 11:14 - 2018-05-03 03:05 - 001717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-05-09 11:14 - 2018-05-03 03:05 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2018-05-09 11:14 - 2018-05-03 03:05 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-05-09 11:14 - 2018-05-03 03:04 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-05-09 11:14 - 2018-05-03 03:03 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-05-09 11:14 - 2018-05-03 03:03 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-05-09 11:14 - 2018-05-03 03:03 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2018-05-09 11:14 - 2018-05-03 03:02 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2018-05-09 11:14 - 2018-05-03 03:00 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-05-09 11:14 - 2018-05-03 02:58 - 006467072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-05-09 11:14 - 2018-05-03 02:57 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itircl.dll
2018-05-09 11:14 - 2018-05-03 02:57 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll
2018-05-09 11:14 - 2018-05-03 02:57 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-05-09 11:14 - 2018-05-03 02:57 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-05-09 11:14 - 2018-05-03 02:57 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-05-09 11:14 - 2018-05-03 02:56 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-05-09 11:14 - 2018-05-03 02:53 - 007813120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-05-09 11:14 - 2018-05-03 02:53 - 006060544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-05-09 11:14 - 2018-05-03 02:53 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-05-09 11:14 - 2018-05-03 02:53 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-05-09 11:14 - 2018-05-03 02:52 - 003662848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-05-09 11:14 - 2018-05-03 02:51 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-05-09 11:14 - 2018-05-03 02:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-05-09 11:14 - 2018-05-03 02:50 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-05-09 11:14 - 2018-05-03 02:49 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-05-09 11:14 - 2018-05-03 02:48 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-05-09 11:14 - 2018-05-03 02:48 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2018-05-09 11:14 - 2018-05-03 02:47 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-05-09 11:14 - 2018-04-15 19:07 - 001463344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-05-09 11:14 - 2018-04-15 19:04 - 000779952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-05-09 11:14 - 2018-04-15 19:03 - 000128408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-05-09 11:14 - 2018-04-15 18:57 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-05-09 11:14 - 2018-04-15 18:51 - 002513920 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-05-09 11:14 - 2018-04-15 18:50 - 001925760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-05-09 11:14 - 2018-04-15 18:49 - 001954056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-05-09 11:14 - 2018-04-15 18:49 - 000563632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2018-05-09 11:14 - 2018-04-15 18:48 - 005859248 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-05-09 11:14 - 2018-04-15 18:48 - 001638424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-05-09 11:14 - 2018-04-15 18:47 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-05-09 11:14 - 2018-04-15 18:38 - 003180720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-05-09 11:14 - 2018-04-15 18:38 - 000979360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-05-09 11:14 - 2018-04-15 18:36 - 002376088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2018-05-09 11:14 - 2018-04-15 18:34 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2018-05-09 11:14 - 2018-04-15 18:33 - 001269616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-05-09 11:14 - 2018-04-15 18:33 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-05-09 11:14 - 2018-04-15 18:32 - 003904296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-05-09 11:14 - 2018-04-15 18:32 - 001416392 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-05-09 11:14 - 2018-04-15 18:30 - 002268024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-05-09 11:14 - 2018-04-15 18:29 - 001873944 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2018-05-09 11:14 - 2018-04-15 18:29 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-05-09 11:14 - 2018-04-15 18:29 - 000198440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2018-05-09 11:14 - 2018-04-15 18:28 - 000688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-09 11:14 - 2018-04-15 18:26 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-05-09 11:14 - 2018-04-15 18:26 - 002711176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-05-09 11:14 - 2018-04-15 18:26 - 001506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-05-09 11:14 - 2018-04-15 18:25 - 000661920 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2018-05-09 11:14 - 2018-04-15 18:25 - 000327008 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2018-05-09 11:14 - 2018-04-15 18:25 - 000092032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2018-05-09 11:14 - 2018-04-15 18:24 - 000063656 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2018-05-09 11:14 - 2018-04-15 18:23 - 001101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-05-09 11:14 - 2018-04-15 17:47 - 001929712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-05-09 11:14 - 2018-04-15 17:47 - 001490856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-05-09 11:14 - 2018-04-15 17:47 - 001433360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-05-09 11:14 - 2018-04-15 17:47 - 001323336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-05-09 11:14 - 2018-04-15 17:38 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-05-09 11:14 - 2018-04-15 17:38 - 001123464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-05-09 11:14 - 2018-04-15 17:38 - 000444280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2018-05-09 11:14 - 2018-04-15 17:37 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-05-09 11:14 - 2018-04-15 17:36 - 002386832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-05-09 11:14 - 2018-04-15 17:36 - 001575896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2018-05-09 11:14 - 2018-04-15 17:36 - 000832648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-05-09 11:14 - 2018-04-15 17:36 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-05-09 11:14 - 2018-04-15 17:35 - 002462704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-05-09 11:14 - 2018-04-15 17:34 - 006482664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-05-09 11:14 - 2018-04-15 17:34 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-05-09 11:14 - 2018-04-15 17:34 - 001456104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-05-09 11:14 - 2018-04-15 17:34 - 001017048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-05-09 11:14 - 2018-04-15 17:34 - 000572312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2018-05-09 11:14 - 2018-04-15 17:34 - 000279472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2018-05-09 11:14 - 2018-04-15 17:34 - 000166408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2018-05-09 11:14 - 2018-04-15 17:34 - 000077552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2018-05-09 11:14 - 2018-04-15 17:34 - 000052248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2018-05-09 11:14 - 2018-04-15 17:33 - 001623960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2018-05-09 11:14 - 2018-04-15 17:16 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-05-09 11:14 - 2018-04-15 17:15 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-05-09 11:14 - 2018-04-15 17:15 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2018-05-09 11:14 - 2018-04-15 17:14 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2018-05-09 11:14 - 2018-04-15 17:14 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2018-05-09 11:14 - 2018-04-15 17:14 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-05-09 11:14 - 2018-04-15 17:14 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-05-09 11:14 - 2018-04-15 17:14 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-05-09 11:14 - 2018-04-15 17:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-05-09 11:14 - 2018-04-15 17:14 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-05-09 11:14 - 2018-04-15 17:14 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-05-09 11:14 - 2018-04-15 17:14 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2018-05-09 11:14 - 2018-04-15 17:14 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-05-09 11:14 - 2018-04-15 17:13 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-05-09 11:14 - 2018-04-15 17:13 - 000084992 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-05-09 11:14 - 2018-04-15 17:12 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-05-09 11:14 - 2018-04-15 17:12 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-05-09 11:14 - 2018-04-15 17:12 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2018-05-09 11:14 - 2018-04-15 17:12 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2018-05-09 11:14 - 2018-04-15 17:11 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-05-09 11:14 - 2018-04-15 17:11 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-05-09 11:14 - 2018-04-15 17:11 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-05-09 11:14 - 2018-04-15 17:11 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2018-05-09 11:14 - 2018-04-15 17:11 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2018-05-09 11:14 - 2018-04-15 17:11 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2018-05-09 11:14 - 2018-04-15 17:11 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-05-09 11:14 - 2018-04-15 17:10 - 001576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-05-09 11:14 - 2018-04-15 17:10 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-09 11:14 - 2018-04-15 17:10 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-05-09 11:14 - 2018-04-15 17:10 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-05-09 11:14 - 2018-04-15 17:10 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-05-09 11:14 - 2018-04-15 17:10 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-05-09 11:14 - 2018-04-15 17:10 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-05-09 11:14 - 2018-04-15 17:10 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-05-09 11:14 - 2018-04-15 17:10 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-05-09 11:14 - 2018-04-15 17:10 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-05-09 11:14 - 2018-04-15 17:10 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-05-09 11:14 - 2018-04-15 17:10 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2018-05-09 11:14 - 2018-04-15 17:10 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2018-05-09 11:14 - 2018-04-15 17:09 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2018-05-09 11:14 - 2018-04-15 17:09 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-05-09 11:14 - 2018-04-15 17:09 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-05-09 11:14 - 2018-04-15 17:09 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2018-05-09 11:14 - 2018-04-15 17:09 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-05-09 11:14 - 2018-04-15 17:09 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2018-05-09 11:14 - 2018-04-15 17:09 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2018-05-09 11:14 - 2018-04-15 17:08 - 006576128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-05-09 11:14 - 2018-04-15 17:08 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-05-09 11:14 - 2018-04-15 17:08 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2018-05-09 11:14 - 2018-04-15 17:08 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-05-09 11:14 - 2018-04-15 17:08 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2018-05-09 11:14 - 2018-04-15 17:08 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2018-05-09 11:14 - 2018-04-15 17:08 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2018-05-09 11:14 - 2018-04-15 17:08 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2018-05-09 11:14 - 2018-04-15 17:08 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2018-05-09 11:14 - 2018-04-15 17:08 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2018-05-09 11:14 - 2018-04-15 17:08 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-05-09 11:14 - 2018-04-15 17:08 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-09 11:14 - 2018-04-15 17:08 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2018-05-09 11:14 - 2018-04-15 17:08 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2018-05-09 11:14 - 2018-04-15 17:08 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2018-05-09 11:14 - 2018-04-15 17:07 - 012689920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-05-09 11:14 - 2018-04-15 17:07 - 008031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-09 11:14 - 2018-04-15 17:07 - 003367936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-05-09 11:14 - 2018-04-15 17:07 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-05-09 11:14 - 2018-04-15 17:07 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-05-09 11:14 - 2018-04-15 17:07 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-05-09 11:14 - 2018-04-15 17:07 - 000792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-05-09 11:14 - 2018-04-15 17:07 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-05-09 11:14 - 2018-04-15 17:07 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-05-09 11:14 - 2018-04-15 17:07 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-05-09 11:14 - 2018-04-15 17:07 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-05-09 11:14 - 2018-04-15 17:07 - 000406016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-05-09 11:14 - 2018-04-15 17:07 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-05-09 11:14 - 2018-04-15 17:07 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2018-05-09 11:14 - 2018-04-15 17:07 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2018-05-09 11:14 - 2018-04-15 17:07 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-09 11:14 - 2018-04-15 17:07 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2018-05-09 11:14 - 2018-04-15 17:07 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-05-09 11:14 - 2018-04-15 17:07 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2018-05-09 11:14 - 2018-04-15 17:07 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2018-05-09 11:14 - 2018-04-15 17:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-05-09 11:14 - 2018-04-15 17:07 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-05-09 11:14 - 2018-04-15 17:07 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2018-05-09 11:14 - 2018-04-15 17:06 - 013660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-05-09 11:14 - 2018-04-15 17:06 - 011924480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-05-09 11:14 - 2018-04-15 17:06 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-05-09 11:14 - 2018-04-15 17:06 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-05-09 11:14 - 2018-04-15 17:06 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-05-09 11:14 - 2018-04-15 17:06 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-05-09 11:14 - 2018-04-15 17:06 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2018-05-09 11:14 - 2018-04-15 17:06 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2018-05-09 11:14 - 2018-04-15 17:05 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-05-09 11:14 - 2018-04-15 17:05 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-05-09 11:14 - 2018-04-15 17:05 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-05-09 11:14 - 2018-04-15 17:05 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-05-09 11:14 - 2018-04-15 17:05 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-05-09 11:14 - 2018-04-15 17:05 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-05-09 11:14 - 2018-04-15 17:04 - 012833280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-05-09 11:14 - 2018-04-15 17:04 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-05-09 11:14 - 2018-04-15 17:04 - 002490880 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-05-09 11:14 - 2018-04-15 17:04 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-05-09 11:14 - 2018-04-15 17:04 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-05-09 11:14 - 2018-04-15 17:04 - 001236480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-05-09 11:14 - 2018-04-15 17:04 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-05-09 11:14 - 2018-04-15 17:04 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-05-09 11:14 - 2018-04-15 17:04 - 000997376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-05-09 11:14 - 2018-04-15 17:04 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-05-09 11:14 - 2018-04-15 17:04 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-05-09 11:14 - 2018-04-15 17:04 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2018-05-09 11:14 - 2018-04-15 17:04 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-05-09 11:14 - 2018-04-15 17:04 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-05-09 11:14 - 2018-04-15 17:04 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-05-09 11:14 - 2018-04-15 17:04 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-05-09 11:14 - 2018-04-15 17:04 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-05-09 11:14 - 2018-04-15 17:04 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-05-09 11:14 - 2018-04-15 17:04 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-05-09 11:14 - 2018-04-15 17:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-05-09 11:14 - 2018-04-15 17:03 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-05-09 11:14 - 2018-04-15 17:03 - 004248064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-05-09 11:14 - 2018-04-15 17:03 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2018-05-09 11:14 - 2018-04-15 17:03 - 003177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-09 11:14 - 2018-04-15 17:03 - 002976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-05-09 11:14 - 2018-04-15 17:03 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-05-09 11:14 - 2018-04-15 17:03 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-05-09 11:14 - 2018-04-15 17:03 - 002741248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-05-09 11:14 - 2018-04-15 17:03 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-05-09 11:14 - 2018-04-15 17:03 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-05-09 11:14 - 2018-04-15 17:03 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-05-09 11:14 - 2018-04-15 17:03 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-05-09 11:14 - 2018-04-15 17:03 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-05-09 11:14 - 2018-04-15 17:03 - 000825856 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2018-05-09 11:14 - 2018-04-15 17:03 - 000697344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2018-05-09 11:14 - 2018-04-15 17:03 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-05-09 11:14 - 2018-04-15 17:03 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-05-09 11:14 - 2018-04-15 17:03 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-05-09 11:14 - 2018-04-15 17:03 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-05-09 11:14 - 2018-04-15 17:03 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-05-09 11:14 - 2018-04-15 17:03 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-05-09 11:14 - 2018-04-15 17:03 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-05-09 11:14 - 2018-04-15 17:02 - 004814336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-05-09 11:14 - 2018-04-15 17:02 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-05-09 11:14 - 2018-04-15 17:02 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-05-09 11:14 - 2018-04-15 17:02 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-05-09 11:14 - 2018-04-15 17:01 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-05-09 11:14 - 2018-04-15 17:01 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2018-05-09 11:14 - 2018-04-15 17:01 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-05-09 11:14 - 2018-04-15 17:01 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2018-05-09 11:14 - 2018-04-15 17:01 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-05-09 11:14 - 2018-04-15 17:01 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2018-05-09 11:14 - 2018-04-15 17:00 - 002223616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-05-09 11:14 - 2018-04-15 17:00 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-05-09 11:14 - 2018-04-15 17:00 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-05-09 11:14 - 2018-04-15 17:00 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2018-05-09 11:14 - 2018-04-15 17:00 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-05-09 11:14 - 2018-04-15 17:00 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2018-05-09 11:14 - 2018-04-15 17:00 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2018-05-09 11:14 - 2018-04-15 17:00 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2018-05-09 11:14 - 2018-04-15 17:00 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-05-09 11:14 - 2018-04-15 17:00 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-05-09 11:14 - 2018-04-15 17:00 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2018-05-09 11:14 - 2018-04-15 16:59 - 001332736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2018-05-09 11:14 - 2018-04-15 16:59 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-05-09 11:14 - 2018-04-15 16:58 - 001472000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2018-05-09 11:14 - 2018-04-15 16:58 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2018-05-09 11:14 - 2017-11-26 10:26 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-05-07 22:29 - 2018-05-07 22:29 - 000000000 ____D C:\Herança de Sangue 2016 [1080p] WWW.BLUDV.COM
2018-05-02 15:26 - 2018-05-02 15:26 - 000090857 _____ C:\Users\Sergio\Desktop\Fatura Abril 2018.pdf
2018-04-29 08:31 - 2018-04-29 08:31 - 000000000 ____D C:\Chicago Fire
2018-04-28 22:06 - 2018-04-28 22:06 - 000000000 ____D C:\Hawaii.Five-0.S04.Dual.WWW.AZTORRENTS.ORG

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2019-03-10 00:18 - 2017-11-07 14:43 - 000004184 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CA4F7BF7-E3B4-4032-9965-A210AFE2CAE3}
2018-08-04 07:59 - 2017-11-07 14:43 - 000003976 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1496100260
2018-08-04 07:59 - 2017-06-29 20:15 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2018-05-18 20:26 - 2017-05-29 20:14 - 000000000 ____D C:\Users\Sergio\AppData\LocalLow\360WD
2018-05-18 20:25 - 2017-11-07 14:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-18 20:07 - 2017-09-29 05:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-05-18 20:05 - 2017-05-29 19:45 - 000000000 ____D C:\Users\Sergio\AppData\LocalLow\Mozilla
2018-05-18 19:23 - 2017-07-11 23:02 - 000000000 ____D C:\Users\Sergio\AppData\Roaming\vSnapshot
2018-05-18 17:30 - 2017-09-29 10:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-05-18 17:29 - 2017-09-29 10:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-05-18 16:51 - 2017-06-07 18:39 - 000000000 ____D C:\Users\Sergio\AppData\Roaming\WeatherTool
2018-05-18 11:45 - 2017-11-07 14:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-18 10:28 - 2017-05-12 21:50 - 000000000 ____D C:\Program Files\KMSpico
2018-05-18 10:24 - 2017-09-29 10:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-05-18 10:24 - 2017-09-29 10:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-17 22:57 - 2017-11-07 14:43 - 000003542 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-05-17 12:49 - 2017-06-07 19:10 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-05-17 11:33 - 2017-08-09 17:55 - 000000000 ____D C:\Users\Sergio\AppData\Roaming\Azureus
2018-05-17 11:33 - 2017-05-29 20:24 - 000000000 ____D C:\Program Files (x86)\Opera
2018-05-17 10:43 - 2018-03-24 10:57 - 000000000 ____D C:\Users\Sergio\AppData\Roaming\360DrvMgr
2018-05-17 07:55 - 2017-06-07 19:00 - 000000000 __SHD C:\$360Section
2018-05-17 07:55 - 2017-05-29 20:24 - 000000000 ____D C:\Users\Todos os Usuários\360Quarant
2018-05-17 07:55 - 2017-05-29 20:24 - 000000000 ____D C:\ProgramData\360Quarant
2018-05-17 06:13 - 2017-11-07 14:43 - 000003588 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-17 06:13 - 2017-11-07 14:43 - 000003464 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-16 20:13 - 2017-05-12 21:35 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-16 20:13 - 2017-05-12 21:35 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-05-15 12:15 - 2017-11-07 14:44 - 002319436 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-15 12:15 - 2017-09-30 11:30 - 000910118 _____ C:\WINDOWS\system32\prfh0416.dat
2018-05-15 12:15 - 2017-09-30 11:30 - 000270180 _____ C:\WINDOWS\system32\prfc0416.dat
2018-05-12 19:36 - 2017-09-29 10:44 - 000000000 ____D C:\WINDOWS\INF
2018-05-12 17:14 - 2017-09-29 10:46 - 000000000 ____D C:\WINDOWS\rescache
2018-05-09 19:06 - 2017-11-07 14:48 - 000000000 ___RD C:\Users\Sergio\3D Objects
2018-05-09 19:06 - 2015-07-10 00:52 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-05-09 19:01 - 2017-09-29 10:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-05-09 19:01 - 2017-09-29 10:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-05-09 19:01 - 2017-09-29 10:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-05-09 19:01 - 2017-09-29 10:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-05-09 19:01 - 2017-09-29 10:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-05-09 19:01 - 2017-09-29 10:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-05-09 19:01 - 2017-09-29 05:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-05-09 19:01 - 2017-09-29 05:45 - 000000000 ____D C:\WINDOWS\servicing
2018-05-09 11:27 - 2017-06-03 19:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-09 11:24 - 2017-10-19 21:38 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-09 11:24 - 2017-06-03 19:41 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-05-07 22:34 - 2017-11-07 14:27 - 000000000 ____D C:\Users\Sergio
2018-05-07 22:34 - 2017-05-29 20:14 - 000000000 _RSHD C:\360SANDBOX
2018-05-07 11:11 - 2017-06-07 18:44 - 000000000 ____D C:\Users\Todos os Usuários\boost_interprocess
2018-05-07 11:11 - 2017-06-07 18:44 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-05-06 10:04 - 2017-09-29 10:42 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2018-05-06 10:02 - 2017-09-29 10:41 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2018-05-06 10:00 - 2017-09-29 10:41 - 000073112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-05-06 10:00 - 2017-09-29 10:41 - 000020888 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2018-05-03 13:51 - 2017-05-29 19:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-03 13:51 - 2017-05-29 19:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-05-02 15:22 - 2017-11-07 14:43 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4183691096-495758405-3866567720-1001
2018-05-02 15:22 - 2015-07-10 00:55 - 000002372 _____ C:\Users\Sergio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-05-02 15:22 - 2015-07-10 00:55 - 000000000 ___RD C:\Users\Sergio\OneDrive
2018-05-02 15:20 - 2017-05-29 19:44 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk

Alguns arquivos em TEMP:
====================
2018-05-18 10:42 - 2006-05-14 11:25 - 000476672 _____ () C:\Users\Sergio\AppData\Local\Temp\7za.exe
2018-05-18 10:42 - 2015-02-12 23:16 - 000020480 _____ (E Dev) C:\Users\Sergio\AppData\Local\Temp\DaS_21.exe
2018-05-18 10:42 - 2014-02-11 22:10 - 000388608 _____ (Trend Micro Inc.) C:\Users\Sergio\AppData\Local\Temp\hijackthis.exe
2018-05-18 10:42 - 2012-02-09 09:41 - 000030720 _____ (NirSoft) C:\Users\Sergio\AppData\Local\Temp\NirCmd.exe
2018-05-18 10:42 - 2012-02-09 09:41 - 000256512 _____ () C:\Users\Sergio\AppData\Local\Temp\PEVZ.EXE
2018-05-18 10:42 - 2011-01-12 12:51 - 000069632 _____ () C:\Users\Sergio\AppData\Local\Temp\remove.exe
2018-05-18 10:42 - 2000-08-31 09:00 - 000098816 _____ () C:\Users\Sergio\AppData\Local\Temp\sed.exe
2018-05-18 10:42 - 2005-07-04 02:11 - 000057344 _____ (Optimum X) C:\Users\Sergio\AppData\Local\Temp\shortcut.exe
2018-05-18 10:42 - 2018-04-15 22:57 - 000533851 _____ () C:\Users\Sergio\AppData\Local\Temp\sr.exe
2018-05-18 10:42 - 2012-02-09 09:41 - 000161792 _____ (SteelWerX) C:\Users\Sergio\AppData\Local\Temp\swreg.exe
2018-05-18 10:42 - 2012-09-25 19:06 - 000217088 _____ (SteelWerX) C:\Users\Sergio\AppData\Local\Temp\swxcacls.exe
2018-05-18 10:42 - 2018-04-06 19:25 - 000167936 _____ () C:\Users\Sergio\AppData\Local\Temp\unzip.exe
2018-05-18 10:42 - 2009-11-10 20:09 - 000157184 _____ () C:\Users\Sergio\AppData\Local\Temp\virustotal.exe
2018-05-18 10:42 - 2012-02-09 09:41 - 000154232 _____ (Noël Danjou) C:\Users\Sergio\AppData\Local\Temp\wget.exe
2018-05-18 10:42 - 2014-05-20 14:11 - 000068096 _____ (E Dev) C:\Users\Sergio\AppData\Local\Temp\ZAScan.exe
2018-05-18 10:42 - 2014-02-13 23:59 - 000024064 _____ () C:\Users\Sergio\AppData\Local\Temp\zoek-delete.exe

==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

LastRegBack: 2018-05-18 10:53

==================== Fim de FRST.txt ============================

 

Addition

 

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 16.05.2018 01
Executado por Sergio (18-05-2018 20:32:23)
Executando a partir de C:\Users\Sergio\Desktop
Windows 10 Pro Versão 1709 16299.431 (X64) (2017-11-07 17:47:38)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-4183691096-495758405-3866567720-500 - Administrator - Disabled)
Convidado (S-1-5-21-4183691096-495758405-3866567720-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-4183691096-495758405-3866567720-503 - Limited - Disabled)
Sergio (S-1-5-21-4183691096-495758405-3866567720-1001 - Administrator - Enabled) => C:\Users\Sergio
WDAGUtilityAccount (S-1-5-21-4183691096-495758405-3866567720-504 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: 360 Total Security (Enabled - Up to date) {0371CA44-3F80-A1D3-BECE-910620B58D50}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 360 Total Security (Enabled - Up to date) {B8102BA0-19BA-AE5D-847E-AA745B32C7ED}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 9.6.0.1255 - 360 Security Center)
3DSP WLAN and Bluetooth USB Adapter 64bit (HKLM\...\{DD6E6687-B11C-478A-A1CD-BFDF5A04C6D1}) (Version: 1.9.04.0812260000 - 3DSP)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.181 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4183691096-495758405-3866567720-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Mozilla Firefox 59.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.3 (x64 en-US)) (Version: 59.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3 - Mozilla)
MpcStar 5.4 (HKLM-x32\...\MpcStar) (Version: 5.4 - www.mpcstar.com)
Opera Stable 52.0.2871.40 (HKLM-x32\...\Opera 52.0.2871.40) (Version: 52.0.2871.40 - Opera Software)
Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.31.3 - Ralink)
UpdateAssistant (HKLM-x32\...\{4E67FF7F-C24E-4279-9AB2-C26D57B53742}) (Version: 1.3.0.0 - Microsoft Corporation) Hidden
VdhCoApp 1.1.3 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version:  - DownloadHelper)
vSnapshot 1.2.0.0 (HKLM\...\{F772C08E-9F61-45c6-982F-ADDEEE0D0407}) (Version: 1.2.0.0 - ShenZhen Xintong Techology co,.Ltd) <==== ATENÇÃO
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.5.0 - Azureus Software, Inc.)
Weather Lite 2.0.1.5000183 (HKLM\...\WeatherTool) (Version: 2.0.1.5000183 - ShenZhen Qianhailewang Technology Co,.Ltd)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

ContextMenuHandlers1: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2018-03-01] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers4: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2018-03-01] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-05-12] (Intel Corporation)
ContextMenuHandlers6: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2018-03-01] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {3541F094-716D-4DC9-A4B3-54001EE44D63} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe [2018-05-04] (Microsoft Corporation)
Task: {5549AE55-C23C-4995-A909-9D23CD173A74} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {70E54AA0-20E1-4FD3-A1DE-2BF3D1762326} - System32\Tasks\Opera scheduled Autoupdate 1496100260 => C:\Program Files (x86)\Opera\launcher.exe [2018-03-28] (Opera Software)
Task: {C783A966-07C0-4338-873F-11D3AE316E5C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-12] (Google Inc.)
Task: {CB276556-F8EA-4187-BDEA-90AC7FD1A67E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-12] (Google Inc.)
Task: {F6D014CE-AF40-4996-8DFE-B9EA166A36AF} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Nenhum Arquivo <==== ATENÇÃO
Task: {FF4B78D7-62B8-4387-9D10-C801DF3E8947} - \Microsoft\Windows\UNP\RunCampaignManager -> Nenhum Arquivo <==== ATENÇÃO

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)


==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)


==================== Módulos Carregados (Whitelisted) ==============

2017-09-29 10:41 - 2017-09-29 10:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-31 01:01 - 2017-03-31 01:01 - 000149136 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.5000183\WeatherService.exe
2017-03-31 01:01 - 2017-03-31 01:01 - 001049744 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.5000183\WeatherEntryDll.dll
2010-01-30 02:40 - 2010-01-30 02:40 - 004254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2017-05-29 20:13 - 2018-03-01 06:37 - 000818784 _____ () C:\Program Files (x86)\360\Total Security\MenuEx64.dll
2018-03-14 09:08 - 2018-02-21 21:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-14 09:08 - 2018-02-21 21:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-04-27 18:26 - 2018-04-27 18:56 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-04-27 18:26 - 2018-04-27 18:56 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-04-27 18:26 - 2018-04-27 18:56 - 022320128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-04-27 18:26 - 2018-04-27 18:56 - 002603008 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\skypert.dll
2017-05-12 21:37 - 2017-05-12 21:37 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2017-05-29 20:13 - 2018-03-01 06:37 - 000099240 _____ () C:\Program Files (x86)\360\Total Security\deepscan\qutmload.dll
2017-03-31 01:01 - 2017-03-31 01:01 - 000575120 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.5000183\Updata.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)


==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)


==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2015-07-10 08:04 - 2015-07-10 08:02 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-4183691096-495758405-3866567720-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 177.85.203.69
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==


==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{3B0C29BC-1B8A-410E-B9B6-6FB19A7EC7D7}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{353B9123-E706-467F-A66D-825397BE461C}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{9DB35B5A-609C-47E9-A021-D0E9A86B2BE0}] => (Allow) LPort=1688
FirewallRules: [UDP Query User{B1DF8B2E-9E7C-4B39-A383-09D0F894A50E}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe
FirewallRules: [TCP Query User{57065E15-2310-4C22-86C6-89A8758B2757}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe
FirewallRules: [{A81470C5-0A51-4475-961D-98189BC2619F}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{86348F5C-E931-4907-8570-DE7798C962F1}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{E7B277BE-4917-416C-A8D4-FC0E4EF923C8}] => (Allow) C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{24BB443B-7B84-4FCE-A2F7-3C08D494F59F}] => (Allow) C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{233684F4-27F1-4259-B5F2-4326B91145AF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BB33C8F5-CA79-4C3A-8E21-FA9B5D8E3722}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5CDD07AE-5504-44DD-B98A-81D59B28EF52}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{45B00F0C-79FA-4DEB-BFA4-706EE0E8F8D6}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{5F2B79B1-A813-46CB-B579-A841046B50DE}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
FirewallRules: [{CA469E52-8BA7-4C0E-ACEE-BAA01BE6F3CA}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
FirewallRules: [{17C12634-3283-42E9-9197-5CC96E82D396}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaUI.exe
FirewallRules: [{E0F222A6-7464-4BDB-B270-FB507B42CF0D}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaUI.exe
FirewallRules: [{E8B3B387-7249-41C0-9A74-7ACF2E5CC546}] => (Allow) C:\Program Files (x86)\Opera\51.0.2830.55\opera.exe
FirewallRules: [{410993B6-986E-41EE-8D21-59B96B2E362B}] => (Allow) C:\Program Files (x86)\Opera\52.0.2871.40\opera.exe
FirewallRules: [{6C9B4E99-74E8-4D32-935C-0EADABC3CE34}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{9E152013-894A-4248-8AA7-7B16D704AAEA}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{A4E9BAC0-AA5D-43F9-85F9-64F858BB279C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4179087F-A9CC-439D-8780-5AAE6243D05E}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{64F67F62-2D60-4C84-9651-4F59D16AACB2}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe

==================== Pontos de Restauração =========================

ATENÇÃO: A Restauração do Sistema está desabilitada

==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: WiFi USB Dongle
Description: WiFi USB Dongle
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: WiFi USB Dongle
Description: WiFi USB Dongle
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (05/18/2018 10:46:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: conhost.exe, versão: 10.0.16299.15, carimbo de data/hora: 0x4dbabb31
Nome do módulo com falha: ConhostV2.dll, versão: 10.0.16299.15, carimbo de data/hora: 0x9407c601
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000006404
ID do processo com falha: 0x2bc
Hora de início do aplicativo com falha: 0x01d3eeae1c5907df
Caminho do aplicativo com falha: C:\WINDOWS\system32\conhost.exe
Caminho do módulo com falha: C:\WINDOWS\SYSTEM32\ConhostV2.dll
ID do Relatório: b705aa31-59a8-4d70-8144-ef1dbf2bc437
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:

Error: (05/18/2018 10:42:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: ZA-Scan.exe, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.16299.402, carimbo de data/hora: 0x81d25214
Código de exceção: 0xc0000409
Deslocamento da falha: 0x00103f12
ID do processo com falha: 0x14b8
Hora de início do aplicativo com falha: 0x01d3eeae1be62927
Caminho do aplicativo com falha: C:\Users\Sergio\Desktop\ZA-Scan.exe
Caminho do módulo com falha: C:\WINDOWS\System32\KERNELBASE.dll
ID do Relatório: bd6ab906-7404-4627-96b6-06d86ca284a8
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:

Error: (05/17/2018 12:09:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-LVNCMR9)
Description: O pacote Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe+App foi terminado porque levou muito tempo para ser suspenso.

Error: (05/09/2018 11:27:10 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Falha no Procedimento Open para o serviço "BITS" na DLL "C:\Windows\System32\bitsperf.dll". Os dados de desempenho para este serviço não estarão disponíveis. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código do erro.

Error: (05/07/2018 10:34:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: QHSafeTray.exe, versão: 9.2.0.1074, carimbo de data/hora: 0x5a9513df
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc000041d
Deslocamento da falha: 0x5213b3e5
ID do processo com falha: 0x21bc
Hora de início do aplicativo com falha: 0x01d3e62751304b42
Caminho do aplicativo com falha: C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
Caminho do módulo com falha: unknown
ID do Relatório: 94315af7-8387-4fe7-9925-6367421f12a1
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:

Error: (05/07/2018 02:39:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Microsoft.Photos.exe, versão: 2018.18031.15820.0, carimbo de data/hora: 0x5ae35cce
Nome do módulo com falha: Windows.UI.Xaml.dll, versão: 10.0.16299.248, carimbo de data/hora: 0xc27fa098
Código de exceção: 0xc000027b
Deslocamento da falha: 0x00000000004e5629
ID do processo com falha: 0x14c8
Hora de início do aplicativo com falha: 0x01d3e62a485fa85c
Caminho do aplicativo com falha: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Caminho do módulo com falha: C:\Windows\System32\Windows.UI.Xaml.dll
ID do Relatório: 52288065-4752-48e3-bce6-caef36f18370
Nome completo do pacote com falha: Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: App

Error: (05/05/2018 10:42:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: QHSafeMain.exe, versão: 9.2.0.1052, carimbo de data/hora: 0x5a8ea558
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc000041d
Deslocamento da falha: 0x0c5b08b0
ID do processo com falha: 0x2b84
Hora de início do aplicativo com falha: 0x01d3e4db56edc1a9
Caminho do aplicativo com falha: C:\Program Files (x86)\360\Total Security\QHSafeMain.exe
Caminho do módulo com falha: unknown
ID do Relatório: 723fc6a1-5134-42f4-842e-a15d43d11dec
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:

Error: (06/29/2018 07:08:57 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent


Erros de Sistema:
=============
Error: (05/18/2018 08:26:03 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (05/18/2018 08:26:03 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (05/18/2018 08:26:03 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (05/18/2018 08:26:03 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (05/18/2018 08:25:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço ThevSnapshotService devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.

Error: (05/18/2018 10:46:55 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: O serviço 3DSP Corporation Monitor Service relatou um estado atual 0 inválido.

Error: (05/18/2018 09:36:50 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (05/18/2018 09:36:50 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.


Windows Defender:
===================================
Date: 2017-11-07 14:49:48.939
Description:
O Windows Defender Antivirus detectou malware ou outros programas potencialmente indesejados.
Para obter mais informações, consulte:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nome: HackTool:Win32/AutoKMS
ID: 2147685180
Severidade: Médio
Categoria: Ferramenta
Caminho: containerfile:_C:\Users\Sergio\Downloads\1019.rar;file:_C:\Program Files\KMSpico\AutoPico.exe;file:_C:\Program Files\KMSpico\KMSELDI.exe;file:_C:\Users\Sergio\Downloads\1019.rar->KMSpico Install\KMSpico_setup.exe;file:_C:\Users\Sergio\Downloads\1019.rar->KMSpico Install\UnInstall_Service.cmd;file:_C:\Users\Sergio\Downloads\1019\KMSpico Install\KMSpico_setup.exe;file:_C:\Users\Sergio\Downloads\1019\KMSpico Install\UnInstall_Service.cmd;file:_C:\WINDOWS\System32\Tasks\AutoPico Daily Restart;regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7D3D7F2-6623-4A9C-95AE-520FEC6980F6};regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart;regkey:_HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1;taskscheduler:_C:\WINDOWS\System32\Tasks\AutoPico Daily Restart;uninstall:_HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1;webfile:_C:\Users\S
Origem da Detecção: Computador local
Tipo de Detecção: Concreto
Origem da Detecção: Sistema
Usuário: AUTORIDADE NT\SISTEMA
Nome do Processo: Unknown
Versão da Assinatura: AV: 1.245.210.0, AS: 1.245.210.0, NIS: 116.97.0.0
Versão do Mecanismo: AM: 1.1.13804.0, NIS: 2.1.12706.0

==================== Informações da Memória ===========================

Processador: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
Percentagem de memória em uso: 21%
RAM física total: 6068.55 MB
RAM física disponível: 4756.31 MB
Virtual Total: 7092.55 MB
Virtual disponível: 5872.68 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:116.7 GB) (Free:29.57 GB) NTFS
Drive d: () (Fixed) (Total:348.57 GB) (Free:18.9 GB) NTFS

\\?\Volume{75747ffc-0000-0000-0000-100000000000}\ (Reservado pelo Sistema) (Fixed) (Total:0.49 GB) (Free:0.1 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 75747FFC)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=116.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=348.6 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Sérgio Ricardo Bulhôes Carvalho

 

Siga os passos abaixo:

ETAPA 1

Baixe o Malwarebytes Anti-Malware (MBAM) do link abaixo e salve no seu desktop.
https://downloads.malwarebytes.org/file/mbam_current/
 
Clique duas vezes no mbam-setup.exe e siga o solicitado para instalar o programa.

  • Na aba Análise > Analise Personalizada marque a opção Procurar rootkits e as entradas referente a instalação do sistema operacional. Normalmente é o drive C:;
  • Clique em Analisar Agora. Aguarde, pois o scan pode demorar;
  • Ao acabar o scan, se houver itens encontrados, certifique-se que estejam todas marcados e clique no botão Remover Selecionadas ou Colocar em Quarentena;
  • Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo);
  • Caso o mbam não seja executado automaticamente após a reinicialização, execute manualmente;
  • O log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Relatórios na janela principal do programa;
  • Clique duas vezes no log (Registro de verificação). Clique no botão Exportar e utilize o formato .txt para exportar o log. Salve na Área de Trabalho.


ATENÇÃO: Abra o arquivo, selecione tudo, copie e cole o conteúdo deste log em sua próxima resposta.

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

ETAPA 2

Faça o download do AdwCleaner de um dos links abaixo e salve no desktop.
https://toolslib.net/downloads/viewdownload/1-adwcleaner/
http://www.bleepingcomputer.com/download/adwcleaner/

Clique em DOWNLOAD NOW para baixar o arquivo.

Execute o adwcleaner.exe

OBS: Usuários do Windows Vista, 7, 8/8.1 e windows 10 clique com o direito sobre o arquivo AdwCleaner.exe, depois clique em VRIfczU.png

Clique em VERIFICAR. Após o termino clique em LIMPAR e aguarde.

Será aberto o bloco de notas com o resultado.

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.
 

ETAPA 3


Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.


Faça o download do ZHPCleaner no link abaixo e salve em sua Área de trabalho (Desktop)

https://www.nicolascoolman.com/download/zhpcleaner/


Execute o arquivo ZHPCleaner.exe Como Administrador

  • Clique no botão Scanner.
  • A ferramenta começara o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Em seguida clique no botão Reparar.
  • Será gerado um log chamado ZHPCleaner.txt
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia!

 

Fiz a Etapa 1

13 horas atrás, Elias Pereira disse:

Analise Personalizada

Não encontrei essa opção então fiz na opção: Analise Customizada.

13 horas atrás, Elias Pereira disse:

Remover Selecionadas ou Colocar em Quarentena;

Só tinha a opção: Colocar em Quarentena.

Fez a analise completa sem reiniciar o computador

 

Vou começar a Etapa 2

 

Segue Relatório

 

Malwarebytes
www.malwarebytes.com

-Detalhes de registro-
Data da análise: 18/05/18
Hora da análise: 22:15
Arquivo de registro: 27240496-5b02-11e8-8cf9-00e04b001ca2.json
Administrador: Sim

-Informação do software-
Versão: 3.5.1.2522
Versão de componentes: 1.0.365
Versão do pacote de definições: 1.0.5166
Licença: Versão de Avaliação

-Informação do sistema-
Sistema operacional: Windows 10 (Build 16299.431)
CPU: x64
Sistema de arquivos: NTFS
Usuário: DESKTOP-LVNCMR9\Sergio

-Resumo da análise-
Tipo de análise: Análise Customizada
Análise Iniciada Por: Manual
Resultado: Concluído
Objetos verificados: 317857
Ameaças detectadas: 416
Ameaças em quarentena: 416
Tempo decorrido: 4 hr, 33 min, 55 seg

-Opções da análise-
Memória: Habilitado
Inicialização: Habilitado
Sistema de arquivos: Habilitado
Arquivos compactados: Habilitado
Rootkits: Habilitado
Heurística: Habilitado
PUP: Detectar
PUM: Detectar

-Detalhes da análise-
Processo: 2
Adware.TopTools, C:\PROGRAM FILES (X86)\WEATHERTOOL\2.0.1.5000183\WEATHERSERVICE.EXE, Quarentena, [7948], [511508],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\weather_lite.exe, Quarentena, [3606], [244741],1.0.5166

Módulo: 5
Adware.TopTools, C:\PROGRAM FILES (X86)\WEATHERTOOL\2.0.1.5000183\WEATHERSERVICE.EXE, Quarentena, [7948], [511508],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\Updata.dll, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\WeatherEntryDll.dll, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\WeatherEntryDll.dll, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\weather_lite.exe, Quarentena, [3606], [244741],1.0.5166

Chave de registro: 9
PUP.Optional.InstallCore, HKU\S-1-5-21-4183691096-495758405-3866567720-1001\SOFTWARE\csastats, Quarentena, [389], [260986],1.0.5166
PUP.Optional.WeatherTool, HKU\S-1-5-21-4183691096-495758405-3866567720-1001\SOFTWARE\WeatherTool, Quarentena, [3606], [186520],1.0.5166
PUP.Optional.Spigot, HKU\S-1-5-21-4183691096-495758405-3866567720-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{CAC16352-1906-4B8D-99B5-05EC9B444ADC}, Quarentena, [173], [243431],1.0.5166
PUP.Optional.InstallCore, HKU\S-1-5-21-4183691096-495758405-3866567720-1001\SOFTWARE\PRODUCTSETUP, Quarentena, [389], [481004],1.0.5166
PUP.Optional.WeatherTool, HKLM\SOFTWARE\WEATHERTOOL, Quarentena, [3606], [244746],1.0.5166
PUP.Optional.vSnapShot, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ThevSnapshotService, Quarentena, [4405], [495669],1.0.5166
Adware.TopTools, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WeatherLiteService, Quarentena, [7948], [511508],1.0.5166
PUP.Optional.vScreenShot, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{F772C08E-9F61-45c6-982F-ADDEEE0D0407}, Quarentena, [14184], [495712],1.0.5166
PUP.Optional.WeatherTool, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WeatherTool, Quarentena, [3606], [244741],1.0.5166

Valor de registro: 4
PUP.Optional.Spigot, HKU\S-1-5-21-4183691096-495758405-3866567720-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{CAC16352-1906-4B8D-99B5-05EC9B444ADC}|URL, Quarentena, [173], [243431],1.0.5166
PUP.Optional.InstallCore, HKU\S-1-5-21-4183691096-495758405-3866567720-1001\SOFTWARE\PRODUCTSETUP|TB, Quarentena, [389], [481004],1.0.5166
PUP.Optional.WeatherTool, HKLM\SOFTWARE\WEATHERTOOL|PARTNERID, Quarentena, [3606], [244746],1.0.5166
PUP.Optional.WeatherTool, HKLM\SOFTWARE\WEATHERTOOL|INSTALL_FIRST_TIME, Quarentena, [3606], [244745],1.0.5166

Dados de registro: 1
PUP.Optional.Spigot, HKU\S-1-5-21-4183691096-495758405-3866567720-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Substituído, [173], [293199],1.0.5166

Fluxo de dados: 0
(Nenhum item malicioso detectado)

Pasta: 44
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\optionbar, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\TrayMenu, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\setting, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\toolbar, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\EN, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\UPDData, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\PROGRAM FILES (X86)\VSNAPSHOT, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\uninstall, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\XP\BR, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\XP\CN, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\XP\DE, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\XP\EN, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\XP\FR, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\XP\JP, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\XP\TH, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\UPDData, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\BR, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\CN, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\DE, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\EN, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\FR, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\JP, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\TH, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\XP, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\PROGRAM FILES (X86)\WEATHERTOOL, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.vSnapShot, C:\Users\Sergio\AppData\Roaming\vSnapshot\dump, Quarentena, [4405], [495671],1.0.5166
PUP.Optional.vSnapShot, C:\USERS\SERGIO\APPDATA\ROAMING\VSNAPSHOT, Quarentena, [4405], [495671],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\dump, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\USERS\SERGIO\APPDATA\ROAMING\WEATHERTOOL, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\WeatherTool\dump, Quarentena, [3606], [182063],1.0.5166
PUP.Optional.WeatherTool, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\WeatherTool, Quarentena, [3606], [182063],1.0.5166
PUP.Optional.vSnapShot, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\vSnapshot\dump, Quarentena, [4406], [495671],1.0.5166
PUP.Optional.vSnapShot, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\VSNAPSHOT, Quarentena, [4406], [495671],1.0.5166

Arquivo: 351
Adware.TopTools, C:\PROGRAM FILES (X86)\WEATHERTOOL\2.0.1.5000183\WEATHERSERVICE.EXE, Quarentena, [7948], [511508],1.0.5166
PUP.Optional.TopTools, C:\PROGRAM FILES (X86)\TOOLS\UPDATE\CRASHREPORT.EXE, Quarentena, [8659], [512674],1.0.5166
PUP.Optional.TopTools, C:\PROGRAM FILES (X86)\TOOLS\UPDATE\CRASHREPORT64.EXE, Quarentena, [8659], [512674],1.0.5166
PUP.Optional.TopTools, C:\PROGRAM FILES (X86)\TOOLS\UPDATE\CRASHUL.EXE, Quarentena, [8659], [512674],1.0.5166
Adware.TopTools, C:\PROGRAM FILES (X86)\TOOLS\UPDATE\TOOLS_UPDATE.EXE, Quarentena, [7948], [495713],1.0.5166
PUP.Optional.vScreenShot, C:\PROGRAM FILES (X86)\VSNAPSHOT\1.2.0.0\INSTALLHELPER.EXE, Quarentena, [14184], [495712],1.0.5166
PUP.Optional.vSnapShot, C:\PROGRAM FILES (X86)\VSNAPSHOT\1.2.0.0\UPDATA.INI, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\EN\MainFrame.xml, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\EN\PopupFontSize.xml, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\EN\PopupLineType.xml, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\EN\PopupTrayMenu.xml, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\EN\ToolBar.xml, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\optionbar\bg_linetype_hover.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\optionbar\bg_list.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\optionbar\bg_list_font_size.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\optionbar\bg_option.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\optionbar\bg_option_triangle.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\optionbar\btn_bold.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\optionbar\btn_brush_l.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\optionbar\btn_brush_m.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\optionbar\btn_brush_s.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\optionbar\btn_italic.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\optionbar\btn_list.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\optionbar\color_swatches.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\optionbar\color_swatches_l.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\optionbar\icn_check_grey.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\optionbar\icn_check_white.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\optionbar\icn_list_drop.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\optionbar\line_1.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\optionbar\line_2.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\optionbar\line_3.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\optionbar\line_4.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\setting\bg_blur.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\setting\bg_input_error.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\setting\bg_input_focused.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\setting\bg_input_normal.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\setting\bg_popup.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\setting\bg_setting.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\setting\btn_cancel_clicked.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\setting\btn_cancel_hover.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\setting\btn_cancel_normal.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\setting\btn_save_clicked.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\setting\btn_save_hover.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\setting\btn_save_normal.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\setting\dimmed_bg.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\setting\icn_error.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\toolbar\bg_toolbar_narrow.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\toolbar\btn_action_cancel.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\toolbar\btn_action_complete.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\toolbar\btn_action_save.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\toolbar\btn_action_undo.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\toolbar\btn_tool_arrow.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\toolbar\btn_tool_brush.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\toolbar\btn_tool_eclipse.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\toolbar\btn_tool_mosaic.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\toolbar\btn_tool_rectangle.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\toolbar\btn_tool_text.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\TrayMenu\bg_menu_clicked.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\TrayMenu\bg_menu_hover.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\TrayMenu\bg_tray_menu.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\TrayMenu\exit.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\TrayMenu\icn_open.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\TrayMenu\icn_shortcut.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\bg_core.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\bg_core_big.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\bg_function_clicked.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\bg_function_hover.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\btn_close_hover.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\btn_close_normal.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\btn_close_pressed.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\btn_min_hover.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\btn_min_normal.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\btn_min_pressed.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\btn_shortcut_clicked.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\btn_shortcut_hover.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\btn_shortcut_normal.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\icn_conflict.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\icn_custom_hover.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\icn_custom_normal.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\icn_printscreen_hover.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\icn_printscreen_normal.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\icn_region_hover.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\icn_region_normal.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\DuiLibResource\picture\logo.png, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\UPDData\History.dat, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\CrashReport.exe, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\CrashReportModuleConf.ini, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\CrashUL.exe, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\Report.exe, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\Roboto-Regular.ttf, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\Updata.dll, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.2.0.0\vSnapshot.exe, Quarentena, [4405], [495664],1.0.5166
PUP.Optional.WeatherTool, C:\PROGRAM FILES (X86)\WEATHERTOOL\2.0.1.5000183\CRASHREPORTMODULECONF.INI, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\BR\skin.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\BR\skin2.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\CN\skin.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\CN\skin2.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\DE\skin.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\DE\skin2.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\EN\skin.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\EN\skin2.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\FR\skin.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\FR\skin2.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\JP\skin.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\JP\skin2.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\JP\skin3.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\uninstall\bg.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\uninstall\btn.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\uninstall\button.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\uninstall\buttondown.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\uninstall\checkbox.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\uninstall\click.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\uninstall\close.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\uninstall\hover.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\uninstall\normal.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\uninstall\page1.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\uninstall\page2.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\uninstall\page3.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\uninstall\page4.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\uninstall\progress_back.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\uninstall\progress_fore.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\uninstall\uninstall.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\uninstall\uninstalldown.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\cloudy_fg.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\Icon24_layout.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\img_num_0.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\accuweather_logo.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\bg_main.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\bg_menu.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\bg_search.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\bg_user_guide.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\btn_cancel.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\btn_delete.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\btn_menu.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\btn_radio.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\clear.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\cloudy.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\fog.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\Humidity.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\icn_add.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\icn_fail.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\icn_info_grey.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\icn_location_gray.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\icn_precipitation.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\icn_success.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\icn_thermo.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\icn_units.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\Icon48_layout.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\img_degree.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\img_dot_normal.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\img_dot_selected.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\img_minus.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\img_num_1.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\img_num_2.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\img_num_3.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\img_num_4.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\img_num_5.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\img_num_6.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\img_num_7.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\img_num_8.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\img_num_9.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\overcast.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\rain.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\Refresh.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\scrollbar.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\sequence.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\snow.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\sunny.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\tstorm.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\picture\windy.png, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\TH\skin.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\TH\skin2.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\XP\BR\skin.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\XP\BR\skin2.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\XP\CN\skin.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\XP\CN\skin2.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\XP\DE\skin.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\XP\DE\skin2.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\XP\EN\skin.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\XP\EN\skin2.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\XP\FR\skin.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\XP\FR\skin2.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\XP\JP\skin.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\XP\JP\skin2.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\XP\JP\skin3.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\XP\TH\skin.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\res\XP\TH\skin2.xml, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\UPDData\History.dat, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\CrashReport.exe, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\CrashReport64.exe, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\CrashUL.exe, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\InstallHelper.exe, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\Report.exe, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\Updata.dll, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\updata.ini, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\WeatherEntryDll.dll, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.WeatherTool, C:\Program Files (x86)\WeatherTool\2.0.1.5000183\weather_lite.exe, Quarentena, [3606], [244741],1.0.5166
PUP.Optional.Spigot, C:\USERS\SERGIO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1UXHXIYC.DEFAULT\PREFS.JS, Substituído, [173], [301667],1.0.5166
PUP.Optional.vSnapShot, C:\USERS\SERGIO\APPDATA\ROAMING\VSNAPSHOT\DUMP\BUGREPORTCONFIG.INI, Quarentena, [4405], [495671],1.0.5166
PUP.Optional.WeatherTool, C:\USERS\SERGIO\APPDATA\ROAMING\WEATHERTOOL\DUMP\BUGREPORTCONFIG.INI, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear00.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear01.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear02.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear03.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear04.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear05.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear06.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear07.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear08.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear09.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear10.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear11.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear12.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear13.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear14.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear15.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear16.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear17.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear18.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear19.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear20.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear21.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear22.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear23.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear24.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear25.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear26.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear27.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear28.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear29.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear30.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear31.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear32.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear33.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear34.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\clear_E8E6D5EBCB235F2F694637FB0E34307D\clear35.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain00.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain01.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain02.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain03.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain04.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain05.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain06.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain07.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain08.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain09.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain10.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain11.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain12.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain13.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain14.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain15.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain16.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain17.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain18.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain19.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain20.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain21.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain22.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain23.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain24.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain25.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain26.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain27.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain28.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain29.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain30.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain31.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain32.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain33.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain34.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\rain_7EC4187254C59C5CDF46B84BFC9BB61E\rain35.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny00.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny01.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny02.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny03.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny04.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny05.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny06.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny07.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny08.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny09.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny10.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny11.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny12.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny13.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny14.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny15.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny16.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny17.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny18.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny19.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny20.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny21.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny22.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny23.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny24.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny25.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny26.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny27.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny28.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny29.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny30.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny31.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny32.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny33.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny34.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\sunny_D382E6F57DBF655F960B97B2D0A3BC4B\sunny35.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm17.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm00.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm01.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm02.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm03.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm04.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm05.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm06.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm07.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm08.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm09.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm10.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm11.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm12.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm13.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm14.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm15.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm16.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm18.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm19.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm20.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm21.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm22.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm23.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm24.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm25.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm26.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm27.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm28.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm29.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm30.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm31.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm32.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm33.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm34.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\picture\tstorm_56F0169B449A4DB1EA6728F26174A989\tstorm35.png, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\b_37646_BR.json, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\b_45881_BR.json, Quarentena, [3606], [244740],1.0.5166
PUP.Optional.WeatherTool, C:\Users\Sergio\AppData\Roaming\WeatherTool\b_autoip_BR.json, Quarentena, [3606], [244740],1.0.5166
RiskWare.AutoKMS, C:\USERS\SERGIO\DOWNLOADS\1019\KMSPICO INSTALL\KMSPICO_SETUP.EXE, Quarentena, [13487], [471016],1.0.5166
RiskWare.AutoKMS, C:\USERS\SERGIO\DOWNLOADS\1019.RAR, Quarentena, [13487], [471016],1.0.5166
PUP.Optional.WeatherTool, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\WeatherTool\dump\BugReportConfig.ini, Quarentena, [3606], [182063],1.0.5166
PUP.Optional.vSnapShot, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\VSNAPSHOT\DUMP\BUGREPORTCONFIG.INI, Quarentena, [4406], [495671],1.0.5166

Setor físico: 0
(Nenhum item malicioso detectado)

Instrumentação do Windows (WMI): 0
(Nenhum item malicioso detectado)


(end)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Etapa 2 Concluida

14 horas atrás, Elias Pereira disse:

clique em LIMPAR

Só tinha a opção Limpar e Reparar e após aparece a mensagens

"Todos os processos serão terminados limpar e reiniciar

 

Segue relatório

 

# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build:    04-27-2018
# Database: 2018-05-18.2
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    05-19-2018
# Duration: 00:00:04
# OS:       Windows 10 Pro
# Cleaned:  4
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Users\Public\Documents\Guid

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKLM\Software\vSnapshot
Deleted       HKLM\Software\DtsEncodeTools

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted       Ask Brasil

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

 

 

adicionado 41 minutos depois
15 horas atrás, Elias Pereira disse:

Clique no botão Scanner.

Não sei se fiz certo pois, aparecia outras opções:

Após Scaniar abriu uma pagina na internet com algumas sugestões de programas par instalar fechei o navegador.

15 horas atrás, Elias Pereira disse:

Em seguida clique no botão Reparar.

Quando clicar em Reparar vai para outra tela com varias opções simplesmente cliquei em reparar.

 

15 horas atrás, Elias Pereira disse:

Será gerado um log chamado ZHPCleaner.txt

Pelo menos não gerou tive que clicar em Report e salvar o arquivo como txt

 

Talvez tenha essas diferenças pois, a que baixei foi a versão 2018

 

Se não efetuei os procedimentos corretos me informe por favor

Fico no aguardo dos próximos procedimentos ok

 

Segue relatório

 

~ ZHPCleaner v2018.5.18.113 by Nicolas Coolman (2018/05/18)
~ Run by Sergio (Administrator)  (19/05/2018 13:00:08)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Repair
~ Report : C:\Users\Sergio\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Sergio\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit  (Build 16299)


---\\  Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.


---\\  Services (0)
~ No malicious or unnecessary items found.


---\\  Browser internet (0)
~ No malicious or unnecessary items found.


---\\  Hosts file (1)
~ The hosts file is legitimate (21)


---\\  Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.


---\\  Explorer ( File, Folder) (15)
MOVED file: C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\1uxhxiyc.default\storage\default\https+++vuze.br.uptodown.com\.metadata    =>PUP.Optional.UpToDown
MOVED file: C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\1uxhxiyc.default\storage\default\https+++vuze.br.uptodown.com\.metadata-v2    =>PUP.Optional.UpToDown
MOVED file: C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\1uxhxiyc.default\storage\default\https+++vuze.br.uptodown.com\cache\.padding    =>PUP.Optional.UpToDown
MOVED file: C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\1uxhxiyc.default\storage\default\https+++vuze.br.uptodown.com\cache\caches.sqlite    =>PUP.Optional.UpToDown
MOVED file: C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\1uxhxiyc.default\storage\default\https+++vuze.br.uptodown.com\cache\morgue\18\{2666605e-ff78-49aa-87ee-b3dab07a2212}.final    =>PUP.Optional.UpToDown
MOVED file: C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\1uxhxiyc.default\storage\default\https+++apk-editor.br.uptodown.com\.metadata    =>PUP.Optional.UpToDown
MOVED file: C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\1uxhxiyc.default\storage\default\https+++apk-editor.br.uptodown.com\.metadata-v2    =>PUP.Optional.UpToDown
MOVED file: C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\1uxhxiyc.default\storage\default\https+++apk-editor.br.uptodown.com\cache\.padding    =>PUP.Optional.UpToDown
MOVED file: C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\1uxhxiyc.default\storage\default\https+++apk-editor.br.uptodown.com\cache\caches.sqlite    =>PUP.Optional.UpToDown
MOVED file: C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\1uxhxiyc.default\storage\default\https+++apk-editor.br.uptodown.com\cache\morgue\48\{7bea049c-1d81-4dca-b5e9-cdd8ef14e330}.final    =>PUP.Optional.UpToDown
MOVED file: C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\1uxhxiyc.default\storage\default\https+++apk-editor.br.uptodown.com\cache\morgue\159\{17305dd4-11f5-4ac2-b3bb-1d293c5e409f}.final    =>PUP.Optional.UpToDown
MOVED file: C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_winrar.softonic.com.br_0.localstorage    =>.SUP.Softonic
MOVED file: C:\Windows\SECOH-QAD.dll    =>HackTool.KMSpico
MOVED file: C:\Windows\SECOH-QAD.exe    =>HackTool.KMSpico
MOVED folder: C:\Program Files\KMSpico  =>HackTool.KMSpico


---\\  Registry ( Key, Value, Data) (1)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool]  =>Toolbar.Ask


---\\  Summary of the elements found (4)
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.UpToDown
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Softonic
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico
https://nicolascoolman.eu/2017/02/28/toolbar-ask/ =>Toolbar.Ask


---\\  Other deletions. (14)
~ Registry Keys Tracing deleted (14)
~ Remove the old reports ZHPCleaner. (0)


---\\ Result of repair
~ Repair carried out successfully


---\\ Statistics
~ Items scanned : 803
~ Items found : 0
~ Items cancelled : 0
~ Items options : 0/7
~ Space saving (bytes) : 0


~ End of clean in 00h00mn14s

---\\  Reports (2)
ZHPCleaner--19052018-12_58_53.txt
ZHPCleaner-[R]-19052018-13_00_22.txt

 

 

 

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Sérgio Ricardo Bulhôes Carvalho

 

A principio tudo executado corretamente.

 

Faça o download do RogueKiller by Tigzy, e salve na sua área de trabalho (Desktop).
roguekiller.exe (x64) << link

  • Feche todos os programas
  • Execute o RogueKiller.exe.
    ** Usuários do Windows Vista, Windows 7, 8, 8.1 e Windows 10:
    Clique com o direito sobre o arquivo rogueKiller.exe, depois clique em VRIfczU.png.
  • Quando a janela da Eula aparecer, clique em Accept.
  • Selecione a aba SCAN
  • Clique em START SCAN
  • Aguarde ate que o scan termine...
  • Clique no botão OPEN REPORT
  • Clique na opção EXPORT TXT e salve na Área de Trabalho com o nome de roguekiller.txt
  • Clique em OK e feche o RogueKiller.


Atente para abrir o arquivo, copiar e colar todo o conteúdo na sua próxima resposta

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite

 

Segue relatório RogueKiller

Aguardo próximos procedimentos

 

RogueKiller V12.12.17.0 (x64) [May 14 2018] (Free) por Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Site : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Sistema Operacional : Windows 10 (10.0.16299) 64 bits version
Iniciou : Modo normal
Usuário : Sergio [Administrador]
Started from : C:\Users\Sergio\Desktop\RogueKiller_portable64.exe
Modo : Escanear -- Data : 05/19/2018 18:44:46 (Duration : 00:33:19)

¤¤¤ Processos : 0 ¤¤¤

¤¤¤ Registro : 3 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 8.8.8.8 177.85.203.69 ([-][Brazil])  -> Encontrado
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{78a773ae-b5d7-4acd-850d-2bbf7604953d} | DhcpNameServer : 8.8.8.8 177.85.203.69 ([-][Brazil])  -> Encontrado
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{93de7de0-e7f5-45fd-bdf8-9a49642ff8af} | DhcpNameServer : 8.8.8.8 177.85.203.69 ([-][Brazil])  -> Encontrado

¤¤¤ Tarefas : 0 ¤¤¤

¤¤¤ Arquivos : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Arquivos de hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤

¤¤¤ Navegadores : 3 ¤¤¤
[PUM.SearchEngine][Firefox:Config] 1uxhxiyc.default : user_pref("browser.search.selectedEngine", "Yahoo!"); -> Encontrado
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : homepage [http:www.fidonav.com] -> Encontrado
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : session.startup_urls [http:www.fidonav.com] -> Encontrado

¤¤¤ Verificação da MBR : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HM500JI +++++
--- User ---
[MBR] d8cec39b9b67c273849f24ec324a2aff
[BSP] 241a7666f09f966ee2a924686bd1418b : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1026048 | Size: 119500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 245762048 | Size: 356938 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

 

 

 

 

 

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Sérgio Ricardo Bulhôes Carvalho

 

Feche todos os programas

  • Execute RogueKiller.exe.
    ** Usuários do Windows Vista, 7, 8/8.1 e windows 10:
    Clique com o direito sobre o arquivo rogueKiller.exe, depois clique em VRIfczU.png
  • Quando a Eula aparecer, clique em Accept.
  • Selecione a aba SCAN e clique em START SCAN
  • Aguarde ate que o scan termine.
  • >>>>>>> Navegue entre as abas e marque todas as entradas encontradas <<<<<<<
  • Clique em REMOVE SELECTED
  • Aguarde ate que o programa termine de deletar as infecções.
  • Clique no botão OPEN REPORT e depois em EXPORT TXT
  • Salve como report.txt na sua Área de Trabalho

Abra o arquivo report.txt salvo no sua Área de Trabalho, copie e cole todo o conteudo na sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Desculpe pela demora mais não sei por que o seu novo poster não apareceu no meu email:

 

Só achei entradas na aba Scan e fiz conforme solicitado.

Obs: Marquei todos as entradas mais no relatório só vi 3 itens deletados acho que fiz correto mais se tiver errados me informe ok.

 

Segue Relatório

Aguardo novo procedimentos ok grato

 

RogueKiller V12.12.17.0 (x64) [May 14 2018] (Free) por Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Site : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Sistema Operacional : Windows 10 (10.0.16299) 64 bits version
Iniciou : Modo normal
Usuário : Sergio [Administrador]
Started from : C:\Users\Sergio\Desktop\RogueKiller_portable64.exe
Modo : Deletar -- Data : 05/20/2018 16:36:52 (Duration : 00:33:35)

¤¤¤ Processos : 0 ¤¤¤

¤¤¤ Registro : 3 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 8.8.8.8 177.85.203.69 ([-][X])  -> Substituído ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{78a773ae-b5d7-4acd-850d-2bbf7604953d} | DhcpNameServer : 8.8.8.8 177.85.203.69 ([-][X])  -> Substituído ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{93de7de0-e7f5-45fd-bdf8-9a49642ff8af} | DhcpNameServer : 8.8.8.8 177.85.203.69 ([-][X])  -> Substituído ()

¤¤¤ Tarefas : 0 ¤¤¤

¤¤¤ Arquivos : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Arquivos de hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤

¤¤¤ Navegadores : 3 ¤¤¤
[PUM.SearchEngine][Firefox:Config] 1uxhxiyc.default : user_pref("browser.search.selectedEngine", "Yahoo!"); -> Deletado
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : homepage [http:www.fidonav.com] -> Deletado
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : session.startup_urls [http:www.fidonav.com] -> Deletado

¤¤¤ Verificação da MBR : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HM500JI +++++
--- User ---
[MBR] d8cec39b9b67c273849f24ec324a2aff
[BSP] 241a7666f09f966ee2a924686bd1418b : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1026048 | Size: 119500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 245762048 | Size: 356938 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Sérgio Ricardo Bulhôes Carvalho

 

1 hora atrás, Sérgio Ricardo Bulhôes Carvalho disse:

Boa tarde não sei se é importante mais rodei o RogueKiller fora da internet.

Não tem problema. :thumbsup:

 

Pressione as teclas Windows tecla-windows.gif + R e digite: msconfig
 
- Clique na guia Serviços, marque a opção Ocultar todos os serviços Microsoft e depois clique em Desativar tudo
- Clique na guia Inicialização de Programas e clique em Abrir Gerenciador de Tarefas
- Clique com o botão direito em cada entrada da inicialização e clique em Desabilitar/Desativar.

Volte para a tela de Configurações do Sistema e clique em Aplicar e depois em OK.
 
Siga as mensagens ate que seja solicitado a reiniciar.

Após isso me informe se os problemas em relação a malwares ainda persistem.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite fiz os procedimentos conforme solicitado porém para minha surpresa após reiniciar a máquina alguns problemas foram apresentados.

- Area de notificação não carrega em toda as inicialização e por consequencia não carrega o antivírus

- O multi tarefa do Windows não funciona quando tem mais de 2 janelas abertas não consigo alternar entre elas fica piscando como se a máquina estivesse infectada.

- O pior não consigo mais usar o teclado como se a tecla de numLk estivesse ativada o tempo todo só para ter um exemplo o último procedimento que fiz digitei msconfig após reiniciar a maquina agora quando digito o mesmo aparece 0sc6nf5g.

Passei o dia inteiro e desliguei e reiniciei mais de 20 vezes para vê se dessa maneira destravava a tecla NumLk sem sucesso pois não parece esta travada pois antes estava funcionando sem problema.

Estou lhe enviando essas informações pelo celular pois não consigo digitar nada pelo computador.

 

Fico no aguardo de novos procedimentos e desde ja agradeço atençao dispensada

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

a Noite!

Segue algumas telas que conseguir com muitas dificuldades a tela de serviço não foi possivel enviar são muitos que ficaram desativados depois do procedimentos solicitado por você.

Deu muito trabalho para anexar pois, parece que o micro esta pior e não responde direito aos comandos.

Não conseguir colar no corpo da mensagem.

 

Fico no aguardo e desde já agradeço

  

 

Inicialização de Programa.jpg

Inicialização do sistema.jpg

Tela inicial.jpg

Serviço.jpg

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Sérgio Ricardo Bulhôes Carvalho

 

O que solicitei somente desabilita alguns serviços que não são microsoft e as entradas da inicialização. Normalmente o computador fica muito mais rápido.

 

Habilite novamente todas as entradas que foram desabilitadas.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×