Ir ao conteúdo
  • Cadastre-se
Franco Alduan

RESOLVIDO Dificuldade em retirar Pop'ups e avisos do navegador Chrome

Recommended Posts

Boa noite, estou com problemas no meu PC, ao acessar paginas como o facebook, aparecem no canto direito da tela anúncios e avisos.

Tentei excluir os avisos indo em configurações do chrome > notificações, mas os sites permitidos estão bloqueados e não consigo retirá-los.

Desde já agradeço a ajuda,

Att

ZA-Scan.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Franco Alduan

 

Por favor, atente para o seguinte:

  • Sobre o Fórum: Este é um espaço privado, não público. Seu uso é um privilégio, não um direito;
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • IMPORTANTE: Caso tenha programas de ativação do windows ou de compartilhamento de torrent, sugiro desinstalar. Só irei dar procedimento na analise após a remoção. Regras do forum;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Respeite a ordem das instruções passadas;
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Siga os passos abaixo:

ETAPA 1

Baixe o Malwarebytes Anti-Malware (MBAM) do link abaixo e salve no seu desktop.
https://downloads.malwarebytes.org/file/mbam_current/
 
Clique duas vezes no mbam-setup.exe e siga o solicitado para instalar o programa.

  • Na aba Análise > Analise Personalizada marque a opção Procurar rootkits e as entradas referente a instalação do sistema operacional. Normalmente é o drive C:;
  • Clique em Analisar Agora. Aguarde, pois o scan pode demorar;
  • Ao acabar o scan, se houver itens encontrados, certifique-se que estejam todas marcados e clique no botão Remover Selecionadas ou Colocar em Quarentena;
  • Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo);
  • Caso o mbam não seja executado automaticamente após a reinicialização, execute manualmente;
  • O log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Relatórios na janela principal do programa;
  • Clique duas vezes no log (Registro de verificação). Clique no botão Exportar e utilize o formato .txt para exportar o log. Salve na Área de Trabalho.


ATENÇÃO: Abra o arquivo, selecione tudo, copie e cole o conteúdo deste log em sua próxima resposta.

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

ETAPA 2

Faça o download do AdwCleaner de um dos links abaixo e salve no desktop.
https://toolslib.net/downloads/viewdownload/1-adwcleaner/
http://www.bleepingcomputer.com/download/adwcleaner/

Clique em DOWNLOAD NOW para baixar o arquivo.

Execute o adwcleaner.exe

OBS: Usuários do Windows Vista, 7, 8/8.1 e windows 10 clique com o direito sobre o arquivo AdwCleaner.exe, depois clique em VRIfczU.png

Clique em VERIFICAR. Após o termino clique em LIMPAR e aguarde.

Será aberto o bloco de notas com o resultado.

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.
 

ETAPA 3


Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.


Faça o download do ZHPCleaner no link abaixo e salve em sua Área de trabalho (Desktop)

https://www.nicolascoolman.com/download/zhpcleaner/


Execute o arquivo ZHPCleaner.exe Como Administrador

  • Clique no botão Scanner.
  • A ferramenta começara o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Em seguida clique no botão Reparar.
  • Será gerado um log chamado ZHPCleaner.txt
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite,

Primeiramente muito obrigado pela atenção e auxilio.

Após ativador do windows ser desabilitado seguem as etapas:

 

Etapa 1:

 

Malwarebytes
www.malwarebytes.com

-Detalhes de registro-
Data da análise: 16/07/18
Hora da análise: 15:49
Arquivo de registro: 03b3cea6-8929-11e8-9be3-50e549fb8fca.json
Administrador: Sim

-Informação do software-
Versão: 3.5.1.2522
Versão de componentes: 1.0.391
Versão do pacote de definições: 1.0.5923
Licença: Versão de Avaliação

-Informação do sistema-
Sistema operacional: Windows 7 Service Pack 1
CPU: x64
Sistema de arquivos: NTFS
Usuário: Franco-PC\Franco

-Resumo da análise-
Tipo de análise: Análise Customizada
Análise Iniciada Por: Manual
Resultado: Concluído
Objetos verificados: 236558
Ameaças detectadas: 1
Ameaças em quarentena: 1
Tempo decorrido: 2 hr, 37 min, 20 seg

-Opções da análise-
Memória: Habilitado
Inicialização: Habilitado
Sistema de arquivos: Habilitado
Arquivos compactados: Habilitado
Rootkits: Habilitado
Heurística: Habilitado
PUP: Detectar
PUM: Detectar

-Detalhes da análise-
Processo: 0
(Nenhum item malicioso detectado)

Módulo: 0
(Nenhum item malicioso detectado)

Chave de registro: 0
(Nenhum item malicioso detectado)

Valor de registro: 0
(Nenhum item malicioso detectado)

Dados de registro: 0
(Nenhum item malicioso detectado)

Fluxo de dados: 0
(Nenhum item malicioso detectado)

Pasta: 0
(Nenhum item malicioso detectado)

Arquivo: 1
Trojan.Agent.MSIL, C:\USERS\FRANCO\DOWNLOADS\ATIVAR WIWNDOWS 7 - MAXTUTO\ATIVAR WIWNDOWS 7 - MAXTUTO\ATIVAR WIWNDOWS 7 - MAXTUTO\ATIVAR WIWNDOWS 7 - MAXTUTO\MBR REGENERATOR V4.5\2.EXE, Quarentena, [3668], [280029],1.0.5923

Setor físico: 0
(Nenhum item malicioso detectado)

Instrumentação do Windows (WMI): 0
(Nenhum item malicioso detectado)


(end)

 

Etapa 2:

 

# -------------------------------
# Malwarebytes AdwCleaner 7.2.1.1
# -------------------------------
# Build:    07-04-2018
# Database: 2018-07-04.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    07-16-2018
# Duration: 00:00:10
# OS:       Windows 7 Ultimate
# Scanned:  41365
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1254 octets] - [14/07/2018 20:03:22]
AdwCleaner[C00].txt - [1420 octets] - [14/07/2018 20:03:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########


Etapa 3:

 

~ ZHPCleaner v2018.7.15.149 by Nicolas Coolman (2018/07/15)
~ Run by Franco (Administrator)  (16/07/2018 22:13:19)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Repair
~ Report : C:\Users\Franco\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Franco\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)


---\\  Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.


---\\  Services (0)
~ No malicious or unnecessary items found.


---\\  Browser internet (0)
~ No malicious or unnecessary items found.


---\\  Hosts file (1)
~ The hosts file is legitimate (22)


---\\  Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.


---\\  Explorer ( File, Folder) (2)
MOVED file: C:\Windows\Prefetch\WINDOWS LOADER.EXE-81E8F215.pf    =>HackTool.WinActivator
MOVED folder: C:\Program Files (x86)\fasst  =>PUP.Optional.FAssistant


---\\  Registry ( Key, Value, Data) (0)
~ No malicious or unnecessary items found.


---\\  Summary of the elements found (2)
https://nicolascoolman.eu/2017/01/13/hacktool-winactivator/  =>HackTool.WinActivator
https://nicolascoolman.eu/2018/06/11/pup-optional-fassistant/  =>PUP.Optional.FAssistant


---\\  Other deletions. (1)
~ Registry Keys Tracing deleted (1)
~ Remove the old reports ZHPCleaner. (0)


---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)


---\\ Statistics
~ Items scanned : 553
~ Items found : 0
~ Items cancelled : 0
~ Items options : 0/7
~ Space saving (bytes) : 0


~ End of clean in 00h00mn03s

---\\  Reports (2)
ZHPCleaner--16072018-22_06_39.txt
ZHPCleaner-[R]-16072018-22_13_22.txt
 

 

 

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Franco Alduan

 

Faça o download do RogueKiller by Tigzy, e salve na sua área de trabalho (Desktop).
roguekiller.exe (x64) << link

  • Feche todos os programas
  • Execute o RogueKiller.exe.
    ** Usuários do Windows Vista, Windows 7, 8, 8.1 e Windows 10:
    Clique com o direito sobre o arquivo rogueKiller.exe, depois clique em VRIfczU.png.
  • Quando a janela da Eula aparecer, clique em Accept.
  • Selecione a aba SCAN
  • Clique em START SCAN
  • Aguarde ate que o scan termine...
  • Clique no botão OPEN REPORT
  • Clique na opção EXPORT TXT e salve na Área de Trabalho com o nome de roguekiller.txt
  • Clique em OK e feche o RogueKiller.


Atente para abrir o arquivo, copiar e colar todo o conteúdo na sua próxima resposta

Compartilhar este post


Link para o post
Compartilhar em outros sites

Fiquei na dúvida se era para remover os encontrados, como não estava na descrição não o farei.

Manterei aberto até próxima passo.

 

Segue próximo passo:

 

RogueKiller V12.12.26.0 (x64) [Jul  9 2018] (Free) por Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Site : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Sistema Operacional : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Iniciou : Modo normal
Usuário : Franco [Administrador]
Started from : C:\Users\Franco\Desktop\RogueKiller_portable64.exe
Modo : Escanear -- Data : 07/18/2018 21:50:39 (Duration : 00:15:58)

¤¤¤ Processos : 0 ¤¤¤

¤¤¤ Registro : 4 ¤¤¤
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-4005200577-2592874626-4273859957-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve  -> Encontrado
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-4005200577-2592874626-4273859957-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve  -> Encontrado
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> Encontrado
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> Encontrado

¤¤¤ Tarefas : 0 ¤¤¤

¤¤¤ Arquivos : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Arquivos de hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤

¤¤¤ Navegadores : 2 ¤¤¤
[PUP.Gen1|PUM.HomePage][Chrome:Config] Default [SecurePrefs] : homepage [http://br.hao123.com/?tn=opencd_hp_hao123_br] -> Encontrado
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : session.startup_urls [http://forum.escrotosclan.com/] -> Encontrado

¤¤¤ Verificação da MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD3200AAJS-60Z0A0 ATA Device +++++
--- User ---
[MBR] d948b9477c063450d6c38fecd38c9ea5
[BSP] 3337eeb1de45605d1d393913ad5ae168 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1026048 | Size: 304743 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Franco Alduan

 

Feche todos os programas

  • Execute RogueKiller.exe.
    ** Usuários do Windows Vista, 7, 8/8.1 e windows 10:
    Clique com o direito sobre o arquivo rogueKiller.exe, depois clique em VRIfczU.png
  • Quando a Eula aparecer, clique em Accept.
  • Selecione a aba SCAN e clique em START SCAN
  • Aguarde ate que o scan termine.
  • >>>>>>> Navegue entre as abas e marque todas as entradas encontradas <<<<<<<
  • Clique em REMOVE SELECTED
  • Aguarde ate que o programa termine de deletar as infecções.
  • Clique no botão OPEN REPORT e depois em EXPORT TXT
  • Salve como report.txt na sua Área de Trabalho

Abra o arquivo report.txt salvo no sua Área de Trabalho, copie e cole todo o conteudo na sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Elias Pereira

 

RogueKiller V12.12.26.0 (x64) [Jul  9 2018] (Free) por Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Site : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Sistema Operacional : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Iniciou : Modo normal
Usuário : Franco [Administrador]
Started from : C:\Users\Franco\Desktop\RogueKiller_portable64.exe
Modo : Deletar -- Data : 07/20/2018 22:08:15 (Duration : 00:19:56)

¤¤¤ Processos : 0 ¤¤¤

¤¤¤ Registro : 0 ¤¤¤

¤¤¤ Tarefas : 0 ¤¤¤

¤¤¤ Arquivos : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Arquivos de hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤

¤¤¤ Navegadores : 2 ¤¤¤
[PUP.Gen1|PUM.HomePage][Chrome:Config] Default [SecurePrefs] : homepage [http://br.hao123.com/?tn=opencd_hp_hao123_br] -> Deletado
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : session.startup_urls [http://forum.escrotosclan.com/] -> Deletado

¤¤¤ Verificação da MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD3200AAJS-60Z0A0 ATA Device +++++
--- User ---
[MBR] d948b9477c063450d6c38fecd38c9ea5
[BSP] 3337eeb1de45605d1d393913ad5ae168 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1026048 | Size: 304743 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: SanDisk Cruzer Blade USB Device +++++
--- User ---
[MBR] dcd7560cc168b324565480081a1119bc
[BSP] 365a73d4f2186123f786ccb32da1f504 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 32 | Size: 3818 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Não há suporte para o pedido. )

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Franco Alduan

 

  1. Clique no menu Iniciar, e após isso clique com o botão direito do mouse sob Meu computador e selecione a opção Propriedades. .

  2. Em Propriedades, selecione a opção Configurações avançadas do sistema.

  3. Vá na aba Proteção do Sistema, e em Restauração do Sistema, vá na opção Criar.

    fce2f587-5556-456b-93d4-00966ae7f59d

  4. Depois basta seguir as instruções em tela, para criar seu ponto de restauração.

    OBS: Lembre-se de colocar um nome de fácil entendimento para uma posterior restauração a partir deste ponto.

Pressione as teclas Windows tecla-windows.gif + R e digite: msconfig
 
- Clique na guia Serviços, marque a opção Ocultar todos os serviços Microsoft e depois clique em Desativar tudo
- Clique na guia Inicialização de Programas e clique em Desativar tudo
 
Siga as mensagens ate que seja solicitado a reiniciar.

Após isso me informe se os problemas em relação a malwares ainda persistem.

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Elias Pereira Bom dia.

 

As notificações pararam de aparecer sim, porém ainda não tenho controle sobre as configurações do Chrome, será q está normal?

Segue uma print da tela.

print.jpg

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Franco Alduan

 

Baixe o Farbar Recovery Scan do link abaixo e salve na sua área de trabalho.
https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

** Usuários do Windows Vista, Windows 7, 8/8.1 e windows 10:
Clique com o direito sobre o arquivo FRST64.EXE, depois clique em VRIfczU.png .
Aceite o contrato e depois clique no botão Scan/Examinar.

Aguarde e ao final, os logs FRST.txt e Addition.txt serão salvos no seu desktop.

Abra cada arquivo em separado, copie seu conteúdo e cole na sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Elias Pereira

 

FRST.txt

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 21.07.2018
Executado por Franco (administrador) em FRANCO-PC (23-07-2018 14:26:22)
Executando a partir de C:\Users\Franco\Desktop
Perfis Carregados: Franco (Perfis Disponíveis: Franco)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\Pub\PubMonitor.exe
() C:\Zenit Games\Priston Tale Brasil\eubbyi.exe 

==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

CHR HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.15.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{35D03463-6F34-4915-8402-03B8E9721F5E}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{35D03463-6F34-4915-8402-03B8E9721F5E}: [DhcpNameServer] 192.168.15.1
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{EAC00E64-1D16-46A3-91E4-AC57BD473425}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{EAC00E64-1D16-46A3-91E4-AC57BD473425}: [DhcpNameServer] 8.8.8.8

Internet Explorer:
==================
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-07-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-07-14] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://br.hao123.com/?tn=opencd_hp_hao123_br
CHR StartupUrls: Default -> "hxxp://forum.escrotosclan.com/"
CHR Profile: C:\Users\Franco\AppData\Local\Google\Chrome\User Data\Default [2018-07-23]
CHR Extension: (Apresentações) - C:\Users\Franco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-14]
CHR Extension: (Documentos) - C:\Users\Franco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-14]
CHR Extension: (Google Drive) - C:\Users\Franco\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-14]
CHR Extension: (YouTube) - C:\Users\Franco\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-14]
CHR Extension: (Planilhas) - C:\Users\Franco\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-14]
CHR Extension: (Documentos Google off-line) - C:\Users\Franco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-07-14]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Franco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-14]
CHR Extension: (Gmail) - C:\Users\Franco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-14]
CHR Extension: (Chrome Media Router) - C:\Users\Franco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-14]
CHR Profile: C:\Users\Franco\AppData\Local\Google\Chrome\User Data\System Profile [2018-07-22]

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 aftap0901; C:\Windows\System32\DRIVERS\aftap0901.sys [48624 2018-03-06] (The OpenVPN Project)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2018-06-19] (Malwarebytes)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-05-24] (REALiX(tm))
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [191208 2018-07-19] (Malwarebytes)
S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [114920 2018-07-22] (Malwarebytes)
S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [48360 2018-07-22] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-07-22] (Malwarebytes)
S3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [92792 2018-07-22] (Malwarebytes)
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2246488 2015-11-19] (MediaTek Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2018-07-23 14:26 - 2018-07-23 14:26 - 000008095 _____ C:\Users\Franco\Desktop\FRST.txt
2018-07-23 14:26 - 2018-07-23 14:26 - 000000000 ____D C:\FRST
2018-07-23 14:24 - 2018-07-23 14:25 - 002412544 _____ (Farbar) C:\Users\Franco\Desktop\FRST64.exe
2018-07-20 22:29 - 2018-07-20 22:29 - 000003806 _____ C:\Users\Franco\Desktop\report.txt
2018-07-19 08:49 - 2018-07-19 08:49 - 000002513 _____ C:\Users\Franco\Desktop\mwb.txt
2018-07-19 08:33 - 2018-07-22 11:09 - 000092792 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-07-19 08:33 - 2018-07-22 11:08 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-07-19 08:33 - 2018-07-22 11:08 - 000114920 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-07-19 08:33 - 2018-07-22 11:08 - 000048360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-07-19 08:33 - 2018-07-19 08:33 - 000191208 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-07-18 22:44 - 2018-07-18 22:44 - 000004476 _____ C:\Users\Franco\Desktop\text.txt
2018-07-18 22:09 - 2018-07-18 22:09 - 000004318 _____ C:\Users\Franco\Desktop\RogueKiller.txt
2018-07-18 21:50 - 2018-07-20 22:08 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2018-07-18 21:50 - 2018-07-18 22:44 - 000000000 ____D C:\Users\Todos os Usuários\RogueKiller
2018-07-18 21:50 - 2018-07-18 22:44 - 000000000 ____D C:\ProgramData\RogueKiller
2018-07-18 21:46 - 2018-07-18 21:46 - 027086392 _____ (Adlice Software) C:\Users\Franco\Desktop\RogueKiller_portable64.exe
2018-07-16 22:20 - 2018-07-16 22:20 - 000003258 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2018-07-16 22:06 - 2018-07-16 22:13 - 000001971 _____ C:\Users\Franco\Desktop\ZHPCleaner.txt
2018-07-16 21:53 - 2018-07-16 21:53 - 000003100 _____ C:\Users\Franco\Desktop\tes.txt
2018-07-16 21:52 - 2018-07-16 22:20 - 000000000 ____D C:\Users\Franco\AppData\Roaming\ZHP
2018-07-16 21:52 - 2018-07-16 22:01 - 000000832 _____ C:\Users\Franco\Desktop\ZHPCleaner.lnk
2018-07-16 21:52 - 2018-07-16 21:52 - 000000000 ____D C:\Users\Franco\AppData\Local\ZHP
2018-07-16 21:51 - 2018-07-16 21:51 - 003260800 _____ C:\Users\Franco\Desktop\ZHPCleaner.exe
2018-07-14 21:20 - 2018-07-14 21:20 - 000013614 _____ C:\ZA-Scan.txt
2018-07-14 21:18 - 2018-07-14 21:18 - 000000000 ____D C:\zoek_backup
2018-07-14 21:17 - 2018-07-14 21:17 - 000000000 ____D C:\Users\Franco\Downloads\zoek
2018-07-14 20:41 - 2018-07-14 20:47 - 006102389 _____ C:\Users\Franco\Desktop\zoek.zip
2018-07-14 20:04 - 2018-07-15 21:05 - 000000866 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-07-14 20:04 - 2018-07-14 20:04 - 000002774 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-07-14 20:04 - 2018-07-14 20:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-07-14 20:04 - 2018-07-14 20:04 - 000000000 ____D C:\Program Files\CCleaner
2018-07-14 20:02 - 2018-07-14 20:02 - 007402192 _____ (Malwarebytes) C:\Users\Franco\Downloads\adwcleaner_7.2.1.exe
2018-07-14 19:56 - 2018-07-14 19:56 - 004965896 _____ (Piriform Ltd) C:\Users\Franco\Downloads\ccsetup418.exe
2018-07-14 18:07 - 2018-07-14 20:03 - 000000000 ____D C:\AdwCleaner
2018-07-14 18:06 - 2018-07-14 18:06 - 008206624 _____ (Malwarebytes) C:\Users\Franco\Downloads\adwcleaner-7-0-7-0.exe
2018-07-14 18:02 - 2018-07-15 21:05 - 000001911 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-07-14 18:02 - 2018-07-14 18:02 - 000000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2018-07-14 18:02 - 2018-07-14 18:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-07-14 18:02 - 2018-07-14 18:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-07-14 18:02 - 2018-07-14 18:02 - 000000000 ____D C:\Program Files\Malwarebytes
2018-07-14 18:02 - 2018-06-19 14:09 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-07-14 18:00 - 2018-07-14 18:01 - 075518624 _____ (Malwarebytes ) C:\Users\Franco\Desktop\mb3-setup-consumer-3.5.1.2522-1.0.391-1.0.5903.exe
2018-07-14 10:36 - 2018-07-18 15:43 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-07-14 10:36 - 2018-07-18 15:43 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-07-14 10:35 - 2018-07-14 10:35 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-07-14 10:35 - 2018-07-14 10:35 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-07-14 09:55 - 2018-07-07 20:42 - 745605882 _____ C:\Users\Franco\Desktop\IMG_3833.MOV
2018-07-12 11:22 - 2018-07-12 11:22 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-07-12 11:22 - 2018-07-12 11:22 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-07-12 11:22 - 2018-07-12 11:22 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-07-11 12:37 - 2018-07-11 12:37 - 000001334 _____ C:\Users\Public\Desktop\Music Search MP3.lnk
2018-07-11 12:37 - 2018-07-11 12:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2018-07-11 12:37 - 2018-07-11 12:37 - 000000000 ____D C:\Program Files (x86)\DsNET Corp
2018-07-11 12:37 - 2017-11-09 13:58 - 000440320 _____ (Dart Communications) C:\Windows\SysWOW64\DartSock.dll
2018-07-11 12:37 - 2017-11-09 13:58 - 000401408 _____ (Dart Communications) C:\Windows\SysWOW64\DartSecure2.dll
2018-07-11 12:37 - 2017-11-09 13:58 - 000249856 _____ (Dart Communications) C:\Windows\SysWOW64\DartCertificate.dll
2018-07-11 12:37 - 2008-08-18 19:18 - 000077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
2018-07-11 06:57 - 2018-06-20 21:58 - 000398376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-07-11 06:57 - 2018-06-20 21:00 - 000348824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-07-11 06:57 - 2018-06-16 14:07 - 025743872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-07-11 06:57 - 2018-06-16 13:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-07-11 06:57 - 2018-06-16 13:46 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-07-11 06:57 - 2018-06-16 13:36 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-07-11 06:57 - 2018-06-16 13:33 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-07-11 06:57 - 2018-06-16 13:32 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-07-11 06:57 - 2018-06-16 13:31 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-07-11 06:57 - 2018-06-16 13:31 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-07-11 06:57 - 2018-06-16 13:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-07-11 06:57 - 2018-06-16 13:30 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-07-11 06:57 - 2018-06-16 13:27 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-07-11 06:57 - 2018-06-16 13:24 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-07-11 06:57 - 2018-06-16 13:23 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-07-11 06:57 - 2018-06-16 13:20 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-07-11 06:57 - 2018-06-16 13:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-07-11 06:57 - 2018-06-16 13:19 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-07-11 06:57 - 2018-06-16 13:19 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-07-11 06:57 - 2018-06-16 13:19 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-07-11 06:57 - 2018-06-16 13:19 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-07-11 06:57 - 2018-06-16 13:12 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-07-11 06:57 - 2018-06-16 13:08 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-07-11 06:57 - 2018-06-16 13:06 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-07-11 06:57 - 2018-06-16 13:06 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-07-11 06:57 - 2018-06-16 13:05 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-07-11 06:57 - 2018-06-16 13:05 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-07-11 06:57 - 2018-06-16 13:04 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-07-11 06:57 - 2018-06-16 13:02 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-07-11 06:57 - 2018-06-16 13:02 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-07-11 06:57 - 2018-06-16 13:02 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-07-11 06:57 - 2018-06-16 13:01 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-07-11 06:57 - 2018-06-16 12:59 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-07-11 06:57 - 2018-06-16 12:59 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-07-11 06:57 - 2018-06-16 12:58 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-07-11 06:57 - 2018-06-16 12:57 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-07-11 06:57 - 2018-06-16 12:57 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-07-11 06:57 - 2018-06-16 12:56 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-07-11 06:57 - 2018-06-16 12:56 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-07-11 06:57 - 2018-06-16 12:55 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-07-11 06:57 - 2018-06-16 12:55 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-07-11 06:57 - 2018-06-16 12:53 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-07-11 06:57 - 2018-06-16 12:47 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-07-11 06:57 - 2018-06-16 12:46 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-07-11 06:57 - 2018-06-16 12:44 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-07-11 06:57 - 2018-06-16 12:42 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-07-11 06:57 - 2018-06-16 12:42 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-07-11 06:57 - 2018-06-16 12:42 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-07-11 06:57 - 2018-06-16 12:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-07-11 06:57 - 2018-06-16 12:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-07-11 06:57 - 2018-06-16 12:40 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-07-11 06:57 - 2018-06-16 12:39 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-07-11 06:57 - 2018-06-16 12:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-07-11 06:57 - 2018-06-16 12:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-07-11 06:57 - 2018-06-16 12:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-07-11 06:57 - 2018-06-16 12:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-07-11 06:57 - 2018-06-16 12:34 - 004496384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-07-11 06:57 - 2018-06-16 12:32 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-07-11 06:57 - 2018-06-16 12:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-07-11 06:57 - 2018-06-16 12:29 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-07-11 06:57 - 2018-06-16 12:28 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-07-11 06:57 - 2018-06-16 12:27 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-07-11 06:57 - 2018-06-16 12:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-07-11 06:57 - 2018-06-16 12:16 - 001545216 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-07-11 06:57 - 2018-06-16 12:08 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-07-11 06:57 - 2018-06-16 12:05 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-07-11 06:57 - 2018-06-16 12:04 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-07-11 06:57 - 2018-06-16 12:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-07-11 06:57 - 2018-06-13 13:23 - 000140992 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-07-11 06:57 - 2018-06-13 13:20 - 014185984 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-07-11 06:57 - 2018-06-13 13:19 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-07-11 06:57 - 2018-06-13 13:18 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-07-11 06:57 - 2018-06-13 12:55 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-07-11 06:57 - 2018-06-13 12:54 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-07-11 06:57 - 2018-06-13 12:40 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-07-11 06:57 - 2018-06-08 13:27 - 005577408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-07-11 06:57 - 2018-06-08 13:27 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-07-11 06:57 - 2018-06-08 13:27 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-07-11 06:57 - 2018-06-08 13:27 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-07-11 06:57 - 2018-06-08 13:27 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-07-11 06:57 - 2018-06-08 13:23 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-07-11 06:57 - 2018-06-08 13:22 - 001665344 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-07-11 06:57 - 2018-06-08 13:21 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-07-11 06:57 - 2018-06-08 13:21 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-07-11 06:57 - 2018-06-08 13:21 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-07-11 06:57 - 2018-06-08 13:21 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-07-11 06:57 - 2018-06-08 13:21 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-07-11 06:57 - 2018-06-08 13:21 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-07-11 06:57 - 2018-06-08 13:20 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-07-11 06:57 - 2018-06-08 13:20 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-07-11 06:57 - 2018-06-08 13:20 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-07-11 06:57 - 2018-06-08 13:20 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-07-11 06:57 - 2018-06-08 13:20 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-07-11 06:57 - 2018-06-08 13:20 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-07-11 06:57 - 2018-06-08 13:20 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-07-11 06:57 - 2018-06-08 13:20 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-07-11 06:57 - 2018-06-08 13:20 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-07-11 06:57 - 2018-06-08 13:20 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-07-11 06:57 - 2018-06-08 13:20 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-07-11 06:57 - 2018-06-08 13:20 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-07-11 06:57 - 2018-06-08 13:20 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-07-11 06:57 - 2018-06-08 13:20 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-07-11 06:57 - 2018-06-08 13:20 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-07-11 06:57 - 2018-06-08 13:20 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-07-11 06:57 - 2018-06-08 13:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-07-11 06:57 - 2018-06-08 13:20 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-07-11 06:57 - 2018-06-08 13:20 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-07-11 06:57 - 2018-06-08 13:20 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-07-11 06:57 - 2018-06-08 13:20 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-07-11 06:57 - 2018-06-08 13:20 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-07-11 06:57 - 2018-06-08 13:19 - 000357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2018-07-11 06:57 - 2018-06-08 13:19 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2018-07-11 06:57 - 2018-06-08 13:19 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-07-11 06:57 - 2018-06-08 13:19 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-07-11 06:57 - 2018-06-08 13:19 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-07-11 06:57 - 2018-06-08 13:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 13:02 - 004050624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-07-11 06:57 - 2018-06-08 13:02 - 003962048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-07-11 06:57 - 2018-06-08 12:57 - 001314072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-07-11 06:57 - 2018-06-08 12:55 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-07-11 06:57 - 2018-06-08 12:55 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-07-11 06:57 - 2018-06-08 12:55 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-07-11 06:57 - 2018-06-08 12:55 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-07-11 06:57 - 2018-06-08 12:55 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-07-11 06:57 - 2018-06-08 12:55 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-07-11 06:57 - 2018-06-08 12:55 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-07-11 06:57 - 2018-06-08 12:55 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-07-11 06:57 - 2018-06-08 12:55 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-07-11 06:57 - 2018-06-08 12:55 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-07-11 06:57 - 2018-06-08 12:55 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-07-11 06:57 - 2018-06-08 12:55 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-07-11 06:57 - 2018-06-08 12:55 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-07-11 06:57 - 2018-06-08 12:55 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-07-11 06:57 - 2018-06-08 12:55 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-07-11 06:57 - 2018-06-08 12:55 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-07-11 06:57 - 2018-06-08 12:55 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-07-11 06:57 - 2018-06-08 12:55 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-07-11 06:57 - 2018-06-08 12:55 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-07-11 06:57 - 2018-06-08 12:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:44 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-07-11 06:57 - 2018-06-08 12:44 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-07-11 06:57 - 2018-06-08 12:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2018-07-11 06:57 - 2018-06-08 12:44 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-07-11 06:57 - 2018-06-08 12:43 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-07-11 06:57 - 2018-06-08 12:39 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-07-11 06:57 - 2018-06-08 12:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-07-11 06:57 - 2018-06-08 12:38 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-07-11 06:57 - 2018-06-08 12:34 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-07-11 06:57 - 2018-06-08 12:34 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-07-11 06:57 - 2018-06-08 12:34 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-07-11 06:57 - 2018-06-08 12:33 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-07-11 06:57 - 2018-06-08 12:33 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-07-11 06:57 - 2018-06-08 12:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-07-11 06:57 - 2018-06-08 12:28 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2018-07-11 06:57 - 2018-06-08 12:27 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-07-11 06:57 - 2018-06-08 12:21 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-07-11 06:57 - 2018-06-08 12:21 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-07-11 06:57 - 2018-06-08 12:21 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-07-11 06:57 - 2018-06-08 12:21 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-07-11 06:57 - 2018-06-08 12:19 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-07-11 06:57 - 2018-06-08 12:19 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 12:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-07-11 06:57 - 2018-06-08 10:05 - 002860032 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-07-11 06:57 - 2018-06-08 10:05 - 001602048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-07-11 06:57 - 2018-06-08 10:05 - 000783872 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-07-11 06:57 - 2018-06-08 10:05 - 000612352 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-07-11 06:57 - 2018-06-08 10:05 - 000470016 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-07-11 06:57 - 2018-06-08 10:05 - 000443392 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-07-11 06:57 - 2018-06-08 10:05 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-07-11 06:57 - 2018-06-08 10:05 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-07-11 06:57 - 2018-06-07 13:20 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-07-11 06:57 - 2018-06-07 13:19 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-07-11 06:57 - 2018-06-07 13:19 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-07-11 06:57 - 2018-06-07 13:19 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-07-11 06:57 - 2018-06-07 12:57 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-07-11 06:57 - 2018-06-07 12:49 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-07-11 06:57 - 2018-06-07 12:34 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-07-11 06:57 - 2018-05-31 13:28 - 001893568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-07-11 06:57 - 2018-05-31 13:28 - 000377024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-07-11 06:57 - 2018-05-31 13:28 - 000287936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-07-11 06:57 - 2018-05-02 12:32 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2018-07-11 06:57 - 2018-05-02 12:32 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2018-07-11 06:57 - 2018-05-02 12:32 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2018-07-11 06:57 - 2018-05-02 12:32 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2018-07-11 06:57 - 2018-05-02 12:32 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2018-07-11 06:57 - 2018-05-02 12:32 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2018-07-11 06:57 - 2018-05-02 12:32 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2018-07-11 06:57 - 2018-04-26 10:05 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000918296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000065880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000063832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000021848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000020824 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000019288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000018776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000016216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000015192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000013152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2018-07-11 06:57 - 2018-04-26 10:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2018-07-11 06:57 - 2018-04-25 13:02 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2018-07-11 06:57 - 2018-04-25 12:18 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-07-10 16:51 - 2018-07-10 16:51 - 000010888 _____ C:\Users\Franco\Downloads\Comprovante_Consulta_10-07-2018_16-51-41.pdf
2018-07-10 16:49 - 2018-07-10 16:49 - 000010895 _____ C:\Users\Franco\Downloads\Comprovante_Consulta_10-07-2018_16-49-08.pdf
2018-07-05 12:05 - 2018-07-05 12:20 - 000000000 ____D C:\Users\Franco\Downloads\f-bugbr
2018-07-05 12:05 - 2018-07-05 12:05 - 000047722 _____ C:\Users\Franco\Downloads\f-bugbr.zip
2018-07-05 09:01 - 2018-07-05 09:01 - 000010894 _____ C:\Users\Franco\Downloads\Comprovante_Consulta_05-07-2018_09-02-36.pdf
2018-07-05 08:57 - 2018-07-05 08:57 - 000010892 _____ C:\Users\Franco\Downloads\Comprovante_Consulta_05-07-2018_08-58-52.pdf
2018-07-05 07:10 - 2018-07-05 07:10 - 072520672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2018-07-05 07:10 - 2018-07-05 07:10 - 015218576 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE3.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 013687502 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2018-07-05 07:10 - 2018-07-05 07:10 - 007178432 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 007101704 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 006270160 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 006173640 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2018-07-05 07:10 - 2018-07-05 07:10 - 005346960 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 003677120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2018-07-05 07:10 - 2018-07-05 07:10 - 003632464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 003452120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 003417968 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 003306776 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 003214672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 003198528 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 003128768 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 002992152 _____ (Audyssey Labs) C:\Windows\system32\AudysseyEfx.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 002939728 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 002444648 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 002197944 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 001971328 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 001965120 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 001787920 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 001598352 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 001544216 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOProp.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 001516232 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 001448736 _____ (Dolby Laboratories) C:\Windows\system32\DolbyAPOv251gm.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 001435104 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 001382192 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 001372352 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOv251.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 001353280 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 001337608 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaeapo64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 001328360 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 001266352 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDHF64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 001259696 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOvlldp.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 001178240 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 001164584 _____ (Dolby Laboratories) C:\Windows\system32\DolbyAPOvlldpgm.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 001159152 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 001133560 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 001027608 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000999008 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SEHDHF32.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000994648 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000964992 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000873424 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000852104 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tosasfapo64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000751264 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000734736 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000715608 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000714432 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000692128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000604760 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaemaxapo64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000541072 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000511608 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000467120 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000453240 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000452696 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000448568 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000447144 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\toseaeapo64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000416472 _____ (Harman) C:\Windows\system32\HMUI.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000406416 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2APIPCLL.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000392840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000381368 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000378352 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000367576 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000366080 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\HMAPO.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000360312 _____ (Harman) C:\Windows\system32\HMClariFi.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000343672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000341112 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000341112 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000332968 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000327240 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000327232 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000315944 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000278240 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000266512 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000261200 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000261160 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000260176 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000231880 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000230664 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000220352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000218232 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000203808 _____ (Harman) C:\Windows\system32\HMHVS.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000192944 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000190896 _____ (Harman) C:\Windows\system32\HMEQ_Voice.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000190896 _____ (Harman) C:\Windows\system32\HMEQ.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000179560 _____ (Harman) C:\Windows\system32\HMLimiter.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000174904 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000158664 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000157312 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000154328 _____ (Harman) C:\Windows\system32\HarmanAudioInterface.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000139720 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000122280 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000118552 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000116504 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000105272 _____ C:\Windows\system32\audioLibVc.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000093872 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000090880 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000090136 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000088288 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000083592 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000075496 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2018-07-05 07:10 - 2018-07-05 07:10 - 000023656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2018-07-03 19:55 - 2018-07-03 19:55 - 000000000 ____D C:\Users\Franco\AppData\Local\18287102-5757-5026-A310-372B86278E97
2018-06-26 11:49 - 2018-07-05 12:24 - 000000000 ____D C:\Program Files (x86)\LAV Filters

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2018-07-23 14:01 - 2009-07-14 01:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-07-23 14:01 - 2009-07-14 01:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-07-23 08:45 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-07-22 21:35 - 2018-05-24 10:48 - 000119370 _____ C:\Users\Franco\Desktop\BOLÃO.xlsx
2018-07-21 19:37 - 2018-05-25 22:12 - 000000000 ____D C:\Users\Franco\AppData\Roaming\TS3Client
2018-07-19 18:48 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2018-07-16 22:20 - 2018-05-24 11:01 - 000002890 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Franco)
2018-07-16 15:45 - 2018-05-30 08:09 - 000000000 ____D C:\Users\Franco\AppData\Local\ElevatedDiagnostics
2018-07-16 15:45 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\system32\NDF
2018-07-14 21:18 - 2018-05-24 11:01 - 000108816 _____ C:\Users\Franco\AppData\Local\GDIPFONTCACHEV1.DAT
2018-07-14 20:06 - 2009-07-14 01:45 - 000407656 _____ C:\Windows\system32\FNTCACHE.DAT
2018-07-14 20:04 - 2018-06-20 22:31 - 000000000 ____D C:\Windows\Minidump
2018-07-14 20:04 - 2018-05-24 07:16 - 000000000 ____D C:\Windows\Panther
2018-07-14 19:47 - 2018-05-24 10:52 - 000000000 ____D C:\Users\Franco\AppData\Roaming\IObit
2018-07-14 10:36 - 2018-05-24 09:42 - 000000000 ____D C:\Program Files (x86)\Google
2018-07-14 10:33 - 2018-05-24 09:31 - 000001393 _____ C:\Users\Franco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-07-14 09:56 - 2011-04-12 10:40 - 000705066 _____ C:\Windows\system32\prfh0416.dat
2018-07-14 09:56 - 2011-04-12 10:40 - 000146910 _____ C:\Windows\system32\prfc0416.dat
2018-07-14 09:56 - 2009-07-14 02:13 - 001633530 _____ C:\Windows\system32\PerfStringBackup.INI
2018-07-12 11:58 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\rescache
2018-07-12 11:22 - 2018-05-25 10:30 - 000000000 ____D C:\Windows\system32\Macromed
2018-07-12 11:21 - 2018-05-25 10:30 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-07-12 11:04 - 2018-05-24 11:29 - 000000000 ____D C:\Windows\system32\MRT
2018-07-12 11:02 - 2009-07-14 02:09 - 000000000 ____D C:\Windows\System32\Tasks\WPD
2018-07-12 11:00 - 2018-05-25 09:27 - 000000000 ____D C:\Windows\system32\appraiser
2018-07-11 22:55 - 2018-05-24 10:44 - 000000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2018-07-11 22:55 - 2009-07-14 00:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2018-07-11 22:52 - 2018-05-24 22:39 - 001598148 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-07-11 22:47 - 2018-05-24 11:29 - 134675576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-07-11 09:56 - 2009-07-14 01:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-07-05 12:26 - 2018-05-24 09:30 - 000000000 ____D C:\Users\Franco
2018-07-05 12:24 - 2018-06-20 22:29 - 000000000 ____D C:\Users\Franco\Downloads\Ativar Wiwndows 7 - MaxTuto
2018-07-05 12:24 - 2018-06-18 16:24 - 000000000 ____D C:\Program Files (x86)\McAfee Safe Connect
2018-07-05 12:24 - 2018-06-05 22:24 - 000000000 ____D C:\Users\Franco\AppData\Roaming\PhotoFiltre 7
2018-07-05 12:24 - 2018-05-24 12:18 - 000000000 ____D C:\Windows\system32\DAX3
2018-07-05 12:24 - 2018-05-24 12:18 - 000000000 ____D C:\Windows\system32\DAX2
2018-07-05 12:24 - 2018-05-24 12:18 - 000000000 ____D C:\Users\Todos os Usuários\Audyssey Labs
2018-07-05 12:24 - 2018-05-24 12:18 - 000000000 ____D C:\ProgramData\Audyssey Labs
2018-07-05 12:24 - 2018-05-24 12:17 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-07-05 12:24 - 2018-05-24 12:17 - 000000000 ____D C:\Program Files\Realtek
2018-07-05 12:24 - 2018-05-24 11:02 - 000000000 ____D C:\Users\Todos os Usuários\ProductData
2018-07-05 12:24 - 2018-05-24 11:02 - 000000000 ____D C:\ProgramData\ProductData
2018-07-05 12:24 - 2018-05-24 11:01 - 000000000 ____D C:\Users\Franco\AppData\LocalLow\IObit
2018-07-05 12:24 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\security
2018-07-05 12:24 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\registration
2018-07-05 12:23 - 2018-05-24 10:44 - 000000000 __RHD C:\MSOCache

==================== Arquivos na raiz de alguns diretórios =======

2018-06-20 22:18 - 2018-06-20 22:22 - 000000004 _____ () C:\ProgramData\lock.dat
2018-06-20 22:18 - 2018-06-20 22:22 - 000000004 _____ () C:\Users\Todos os Usuários\lock.dat
2018-06-20 22:10 - 2018-06-20 22:10 - 000140800 _____ () C:\Users\Franco\AppData\Local\installer.dat

Alguns arquivos em TEMP:
====================
2018-07-18 21:50 - 2018-06-08 13:22 - 001665344 _____ (Microsoft Corporation) C:\Users\Franco\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

LastRegBack: 2018-07-17 16:51

==================== Fim de FRST.txt ============================

 

Addition.txt

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 21.07.2018
Executado por Franco (23-07-2018 14:26:56)
Executando a partir de C:\Users\Franco\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2018-05-24 12:30:40)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-4005200577-2592874626-4273859957-500 - Administrator - Disabled)
Convidado (S-1-5-21-4005200577-2592874626-4273859957-501 - Limited - Disabled)
Franco (S-1-5-21-4005200577-2592874626-4273859957-1000 - Administrator - Enabled) => C:\Users\Franco
HomeGroupUser$ (S-1-5-21-4005200577-2592874626-4273859957-1002 - Limited - Enabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

Adobe Flash Player 30 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 30.0.0.134 - Adobe Systems Incorporated)
aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.1.0 - IObit)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.68 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Malwarebytes versão 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.1 (Português (Brasil)) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{d6f233bd-3f8c-43f6-878b-07bd0568d595}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{cb7c3049-21de-415b-bd85-b65c14e547df}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Priston Tale Brasil  (HKLM-x32\...\Priston Tale Brasil ) (Version:  - )
PristonTOOL-Xeno v4.1 (HKLM-x32\...\{F7441C50-E553-44DC-896B-007D12510B3F}) (Version: 4.1.5 - xenkw0n)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8382 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
TeamSpeak 3 Client (HKU\S-1-5-21-4005200577-2592874626-4273859957-1000\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
zzPTtool version 1.9 (HKLM-x32\...\{11862A69-735C-4F01-843F-11C11C7A363C}_is1) (Version: 1.9 - ZimZam)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {142ACD68-39C4-46D8-867A-AB4601774CD2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {3D57B696-14DC-4E28-973E-7D61089B7C42} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\5.1.0\Scheduler.exe [2017-10-24] (IObit)
Task: {6027685D-734A-4C53-9D46-BFCE4427FC0B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-07-14] (Google Inc.)
Task: {749ADE10-A078-4A22-A614-5C060DA8DAD6} - System32\Tasks\Driver Booster SkipUAC (Franco) => C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DriverBooster.exe [2017-11-17] (IObit)
Task: {7ED1FD06-E8FB-4E27-9CE8-9A6FB273DC99} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-07-14] (Google Inc.)
Task: {FEAF8CFB-BE08-41F8-AF34-2C5AF92FEC8A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-12] (Adobe Systems Incorporated)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)


==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)


==================== Módulos Carregados (Whitelisted) ==============

2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2018-07-23 10:51 - 2018-07-23 10:51 - 003153920 ____H () C:\Zenit Games\Priston Tale Brasil\eubbyi.exe 
2017-01-30 09:39 - 2018-07-19 10:00 - 000164352 _____ () C:\Zenit Games\Priston Tale Brasil\ZForce\ZForce.dll
2018-06-26 11:49 - 2018-06-26 11:49 - 000288256 _____ () C:\Program Files (x86)\LAV Filters\libbluray.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)


==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)


==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-13 23:34 - 2018-06-20 22:26 - 000000826 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-4005200577-2592874626-4273859957-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall do Windows está desabilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{30784FFC-A484-4B3A-ADF3-88794201B799}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DriverBooster.exe
FirewallRules: [{BEBF3773-F844-4D38-B0D3-B31212303E15}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DriverBooster.exe
FirewallRules: [{D5DEF233-365E-4573-BE20-1C318DEC19C8}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DBDownloader.exe
FirewallRules: [{7A9EB5B8-D91B-4DF0-8799-5E2F2E77BC38}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DBDownloader.exe
FirewallRules: [{706F2933-4B6F-4371-AFA3-77468B63388F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\AutoUpdate.exe
FirewallRules: [{CF7D5D4F-498B-46AC-8B81-DCD941EA60A4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\AutoUpdate.exe
FirewallRules: [{31434783-22BD-4C23-A988-DBA7880E1B99}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Pontos de Restauração =========================

07-07-2018 08:56:58 Windows Update
11-07-2018 06:49:21 Windows Update
11-07-2018 22:46:51 Windows Update
12-07-2018 11:21:26 Driver Booster : Auto Update
20-07-2018 11:37:02 Ponto de Verificação Agendado
22-07-2018 11:14:59 Restaure ClubedoHardware

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (07/23/2018 08:47:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/22/2018 08:57:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/22/2018 11:20:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/22/2018 11:09:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/21/2018 06:29:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/20/2018 08:01:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/19/2018 08:34:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/18/2018 03:40:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


Erros de Sistema:
=============
Error: (07/22/2018 11:09:25 AM) (Source: bowser) (EventID: 8003) (User: )
Description: O localizador mestre recebeu uma notificação de servidor do computador PENDRAGON
que acredita ser o localizador mestre do domínio no transporte NetBT_Tcpip_{35D03463-6F34-4915-8402-03B8E9721F5E}.
O localizador mestre está parando ou está sendo forçada uma eleição.

Error: (07/21/2018 06:28:17 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: O nome "FRANCO-PC      :20" não pôde ser registrado na interface com o endereço IP 192.168.15.8.
O computador de endereço IP 192.168.15.10 não permitiu que o nome fosse reivindicado por
este computador.

Error: (07/21/2018 06:28:17 AM) (Source: Server) (EventID: 2505) (User: )
Description: O servidor não pôde ligar-se com o transporte \Device\NetBT_Tcpip_{35D03463-6F34-4915-8402-03B8E9721F5E} porque outro computador na rede tem o mesmo nome. Não foi possível iniciar o servidor.

Error: (07/21/2018 06:28:15 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: O nome "FRANCO-PC      :0" não pôde ser registrado na interface com o endereço IP 192.168.15.8.
O computador de endereço IP 192.168.15.10 não permitiu que o nome fosse reivindicado por
este computador.

Error: (07/20/2018 10:29:01 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: O nome "FRANCO-PC      :0" não pôde ser registrado na interface com o endereço IP 192.168.15.8.
O computador de endereço IP 192.168.15.10 não permitiu que o nome fosse reivindicado por
este computador.

Error: (07/20/2018 10:28:51 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: O nome "FRANCO-PC      :0" não pôde ser registrado na interface com o endereço IP 192.168.15.8.
O computador de endereço IP 192.168.15.10 não permitiu que o nome fosse reivindicado por
este computador.

Error: (07/20/2018 10:28:05 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: O nome "FRANCO-PC      :0" não pôde ser registrado na interface com o endereço IP 192.168.15.8.
O computador de endereço IP 192.168.15.10 não permitiu que o nome fosse reivindicado por
este computador.

Error: (07/20/2018 10:28:01 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: O nome "FRANCO-PC      :0" não pôde ser registrado na interface com o endereço IP 192.168.15.8.
O computador de endereço IP 192.168.15.10 não permitiu que o nome fosse reivindicado por
este computador.


Windows Defender:
===================================
Date: 2018-07-04 07:03:09.193
Description: 
Windows Defender encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura:1.271.442.0
Versão da Assinatura Anterior:1.269.1075.0
Origem da Atualização:Usuário
Tipo de Assinatura:Anti-spyware
Tipo de Atualização:Delta
Usuário:AUTORIDADE NT\SISTEMA
Versão do Mecanismo Atual:1.1.15000.2
Versão do Mecanismo Anterior:1.1.14901.4
Código de erro:0x80070666
Descrição do erro:Outra versão deste produto já está instalada. A instalação desta versão não pode continuar. Para configurar ou remover a versão existente deste produto, use 'Adicionar ou remover programas' no Painel de Controle. 

Date: 2018-07-04 07:03:09.193
Description: 
Windows Defender encontrou um erro ao tentar atualizar o mecanismo.
Versão do Mecanismo Novo:1.1.15000.2
Versão do Mecanismo Anterior:1.1.14901.4
Origem da Atualização:Usuário
Usuário:AUTORIDADE NT\SISTEMA
Código de Erro:0x80070666
Descrição do erro:Outra versão deste produto já está instalada. A instalação desta versão não pode continuar. Para configurar ou remover a versão existente deste produto, use 'Adicionar ou remover programas' no Painel de Controle. 

CodeIntegrity:
===================================

Date: 2018-05-24 22:04:26.952
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-05-24 22:04:26.952
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-05-24 12:28:22.982
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-05-24 12:28:22.982
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-05-24 12:26:02.528
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-05-24 12:26:02.528
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-05-24 12:13:28.804
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-05-24 12:13:28.726
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Informações da Memória =========================== 

Processador: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz
Percentagem de memória em uso: 22%
RAM física total: 8147.02 MB
RAM física disponível: 6288.18 MB
Virtual Total: 16292.2 MB
Virtual disponível: 13399.64 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.6 GB) (Free:215.54 GB) NTFS
Drive d: (PENDRIVE) (Removable) (Total:3.72 GB) (Free:3.71 GB) FAT32

\\?\Volume{aaa6a11a-5f3b-11e8-932b-806e6f6e6963}\ () (Fixed) (Total:0.49 GB) (Free:0.44 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 625271CC)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=297.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 3.7 GB) (Disk ID: F970D699)
Partition 1: (Active) - (Size=3.7 GB) - (Type=0B)

==================== Fim de Addition.txt ============================

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Franco Alduan

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está no CODE abaixo:

CreateRestorePoint:
CloseProcesses:
CHR HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO
CHR HomePage: Default -> hxxp://br.hao123.com/?tn=opencd_hp_hao123_br
CHR StartupUrls: Default -> "hxxp://forum.escrotosclan.com/"
CMD: ipconfig /flushdns
RemoveProxy:
EmptyTemp:
CreateRestorePoint:

Salve este arquivo na na sua área de trabalho com o nome fixlist

OBS: É de extrema importância que o arquivo "fixlist" seja salvo na sua Área de Trabalho/Desktop. Verifique também se o FRST.exe encontra-se na Área de Trabalho/Desktop.

** Usuários do Windows Vista, Windows 7, 8/8.1 e windows 10:
Clique com o direito sobre o arquivo FRST.EXE, depois clique em VRIfczU.png.

Clique no botão 0h0YlDEzRbKP9R7xLrUlzA.png

Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.

Abra o arquivo Fixlog.txt, copie e cole seu conteúdo na sua próxima resposta.

 

Verifique também se ainda está bloqueado as configs do chrome.

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Elias Pereira

As configurações estão liberadas! :D

 

Segue o Fixlog.txt

 

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 21.07.2018
Executado por Franco (25-07-2018 11:46:01) Run:1
Executando a partir de C:\Users\Franco\Desktop
Perfis Carregados: Franco (Perfis Disponíveis: Franco)
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
CloseProcesses:
CHR HKLM\SOFTWARE\Policies\Google: Restri��o <==== ATEN��O
CHR HomePage: Default -> hxxp://br.hao123.com/?tn=opencd_hp_hao123_br
CHR StartupUrls: Default -> "hxxp://forum.escrotosclan.com/"
CMD: ipconfig /flushdns
RemoveProxy:
EmptyTemp:
CreateRestorePoint:
*****************

Ponto de Restauração criado com sucesso.
Processos fechados com sucesso.
"HKLM\SOFTWARE\Policies\Google" => removido (a) com sucesso.
"Chrome HomePage" => removido (a) com sucesso.
"Chrome StartupUrls" => removido (a) com sucesso.

========= ipconfig /flushdns =========


Configura‡Æo de IP do Windows

Libera‡Æo do Cache do DNS Resolver bem-sucedida.

========= Fim de CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.
"HKU\S-1-5-21-4005200577-2592874626-4273859957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\S-1-5-21-4005200577-2592874626-4273859957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.


========= Fim de RemoveProxy: =========

Ponto de Restauração criado com sucesso.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6199588 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 1686 B
Edge => 0 B
Chrome => 553960543 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33253 B
systemprofile32 => 33253 B
LocalService => 33125 B
NetworkService => 33125 B
Franco => 43737013 B

RecycleBin => 0 B
EmptyTemp: => 584 MB de dados temporários Removidos.

================================


O sistema precisou ser reiniciado.

==== Fim de Fixlog 11:46:53 ====

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Franco Alduan

 

Em relação a malwares, não temos mais problemas.

Ultimas instruções.

Baixe o Delfix by Xplode do link abaixo e salve na sua área de trabalho.
http://www.bleepingcomputer.com/download/delfix/dl/281/

Dê dois cliques no delfix.exe para executá-lo. Marque as caixas conforme imagem.

*** Usuários do Windows Vista, 7, 8/8.1 e Windows 10clique com o direito sobre o arquivo delfix.exe, depois clique emVRIfczU.png

ipb9zl.png

Clique no botão Executar.

Ao final será gerado um log, mas não é necessário postar.

MANTENHA O SO ATUALIZADO:
Mantenha como "automatica" as atualizações do windows. Novas brechas de segurança são descobertas com freqüência. Muitos malwares exploram essas brechas, infectando sistemas sem depender de nenhuma ação do usuário. A Microsoft corrige essas brechas através das atualizações. Por isso é fundamental manter o seu sistema atualizado.

Se não tiver mais problema em relação a malwares, clique em Denunciar Post localizado no topo da pagina e diga que seu topico está RESOLVIDO. Se você tiver alguma dúvida relacionada a informática e tecnologia, sinta-se à vontade para postar em qualquer área do CdH.

Att.
Elias Pereira

  • Obrigado 1

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×