Ir ao conteúdo
  • Comunicados

    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.

CLAUDIO RD

Membros Plenos
  • Total de itens

    29
  • Registro em

  • Última visita

  • Qualificações

    N/D

Reputação

1

Sobre CLAUDIO RD

Informações gerais

  • Cidade e Estado
    rio de janeiro
  • Sexo
    Masculino
  1. kernel_security_check_failure tela azul, reinicia sozinho

    Oi Sr. Miague Depois que eu atualizei o Menu Solution Center (aplicativo da Lenovo) e fiz uma verificação completa do hardware (liguei na Lenovo e me deram essa ideia, ou atualizar os drivers e derradeiramente dar o recovery na máquina, mas não foi necessário). Tem umas duas semanas que não reinicia mais sozinho. Qualquer recidiva testo este seu programa e volto aqui. Te agradeço. Abs
  2. kernel_security_check_failure tela azul, reinicia sozinho

    @Sr.Miague Sensacional sua "assessoria" Não era pra colar o log do HD?? Não sou técnico! Pensei q pudesse diagnosticar algo..
  3. kernel_security_check_failure tela azul, reinicia sozinho

    HD Tune Pro: WDC WD5000LPCX-24C6HT0 Benchmark Test capacity: full Read transfer rate Transfer Rate Minimum : 1.2 MB/s Transfer Rate Maximum : 109.2 MB/s Transfer Rate Average : 72.5 MB/s Access Time : 17.6 ms Burst Rate : 220.3 MB/s CPU Usage : 6.0% =================================== HD Tune Pro: WDC WD5000LPCX-24C6HT0 Information Firmware version : 01.01A01 Serial number : ============== Capacity : 500.1 gB (465.8 GB) Buffer size : 16384 KB Sector size : 512 bytes Standard : SATA 3 (6.0 Gb/s) Supported mode : UDMA Mode 6 Current mode : UDMA Mode 7 Avergae speed : 81 MB/s Rotation speed : 5400 RPM S.M.A.R.T : yes 48-bit Address : yes Read Look-Ahead : yes Write Cache : yes Host Protected Area : yes Device Configuration Overlay : yes Firmware Upgradable : yes Automatic Acoustic Management: no Power Management : yes Advanced Power Management : yes Interface Power Management : yes Power-up in Standby : yes Security Mode : yes SCT Tables : yes Native Command Queuing (NCQ) : yes Trim : no Volume : Windows8_OS (C:) Capacity : 435987 MB Free : 262694 MB Usage : 40% File system : NTFS Serial : 56F1-CDFB Alignment : 1 MB Volume : LENOVO (D:) Capacity : 25599 MB Free : 22989 MB Usage : 10% File system : NTFS Serial : F0F8-82A1 Alignment : 1 MB Volume : Capacity : Free : Usage : File system : Serial : Alignment : 2 MB Volume : Capacity : Free : Usage : File system : Serial : Alignment : 2 MB Volume : Capacity : Free : Usage : File system : Serial : Alignment : 2 MB =========================== HD Tune Pro: WDC WD5000LPCX-24C6HT0 Health ID Current Worst ThresholdData Status (01) Raw Read Error Rate 200 200 51 211 ok (03) Spin Up Time 152 150 21 1375 ok (04) Start/Stop Count 78 78 0 22897 ok (05) Reallocated Sector Count 200 200 140 0 ok (07) Seek Error Rate 200 200 51 0 ok (09) Power On Hours Count 94 94 0 4601 ok (0A) Spin Retry Count 100 100 0 0 ok (0B) Calibration Retry Count 100 100 0 0 ok (0C) Power Cycle Count 91 91 0 9811 ok (C0) Unsafe Shutdown Count 200 200 0 78 ok (C1) Load Cycle Count 174 174 0 78119 ok (C2) Temperature 105 101 0 38 ok (C4) Reallocated Event Count 200 200 0 0 ok (C5) Current Pending Sector 200 200 0 0 ok (C6) Offline Uncorrectable 100 253 0 0 ok (C7) Interface CRC Error Count 200 200 0 0 ok (C8) Write Error Rate 200 200 0 0 ok (F0) Head Flying Hours 94 94 0 4390 ok Health Status : ok ======================================== HD Tune Pro: WDC WD5000LPCX-24C6HT0 Error Scan Scanned data : 500 gB Damaged Blocks : 0.0 % Elapsed Time : 0:45 =========================== HD Tune Pro: WDC WD5000LPCX-24C6HT0 File Benchmark Drive C: Transfer rate test File Size: 500 MB Sequential read 86114 KB/s Sequential write 88584 KB/s Random read 74 IOPS Random write 337 IOPS Random read (queue depth = 32) 189 IOPS Random write (queue depth = 32) 279 IOPS =========================================== HD Tune Pro: WDC WD5000LPCX-24C6HT0 Monitor Block size Number of I/O operations Block size Read operations Write operations 0.5K 0.6% 0.0% 1K 0.8% 0.0% 2K 0.0% 0.0% 4K 51.1% 77.9% 8K 1.0% 4.5% 16K 1.0% 6.0% 32K 30.1% 1.7% 64K 0.6% 2.1% <=64K 96.3% 100.2% >64K 3.7% 0.3% Maximum speed Block size Read speed Write speed 0.5K 0.0 MB/s 0.0 MB/s 1K 0.0 MB/s 0.0 MB/s 2K 0.0 MB/s 0.0 MB/s 4K 45.7 MB/s 35.5 MB/s 8K 58.9 MB/s 63.4 MB/s 16K 2.3 MB/s 77.7 MB/s 32K 168.4 MB/s 137.1 MB/s 64K 201.0 MB/s 179.1 MB/s <=64K 201.0 MB/s 179.1 MB/s >64K 168.2 MB/s 281.0 MB/s Median speed Block size Read speed Write speed 0.5K 0.0 MB/s 0.0 MB/s 1K 0.0 MB/s 0.0 MB/s 2K 0.0 MB/s 0.0 MB/s 4K 0.0 MB/s 12.7 MB/s 8K 0.0 MB/s 17.1 MB/s 16K 0.2 MB/s 32.8 MB/s 32K 0.5 MB/s 68.4 MB/s 64K 2.6 MB/s 26.4 MB/s Position Position percentage 0% 20.0% 1% 41.7% 2% 0.3% 3% 0.2% 4% 0.2% 5% 1.0% 6% 0.3% 7% 0.3% 8% 2.4% 9% 3.0% 10% 1.1% 11% 0.7% 12% 0.3% 13% 0.1% 14% 0.3% 15% 0.0% 16% 0.0% 17% 0.0% 18% 7.1% 19% 0.0% 20% 0.0% 21% 0.0% 22% 0.0% 23% 0.0% 24% 0.0% 25% 0.0% 26% 0.0% 27% 0.0% 28% 0.0% 29% 0.0% 30% 0.0% 31% 0.0% 32% 0.0% 33% 0.0% 34% 0.0% 35% 0.0% 36% 0.0% 37% 0.0% 38% 0.0% 39% 0.0% 40% 0.0% 41% 0.0% 42% 0.0% 43% 0.0% 44% 0.0% 45% 0.0% 46% 0.2% 47% 0.0% 48% 0.0% 49% 0.0% 50% 0.0% 51% 0.0% 52% 0.0% 53% 0.0% 54% 0.0% 55% 0.0% 56% 0.0% 57% 0.0% 58% 0.0% 59% 0.4% 60% 0.0% 61% 0.2% 62% 0.0% 63% 0.0% 64% 0.0% 65% 0.0% 66% 0.0% 67% 0.0% 68% 0.0% 69% 0.0% 70% 0.0% 71% 0.0% 72% 0.0% 73% 0.0% 74% 0.0% 75% 0.0% 76% 0.0% 77% 0.0% 78% 0.0% 79% 0.0% 80% 0.0% 81% 0.0% 82% 0.0% 83% 0.0% 84% 0.0% 85% 0.0% 86% 0.0% 87% 0.0% 88% 0.0% 89% 0.0% 90% 0.0% 91% 20.5% 92% 0.0% 93% 0.0% 94% 0.0% 95% 0.0% 96% 0.0% 97% 0.0% 98% 0.0% 99% 0.0% Programs Program Read I/Os Total read Write I/Os Total write Creative Cloud 39155 104 KB 459 169 KB gbpsv.exe 22826 277 MB 1252 129 KB Windows Explorer 5207 1.9 MB 85 3 KB Processo de Host para Serviços do Windows 50 1 KB 0 0 KB G-Buster Browser Defense - Service 70 35.1 MB 0 0 KB core.exe 15 16 KB 12 1 KB Adobe Creative Cloud 315 44 KB 315 88 KB Adobe IPC Broker 1275 418 KB 1275 247 KB Core Sync 283 48 KB 283 91 KB Node.js: Server-side JavaScript 298 50 KB 298 85 KB Avast Antivirus 58 685 KB 2 1 KB Processo de Host para Serviços do Windows 3 46 KB 3 392 KB Processo de Host para Serviços do Windows 1 64 KB 18 203 KB Indexador do Microsoft Windows Search 102 138 KB 115 139 KB Processo de Host para Serviços do Windows 763 99 KB 0 0 KB GAS Tecnologia - Core 12 1 KB 12 4 KB Processo de Host para Serviços do Windows 4 1 KB 3 1 KB HD Tune Pro 718 22 KB 1 47 KB AdobeUpdateService.exe 0 0 KB 0 0 KB HD Tune Pro 2 1 KB 2 1 KB Processo de Host para Tarefas do Windows 0 0 KB 4 72 KB gbpsv.exe 22826 277 MB 1252 129 KB Creative Cloud 39155 104 KB 459 169 KB Windows Explorer 5207 1.9 MB 85 3 KB HD Tune Pro 718 22 KB 1 47 KB Indexador do Microsoft Windows Search 102 138 KB 115 139 KB Processo de Host para Serviços do Windows 1 64 KB 18 203 KB Processo de Host para Tarefas do Windows 0 0 KB 4 72 KB Adobe Creative Cloud 315 44 KB 315 88 KB Adobe IPC Broker 1275 418 KB 1275 247 KB Core Sync 283 48 KB 283 91 KB Node.js: Server-side JavaScript 298 50 KB 298 85 KB Avast Antivirus 58 685 KB 2 1 KB Processo de Host para Serviços do Windows 50 1 KB 0 0 KB G-Buster Browser Defense - Service 70 35.1 MB 0 0 KB core.exe 15 16 KB 12 1 KB Processo de Host para Serviços do Windows 3 46 KB 3 392 KB Processo de Host para Serviços do Windows 763 99 KB 0 0 KB GAS Tecnologia - Core 12 1 KB 12 4 KB Processo de Host para Serviços do Windows 4 1 KB 3 1 KB HD Tune Pro 2 1 KB 2 1 KB Statistics Parameter Read Write Total transfer 15.4 MB 6.0 MB Total I/O operations 491 662 Maximum speed 202 MB/s 281 MB/s Maximum IOPS 42 3250 512 I/O operations 0% (3) 0% (0) 512 Median speed 1 KB/s - 1K I/O operations 0% (4) 0% (0) 1K Median speed 2 KB/s - 2K I/O operations 0% (0) 0% (0) 2K Median speed - - 4K I/O operations 51% (251) 77% (514) 4K Median speed 10 KB/s 12.7 MB/s 8K I/O operations 1% (5) 4% (30) 8K Median speed 20 KB/s 17.1 MB/s 16K I/O operations 1% (5) 5% (39) 16K Median speed 250 KB/s 32.8 MB/s 32K I/O operations 30% (148) 1% (11) 32K Median speed 560 KB/s 68.4 MB/s 64K I/O operations 0% (3) 2% (14) 64K Median speed 2.6 MB/s 26.4 MB/s <=64K I/O operations 96% (473) 99% (660) <=64K Median speed 10 KB/s 12.7 MB/s ======================================= HD Tune Pro: WDC WD5000LPCX-24C6HT0 Random Access Test capacity: full Read test Transfer size operations / sec avg. access time max. access time avg. speed 512 bytes 57 IOPS 17.317 ms 52.141 ms 0.028 MB/s 4 KB 58 IOPS 17.005 ms 58.162 ms 0.230 MB/s 64 KB 55 IOPS 18.179 ms 61.910 ms 3.438 MB/s 1 MB 33 IOPS 29.545 ms 115.607 ms 33.846 MB/s Random 41 IOPS 24.017 ms 148.117 ms 21.126 MB/s =========================================================== HD Tune Pro: WDC WD5000LPCX-24C6HT0 Extra Tests Test capacity: full Random seek 57 IOPS 17.657 ms 0.028 MB/s Random seek 4 KB 59 IOPS 16.831 ms 0.232 MB/s Butterfly seek 43834 IOPS 0.023 ms 21.403 MB/s Random seek / size 64 KB 8962 IOPS 0.112 ms 137.799 MB/s Random seek / size 8 MB 4447 IOPS 0.225 ms 18031.553 MB/s Sequential outer 17995 IOPS 0.056 ms 1124.686 MB/s Sequential middle 29641 IOPS 0.034 ms 1852.587 MB/s Sequential inner 853 IOPS 1.172 ms 53.324 MB/s Burst rate 2914 IOPS 0.343 ms 182.152 MB/s
  4. PC reiniciando sozinho..TELA AZUL, KERNELL..

    Bom Elias, te agradeço a sua dedicação e desculpe qualquer mal entendido Abri tópico na área de hardwares (telas azuis) Se quiser encerrar ou qualquer outra questão estou a sua disposição Abs Claudio
  5. PC reiniciando sozinho..TELA AZUL, KERNELL..

    CreateRestorePoint: CloseProcesses: HKLM-x32\...\Run: [] => [X] GroupPolicy: Restrição <==== ATENÇÃO CHR HomePage: Default -> hxxp://www.search.ask.com/?gct=hp CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <não encontrado (a)> HKU\S-1-5-21-3778889357-92937078-2251873288-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Eastness\Application\chrome.exe <==== ATENÇÃO CustomCLSID: HKU\S-1-5-21-3778889357-92937078-2251873288-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\claudio\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-3778889357-92937078-2251873288-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\claudio\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-3778889357-92937078-2251873288-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\claudio\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-3778889357-92937078-2251873288-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\claudio\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-3778889357-92937078-2251873288-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\claudio\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-3778889357-92937078-2251873288-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\claudio\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-3778889357-92937078-2251873288-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\claudio\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-3778889357-92937078-2251873288-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\claudio\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-3778889357-92937078-2251873288-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\claudio\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-3778889357-92937078-2251873288-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\claudio\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-3778889357-92937078-2251873288-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\claudio\AppData\Local\Google\Update\1.3.32.8\psuser_64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-3778889357-92937078-2251873288-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\claudio\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-3778889357-92937078-2251873288-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\claudio\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Nenhum Arquivo ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10] AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32] AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410] AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10] AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10] VirusTotal: C:\Program Files (x86)\Eastness\Application\chrome.exe CMD: ipconfig /flushdns RemoveProxy: EmptyTemp: CreateRestorePoint:
  6. Olá Na área de remoção de malware já fui ajudado, porém o problema persiste PC é um, Lenovo 64 bits; Windows 8.1, Processador Intel Core i3-3110 M; 2.40 GHz Ela o problema de 48/48 hrs (+ ou - ) Aparecendo a imagem, vai carregando, demora uns 20 segundos e reinicia Grato se puderem me dar uma ajuda Obrigado Claudio
  7. PC reiniciando sozinho..TELA AZUL, KERNELL..

    Clique no botão Fix. Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop. >> O que o FRST.exe gera é o Addition.txt e o FRST.txt, que já colei e volto a colá-los. quando executo o FRST.exe, não há diálogo referente ao "botão fix" (colo imagem) Addition.txt FRST.txt
  8. PC reiniciando sozinho..TELA AZUL, KERNELL..

    OBS: É de extrema importância que o arquivo "fixlist" seja salvo na sua Área de Trabalho/Desktop. Verifique também se o FRST.exe encontra-se na Área de Trabalho/Desktop. Fiz isso Clique no botão Fix. Aonde?? Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop. Anexe o log na sua próxima resposta Caso ocorra novamente, tire uma foto da tela azul e poste na sua próxima resposta.
  9. PC reiniciando sozinho..TELA AZUL, KERNELL..

    Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 14-09-2017 01 Executado por Claudio Ricardo (administrador) em LENOVO-PC (14-09-2017 20:16:26) Executando a partir de C:\Users\claudio\Downloads Perfis Carregados: Claudio Ricardo (Perfis Disponíveis: Claudio Ricardo & Convidado) Platform: Windows 8.1 Single Language (Update) (X64) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.SRV_TSW_STARTISS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Realtek semiconductor) C:\Windows\RTFTrack.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe (Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (© 2015 Microsoft Corporation) C:\Users\claudio\AppData\Local\Microsoft\BingSvc\BingSvc.exe (Spotify Ltd) C:\Users\claudio\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe (GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe (GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Farbar) C:\Users\claudio\Downloads\FRST64 (1).exe ==================== Registro (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876816 2013-03-05] (ELAN Microelectronics Corp.) HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6339656 2013-04-10] (Realtek semiconductor) HKLM\...\Run: [HotKeysCmds] => C:\WINDOWS\system32\hkcmd.exe HKLM\...\Run: [Persistence] => C:\WINDOWS\system32\igfxpers.exe HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17097200 2013-11-13] (Lenovo (Beijing) Limited) HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2013-11-13] (Lenovo(beijing) Limited) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [900704 2013-03-15] (Conexant Systems, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-08-31] (AVAST Software) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc.) HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.) HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-07-13] (Apple Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2384984 2016-12-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation) Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2016-06-18] (Banco do Brasil) Winlogon\Notify\ GbPluginUni: C:\Program Files (x86)\GbPlugin\gbiehUni.dll [2016-11-18] (Banco Itaú Unibanco) HKU\S-1-5-21-3778889357-92937078-2251873288-1001\...\Run: [Google Update] => C:\Users\claudio\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-27] (Google Inc.) HKU\S-1-5-21-3778889357-92937078-2251873288-1001\...\Run: [BingSvc] => C:\Users\claudio\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation) HKU\S-1-5-21-3778889357-92937078-2251873288-1001\...\Run: [Microsoft Excel] => wscript.exe //D "C:\Users\claudio\AppData\Roaming\Microsoft Office\\Microsoft Excel.WsF" --restore-last-session HKU\S-1-5-21-3778889357-92937078-2251873288-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd) HKU\S-1-5-21-3778889357-92937078-2251873288-1001\...\Run: [Spotify Web Helper] => C:\Users\claudio\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1580144 2017-08-22] (Spotify Ltd) HKU\S-1-5-21-3778889357-92937078-2251873288-1001\...\Run: [Spotify] => C:\Users\claudio\AppData\Roaming\Spotify\Spotify.exe [15866480 2017-08-22] (Spotify Ltd) IFEO\taskmgr.exe: [Debugger] ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1947872 2016-06-18] (Banco do Brasil) ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\PROGRAM FILES (X86)\GbPlugin\gbiehuni.dll [1951968 2016-11-18] (Banco Itaú Unibanco) Startup: C:\Users\claudio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2016-01-30] ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\Convidado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2016-07-18] ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) GroupPolicy: Restrição <==== ATENÇÃO ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt Tcpip\Parameters: [DhcpNameServer] 181.213.132.2 181.213.132.3 Tcpip\..\Interfaces\{498B625B-1074-49C7-BB89-557152AF2C0B}: [DhcpNameServer] 181.213.132.2 181.213.132.3 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-3778889357-92937078-2251873288-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset HKU\S-1-5-21-3778889357-92937078-2251873288-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ SearchScopes: HKLM -> DefaultScope valor está ausente SearchScopes: HKU\S-1-5-21-3778889357-92937078-2251873288-1001 -> {9CE08815-7037-4E20-A697-11FCDDD51365} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-08-31] (AVAST Software) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-19] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-08-31] (AVAST Software) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files (x86)\GbPlugin\gbieh.dll [2016-06-18] (Banco do Brasil) BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehuni.dll [2016-11-18] (Banco Itaú Unibanco) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-19] (Oracle Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-12-09] (Adobe Systems) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-11-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-11-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-19] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-19] (Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems) FF Plugin HKU\S-1-5-21-3778889357-92937078-2251873288-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\claudio\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-3778889357-92937078-2251873288-1001: @talk.google.com/O1DPlugin -> C:\Users\claudio\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-3778889357-92937078-2251873288-1001: @tools.google.com/Google Update;version=3 -> C:\Users\claudio\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin HKU\S-1-5-21-3778889357-92937078-2251873288-1001: @tools.google.com/Google Update;version=9 -> C:\Users\claudio\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin HKU\S-1-5-21-3778889357-92937078-2251873288-1001: gastecnologia.com.br/sf/bb64 -> C:\Users\claudio\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll [Nenhum Arquivo] FF Plugin ProgramFiles/Appdata: C:\Users\claudio\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin ProgramFiles/Appdata: C:\Users\claudio\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google) Chrome: ======= CHR HomePage: Default -> hxxp://www.search.ask.com/?gct=hp CHR Profile: C:\Users\claudio\AppData\Local\Google\Chrome\User Data\Default [2017-09-14] CHR Extension: (Google Docs) - C:\Users\claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-03] CHR Extension: (Google Drive) - C:\Users\claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-20] CHR Extension: (YouTube) - C:\Users\claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Google Search) - C:\Users\claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26] CHR Extension: (Documentos Google off-line) - C:\Users\claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14] CHR Extension: (Unfriend Alerts) - C:\Users\claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgbeldbnadmemecalekdfnffgobkpafc [2014-07-14] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-21] CHR Extension: (Gmail) - C:\Users\claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28] CHR Extension: (Chrome Media Router) - C:\Users\claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-08] CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-3778889357-92937078-2251873288-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-3778889357-92937078-2251873288-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <não encontrado (a)> CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx HKU\S-1-5-21-3778889357-92937078-2251873288-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Eastness\Application\chrome.exe <==== ATENÇÃO ==================== Serviços (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated) S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated) S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7452288 2017-08-31] (AVAST Software s.r.o.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-08-31] (AVAST Software) R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [631520 2017-09-13] (GAS Tecnologia) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321896 2017-07-06] (HP Inc.) S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation) S4 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation) S4 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [161736 2013-04-15] (Intel Corporation) S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-11-06] (Intel Corporation) S4 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-09-03] () R2 MSSQL$SRV_TSW_STARTISS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.SRV_TSW_STARTISS\MSSQL\Binn\sqlservr.exe [43128496 2014-07-10] (Microsoft Corporation) S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-04-18] () S4 SQLAgent$SRV_TSW_STARTISS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.SRV_TSW_STARTISS\MSSQL\Binn\SQLAGENT.EXE [381104 2014-07-10] (Microsoft Corporation) R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [1056304 2017-07-07] (GAS Tecnologia LTDA) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation) S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3388144 2013-04-18] (Intel® Corporation) S4 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X] ===================== Drivers (Whitelisted) ====================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [320528 2017-08-31] (AVAST Software s.r.o.) R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-08-31] (AVAST Software s.r.o.) R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343296 2017-08-31] (AVAST Software s.r.o.) R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57736 2017-08-31] (AVAST Software s.r.o.) S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [47016 2017-08-31] (AVAST Software) R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-08-31] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [147784 2017-08-31] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110376 2017-08-31] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84416 2017-08-31] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1016384 2017-08-31] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [590880 2017-08-31] (AVAST Software) R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [199312 2017-08-31] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [361336 2017-08-31] (AVAST Software) R3 btmhsf; C:\WINDOWS\system32\DRIVERS\btmhsf.sys [1366328 2013-03-28] (Motorola Solutions, Inc.) R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-09-23] (GAS Tecnologia) R3 NETwNe64; C:\WINDOWS\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation) R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8243272 2013-04-10] (Realtek Semiconductor Corp.) R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2014-10-31] (GAS Tecnologia LTDA) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation) R1 wsddfac; C:\WINDOWS\System32\drivers\wsddfac.sys [28376 2017-09-14] (GAS Tecnologia) R1 wsddntf; C:\WINDOWS\system32\DRIVERS\wsddntf.sys [36984 2016-06-16] (GAS Tecnologia) R1 wsddpp; C:\WINDOWS\system32\drivers\wsddpp.sys [25184 2016-06-08] (GAS Tecnologia) R3 wsddprm; C:\WINDOWS\system32\drivers\wsddprm.sys [25184 2016-11-07] (GAS Tecnologia) S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) S1 ESProtectionDriver; \??\C:\WINDOWS\system32\drivers\mbae64.sys [X] S1 gbpddfac; system32\drivers\gbpddfac64.sys [X] S0 gbpddreg; system32\drivers\gbpddreg64.sys [X] S2 MBAMChameleon; \SystemRoot\system32\drivers\MBAMChameleon.sys [X] S3 MBAMFarflt; \SystemRoot\system32\DRIVERS\farflt.sys [X] S3 MBAMProtection; \??\C:\WINDOWS\system32\drivers\mbam.sys [X] S0 MBAMSwissArmy; system32\drivers\MBAMSwissArmy.sys [X] S3 MBAMWebProtection; \??\C:\WINDOWS\system32\drivers\mwac.sys [X] U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X] S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X] S1 ZAM_Guard; \??\C:\WINDOWS\System32\drivers\zamguard64.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2017-09-14 20:16 - 2017-09-14 20:17 - 000025088 _____ C:\Users\claudio\Downloads\FRST.txt 2017-09-14 20:15 - 2017-09-14 20:16 - 000000000 ____D C:\FRST 2017-09-14 20:15 - 2017-09-14 20:15 - 002398208 _____ (Farbar) C:\Users\claudio\Downloads\FRST64 (1).exe 2017-09-14 15:53 - 2017-09-14 15:53 - 002398208 _____ (Farbar) C:\Users\claudio\Downloads\FRST64.exe 2017-09-14 10:41 - 2017-09-14 15:54 - 000000000 ____D C:\Users\claudio\AppData\Local\CrashDumps 2017-09-13 17:35 - 2017-09-13 17:35 - 000030230 _____ C:\Users\claudio\Desktop\RogueKiller.txt 2017-09-13 16:28 - 2017-09-14 09:21 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys 2017-09-13 16:28 - 2017-09-13 17:41 - 000000000 ____D C:\Users\Todos os Usuários\RogueKiller 2017-09-13 16:28 - 2017-09-13 17:41 - 000000000 ____D C:\ProgramData\RogueKiller 2017-09-13 16:27 - 2017-09-13 16:27 - 026685000 _____ C:\Users\claudio\Downloads\RogueKiller_portable64.exe 2017-09-13 16:12 - 2017-09-13 16:12 - 000004441 _____ C:\Users\claudio\Desktop\CBS.log - Atalho.lnk 2017-09-13 09:55 - 2017-09-13 09:56 - 007887920 _____ (Banco do Brasil SA) C:\Users\claudio\Downloads\DiagnosticoBB (1).exe 2017-09-13 09:43 - 2017-09-13 09:43 - 000001131 _____ C:\Users\claudio\Desktop\Diagnóstico BB.log - Atalho.lnk 2017-09-13 09:38 - 2017-09-13 09:38 - 007887920 _____ (Banco do Brasil SA) C:\Users\claudio\Downloads\DiagnosticoBB (2).exe 2017-09-12 22:47 - 2017-09-14 20:12 - 000028376 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys 2017-09-12 22:47 - 2016-11-07 14:54 - 000025184 ____N (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddprm.sys 2017-09-12 22:47 - 2016-06-08 18:43 - 000025184 ____N (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddpp.sys 2017-09-12 22:46 - 2017-09-12 22:46 - 000000000 ___HD C:\Program Files (x86)\GAS Tecnologia 2017-09-12 22:46 - 2017-09-12 22:46 - 000000000 ___HD C:\Program Files (x86)\Diebold 2017-09-12 22:00 - 2017-09-12 22:03 - 000000866 _____ C:\Users\claudio\Desktop\JRT.txt 2017-09-12 21:51 - 2017-09-12 21:51 - 001790024 _____ (Malwarebytes) C:\Users\claudio\Downloads\JRT.exe 2017-09-12 21:36 - 2017-09-12 21:36 - 000001506 _____ C:\Users\claudio\Downloads\MBAM.txt 2017-09-12 21:16 - 2017-09-12 21:22 - 000000000 ____D C:\AdwCleaner 2017-09-12 21:14 - 2017-09-12 21:14 - 008182736 _____ (Malwarebytes) C:\Users\claudio\Downloads\adwcleaner_7.0.2.1.exe 2017-09-12 21:05 - 2017-09-12 21:05 - 000001506 _____ C:\Users\claudio\Desktop\MBAM.txt 2017-09-11 21:38 - 2017-09-11 21:38 - 000028357 _____ C:\Users\claudio\Downloads\ZA-Scan.txt 2017-09-11 21:32 - 2017-09-11 21:32 - 000028357 _____ C:\Users\claudio\Documents\ZA-Scan.txt 2017-09-11 21:31 - 2017-09-11 21:31 - 000028357 _____ C:\ZA-Scan.txt 2017-09-11 21:02 - 2017-09-11 21:02 - 000000000 ____D C:\zoek_backup 2017-09-11 21:01 - 2017-09-11 21:01 - 001370112 _____ C:\Users\claudio\Downloads\ZA-Scan.exe 2017-09-04 13:12 - 2017-09-04 13:12 - 000274825 _____ C:\Users\claudio\Downloads\fatura-201708.pdf 2017-09-04 13:10 - 2017-09-04 13:10 - 000000028 _____ C:\Users\claudio\Documents\CEG SENHA.txt 2017-09-03 21:40 - 2017-09-03 21:44 - 155379992 _____ (Microsoft Corporation) C:\Users\claudio\Downloads\msert (1).exe 2017-09-03 21:31 - 2017-09-03 21:35 - 155379992 _____ (Microsoft Corporation) C:\Users\claudio\Downloads\msert.exe 2017-09-03 21:23 - 2017-09-03 21:24 - 046661328 _____ (Microsoft Corporation) C:\Users\claudio\Downloads\Windows-KB890830-x64-V5.51.exe 2017-09-02 19:15 - 2017-09-02 19:15 - 000000173 _____ C:\Users\claudio\Documents\Kernell.txt 2017-09-01 21:03 - 2017-09-01 21:03 - 000000000 ____D C:\Program Files\Malwarebytes 2017-09-01 21:01 - 2017-09-01 21:02 - 066347240 _____ (Malwarebytes ) C:\Users\claudio\Downloads\mb3-setup-consumer-3.2.2.2018.exe 2017-08-31 18:50 - 2017-08-31 18:50 - 000093658 _____ C:\Users\claudio\Downloads\DARF 08-17.pdf 2017-08-31 18:43 - 2017-08-31 18:43 - 000401488 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2017-08-31 02:59 - 2017-08-31 02:59 - 000008940 _____ C:\Users\claudio\Downloads\441421_a538206fa5f0ebc106e26c79011823bf.xml 2017-08-29 19:18 - 2017-08-29 19:18 - 002562490 _____ C:\Users\claudio\Downloads\Proposta (II) de Credenciamento - Indicação 227458 - 290817115352708.zip 2017-08-28 13:39 - 2017-08-28 13:39 - 000001727 _____ C:\Users\claudio\Downloads\CEF Claudia.pdf 2017-08-23 01:26 - 2017-07-28 21:03 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-08-23 01:26 - 2017-07-28 21:03 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-08-22 22:41 - 2017-04-21 18:53 - 000029376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll 2017-08-22 22:41 - 2017-04-21 18:50 - 000030912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll 2017-08-22 22:40 - 2017-04-21 18:53 - 000018600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll 2017-08-22 22:40 - 2017-04-21 18:50 - 000018592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll 2017-08-22 22:40 - 2017-04-11 15:27 - 000485576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll 2017-08-22 22:40 - 2017-03-15 15:15 - 000690008 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll 2017-08-22 22:39 - 2017-04-11 15:27 - 000987840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll 2017-08-22 22:39 - 2017-03-15 15:15 - 000993632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll 2017-08-22 22:35 - 2017-07-21 10:40 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll 2017-08-22 22:35 - 2017-07-21 10:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll 2017-08-22 22:35 - 2017-07-14 03:49 - 025733632 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-08-22 22:35 - 2017-07-14 03:44 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-08-22 22:35 - 2017-07-14 03:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2017-08-22 22:35 - 2017-07-14 02:35 - 005981184 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-08-22 22:35 - 2017-07-14 02:26 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2017-08-22 22:35 - 2017-07-14 02:10 - 000806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-08-22 22:35 - 2017-07-14 01:40 - 015254016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-08-22 22:35 - 2017-07-14 01:23 - 003240960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-08-22 22:35 - 2017-07-14 01:07 - 001545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-08-22 22:35 - 2017-07-14 00:58 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2017-08-22 22:35 - 2017-07-13 23:54 - 020270080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-08-22 22:35 - 2017-07-13 23:48 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-08-22 22:35 - 2017-07-13 23:38 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2017-08-22 22:35 - 2017-07-13 23:17 - 004546048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-08-22 22:35 - 2017-07-13 23:17 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2017-08-22 22:35 - 2017-07-13 23:12 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-08-22 22:35 - 2017-07-13 23:09 - 013663744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-08-22 22:35 - 2017-07-13 22:53 - 002767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-08-22 22:35 - 2017-07-13 22:50 - 001314816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-08-22 22:35 - 2017-07-13 22:48 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2017-08-22 22:35 - 2017-07-08 17:14 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2017-08-22 22:35 - 2017-07-08 16:12 - 004169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2017-08-22 22:35 - 2017-07-08 14:45 - 007078912 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll 2017-08-22 22:35 - 2017-07-08 14:05 - 003631616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2017-08-22 22:35 - 2017-07-08 13:39 - 005274624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll 2017-08-22 22:35 - 2017-07-08 13:37 - 007797248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-08-22 22:35 - 2017-07-08 13:23 - 002749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2017-08-22 22:35 - 2017-07-08 12:59 - 005270016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-08-22 22:35 - 2017-07-08 00:16 - 007440728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-08-22 22:35 - 2017-07-08 00:16 - 001674520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2017-08-22 22:35 - 2017-07-08 00:16 - 001534072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2017-08-22 22:35 - 2017-07-08 00:16 - 001499920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2017-08-22 22:35 - 2017-07-08 00:16 - 001370328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2017-08-22 22:35 - 2017-07-08 00:16 - 000086360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2017-08-22 22:35 - 2017-07-01 10:47 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2017-08-22 22:35 - 2017-07-01 10:47 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll 2017-08-22 22:35 - 2017-07-01 10:47 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll 2017-08-22 22:35 - 2017-07-01 10:47 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll 2017-08-22 22:35 - 2017-07-01 10:47 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll 2017-08-22 22:35 - 2017-07-01 10:47 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll 2017-08-22 22:35 - 2017-07-01 10:47 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2017-08-22 22:35 - 2017-07-01 10:47 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2017-08-22 22:35 - 2017-07-01 10:47 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll 2017-08-22 22:35 - 2017-07-01 10:47 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll 2017-08-22 22:35 - 2017-07-01 10:47 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll 2017-08-22 22:35 - 2017-07-01 10:47 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll 2017-08-22 22:35 - 2017-07-01 10:47 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll 2017-08-22 22:35 - 2017-06-24 13:46 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprapi.dll 2017-08-22 22:35 - 2017-06-24 13:16 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprapi.dll 2017-08-22 22:35 - 2017-06-15 19:02 - 000990040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2017-08-22 22:35 - 2017-06-15 11:17 - 002551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2017-08-22 22:35 - 2017-06-15 11:16 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2017-08-22 22:35 - 2017-06-13 14:51 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2017-08-22 22:35 - 2017-06-13 14:23 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2017-08-22 22:35 - 2017-06-13 11:17 - 000656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2017-08-22 22:35 - 2017-06-13 11:16 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2017-08-22 22:35 - 2017-06-13 06:09 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2017-08-22 22:35 - 2017-06-13 05:22 - 001436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-08-22 22:35 - 2017-06-13 04:50 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2017-08-22 22:35 - 2017-06-11 18:15 - 001436672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll 2017-08-22 22:35 - 2017-06-11 18:08 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll 2017-08-22 22:35 - 2017-06-11 18:00 - 000962560 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-08-22 22:35 - 2017-06-11 17:40 - 001323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll 2017-08-22 22:35 - 2017-06-11 17:35 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll 2017-08-22 22:35 - 2017-06-11 17:31 - 000781312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-08-22 22:35 - 2017-06-11 17:13 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\umrdp.dll 2017-08-22 22:35 - 2017-06-11 17:11 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll 2017-08-22 22:35 - 2017-06-11 17:02 - 002778112 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2017-08-22 22:35 - 2017-06-11 17:02 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll 2017-08-22 22:35 - 2017-06-11 16:52 - 002463744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2017-08-22 22:35 - 2017-06-11 12:15 - 002013528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-08-22 22:35 - 2017-06-09 10:47 - 000448629 _____ C:\WINDOWS\system32\ApnDatabase.xml 2017-08-22 22:35 - 2017-06-08 14:01 - 001737600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2017-08-22 22:35 - 2017-06-08 14:01 - 001502000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2017-08-22 22:35 - 2017-06-07 22:48 - 002457936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-08-22 22:35 - 2017-06-06 17:52 - 003120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2017-08-22 22:35 - 2017-06-06 17:42 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe 2017-08-22 22:35 - 2017-06-06 17:35 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll 2017-08-22 22:35 - 2017-06-06 16:11 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll 2017-08-22 22:35 - 2017-06-06 16:08 - 002712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2017-08-22 22:35 - 2017-06-06 16:03 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe 2017-08-22 22:35 - 2017-06-06 15:56 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll 2017-08-22 22:35 - 2017-06-06 15:38 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2017-08-22 22:35 - 2017-06-06 15:02 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll 2017-08-22 22:35 - 2017-06-06 14:44 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2017-08-22 22:35 - 2017-06-03 13:27 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2017-08-22 22:35 - 2017-06-03 13:03 - 001549312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2017-08-22 22:35 - 2017-06-02 09:15 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2017-08-22 22:35 - 2017-06-02 09:12 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2017-08-22 22:35 - 2017-06-02 09:12 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll 2017-08-22 22:35 - 2017-06-02 09:06 - 001001984 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe 2017-08-22 22:35 - 2017-06-02 09:01 - 000774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2017-08-22 22:35 - 2017-06-02 08:03 - 000903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2017-08-22 22:35 - 2017-06-02 07:25 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2017-08-22 22:35 - 2017-06-02 07:24 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll 2017-08-22 22:35 - 2017-06-02 07:17 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll 2017-08-22 22:35 - 2017-06-02 06:43 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2017-08-22 22:35 - 2017-05-27 13:42 - 001115136 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll 2017-08-22 22:35 - 2017-05-27 13:38 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll 2017-08-22 22:35 - 2017-05-14 17:19 - 001364040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2017-08-22 22:35 - 2017-05-12 13:16 - 001084928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2017-08-22 22:35 - 2017-05-12 13:13 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2017-08-22 22:35 - 2017-05-11 23:58 - 001985536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2017-08-22 22:35 - 2017-05-11 23:48 - 001377792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2017-08-22 22:35 - 2017-05-11 23:18 - 003714560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-08-22 22:35 - 2017-05-11 20:36 - 022361848 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-08-22 22:35 - 2017-05-11 20:32 - 019788672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-08-22 22:35 - 2017-05-09 11:37 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll 2017-08-22 22:35 - 2017-05-09 11:35 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll 2017-08-22 22:35 - 2017-05-06 13:05 - 001094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2017-08-22 22:35 - 2017-05-06 13:04 - 000865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2017-08-22 22:35 - 2017-05-02 15:31 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll 2017-08-22 22:35 - 2017-04-27 22:13 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe 2017-08-22 22:35 - 2017-04-27 22:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe 2017-08-22 22:35 - 2017-04-06 13:46 - 000434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2017-08-22 22:35 - 2017-04-06 13:35 - 001362432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll 2017-08-22 22:35 - 2017-04-06 13:15 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2017-08-22 22:35 - 2017-02-10 16:06 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2017-08-22 22:35 - 2017-02-01 16:44 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2017-08-22 22:35 - 2017-02-01 16:42 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2017-08-22 22:34 - 2017-08-02 00:17 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2017-08-22 22:34 - 2017-07-15 07:10 - 000536688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2017-08-22 22:34 - 2017-07-15 07:10 - 000140016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2017-08-22 22:34 - 2017-07-15 07:06 - 000449840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2017-08-22 22:34 - 2017-07-15 07:06 - 000136832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2017-08-22 22:34 - 2017-07-14 17:08 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll 2017-08-22 22:34 - 2017-07-14 15:44 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll 2017-08-22 22:34 - 2017-07-08 00:46 - 000377688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgrx.sys 2017-08-22 22:34 - 2017-07-06 05:52 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys 2017-08-22 22:34 - 2017-06-13 14:19 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll 2017-08-22 22:34 - 2017-06-13 14:16 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll 2017-08-22 22:34 - 2017-06-13 14:11 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll 2017-08-22 22:34 - 2017-06-13 14:07 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll 2017-08-22 22:34 - 2017-06-13 06:47 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2017-08-22 22:34 - 2017-06-13 05:16 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2017-08-22 22:34 - 2017-06-13 05:10 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2017-08-22 22:34 - 2017-06-13 05:07 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll 2017-08-22 22:34 - 2017-06-13 05:03 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2017-08-22 22:34 - 2017-06-13 04:54 - 000374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2017-08-22 22:34 - 2017-06-11 21:14 - 000276320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys 2017-08-22 22:34 - 2017-06-11 19:21 - 000590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll 2017-08-22 22:34 - 2017-06-11 18:43 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe 2017-08-22 22:34 - 2017-06-11 18:25 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll 2017-08-22 22:34 - 2017-06-11 18:07 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx 2017-08-22 22:34 - 2017-06-11 17:58 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe 2017-08-22 22:34 - 2017-06-07 01:25 - 000428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2017-08-22 22:34 - 2017-06-06 17:38 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cnvfat.dll 2017-08-22 22:34 - 2017-06-06 17:36 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\uudf.dll 2017-08-22 22:34 - 2017-06-06 17:36 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\convert.exe 2017-08-22 22:34 - 2017-06-06 16:13 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll 2017-08-22 22:34 - 2017-06-06 16:11 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll 2017-08-22 22:34 - 2017-06-06 16:11 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ufat.dll 2017-08-22 22:34 - 2017-06-06 16:11 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\uexfat.dll 2017-08-22 22:34 - 2017-06-06 15:59 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cnvfat.dll 2017-08-22 22:34 - 2017-06-06 15:57 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uudf.dll 2017-08-22 22:34 - 2017-06-06 15:03 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ulib.dll 2017-08-22 22:34 - 2017-06-06 15:02 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll 2017-08-22 22:34 - 2017-06-06 15:02 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ufat.dll 2017-08-22 22:34 - 2017-06-06 15:02 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uexfat.dll 2017-08-22 22:34 - 2017-05-31 18:20 - 000470360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2017-08-22 22:34 - 2017-05-15 19:09 - 000057688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2017-08-22 22:34 - 2017-05-15 17:03 - 000379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2017-08-22 22:34 - 2017-05-15 16:58 - 000121184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys 2017-08-22 22:34 - 2017-05-14 16:04 - 000315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2017-08-22 22:34 - 2017-05-14 16:03 - 000373080 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2017-08-22 22:34 - 2017-05-14 15:13 - 000136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2017-08-22 22:34 - 2017-05-12 14:05 - 000035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2017-08-22 22:34 - 2017-05-12 12:51 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2017-08-22 22:34 - 2017-05-12 12:50 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2017-08-22 22:34 - 2017-05-12 12:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2017-08-22 22:34 - 2017-05-12 12:47 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-08-22 22:34 - 2017-05-12 01:10 - 000044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2017-08-22 22:34 - 2017-05-11 23:11 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2017-08-22 22:34 - 2017-05-11 23:10 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2017-08-22 22:34 - 2017-05-11 23:07 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2017-08-22 22:34 - 2017-05-11 23:06 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2017-08-22 22:34 - 2017-05-11 23:04 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-08-22 22:34 - 2017-05-11 23:00 - 002240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2017-08-22 22:34 - 2017-05-10 15:19 - 000101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys 2017-08-22 22:34 - 2017-05-09 11:29 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll 2017-08-22 22:34 - 2017-05-09 11:29 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe 2017-08-22 22:34 - 2017-05-09 11:28 - 000193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll 2017-08-22 22:34 - 2017-05-09 11:28 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll 2017-08-22 22:34 - 2017-05-02 17:09 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2017-08-22 22:34 - 2017-05-02 17:08 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2017-08-22 22:34 - 2017-05-02 17:08 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2017-08-22 22:34 - 2017-05-02 15:41 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll 2017-08-22 22:34 - 2017-05-02 15:31 - 000207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll 2017-08-22 22:34 - 2017-05-02 14:35 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll 2017-08-22 22:34 - 2017-04-30 13:48 - 000080078 _____ C:\WINDOWS\system32\normidna.nls 2017-08-22 22:34 - 2017-04-06 14:16 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll 2017-08-22 22:34 - 2017-04-06 12:44 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll 2017-08-22 22:34 - 2017-04-02 11:49 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2017-08-22 22:29 - 2017-05-03 20:11 - 000103600 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2017-08-22 22:29 - 2017-05-03 10:43 - 001555968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2017-08-22 22:29 - 2017-05-03 10:43 - 001206272 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-08-22 22:29 - 2017-05-03 10:43 - 000620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2017-08-22 22:29 - 2017-05-03 10:43 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2017-08-22 22:29 - 2017-05-03 10:43 - 000325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2017-08-22 22:29 - 2017-05-03 10:43 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll 2017-08-22 22:29 - 2017-05-03 10:43 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2017-08-22 22:29 - 2017-05-03 10:43 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2017-08-22 11:11 - 2017-08-22 11:11 - 000000118 _____ C:\Users\claudio\Documents\telefone interodonto.txt 2017-08-22 10:53 - 2017-08-22 10:53 - 000000122 _____ C:\Users\claudio\Documents\TCI INTERODONTO.txt 2017-08-18 10:16 - 2017-08-17 13:35 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2017-08-18 09:56 - 2017-09-14 08:56 - 000000000 ____D C:\WINDOWS\Minidump 2017-08-17 13:31 - 2017-08-17 13:31 - 000088674 _____ C:\Users\claudio\Downloads\ProcessadosPorPeriodo_08-2017.pdf 2017-08-17 13:30 - 2017-08-17 13:30 - 000087768 _____ C:\Users\claudio\Downloads\CapaProtocoloSimplificado (4).pdf 2017-08-16 13:51 - 2017-08-16 13:51 - 000011376 _____ C:\Users\claudio\Downloads\CRONOGRAMA 2017 - 2º SEMESTRE BENEFÍCIO ODONTOLÓGICO (AGOSTO) - PORTAL.pdf ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2017-09-14 15:59 - 2014-10-24 18:16 - 000000000 ____D C:\Users\Todos os Usuários\GbPlugin 2017-09-14 15:59 - 2014-10-24 18:16 - 000000000 ____D C:\ProgramData\GbPlugin 2017-09-14 14:10 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\Inf 2017-09-14 10:56 - 2017-05-06 17:32 - 000000000 ____D C:\Users\claudio\AppData\Local\Spotify 2017-09-14 10:56 - 2017-05-06 17:31 - 000000000 ____D C:\Users\claudio\AppData\Roaming\Spotify 2017-09-14 10:49 - 2014-10-24 18:16 - 000000000 ____D C:\Program Files (x86)\GbPlugin 2017-09-14 10:49 - 2013-08-22 11:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-09-14 10:47 - 2014-12-27 19:11 - 000000000 ____D C:\Users\claudio 2017-09-14 10:33 - 2014-12-27 22:21 - 000003842 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3A728F70-4E0E-4913-BA03-28523A52D9AD} 2017-09-14 10:30 - 2014-07-14 21:18 - 000003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3778889357-92937078-2251873288-1001 2017-09-14 08:56 - 2014-07-14 17:47 - 000141672 ____N C:\WINDOWS\Minidump\091417-27531-01.dmp 2017-09-14 00:23 - 2015-03-20 18:36 - 000000000 ____D C:\Users\claudio\AppData\Roaming\HpUpdate 2017-09-13 17:38 - 2015-08-22 19:11 - 000000000 ____D C:\Users\claudio\AppData\Roaming\Skype 2017-09-13 14:06 - 2014-07-14 17:47 - 000137886 ____N C:\WINDOWS\Minidump\091317-166046-01.dmp 2017-09-13 09:42 - 2013-11-13 22:00 - 000000000 ____D C:\Users\Todos os Usuários\Temp 2017-09-13 09:42 - 2013-11-13 22:00 - 000000000 ____D C:\ProgramData\Temp 2017-09-12 22:49 - 2013-08-22 11:44 - 000418184 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-09-12 21:23 - 2013-08-22 10:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI 2017-09-12 21:21 - 2015-07-17 17:56 - 000000000 ____D C:\Program Files (x86)\Yahoo! 2017-09-11 20:40 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-09-07 10:42 - 2014-07-14 17:47 - 000131432 ____N C:\WINDOWS\Minidump\090717-43953-01.dmp 2017-09-05 15:17 - 2015-08-22 19:11 - 000000000 ____D C:\Users\Todos os Usuários\Skype 2017-09-05 15:17 - 2015-08-22 19:11 - 000000000 ____D C:\ProgramData\Skype 2017-09-05 15:16 - 2017-03-16 17:49 - 000000000 ___RD C:\Program Files (x86)\Skype 2017-09-05 10:24 - 2017-02-20 09:02 - 000000000 ____D C:\Users\claudio\Downloads\Extrato Bien Manger 2017-09-03 21:25 - 2014-07-16 11:16 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-09-02 18:53 - 2017-03-13 22:27 - 000000060 _____ C:\Users\claudio\Documents\SENHA Clube do Hardware.txt 2017-09-02 18:13 - 2017-04-19 19:59 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware 2017-09-02 18:13 - 2014-07-14 17:47 - 000134504 ____N C:\WINDOWS\Minidump\090217-39234-01.dmp 2017-09-02 18:12 - 2017-04-19 20:00 - 000152235 _____ C:\WINDOWS\ZAM_Guard.krnl.trace 2017-09-01 22:36 - 2017-04-19 20:00 - 000006509 _____ C:\WINDOWS\ZAM.krnl.trace 2017-09-01 21:46 - 2017-03-12 14:02 - 000000000 ____D C:\Program Files (x86)\ScreenShot 2017-08-31 19:12 - 2016-03-24 12:29 - 000003900 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1458833381 2017-08-31 19:12 - 2016-03-24 12:29 - 000001070 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2017-08-31 19:08 - 2015-12-04 12:39 - 000000000 ____D C:\Program Files\Common Files\AV 2017-08-31 18:44 - 2017-02-12 19:19 - 000003914 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update 2017-08-31 18:43 - 2014-09-13 00:56 - 000590880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2017-08-31 18:43 - 2014-09-13 00:56 - 000361336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2017-08-31 18:43 - 2014-09-13 00:56 - 000199312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2017-08-31 18:43 - 2014-09-13 00:56 - 000147784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2017-08-31 18:43 - 2014-09-13 00:56 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2017-08-31 18:43 - 2014-09-13 00:56 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2017-08-31 18:43 - 2014-09-13 00:56 - 000047016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2017-08-31 18:42 - 2017-02-12 19:19 - 000343296 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys 2017-08-31 18:42 - 2017-02-12 19:19 - 000320528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys 2017-08-31 18:42 - 2017-02-12 19:19 - 000198976 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys 2017-08-31 18:42 - 2017-02-12 19:19 - 000057736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys 2017-08-31 18:42 - 2016-03-24 12:29 - 000041832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2017-08-31 18:42 - 2014-09-13 00:56 - 001016384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2017-08-31 15:21 - 2014-09-24 11:04 - 001987662 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-08-31 15:21 - 2014-09-24 10:19 - 000842344 _____ C:\WINDOWS\system32\prfh0416.dat 2017-08-31 15:21 - 2014-09-24 10:19 - 000184446 _____ C:\WINDOWS\system32\prfc0416.dat 2017-08-28 19:30 - 2017-04-17 21:54 - 000002212 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-08-28 19:30 - 2014-07-14 21:58 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-08-23 08:20 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\system32\NDF 2017-08-23 01:15 - 2014-12-12 23:52 - 000000000 ____D C:\WINDOWS\system32\appraiser 2017-08-23 01:15 - 2013-08-22 12:36 - 000000000 ___RD C:\WINDOWS\ToastData 2017-08-22 23:59 - 2014-09-20 13:20 - 000000000 ____D C:\Users\Todos os Usuários\Microsoft Help 2017-08-22 23:55 - 2012-07-26 04:59 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-08-22 23:25 - 2014-07-16 11:16 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-08-22 20:31 - 2014-12-27 19:11 - 000000000 ____D C:\Users\Convidado 2017-08-18 10:17 - 2013-08-22 10:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM 2017-08-18 10:10 - 2014-09-13 00:56 - 000146696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys.150306183060907 2017-08-18 10:08 - 2014-09-13 00:56 - 000146664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys.150306182470303 2017-08-16 15:28 - 2014-07-14 18:52 - 000001133 _____ C:\Users\claudio\Desktop\Cyberlink Power2Go.lnk ==================== Arquivos na raiz de alguns diretórios ======= 2015-12-10 15:17 - 2015-12-10 15:17 - 000000132 _____ () C:\Users\claudio\AppData\Roaming\Preferências do Formato PNG do Adobe CS6 2017-02-19 22:05 - 2017-02-19 22:05 - 000001456 _____ () C:\Users\claudio\AppData\Local\Adobe Salvar para Web 13.0 Prefs 2017-06-03 21:33 - 2017-06-03 21:33 - 000003584 _____ () C:\Users\claudio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-01-08 09:20 - 2016-01-08 09:20 - 000000000 _____ () C:\Users\claudio\AppData\Local\{EEB4E9FC-19D0-4C92-BD00-FDD4B86CF2E6} 2015-03-20 18:35 - 2015-03-20 18:35 - 000000057 _____ () C:\ProgramData\Ament.ini 2013-11-13 21:39 - 2013-11-13 21:39 - 000000000 ____H () C:\ProgramData\DP45977C.lfl Alguns arquivos em TEMP: ==================== 2017-09-13 16:28 - 2017-06-08 14:01 - 001737600 _____ (Microsoft Corporation) C:\Users\claudio\AppData\Local\Temp\dllnt_dump.dll ==================== Bamital & volsnap ====================== (Não há correção automática para arquivos que não passaram na verificação.) C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente ============================================================= Addition.txt
  10. PC reiniciando sozinho..TELA AZUL, KERNELL..

    Elias você esqueceu de dizer se eu teria que se teria q remover essas ameaças ou colocar em quarentena. Na dúvida eu removi. Não consigo mais abrir o Malwarebytes (dá um aviso de "enable to open"), se bem que iria expirar esses dias o período gratuito. Pra proteção em tempo real voltei pro Avast. Sugere algum outro? O MB tem um modo um modo gratuito pelo menos para escannear malwares periodicamente, pensei.. (mas repito, ele não está mais abrindo - acho que depois que baixei o tal Roguekiller). Uma das ameaças que o RK identificou foi no modulo de segurança do arquivo do banco, tal de Warsaw, que tentei desinstalar, e não consigo. A noticia ruim é que abrir o note hoje, 14/09 voltou a dar o problema, tela azul e reinicia sozinho..
  11. PC reiniciando sozinho..TELA AZUL, KERNELL..

    RogueKiller V12.11.14.0 (x64) [Sep 11 2017] (Free) por Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Site : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Sistema Operacional : Windows 8.1 (6.3.9600) 64 bits version Iniciou : Modo normal Usuário : Claudio Ricardo [Administrador] Started from : C:\Users\claudio\Downloads\RogueKiller_portable64.exe Modo : Escanear -- Data : 09/13/2017 16:28:52 (Duration : 01:04:15) ¤¤¤ Processos : 0 ¤¤¤ ¤¤¤ Registro : 43 ¤¤¤ [PUP.Ghokswa] (X64) HKEY_USERS\S-1-5-21-3778889357-92937078-2251873288-1001\Software\Firefox -> Encontrado [PUP.Ghokswa] (X86) HKEY_USERS\S-1-5-21-3778889357-92937078-2251873288-1001\Software\Firefox -> Encontrado [PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3778889357-92937078-2251873288-1001\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve -> Encontrado [PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3778889357-92937078-2251873288-1001\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {4AD49019-C7CE-4DAA-AB23-654AE6326E69} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS632F\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {17BEA4CF-C12F-4E86-9BC3-C395BD16A9E7} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS632F\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {3939ED51-BD5B-4F72-A506-EC24521F393C} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS71C7\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {EF338700-1384-4E9A-906E-392CEE390747} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS71C7\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {E987D43F-771A-4DD6-B92F-473D744AC16C} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS1570\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {E23F473E-4D7D-4BEE-A8B8-1BB56F1B3B73} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS1570\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {A7C401C8-2BE1-4AAD-A446-F35E97D9B2F3} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS1A74\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {27D52D8B-64C4-4E4C-96D2-89A41D63A0AF} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS1A74\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {D505D248-0ABB-41EC-8C16-CF984A93347C} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS0400\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {0ECA4999-77D4-4843-A08F-3B6F81791847} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS0400\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {E22DE6BB-6DEB-40B8-AEAC-75C9AEDDB2D9} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS10A5\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F01B08E9-4C1C-4D03-9A0F-B969DB26DE03} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS10A5\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {6ADEE18C-B44C-4113-9BCC-41D3FAD6853F} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS3FB1\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {A9B11B67-F50D-4869-B302-44309D588A76} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS3FB1\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {47842382-4660-4F77-A73A-7A7686B8EB68} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS40B0\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {87F91B77-B67D-481B-8935-0430D139FB7E} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS40B0\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F8BA5CC5-9652-4AC3-997C-D80D3D7688FC} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS469B\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {A3E2B74C-1058-46E0-876E-BA2B1131F1E3} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS469B\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {1B52A8BC-36B1-466D-A62F-F6D02AD1B7FE} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS5109\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {1304C189-A282-49D5-B542-343BD5CC4753} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS5109\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {CC4800A3-E38D-4B88-BE5E-EFB5C71B4C13} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS525F\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {89134457-7935-43D0-913A-E4B923DD7DBB} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS525F\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {83FCF201-2101-4BB0-8060-556154610DF7} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS7825\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {EA5EE2BA-F1BD-46A7-B740-D38557AC5D07} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS7825\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {1BEF0168-210E-4A3C-8ED5-CBFCBB2982BF} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS78B2\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {58CD7CFA-3503-4AD6-A160-D78A879A9B9D} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS78B2\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {60BD0FE0-2731-4266-B07E-3383D2CA8B90} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS334C\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {A5C40786-371C-4755-9F1E-AE2C4DF123A6} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS334C\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {A05F0493-2176-45A2-92CE-647CBD32FCC3} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS36B1\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {0F42D503-3203-4E9B-BC95-7C5608B0FC14} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS36B1\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {1688D082-6D49-4D6D-97E9-8D28843E59B3} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS0177\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {EC368299-BCC3-4BF5-A131-5D7B52C07FF5} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS0177\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {B3976A30-9843-4995-BBF7-D5865CF05C1C} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS6C73\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {26B04727-F212-4184-8BA7-77F4E7A20549} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS6C73\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [PUP.Ghokswa] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {A65B0C37-36B1-4D97-98E1-4E9EADCC3AFC} : v2.22|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Firefox\Firefox.exe|Name=Firefox browser| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {9CA4E7E3-AA54-4A7A-945F-4812807BD64A} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS3605\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {B7EB4451-8C6E-499B-BFE4-FBD08F4B4896} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\claudio\AppData\Local\Temp\7zS3605\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Encontrado [PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Encontrado [PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Encontrado ¤¤¤ Tarefas : 1 ¤¤¤ [Suspicious.Path] \Rerun Warsaw's CoreFixer -- C:\WINDOWS\TEMP\is-TSK3C.tmp\corefixer.exe (/norerun) -> Encontrado ¤¤¤ Arquivos : 1 ¤¤¤ [PUP.HPDefender][Pasta] C:\Users\claudio\AppData\Local\Kitty -> Encontrado ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Arquivos de hosts : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤ ¤¤¤ Navegadores : 0 ¤¤¤ ¤¤¤ Verificação da MBR : ¤¤¤ +++++ PhysicalDrive0: WDC WD5000LPCX-24C6HT0 +++++ --- User --- [MBR] 19343d737e6c3fa3eb7bfde68b43abaa [BSP] 40bad82cfa9541ba6ef4925ca01ad8aa : Empty|VT.Unknown MBR Code Partition table: 0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 1000 MB 1 - [SYSTEM][MAN-MOUNT] EFI system partition | Offset (sectors): 2050048 | Size: 260 MB 2 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2582528 | Size: 1000 MB 3 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 4630528 | Size: 128 MB 4 - Basic data partition | Offset (sectors): 4892672 | Size: 435988 MB 5 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 897796096 | Size: 450 MB 6 - Basic data partition | Offset (sectors): 898717696 | Size: 25600 MB 7 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 951146496 | Size: 12513 MB User = LL1 ... OK User = LL2 ... OK
  12. PC reiniciando sozinho..TELA AZUL, KERNELL..

    Já tinha passado o MBAM, deu milhares de ameaças. Já tinha limpado Te copio o log deles vou partir pras etapas 2, 3 Desabilito o MBAM ao baixar os demais (o Adwcleaner e por conseguinte o Junkware)?? MBAM.txt adicionado 26 minutos depois AdwareCleaner [CO].txt # AdwCleaner 7.0.2.1 - Logfile created on Wed Sep 13 00:22:06 2017 # Updated on 2017/29/08 by Malwarebytes # Running on Windows 8.1 Single Language (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services deleted. ***** [ Folders ] ***** Deleted: C:\Users\claudio\AppData\Local\3DM Deleted: C:\Windows\System32\config\systemprofile\AppData\Local\YSearchUtil Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil Deleted: C:\Users\claudio\AppData\Local\YSearchUtil Deleted: C:\Program Files (x86)\Yahoo!\yset Deleted: C:\Users\Convidado\AppData\Local\Temp\apn ***** [ Files ] ***** Deleted: C:\Users\All Users\Documents\\report.dat Deleted: C:\Users\Public\Documents\\report.dat Deleted: C:\Users\Todos os Usuários\Documents\\report.dat Deleted: C:\Users\All Users\Documents\\temp.dat Deleted: C:\Users\Public\Documents\\temp.dat Deleted: C:\Users\Todos os Usuários\Documents\\temp.dat Deleted: C:\Users\claudio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ScreenShot.lnk ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|SNARE Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet Deleted: [Key] - HKLM\SOFTWARE\InterSect Alliance Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98FD652EB4839214E97B69DD8EEA1D29 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4 Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D2A425F405350054677A7A857BC0D100 Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Features\D2A425F405350054677A7A857BC0D100 Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Products\D2A425F405350054677A7A857BC0D100 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15 Deleted: [Key] - HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.apn.native_messaging_host_aaaaaiabcopkplhgaedhbloeejhhankf Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|WinSAPSvc Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|3DM Deleted: [Key] - HKLM\SOFTWARE\ScreenShot Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ScreenShot ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** SearchProvider deleted: Ask Search - websearch.ask.com SearchProvider deleted: 4shared.com Customized Web Search - search.conduit.com SearchProvider deleted: Search - unitech llc ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[S0].txt - [6767 B] - [2017/9/13 0:20:21] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ########## adicionado 38 minutos depois Adware [SO].txt # AdwCleaner 7.0.2.1 - Logfile created on Wed Sep 13 00:20:21 2017 # Updated on 2017/29/08 by Malwarebytes # Database: 09-12-2017.1 # Running on Windows 8.1 Single Language (X64) # Mode: scan # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** Adware.Elex, C:\Users\claudio\AppData\Local\3DM PUP.Optional.Legacy, C:\Windows\System32\config\systemprofile\AppData\Local\YSearchUtil PUP.Optional.Legacy, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil PUP.Optional.Legacy, C:\Users\claudio\AppData\Local\YSearchUtil PUP.Optional.Legacy, C:\Program Files (x86)\Yahoo!\yset Rogue.ForcedExtension, C:\Users\Convidado\AppData\Local\Temp\apn ***** [ Files ] ***** PUP.Optional.Legacy, C:\Users\All Users\Documents\report.dat PUP.Optional.Legacy, C:\Users\Public\Documents\report.dat PUP.Optional.Legacy, C:\Users\Todos os Usuários\Documents\report.dat PUP.Optional.Legacy, C:\Users\All Users\Documents\temp.dat PUP.Optional.Legacy, C:\Users\Public\Documents\temp.dat PUP.Optional.Legacy, C:\Users\Todos os Usuários\Documents\temp.dat PUP.Optional.Legacy, C:\Users\claudio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ScreenShot.lnk ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. adicionado 53 minutos depois JRT.tx ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.4 (07.09.2017) Operating System: Windows 8.1 Single Language x64 Ran by Claudio Ricardo (Administrator) on 12/09/2017 at 21:51:54,69 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 1 Successfully deleted: C:\ProgramData\ammyy (Folder) Registry: 2 Successfully deleted: HKLM\Software\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo (Registry Key) Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 12/09/2017 at 22:00:47,09 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×