Ir ao conteúdo
  • Cadastre-se
fabio0193

Notebook lento e demora ao ligar

Recommended Posts

Caro @fabio0193

 

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.

 

Por favor, atente para o seguinte:

  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Sempre coloque suas respostas neste tópico... Não abra outro!
  • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  • Respeite a ordem das instruções passadas.

Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

 

# Etapa nº 1 #
 
Baixe o AdwCleaner e salve em sua Área de trabalho (Desktop)

Execute o arquivo adwcleaner.exe

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • Clique na aba Opções e deixe marcado apenas "Restaurar Políticas do IE" e "Restaurar Políticas do Chrome"
  • Clique no botão Verificar e aguarde o exame finalizar.
  • Clique no botão Limpar.
  • Abrirá um bloco de notas com o resultado.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.
  • O log também será salvo em C:\AdwCleaner


NOTA: Se o AdwCleaner encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC. Faça isso imediatamente, ao ser perguntado se quer reiniciar.
 
# Etapa nº 2 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Junkware Removal Tool (JRT) e salve em sua Área de trabalho (Desktop)

 

Clique duas vezes para executar o jrt.exe.
 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • A ferramenta começará o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Ao final um log se abrirá. Será salvo no desktop com o nome de JRT.txt.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 
# Etapa nº 3 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Faça o download do ZHPCleaner e salve em sua Área de trabalho (Desktop)

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

  • Clique no botão Scanner.
  • A ferramenta começara o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Em seguida clique no botão Reparar.
  • Será gerado um log chamado ZHPCleaner.txt
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá, no AdwCleaner apareceu que não encontrou arquivos infectados.
 

# AdwCleaner v5.201 - Relatório criado 16/07/2016 às 18:49:06
# Atualizado 30/06/2016 por ToolsLib
# Banco de dados : 2016-07-16.1 [Servidor]
# Sistema operacional : Windows 8.1 Single Language  (X64)
# Usuário : Kátia - KATIA
# Executando de : C:\Users\Kátia\Desktop\adwcleaner_5.201.exe
# Opção : Limpar
# Apoio : https://toolslib.net/forum

***** [ Serviços ] *****


***** [ Pastas ] *****


***** [ Arquivos ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Atalhos ] *****


***** [ Tarefas agendadas ] *****


***** [ Registro ] *****


***** [ Navegadores ] *****


*************************

:: Políticas do IE excluídas
:: Políticas do Chrome excluídas

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [759 bytes] - [16/07/2016 18:49:06]
C:\AdwCleaner\AdwCleaner[S1].txt - [812 bytes] - [16/07/2016 18:46:51]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [903 bytes] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 8.1 Single Language x64 
Ran by K tia (Administrator) on 16/07/2016 at 19:00:00,67
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 11 

Successfully deleted: C:\ProgramData\iobit\driver booster (Folder) 
Successfully deleted: C:\ProgramData\pdfforge (Folder) 
Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Users\K tia\AppData\Roaming\getrighttogo (Folder) 
Successfully deleted: C:\Users\K tia\AppData\Roaming\iobit\driver booster (Folder) 
Successfully deleted: C:\Users\K tia\AppData\Roaming\productdata (Folder) 
Successfully deleted: C:\Users\K tia\AppData\Roaming\wyupdate au (Folder) 
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster SkipUAC (K tia) (Task)
Successfully deleted: C:\Windows\system32\Tasks\PCDEventLauncherTask (Task)
Successfully deleted: C:\Windows\system32\Tasks\PCDoctorBackgroundMonitorTask (Task)
Successfully deleted: C:\Windows\system32\RENB7C7.tmp (File) 

Registry: 2 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7A8CCBA8-81A4-45F2-AC1D-0A701699C172} (Registry Key)


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16/07/2016 at 19:22:55,67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~ ZHPCleaner v2016.7.14.85 by Nicolas Coolman (2016/08/14)
~ Run by Kátia (Administrator)  (16/07/2016 19:40:01)
~ Site : http://www.nicolascoolman.com
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Reparo
~ Report : C:\Users\Kátia\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Kátia\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 8.1 Single Language, 64-bit  (Build 9600)


---\\  Serviços (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Navegadores de Internet (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Arquivo hosts (2)
SUBSTITUIDO: 54.225.95.126    hjjjegfhiceggepdokloeepnhlfnedkk
Número de redirecionamentos encontrados 1/22


---\\  Tarefas automáticas agendadas. (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Explorer ( Arquivos, Pastas) (18)
MOVIDO pasta: C:\Windows\SECOH-QAD.exe    =>HackTool.KMSpico
MOVIDO arquivo: C:\Program Files\KMSpico  =>HackTool.KMSpico
MOVIDO arquivo: C:\ProgramData\KMSAuto  =>HackTool.WinActivator
MOVIDO arquivo: C:\Users\Kátia\AppData\Local\Microsoft Toolkit  =>HackTool.AutoKMS
MOVIDO arquivo: C:\Windows\Installer\MSI26B9.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI340.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIAF72.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIB201.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIB2CD.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIB58D.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSICEFE.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSICFE9.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSID131.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSID2F7.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIE356.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIE3C4.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIE3F3.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIE730.tmp-  =>Empty


---\\  Registro ( Chaves, Valores, Dados ) (11)
SUPRIMIDO chave*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ee07c6b2-d7b6-404a-915d-4430bacccf14} [C:\Program Files (x86)\GoHD (Not File)]  =>PUP.Optional.CrossRider
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman]  =>Trojan.Camec
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F165007-8086-434B-9499-9A7DC65D1AD2} [C:\Program Files (x86)\Browser Warden\ (Not File)]  =>PUP.Optional.BrowserWarden
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ee07c6b2-d7b6-404a-915d-4430bacccf14} [C:\Program Files (x86)\GoHD (Not File)]  =>PUP.Optional.CrossRider
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-4103697994-62962464-1455422779-1001\Products\363FB0CBBA367FF4E81FEAD0F717B142 [LPT System Updater Service]  =>.Superfluous.MyPopShop
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-4103697994-62962464-1455422779-1001\Products\A724A0376D4D36F46B81CC9C555B518B [Muvic Smartbar]  =>PUP.Optional.QuickShare
SUPRIMIDO chave: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman]  =>Trojan.Camec
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [Google Inc.]  =>Heuristic.Suspect
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ee07c6b2-d7b6-404a-915d-4430bacccf14} [C:\Program Files (x86)\GoHD (Not File)]  =>PUP.Optional.CrossRider
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{D7B65C3C-FCB6-4719-9198-C8A600485282} [C:\Program Files\KMSpico\AutoPico.exe]  =>HackTool.KMSpico
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{550B2762-2462-459F-A1EC-5104DB3A0B77} [C:\Program Files\KMSpico\AutoPico.exe]  =>HackTool.KMSpico


---\\  Resumo dos elementos encontrados na sua estação de trabalho (9)
http://www.nicolascoolman.fr/?p=989  =>HackTool.KMSpico
http://www.nicolascoolman.fr/?p=1053  =>HackTool.WinActivator
https://www.nicolascoolman.info/2016/05/04/hacktool-autokms/  =>HackTool.AutoKMS
https://www.nicolascoolman.info/2016/04/30/pup-optional-crossrider/  =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/?p=4664  =>Trojan.Camec
http://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.BrowserWarden
http://www.nicolascoolman.com/forum/post33280.html#p33280  =>.Superfluous.MyPopShop
http://www.nicolascoolman.fr/?p=433  =>PUP.Optional.QuickShare
https://www.nicolascoolman.info/2016/04/22/heuristic-suspect/  =>Heuristic.Suspect


---\\  Dodatkowe oczyszczenie. (28)
~ Chave de registro Tracing Supprimido (28)
~ Remover os relatórios antigos ZHPCleaner. (0)


---\\ Resultado de reparação
Reparação efectuada com sucesso
~ Este navegador está faltando ! (Opera Software)


---\\ Estatísticas
~ Items scan : 786
~ Items encontrado : 1
~ items cancelados : 0
~ Items réparo : 29


~ End of clean in 00h00mn21s
~====================
ZHPCleaner-[R]-16072016-19_40_22.txt
ZHPCleaner--16072016-19_36_50.txt
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @fabio0193

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Baixe o Farbar Recovery Scan Tool e salve-o na Área de Trabalho (Desktop).


32 bit (x86) ou 64 bit (x64)

 

  • Clique duas vezes para executar a ferramenta.
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png
  • Marque a caixa Arquivos 90 dias,  e clique no botão Examinar.
  • Aguarde e ao final os logs FRST.txt e Addition.txt serão salvos em sua Área de Trabalho (Desktop).
  • Selecione, copie e cole o conteúdo do log  FRST.txt em sua próxima resposta.
  • Anexe o log Addition.txt

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 17-07-2016 02
Executado por Kátia (administrador) em KATIA (17-07-2016 13:35:42)
Executando a partir de C:\Users\Kátia\Desktop
Perfis Carregados: Kátia (Perfis Disponíveis: Kátia)
Platform: Windows 8.1 Single Language (Update) (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Atheros Communications) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Entertainment Experience) C:\Program Files\TrueColor\TrueColorUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8459480 2015-04-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392496 2015-04-25] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5789512 2014-01-15] (Dell Inc.)
HKLM\...\Run: [TrueColor UI] => C:\Program Files\TrueColor\TrueColorUI.exe [18785776 2014-04-30] (Entertainment Experience)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392496 2015-04-25] (Realtek Semiconductor)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [925744 2016-06-22] (GAS Tecnologia LTDA)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2806512 2014-01-16] (Synaptics Incorporated)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6638472 2016-07-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-07-11] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2016-06-16] (Banco do Brasil)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal)
Winlogon\Notify\ GbPluginUni: C:\Program Files (x86)\GbPlugin\gbiehUni.dll [2015-07-06] (Banco Itaú Unibanco)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [134784 2015-01-04] (Atheros Communications)
HKU\S-1-5-21-4103697994-62962464-1455422779-1001\...\Run: [uTorrent] => C:\Users\Kátia\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2016-01-19] (BitTorrent Inc.)
HKU\S-1-5-21-4103697994-62962464-1455422779-1001\...\Run: [Dropbox Update] => C:\Users\Kátia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-4103697994-62962464-1455422779-1001\...\MountPoints2: {17a79f3e-0a7f-11e6-8349-a8258fd13724} - "F:\LG_PC_Programs.exe" 
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Corporation)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1947872 2016-06-16] (Banco do Brasil)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\PROGRAM FILES (X86)\GbPlugin\gbiehuni.dll [1759992 2015-07-06] (Banco Itaú Unibanco)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\PROGRAM FILES (X86)\GbPlugin\gbiehcef.dll [1888480 2015-09-22] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kátia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kátia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kátia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kátia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kátia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kátia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kátia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kátia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-26] (AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
Startup: C:\Users\Kátia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-07-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\Kátia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sh4native Sh4Removal

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{386AAECC-4190-4EB2-A46F-A3F8DD34E707}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{6F1C0720-107C-4FF1-97F3-373AFC5D5408}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{D1CFE6E8-D9D7-4EAC-A563-78F411AFBA5E}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKU\S-1-5-21-4103697994-62962464-1455422779-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKU\.DEFAULT -> {7A8CCBA8-81A4-45F2-AC1D-0A701699C172} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4103697994-62962464-1455422779-1001 -> DefaultScope {49AEE82D-0CBA-4713-B9CF-B5C8844A50ED} URL = hxxps://br.search.yahoo.com/search?fr=mcafee&type=C011BR105D20150205&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4103697994-62962464-1455422779-1001 -> {49AEE82D-0CBA-4713-B9CF-B5C8844A50ED} URL = hxxps://br.search.yahoo.com/search?fr=mcafee&type=C011BR105D20150205&p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-05-17] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-03] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-06-26] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-03] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-05-17] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-06-26] (AVAST Software)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll [2016-06-16] (Banco do Brasil)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehcef.dll [2015-09-22] (Caixa Economica Federal)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehuni.dll [2015-07-06] (Banco Itaú Unibanco)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-19] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Kátia\AppData\Roaming\Mozilla\Firefox\Profiles\mqd9nfb4.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-07-09] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-03] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-07-09] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-18] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-12-02] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin HKU\S-1-5-21-4103697994-62962464-1455422779-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kátia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-17] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4103697994-62962464-1455422779-1001: gastecnologia.com.br/sf/bb64 -> C:\Users\Kátia\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll [Nenhum Arquivo]
FF Plugin HKU\S-1-5-21-4103697994-62962464-1455422779-1001: gastecnologia.com.br/sf/cef -> C:\Users\Kátia\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2015-01-19] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-4103697994-62962464-1455422779-1001: gastecnologia.com.br/sf/gas64 -> C:\Users\Kátia\AppData\Local\GAS Tecnologia\GBBD\npsf_gas_64.dll [Nenhum Arquivo]
FF Plugin HKU\S-1-5-21-4103697994-62962464-1455422779-1001: gastecnologia.com.br/sf/uni -> C:\Users\Kátia\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll [Nenhum Arquivo]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-06-26]

Chrome: 
=======
CHR Profile: C:\Users\Kátia\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast SafePrice) - C:\Users\Kátia\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-04-03]
CHR Extension: (Avast Online Security) - C:\Users\Kátia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-05-20]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Kátia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\Kátia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnjbodopomfddehlalfilheomcahbpei [2016-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\Kátia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-06-24]
CHR HKU\S-1-5-21-4103697994-62962464-1455422779-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nnjbodopomfddehlalfilheomcahbpei] - C:\Users\Kátia\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx [2014-09-08]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-04-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-21]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [323200 2015-01-04] (Windows (R) Win 7 DDK provider) [Arquivo não assinado]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-06-26] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3009776 2016-05-27] (Microsoft Corporation)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-03-10] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-03-10] (Dell Inc.)
S4 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [229376 2016-05-13] (Dell Inc.)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [631520 2016-06-16] (GAS Tecnologia)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-11] (Intel Corporation)
S4 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Arquivo não assinado]
S4 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-18] (Intel Corporation)
S4 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [293080 2015-04-25] (Realtek Semiconductor)
S4 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1924328 2014-09-18] (SoftThinks SAS)
S4 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31928 2016-03-14] (Dell Inc.)
S4 TrueColorALS; C:\Program Files\TrueColor\TrueColorALS.exe [89072 2014-04-30] ()
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [925744 2016-06-22] (GAS Tecnologia LTDA)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S4 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe [16176 2013-08-22] ()
S4 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe [1785344 2013-08-19] (DELL Inc.) [Arquivo não assinado]
S3 McODS; "C:\ProgramData\McAfee\Update\Installs\pkg_default\Download_Files\default\vso\vso_li_cat\%VSINSTALL_DIR64%\mcods.exe" [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [20992 2015-01-21] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-01-26] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-01-26] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-26] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-06-26] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-06-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-26] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-07-13] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-06-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [290088 2016-06-26] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4265984 2014-12-11] (Qualcomm Atheros Communications, Inc.)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2016-01-05] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-08-26] (GAS Tecnologia)
R1 HWiNFO32; C:\Users\KTIA~1\AppData\Local\Temp\HWiNFO64A.SYS [26528 2015-04-25] (REALiX(tm))
R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-10-02] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-02] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [129312 2015-04-25] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
S3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [529080 2015-06-28] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc.)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2015-04-25] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-01-16] (Synaptics Incorporated)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [116296 2014-10-11] (Oracle Corporation)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2014-09-02] (GAS Tecnologia LTDA)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-07-07] (Basil)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2016-07-17] (GAS Tecnologia)
S1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [103640 2015-03-18] (GAS Tecnologia)
S3 AthBTPort; \SystemRoot\system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; \SystemRoot\system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; \SystemRoot\system32\drivers\btath_avdt.sys [X]
S0 BTATH_BUS; System32\drivers\btath_bus.sys [X]
S3 BTATH_HCRP; \SystemRoot\System32\drivers\btath_hcrp.sys [X]
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; \SystemRoot\System32\drivers\btath_rcp.sys [X]
S3 BtFilter; \SystemRoot\system32\DRIVERS\btfilter.sys [X]
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-17 13:35 - 2016-07-17 13:35 - 00027579 _____ C:\Users\Kátia\Desktop\FRST.txt
2016-07-17 13:35 - 2016-07-17 13:35 - 00000000 ____D C:\FRST
2016-07-17 13:32 - 2016-07-17 13:32 - 02391040 _____ (Farbar) C:\Users\Kátia\Desktop\FRST64.exe
2016-07-17 13:30 - 2016-07-17 13:30 - 00000000 ___RD C:\Users\Kátia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2016-07-16 19:30 - 2016-07-16 20:20 - 00000000 ____D C:\Users\Kátia\AppData\Roaming\ZHP
2016-07-16 18:45 - 2016-07-16 18:54 - 00000000 ____D C:\AdwCleaner
2016-07-14 14:27 - 2016-07-14 14:27 - 00000000 ____D C:\Windows\LastGood.Tmp
2016-07-12 15:40 - 2016-05-25 10:22 - 00875712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-07-12 15:40 - 2016-05-25 10:22 - 00536768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-07-12 15:40 - 2016-05-25 10:12 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-07-12 15:40 - 2016-05-25 10:12 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-07-12 15:12 - 2016-06-25 17:05 - 00050368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-07-12 15:12 - 2016-06-22 10:48 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-07-12 15:12 - 2016-06-21 10:48 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-07-12 15:12 - 2016-06-21 10:48 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-07-12 15:12 - 2016-06-21 10:48 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-07-12 15:12 - 2016-06-21 10:48 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-07-12 15:12 - 2016-06-21 10:48 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-07-12 15:12 - 2016-06-21 10:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-07-12 15:12 - 2016-06-21 10:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-07-12 14:39 - 2016-06-25 15:13 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-07-12 14:39 - 2016-06-25 13:24 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-07-12 14:39 - 2016-06-25 13:15 - 01094656 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-07-12 14:39 - 2016-06-25 13:13 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-07-12 14:39 - 2016-06-25 13:05 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-07-12 14:39 - 2016-06-21 15:32 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-07-12 14:39 - 2016-06-21 11:12 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-07-12 14:39 - 2016-06-11 16:45 - 07445856 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-07-12 14:39 - 2016-06-11 14:22 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-07-12 14:39 - 2016-06-11 14:22 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-07-12 14:39 - 2016-06-11 14:12 - 20348928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-07-12 14:39 - 2016-06-11 13:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-07-12 14:39 - 2016-06-11 13:31 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-07-12 14:39 - 2016-06-11 13:29 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-07-12 14:39 - 2016-06-11 13:12 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-12 14:39 - 2016-06-11 12:56 - 01315840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-07-12 14:39 - 2016-01-30 16:50 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2016-07-12 14:39 - 2016-01-30 16:00 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2016-07-12 14:39 - 2016-01-30 15:48 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2016-07-12 14:39 - 2016-01-30 15:18 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2016-07-12 14:39 - 2016-01-30 14:48 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2016-07-12 14:39 - 2016-01-30 14:41 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2016-07-12 14:38 - 2016-06-11 15:14 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-12 14:38 - 2016-06-11 15:11 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-12 14:38 - 2016-06-11 14:56 - 25812992 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-12 14:38 - 2016-06-11 14:56 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-07-12 14:38 - 2016-06-11 14:42 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-12 14:38 - 2016-06-11 14:23 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-07-12 14:38 - 2016-06-11 14:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-07-12 14:38 - 2016-06-11 14:20 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-12 14:38 - 2016-06-11 14:13 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-07-12 14:38 - 2016-06-11 14:12 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-07-12 14:38 - 2016-06-11 14:07 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-07-12 14:38 - 2016-06-11 14:03 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-07-12 14:38 - 2016-06-11 14:01 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-07-12 14:38 - 2016-06-11 14:00 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-12 14:38 - 2016-06-11 14:00 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-07-12 14:38 - 2016-06-11 13:57 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-12 14:38 - 2016-06-11 13:43 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-07-12 14:38 - 2016-06-11 13:38 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-07-12 14:38 - 2016-06-11 13:33 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-07-12 14:38 - 2016-06-11 13:31 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-07-12 14:38 - 2016-06-11 13:31 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-07-12 14:38 - 2016-06-11 13:30 - 15409664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-12 14:38 - 2016-06-11 13:26 - 02869248 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-12 14:38 - 2016-06-11 13:15 - 13806080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-07-12 14:38 - 2016-06-11 13:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-07-12 14:38 - 2016-06-11 12:59 - 02392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-07-12 14:38 - 2016-06-11 12:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-07-12 14:35 - 2016-06-10 18:35 - 04167680 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-07-11 21:49 - 2016-07-11 21:49 - 00000000 ____D C:\Users\Kátia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-07-11 14:45 - 2016-07-14 13:39 - 00001237 _____ C:\Users\Kátia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings.lnk
2016-07-11 12:47 - 2016-07-11 12:47 - 00025812 _____ C:\ZA-Scan.txt
2016-07-11 12:32 - 2016-07-11 12:32 - 00000000 ____D C:\zoek_backup
2016-07-11 12:29 - 2016-07-11 12:29 - 01370112 _____ C:\Users\Kátia\Downloads\ZA-Scan.exe
2016-07-11 12:28 - 2016-07-11 12:28 - 01370112 _____ C:\Users\Kátia\Downloads\Não confirmado 856927.crdownload
2016-07-09 14:45 - 2016-07-10 20:51 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-09 14:43 - 2016-07-09 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-07-09 14:43 - 2016-07-09 14:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-07-09 14:43 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-07-09 14:43 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-07-09 14:43 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-07-09 14:37 - 2016-07-09 14:39 - 22851472 _____ (Malwarebytes ) C:\Users\Kátia\Downloads\mbam-setup-2.2.1.1043.exe
2016-07-09 14:33 - 2016-07-09 14:35 - 22851472 _____ (Malwarebytes ) C:\Users\Kátia\Downloads\Não confirmado 458991.crdownload
2016-07-09 14:19 - 2016-07-09 14:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-07-09 14:19 - 2016-07-09 14:19 - 00000000 ____D C:\Program Files\7-Zip
2016-07-08 16:37 - 2016-07-08 16:37 - 00141280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2016-07-08 16:37 - 2016-07-08 16:37 - 00122704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2016-07-08 16:36 - 2016-07-08 16:36 - 10707032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2016-07-08 16:36 - 2016-07-08 16:36 - 08888016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2016-07-08 16:36 - 2016-07-08 16:36 - 01515312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2016-07-08 16:36 - 2016-07-08 16:36 - 00462080 _____ C:\Windows\system32\amdmiracast.dll
2016-07-08 16:36 - 2016-07-08 16:36 - 00166488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2016-07-08 16:36 - 2016-07-08 16:36 - 00150544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2016-07-08 16:36 - 2016-07-08 16:36 - 00141280 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2016-07-08 16:36 - 2016-07-08 16:36 - 00137136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2016-07-08 16:36 - 2016-07-08 16:36 - 00125288 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2016-07-08 16:36 - 2016-07-08 16:36 - 00123776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2016-07-08 16:36 - 2016-07-08 16:36 - 00109856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2016-07-08 16:36 - 2016-07-08 16:36 - 00109856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2016-07-08 16:36 - 2016-07-08 16:36 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2016-07-08 16:36 - 2016-07-08 16:36 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2016-07-08 16:35 - 2016-07-08 16:35 - 09798560 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2016-07-08 16:35 - 2016-07-08 16:35 - 08865344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2016-07-08 16:35 - 2016-07-08 16:35 - 08577456 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2016-07-08 16:35 - 2016-07-08 16:35 - 07000520 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2016-07-08 16:33 - 2016-07-08 16:33 - 00305032 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2016-07-08 16:29 - 2016-07-08 16:29 - 27004928 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2016-07-08 16:23 - 2016-07-08 16:23 - 48616960 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2016-07-08 16:23 - 2016-07-08 16:23 - 00252928 _____ C:\Windows\system32\clinfo.exe
2016-07-08 16:22 - 2016-07-08 16:22 - 38099456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2016-07-08 16:21 - 2016-07-08 16:21 - 08815104 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
2016-07-08 16:21 - 2016-07-08 16:21 - 00096256 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-07-08 16:21 - 2016-07-08 16:21 - 00087040 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-07-08 16:19 - 2016-07-08 16:19 - 27433472 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2016-07-08 16:19 - 2016-07-08 16:19 - 21600768 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2016-07-08 16:17 - 2016-07-08 16:17 - 07072768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
2016-07-08 16:04 - 2016-07-08 16:04 - 00184320 _____ C:\Windows\system32\amdhdl64.dll
2016-07-08 16:04 - 2016-07-08 16:04 - 00164352 _____ C:\Windows\SysWOW64\amdhdl32.dll
2016-07-08 16:03 - 2016-07-08 16:03 - 30219776 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2016-07-08 16:02 - 2016-07-08 16:02 - 06965248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2016-07-08 16:02 - 2016-07-08 16:02 - 00732160 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2016-07-08 16:02 - 2016-07-08 16:02 - 00607744 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2016-07-08 16:02 - 2016-07-08 16:02 - 00142336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2016-07-08 16:02 - 2016-07-08 16:02 - 00117760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2016-07-08 16:00 - 2016-07-08 16:00 - 00865280 _____ (AMD) C:\Windows\system32\coinst_16.20.dll
2016-07-08 15:59 - 2016-07-08 15:59 - 00720192 _____ C:\Windows\SysWOW64\atiapfxx.blb
2016-07-08 15:59 - 2016-07-08 15:59 - 00720192 _____ C:\Windows\system32\atiapfxx.blb
2016-07-08 15:58 - 2016-07-08 15:58 - 15711744 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2016-07-08 15:58 - 2016-07-08 15:58 - 05643776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2016-07-08 15:58 - 2016-07-08 15:58 - 00385536 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2016-07-08 15:58 - 2016-07-08 15:58 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2016-07-08 15:58 - 2016-07-08 15:58 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2016-07-08 15:58 - 2016-07-08 15:58 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2016-07-08 15:58 - 2016-07-08 15:58 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2016-07-08 15:57 - 2016-07-08 15:57 - 14302720 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2016-07-08 15:57 - 2016-07-08 15:57 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2016-07-08 15:57 - 2016-07-08 15:57 - 00038400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2016-07-08 15:55 - 2016-07-08 15:55 - 24836096 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2016-07-08 15:55 - 2016-07-08 15:55 - 00113152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2016-07-08 15:55 - 2016-07-08 15:55 - 00092160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2016-07-08 15:54 - 2016-07-08 15:54 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2016-07-08 15:52 - 2016-07-08 15:52 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2016-07-08 15:52 - 2016-07-08 15:52 - 00274432 _____ C:\Windows\system32\dgtrayicon.exe
2016-07-08 15:52 - 2016-07-08 15:52 - 00258560 _____ C:\Windows\system32\GameManager64.dll
2016-07-08 15:52 - 2016-07-08 15:52 - 00223744 _____ C:\Windows\SysWOW64\GameManager32.dll
2016-07-08 15:52 - 2016-07-08 15:52 - 00212480 _____ C:\Windows\system32\atieah64.exe
2016-07-08 15:52 - 2016-07-08 15:52 - 00190464 _____ C:\Windows\SysWOW64\atieah32.exe
2016-07-08 15:51 - 2016-07-08 15:51 - 00588288 _____ (AMD) C:\Windows\system32\atieclxx.exe
2016-07-08 15:51 - 2016-07-08 15:51 - 00306688 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2016-07-08 15:51 - 2016-07-08 15:51 - 00270336 _____ (AMD) C:\Windows\system32\atitmm64.dll
2016-07-08 15:51 - 2016-07-08 15:51 - 00230912 _____ C:\Windows\system32\amdgfxinfo64.dll
2016-07-08 15:51 - 2016-07-08 15:51 - 00202752 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2016-07-08 15:51 - 2016-07-08 15:51 - 00093696 _____ (AMD) C:\Windows\system32\atimuixx.dll
2016-07-08 15:50 - 2016-07-08 15:50 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2016-07-08 15:47 - 2016-07-08 15:47 - 00976384 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2016-07-08 15:47 - 2016-07-08 15:47 - 00976384 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2016-07-08 15:47 - 2016-07-08 15:47 - 00185344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2016-07-08 15:47 - 2016-07-08 15:47 - 00159232 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2016-07-08 15:47 - 2016-07-08 15:47 - 00119808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2016-07-08 15:47 - 2016-07-08 15:47 - 00106496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2016-07-08 15:47 - 2016-07-08 15:47 - 00101376 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2016-07-08 15:47 - 2016-07-08 15:47 - 00091136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2016-07-08 15:47 - 2016-07-08 15:47 - 00091136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2016-07-08 15:47 - 2016-07-08 15:47 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2016-07-08 15:46 - 2016-07-08 15:46 - 00498176 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2016-07-08 15:44 - 2016-07-08 15:44 - 00251392 _____ C:\Windows\system32\hsa-thunk64.dll
2016-07-08 15:44 - 2016-07-08 15:44 - 00217088 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2016-07-03 12:56 - 2016-07-03 12:56 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-07-03 00:18 - 2016-07-03 00:18 - 00000000 ____D C:\Users\Todos os Usuários\ATI
2016-07-03 00:18 - 2016-07-03 00:18 - 00000000 ____D C:\ProgramData\ATI
2016-07-03 00:17 - 2016-07-03 00:17 - 00000451 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-07-03 00:17 - 2016-07-03 00:17 - 00000244 _____ C:\Windows\system32\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat
2016-07-02 21:17 - 2016-07-02 21:17 - 00000724 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk
2016-07-02 21:16 - 2016-07-02 21:49 - 156310424 _____ (Dell Inc.) C:\Users\Kátia\Downloads\Video_Driver_954YR_WN_10.18.10.3496_A01.EXE
2016-07-02 21:13 - 2016-07-02 21:13 - 00000807 _____ C:\Windows\system32\{30D37DA2-03BC-403A-A21E-F49E4836D060}.bat
2016-07-02 21:09 - 2016-07-02 21:11 - 00264730 _____ C:\Windows\ntbtlog.txt
2016-07-02 14:00 - 2016-07-02 21:43 - 00000000 ____D C:\Users\Kátia\Downloads\Intel Components
2016-07-02 13:52 - 2016-07-02 13:52 - 00004238 _____ C:\Windows\System32\Tasks\AMD Updater
2016-07-02 13:40 - 2016-07-02 13:40 - 00000000 ____D C:\Program Files (x86)\AMD
2016-06-27 17:01 - 2016-06-27 17:01 - 00000000 ____D C:\Users\Todos os Usuários\AMD
2016-06-27 17:01 - 2016-06-27 17:01 - 00000000 ____D C:\ProgramData\AMD
2016-06-27 17:01 - 2016-06-27 17:01 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-06-27 17:01 - 2016-06-27 17:01 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2016-06-27 17:00 - 2016-07-14 14:26 - 00000000 ____D C:\Program Files\AMD
2016-06-27 17:00 - 2011-09-12 17:05 - 00003917 _____ C:\Windows\SysWOW64\atipblup.dat
2016-06-27 16:02 - 2016-06-27 16:03 - 08364256 _____ (Dell Inc.) C:\Users\Kátia\Downloads\Application_75FF5_WN32_1.9.5.0_A10.EXE
2016-06-27 15:54 - 2016-06-27 16:18 - 339594080 _____ (Dell Inc.) C:\Users\Kátia\Downloads\Não confirmado 149719.crdownload
2016-06-27 14:57 - 2016-06-27 14:57 - 00000000 ____D C:\Users\Kátia\AppData\Roaming\Raptr
2016-06-27 14:45 - 2016-06-27 14:56 - 00000000 ____D C:\Program Files (x86)\Raptr Inc
2016-06-27 14:40 - 2016-07-14 14:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-06-27 14:40 - 2016-06-27 14:40 - 00000000 ____D C:\Users\Kátia\AppData\Local\AMD
2016-06-27 14:12 - 2015-06-04 13:33 - 00021984 _____ C:\Windows\system32\Drivers\semav6msr64.sys
2016-06-26 12:50 - 2016-06-26 12:50 - 00390984 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-06-26 12:50 - 2016-06-26 12:50 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-06-26 12:36 - 2016-06-26 12:37 - 06995720 _____ (Piriform Ltd) C:\Users\Kátia\Downloads\ccsetup519.exe
2016-06-17 16:05 - 2016-06-17 16:05 - 00270784 _____ C:\Windows\system32\ativvaxy_stn_nd.dat
2016-06-17 15:57 - 2016-06-17 15:57 - 00368416 _____ C:\Windows\system32\ativvaxy_el_nd.dat
2016-06-14 16:32 - 2016-04-12 12:46 - 14467584 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-06-14 16:32 - 2016-04-12 12:30 - 12879872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-06-14 16:31 - 2016-06-03 14:11 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-06-14 16:31 - 2016-04-14 12:25 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-14 16:31 - 2016-04-14 12:11 - 02464768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-14 16:31 - 2016-01-31 16:17 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-06-14 16:31 - 2016-01-31 15:07 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-06-14 16:31 - 2016-01-31 14:42 - 03320832 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-06-14 16:31 - 2016-01-31 14:14 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-06-14 14:36 - 2016-05-18 02:31 - 00372568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-14 14:36 - 2016-05-18 02:31 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-14 14:36 - 2016-05-16 18:13 - 00563016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-14 14:36 - 2016-05-16 18:13 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-14 14:36 - 2016-05-16 18:13 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-14 14:36 - 2016-05-16 18:13 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-14 14:36 - 2016-05-13 20:07 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-14 14:36 - 2016-05-13 20:07 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-14 14:36 - 2016-05-13 20:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-14 14:36 - 2016-05-13 20:04 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-14 14:36 - 2016-05-13 19:34 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-06-14 14:36 - 2016-05-13 19:19 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-14 14:36 - 2016-05-13 18:58 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-06-14 14:36 - 2016-05-12 15:38 - 00135336 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-14 14:36 - 2016-05-12 14:43 - 00115704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-06-14 14:36 - 2016-05-12 13:17 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-14 14:36 - 2016-05-12 13:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-14 14:36 - 2016-05-12 13:07 - 01360896 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-14 14:36 - 2016-05-12 12:59 - 00398848 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-14 14:36 - 2016-05-12 12:43 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-14 14:36 - 2016-05-12 12:37 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-14 14:36 - 2016-05-09 18:35 - 07075328 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-06-14 14:36 - 2016-05-09 17:56 - 05270016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-06-14 14:36 - 2016-05-09 17:45 - 07793152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-06-14 14:36 - 2016-05-09 17:23 - 05265920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-06-14 14:36 - 2016-05-06 12:45 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-14 14:36 - 2016-05-06 12:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-14 14:35 - 2016-05-18 20:15 - 01379040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-14 14:35 - 2016-05-18 17:35 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-14 14:35 - 2016-05-14 17:01 - 00363104 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-14 14:35 - 2016-05-14 17:01 - 00320720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-14 14:35 - 2016-05-13 20:07 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-14 14:35 - 2016-05-13 18:58 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-14 14:35 - 2016-05-13 18:45 - 00802816 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-14 14:35 - 2016-05-13 18:35 - 00286208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-14 14:35 - 2016-05-13 18:26 - 00631808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-10 14:40 - 2016-06-10 14:40 - 02629680 _____ (Banco do Brasil SA) C:\Users\Kátia\Downloads\DiagnosticoBB (1).exe
2016-06-07 17:02 - 2016-06-07 17:02 - 00000000 ____D C:\Users\Todos os Usuários\Atheros
2016-06-07 17:02 - 2016-06-07 17:02 - 00000000 ____D C:\ProgramData\Atheros
2016-06-07 17:01 - 2016-06-07 17:01 - 00000000 ____D C:\Users\Kátia\AppData\Roaming\Atheros
2016-06-07 15:41 - 2016-06-07 15:41 - 00000000 ___RD C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2016-06-07 15:41 - 2016-06-07 15:41 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2016-06-07 15:41 - 2016-06-07 15:41 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2016-06-07 15:41 - 2016-06-07 15:41 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
2016-06-07 15:40 - 2016-06-07 15:42 - 00000000 ____D C:\Program Files\Common Files\QCA_Bluetooth
2016-06-07 15:37 - 2014-05-13 20:06 - 00440320 _____ (Atheros) C:\Windows\system32\athihvs.dll
2016-06-06 23:48 - 2016-06-06 23:51 - 56109848 _____ (Dell Inc.) C:\Users\Kátia\Downloads\Input_Driver_N27V1_WN_18.0.5.4_A01 (1).EXE
2016-06-06 23:43 - 2016-06-27 16:48 - 00000000 ____D C:\Program Files (x86)\Dell Update
2016-06-06 23:42 - 2016-06-06 23:42 - 08262296 _____ (Dell Inc.) C:\Users\Kátia\Downloads\Application_HT6JC_WN32_1.8.1114.0_A10.EXE
2016-06-06 23:33 - 2016-06-06 23:40 - 65319192 _____ (Dell Inc.) C:\Users\Kátia\Downloads\Chipset_Driver_9M49M_WN_9.5.22.1760_A00.EXE
2016-06-06 23:33 - 2016-06-06 23:37 - 26607240 _____ C:\Users\Kátia\Downloads\iMEI_Driver_Intel_A00_W8164-Setup_ZPE.exe
2016-06-06 23:30 - 2016-06-06 23:32 - 14313040 _____ (Dell Inc.) C:\Users\Kátia\Downloads\Application_56J82_WN32_1.4.2000.0_A07.EXE
2016-06-06 23:24 - 2016-06-06 23:24 - 00420192 _____ () C:\Users\Kátia\Downloads\DellSystemDetectLauncher (1).exe
2016-06-06 23:24 - 2016-06-06 23:24 - 00420192 _____ () C:\Users\Kátia\Downloads\DellSystemDetect.exe
2016-06-06 23:18 - 2016-06-06 23:19 - 12687448 _____ (Igor Pavlov) C:\Users\Kátia\Downloads\Inspiron_5447_A08.exe
2016-06-04 14:11 - 2016-06-04 14:11 - 00875613 _____ C:\Windows\system32\amdicdxx.dat
2016-05-27 00:34 - 2016-05-27 00:35 - 11502408 _____ C:\Users\Kátia\Downloads\SerialATA_Driver_Intel_A01_W8164-SETUP_ZPE.exe
2016-05-27 00:32 - 2016-05-27 00:34 - 19458840 _____ (Dell Inc.) C:\Users\Kátia\Downloads\Serial-ATA_Driver_DPK7T_WN_13.0.0.1098_A01.EXE
2016-05-26 23:29 - 2016-06-06 22:55 - 12687448 _____ (Igor Pavlov) C:\Users\Kátia\Desktop\Inspiron_5447_A08.exe
2016-05-26 23:23 - 2016-05-26 23:23 - 00000000 ____D C:\Users\Kátia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2016-05-26 23:20 - 2016-05-26 23:20 - 00420192 _____ () C:\Users\Kátia\Desktop\dellsystemdetectlauncher.exe
2016-05-12 23:19 - 2016-05-12 23:19 - 00789455 _____ C:\Users\Kátia\Downloads\graficos.pdf
2016-05-12 22:06 - 2016-05-12 22:06 - 17881328 _____ C:\Windows\system32\igd11dxva64.dll
2016-05-12 22:06 - 2016-05-12 22:06 - 17405480 _____ C:\Windows\SysWOW64\igd11dxva32.dll
2016-05-12 22:06 - 2016-05-12 22:06 - 06725162 _____ C:\Windows\system32\igdclbif.bin
2016-05-12 22:06 - 2016-05-12 22:06 - 00282696 _____ (Intel Corporation) C:\Windows\system32\igd10idpp64.dll
2016-05-12 22:06 - 2016-05-12 22:06 - 00262608 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10idpp32.dll
2016-05-12 22:06 - 2016-05-12 22:06 - 00190464 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v4414.dll
2016-05-10 16:49 - 2016-03-11 21:49 - 02466136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-05-10 16:49 - 2016-03-11 21:47 - 00160160 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2016-05-10 16:49 - 2016-03-11 21:47 - 00121912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
2016-05-10 16:49 - 2016-03-10 14:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dsparse.dll
2016-05-10 16:49 - 2016-03-10 13:55 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-05-10 16:49 - 2016-03-10 13:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsparse.dll
2016-05-10 16:49 - 2016-03-10 13:42 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-05-10 16:48 - 2016-03-15 22:58 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-10 16:48 - 2016-03-15 22:58 - 00332632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-10 16:48 - 2016-03-14 13:50 - 00316760 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2016-05-10 16:48 - 2016-03-10 13:52 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2016-05-10 16:48 - 2016-03-05 14:44 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2016-05-10 16:48 - 2016-03-05 14:04 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2016-05-10 16:48 - 2016-02-27 15:28 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-05-10 16:48 - 2016-02-27 14:57 - 03273728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-05-10 16:48 - 2016-02-27 14:19 - 03820544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-05-10 16:48 - 2016-02-27 13:32 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-05-10 15:16 - 2016-03-31 03:50 - 01307328 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-10 15:16 - 2016-03-31 00:40 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-10 15:15 - 2016-04-11 03:21 - 00074584 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2016-05-10 15:15 - 2016-04-10 04:48 - 00738096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-10 15:15 - 2016-04-10 04:48 - 00613624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-10 15:15 - 2016-04-10 02:37 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-10 15:15 - 2016-04-10 01:21 - 01763376 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-10 15:15 - 2016-04-10 01:21 - 01489088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-10 15:15 - 2016-04-09 18:58 - 00534016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2016-05-10 15:15 - 2016-04-09 18:50 - 00375296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2016-05-10 15:15 - 2016-04-06 18:13 - 00137976 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-10 15:15 - 2016-04-06 15:20 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-10 15:15 - 2016-04-06 15:19 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-10 15:15 - 2016-04-06 15:19 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-10 15:15 - 2016-04-06 14:49 - 00120384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-10 15:15 - 2016-04-06 13:57 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-10 15:15 - 2016-04-06 13:52 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-10 15:15 - 2016-04-06 12:48 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-01 21:54 - 2016-05-01 21:55 - 07645296 _____ C:\Users\Kátia\Downloads\E-BOOK 01- PONTO A PONTO.pdf
2016-04-26 19:10 - 2016-04-26 19:14 - 56109848 _____ (Dell Inc.) C:\Users\Kátia\Downloads\Input_Driver_N27V1_WN_18.0.5.4_A01.EXE
2016-04-25 23:21 - 2016-04-25 23:21 - 169786576 _____ C:\Users\Kátia\Downloads\Narcos.S01E02.Leg.[www.Brasilmegaseries.Net].rar
2016-04-25 23:21 - 2016-04-25 23:21 - 160706422 _____ C:\Users\Kátia\Downloads\Narcos.S01E04.Leg.[www.Brasilmegaseries.Net].rar
2016-04-25 23:19 - 2016-04-25 23:19 - 169792057 _____ C:\Users\Kátia\Downloads\Narcos.S01E03.Leg.[www.Brasilmegaseries.Net].rar
2016-04-25 22:42 - 2016-04-25 22:43 - 00000000 ____D C:\Users\Kátia\Downloads\Narcos.S01E01.Leg.[www.Brasilmegaseries.Net]
2016-04-25 22:42 - 2016-04-25 22:42 - 210102015 _____ C:\Users\Kátia\Downloads\Narcos.S01E01.Leg.[www.Brasilmegaseries.Net].rar
2016-04-25 00:35 - 2016-04-25 00:35 - 00221824 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2016-04-25 00:35 - 2016-04-25 00:35 - 00129152 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys
2016-04-24 22:20 - 2016-04-24 22:20 - 00278365 _____ C:\Users\Kátia\Downloads\FII RM ABR 16 - 22 04 2016.pdf
2016-04-24 22:20 - 2016-04-24 22:20 - 00278365 _____ C:\Users\Kátia\Downloads\FII RM ABR 16 - 22 04 2016 (1).pdf
2016-04-18 22:49 - 2016-04-18 22:49 - 00000000 _____ C:\Users\Kátia\AppData\Local\{98D43CAD-E7E1-4C35-A311-44944B31DC8D}
2016-04-18 22:49 - 2016-04-18 22:49 - 00000000 _____ C:\Users\Kátia\AppData\Local\{853A0EA4-3126-4F32-8A46-D25617654F6C}

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-17 13:34 - 2014-08-21 22:37 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4103697994-62962464-1455422779-1001
2016-07-17 13:32 - 2014-12-01 13:00 - 00301056 ___SH C:\Users\Kátia\Downloads\Thumbs.db
2016-07-17 13:29 - 2015-11-18 23:05 - 00101080 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2016-07-17 13:29 - 2015-07-16 14:04 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bfe96dc96119.job
2016-07-17 13:29 - 2015-04-27 17:56 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-17 13:29 - 2014-08-30 09:41 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-07-17 13:29 - 2014-08-30 09:41 - 00000000 ____D C:\ProgramData\GbPlugin
2016-07-17 13:29 - 2014-08-30 09:41 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-07-17 13:29 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-17 01:19 - 2015-06-04 23:31 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-17 01:15 - 2015-06-18 20:03 - 00001042 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4103697994-62962464-1455422779-1001UA.job
2016-07-17 01:10 - 2015-04-27 17:56 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-17 01:09 - 2015-07-16 14:04 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bfe96dee54f5.job
2016-07-17 01:09 - 2015-05-17 13:05 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d090bb54be2df7.job
2016-07-16 19:01 - 2014-08-26 13:31 - 00000000 ____D C:\Users\Todos os Usuários\IObit
2016-07-16 19:01 - 2014-08-26 13:31 - 00000000 ____D C:\Users\Kátia\AppData\Roaming\IObit
2016-07-16 19:01 - 2014-08-26 13:31 - 00000000 ____D C:\ProgramData\IObit
2016-07-16 18:49 - 2014-10-21 12:45 - 00000008 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-07-16 18:49 - 2014-10-21 12:45 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-07-16 18:49 - 2013-08-22 10:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-07-16 14:15 - 2015-06-18 20:03 - 00000990 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4103697994-62962464-1455422779-1001Core.job
2016-07-15 18:25 - 2014-12-16 21:58 - 00000000 ____D C:\Users\Kátia\AppData\Local\Eclipse
2016-07-15 14:06 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\AppReadiness
2016-07-14 15:21 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\Inf
2016-07-14 14:03 - 2015-04-22 16:37 - 00000000 ____D C:\AMD
2016-07-13 19:57 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\rescache
2016-07-13 14:29 - 2015-09-21 13:53 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-07-12 21:56 - 2013-08-22 11:44 - 00483848 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-12 19:25 - 2015-04-15 21:02 - 00000000 ____D C:\Windows\system32\appraiser
2016-07-12 19:25 - 2013-08-22 12:36 - 00000000 ___RD C:\Windows\ToastData
2016-07-12 15:49 - 2013-08-22 12:20 - 00000000 ____D C:\Windows\CbsTemp
2016-07-12 15:41 - 2014-08-24 02:05 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-07-12 15:41 - 2014-08-24 02:05 - 00000000 ____D C:\Windows\system32\MRT
2016-07-12 15:40 - 2014-03-18 06:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-11 21:49 - 2014-12-16 21:32 - 00000000 ____D C:\Users\Kátia\AppData\Roaming\Dropbox
2016-07-11 19:15 - 2015-04-16 13:33 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-09 22:46 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\Resources
2016-07-09 17:07 - 2014-08-21 23:11 - 00000000 ____D C:\Users\Kátia\AppData\Local\CrashDumps
2016-07-09 14:31 - 2014-09-01 22:10 - 00001084 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-07-09 14:26 - 2016-02-27 17:14 - 00000000 ____D C:\Users\Kátia\AppData\Roaming\Kodi
2016-07-09 14:26 - 2015-06-04 23:31 - 00003790 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-09 14:18 - 2016-02-12 14:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-07-08 16:36 - 2014-11-20 23:44 - 01245416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2016-07-08 15:47 - 2014-06-16 00:21 - 01309184 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2016-07-03 00:17 - 2014-08-19 13:50 - 00016326 _____ C:\Windows\system32\results.xml
2016-07-02 21:43 - 2015-12-03 14:53 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-07-02 21:43 - 2015-04-06 15:34 - 00000000 ___SD C:\Windows\system32\GWX
2016-07-02 21:43 - 2014-08-19 13:47 - 00000000 ____D C:\Program Files\Intel
2016-07-02 21:17 - 2014-08-19 13:47 - 00000000 ____D C:\Program Files (x86)\Intel
2016-07-02 21:16 - 2014-08-19 13:47 - 00000000 ____D C:\Intel
2016-07-02 20:55 - 2014-08-26 14:27 - 00000000 __SHD C:\Users\Kátia\IntelGraphicsProfiles
2016-07-02 14:23 - 2014-08-19 13:45 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-07-02 14:23 - 2014-08-19 13:45 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-02 13:40 - 2014-08-19 13:51 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-07-02 01:29 - 2013-08-22 12:38 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-02 01:29 - 2013-08-22 12:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-27 16:48 - 2014-08-19 13:46 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2016-06-27 14:12 - 2014-08-19 13:48 - 00000000 ____D C:\Users\Todos os Usuários\Intel
2016-06-27 14:12 - 2014-08-19 13:48 - 00000000 ____D C:\ProgramData\Intel
2016-06-26 14:20 - 2016-03-22 20:05 - 00003890 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1458687928
2016-06-26 14:20 - 2016-03-22 20:05 - 00001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-06-26 12:51 - 2015-09-21 13:53 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-06-26 12:50 - 2016-03-22 20:05 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-06-26 12:50 - 2015-09-21 13:53 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-06-26 12:50 - 2015-09-21 13:53 - 00290088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-06-26 12:50 - 2015-09-21 13:53 - 00162904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-06-26 12:50 - 2015-09-21 13:53 - 00108304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-06-26 12:50 - 2015-09-21 13:53 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-06-26 12:50 - 2015-09-21 13:53 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-06-26 12:50 - 2015-09-21 13:53 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-06-26 12:40 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\ModemLogs
2016-06-25 13:46 - 2015-05-13 15:15 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-25 13:46 - 2015-05-13 15:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-24 16:17 - 2015-05-13 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-21 16:33 - 2013-08-22 12:36 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2016-06-21 16:33 - 2013-08-22 12:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-21 16:32 - 2014-12-02 00:12 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-06-17 19:08 - 2015-04-27 18:00 - 00002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-17 19:08 - 2015-04-27 18:00 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Arquivos na raiz de alguns diretórios =======

2014-08-24 14:47 - 2014-08-24 14:47 - 0015631 _____ () C:\Users\Kátia\AppData\Roaming\unins000.dat
2014-09-15 22:19 - 2014-09-15 22:19 - 0015811 _____ () C:\Users\Kátia\AppData\Roaming\unins002.dat
2016-04-18 22:49 - 2016-04-18 22:49 - 0000000 _____ () C:\Users\Kátia\AppData\Local\{853A0EA4-3126-4F32-8A46-D25617654F6C}
2016-04-18 22:49 - 2016-04-18 22:49 - 0000000 _____ () C:\Users\Kátia\AppData\Local\{98D43CAD-E7E1-4C35-A311-44944B31DC8D}
2014-08-19 13:32 - 2014-08-19 13:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Alguns arquivos em TEMP:
====================
C:\Users\Kátia\AppData\Local\Temp\AMDCleanupUtility.exe
C:\Users\Kátia\AppData\Local\Temp\aplicativoitau.exe
C:\Users\Kátia\AppData\Local\Temp\Cleanup.dll
C:\Users\Kátia\AppData\Local\Temp\DAPREMOVE.EXE
C:\Users\Kátia\AppData\Local\Temp\ddu.exe
C:\Users\Kátia\AppData\Local\Temp\difxapi.dll
C:\Users\Kátia\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Kátia\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Kátia\AppData\Local\Temp\libeay32.dll
C:\Users\Kátia\AppData\Local\Temp\mccspuninstall.exe
C:\Users\Kátia\AppData\Local\Temp\msvcm80.dll
C:\Users\Kátia\AppData\Local\Temp\msvcp80.dll
C:\Users\Kátia\AppData\Local\Temp\msvcr120.dll
C:\Users\Kátia\AppData\Local\Temp\msvcr80.dll
C:\Users\Kátia\AppData\Local\Temp\nbi-cleaner6623874901560596441.exe
C:\Users\Kátia\AppData\Local\Temp\playstv_patch.exe
C:\Users\Kátia\AppData\Local\Temp\radeon-crimson-16.3.2-minimalsetup.exe
C:\Users\Kátia\AppData\Local\Temp\raptrpatch.exe
C:\Users\Kátia\AppData\Local\Temp\raptr_stub.exe
C:\Users\Kátia\AppData\Local\Temp\sqlite3.dll
C:\Users\Kátia\AppData\Local\Temp\{11329D6B-44C8-45D2-9641-BE59CFD7C93B}-DropboxClient_4.4.29.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-07-07 16:24

==================== Fim de FRST.txt ============================

Addition.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

É um roteador C3 tech W-R2000nl. Sei sim, tenho que resetá-lo? Além de responder esta pergunta, você poderia colocar no mesmo post a próxima etapa que tenho que fazer depois de resetar o roteador, se for o caso? Se puder já vai ser um adianto.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @fabio0193

 

Então, por favor, faça o reset do roteador.

 

Neste caso sim, tem como eu adiantar, mas nem sempre, pois dependo de resultados. ;)

 

Faça um novo log com o FRST, porém antes de clicar no botão Examinar, marque a opção Addition.

 

Anexe os logs, por favor.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @fabio0193

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Baixe o arquivo (fixlist.txt) no anexo deste post e salve-o na Área de Trabalho (Desktop).

Execute o FRST.exe (ou FRST64.exe) e clique no botão Corrigir.

Aguarde... ao final será gerado o log Fixlog.txt  salvo em sua Área de Trabalho (Desktop).

Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 

Abraços :D

fixlist.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 20-07-2016
Executado por Kátia (2016-07-21 11:46:38) Run:1
Executando a partir de C:\Users\Kátia\Desktop
Perfis Carregados: Kátia (Perfis Disponíveis: Kátia)
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-4103697994-62962464-1455422779-1001\...\MountPoints2: {17a79f3e-0a7f-11e6-8349-a8258fd13724} - "F:\LG_PC_Programs.exe" 
HKU\S-1-5-21-4103697994-62962464-1455422779-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
SearchScopes: HKU\.DEFAULT -> {7A8CCBA8-81A4-45F2-AC1D-0A701699C172} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4103697994-62962464-1455422779-1001 -> DefaultScope {49AEE82D-0CBA-4713-B9CF-B5C8844A50ED} URL = hxxps://br.search.yahoo.com/search?fr=mcafee&type=C011BR105D20150205&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4103697994-62962464-1455422779-1001 -> {49AEE82D-0CBA-4713-B9CF-B5C8844A50ED} URL = hxxps://br.search.yahoo.com/search?fr=mcafee&type=C011BR105D20150205&p={searchTerms}
S3 McODS; "C:\ProgramData\McAfee\Update\Installs\pkg_default\Download_Files\default\vso\vso_li_cat\%VSINSTALL_DIR64%\mcods.exe" [X]
S3 AthBTPort; \SystemRoot\system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; \SystemRoot\system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; \SystemRoot\system32\drivers\btath_avdt.sys [X]
S0 BTATH_BUS; System32\drivers\btath_bus.sys [X]
S3 BTATH_HCRP; \SystemRoot\System32\drivers\btath_hcrp.sys [X]
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; \SystemRoot\System32\drivers\btath_rcp.sys [X]
S3 BtFilter; \SystemRoot\system32\DRIVERS\btfilter.sys [X]
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]
2014-08-19 13:32 - 2014-08-19 13:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
C:\Users\Kátia\AppData\Local\Temp\AMDCleanupUtility.exe
C:\Users\Kátia\AppData\Local\Temp\aplicativoitau.exe
C:\Users\Kátia\AppData\Local\Temp\Cleanup.dll
C:\Users\Kátia\AppData\Local\Temp\DAPREMOVE.EXE
C:\Users\Kátia\AppData\Local\Temp\ddu.exe
C:\Users\Kátia\AppData\Local\Temp\difxapi.dll
C:\Users\Kátia\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Kátia\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Kátia\AppData\Local\Temp\libeay32.dll
C:\Users\Kátia\AppData\Local\Temp\mccspuninstall.exe
C:\Users\Kátia\AppData\Local\Temp\msvcm80.dll
C:\Users\Kátia\AppData\Local\Temp\msvcp80.dll
C:\Users\Kátia\AppData\Local\Temp\msvcr120.dll
C:\Users\Kátia\AppData\Local\Temp\msvcr80.dll
C:\Users\Kátia\AppData\Local\Temp\nbi-cleaner6623874901560596441.exe
C:\Users\Kátia\AppData\Local\Temp\playstv_patch.exe
C:\Users\Kátia\AppData\Local\Temp\radeon-crimson-16.3.2-minimalsetup.exe
C:\Users\Kátia\AppData\Local\Temp\raptrpatch.exe
C:\Users\Kátia\AppData\Local\Temp\raptr_stub.exe
C:\Users\Kátia\AppData\Local\Temp\sqlite3.dll
C:\Users\Kátia\AppData\Local\Temp\{11329D6B-44C8-45D2-9641-BE59CFD7C93B}-DropboxClient_4.4.29.exe
CMD: ipconfig /flushdns
EmptyTemp:

*****************

Ponto de Restauração criado com sucesso.
Processos fechados com sucesso.
"HKU\S-1-5-21-4103697994-62962464-1455422779-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{17a79f3e-0a7f-11e6-8349-a8258fd13724}" => chave removido (a) com sucesso.
HKCR\CLSID\{17a79f3e-0a7f-11e6-8349-a8258fd13724} => chave não encontrado (a). 
"HKU\S-1-5-21-4103697994-62962464-1455422779-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => chave removido (a) com sucesso.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7A8CCBA8-81A4-45F2-AC1D-0A701699C172}" => chave removido (a) com sucesso.
HKCR\CLSID\{7A8CCBA8-81A4-45F2-AC1D-0A701699C172} => chave não encontrado (a). 
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor removido (a) com sucesso.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor removido (a) com sucesso.
HKU\S-1-5-21-4103697994-62962464-1455422779-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor removido (a) com sucesso.
"HKU\S-1-5-21-4103697994-62962464-1455422779-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{49AEE82D-0CBA-4713-B9CF-B5C8844A50ED}" => chave removido (a) com sucesso.
HKCR\CLSID\{49AEE82D-0CBA-4713-B9CF-B5C8844A50ED} => chave não encontrado (a). 
McODS => serviço removido (a) com sucesso.
AthBTPort => serviço removido (a) com sucesso.
BTATH_A2DP => serviço removido (a) com sucesso.
btath_avdt => serviço removido (a) com sucesso.
BTATH_BUS => serviço removido (a) com sucesso.
BTATH_HCRP => serviço removido (a) com sucesso.
BTATH_LWFLT => serviço removido (a) com sucesso.
BTATH_RCP => serviço removido (a) com sucesso.
BtFilter => serviço removido (a) com sucesso.
gbpddfac => serviço removido (a) com sucesso.
gbpddreg => serviço removido (a) com sucesso.
PCDSRVC{3B54B31B-D06B6431-06020200}_0 => serviço removido (a) com sucesso.
C:\ProgramData\DP45977C.lfl => movido com sucesso
C:\Users\Kátia\AppData\Local\Temp\AMDCleanupUtility.exe => movido com sucesso
C:\Users\Kátia\AppData\Local\Temp\aplicativoitau.exe => movido com sucesso
C:\Users\Kátia\AppData\Local\Temp\Cleanup.dll => movido com sucesso
C:\Users\Kátia\AppData\Local\Temp\DAPREMOVE.EXE => movido com sucesso
C:\Users\Kátia\AppData\Local\Temp\ddu.exe => movido com sucesso
C:\Users\Kátia\AppData\Local\Temp\difxapi.dll => movido com sucesso
C:\Users\Kátia\AppData\Local\Temp\jre-8u73-windows-au.exe => movido com sucesso
C:\Users\Kátia\AppData\Local\Temp\jre-8u91-windows-au.exe => movido com sucesso
C:\Users\Kátia\AppData\Local\Temp\libeay32.dll => movido com sucesso
C:\Users\Kátia\AppData\Local\Temp\mccspuninstall.exe => movido com sucesso
C:\Users\Kátia\AppData\Local\Temp\msvcm80.dll => movido com sucesso
C:\Users\Kátia\AppData\Local\Temp\msvcp80.dll => movido com sucesso
C:\Users\Kátia\AppData\Local\Temp\msvcr120.dll => movido com sucesso
C:\Users\Kátia\AppData\Local\Temp\msvcr80.dll => movido com sucesso
C:\Users\Kátia\AppData\Local\Temp\nbi-cleaner6623874901560596441.exe => movido com sucesso
C:\Users\Kátia\AppData\Local\Temp\playstv_patch.exe => movido com sucesso
C:\Users\Kátia\AppData\Local\Temp\radeon-crimson-16.3.2-minimalsetup.exe => movido com sucesso
C:\Users\Kátia\AppData\Local\Temp\raptrpatch.exe => movido com sucesso
C:\Users\Kátia\AppData\Local\Temp\raptr_stub.exe => movido com sucesso
C:\Users\Kátia\AppData\Local\Temp\sqlite3.dll => movido com sucesso
C:\Users\Kátia\AppData\Local\Temp\{11329D6B-44C8-45D2-9641-BE59CFD7C93B}-DropboxClient_4.4.29.exe => movido com sucesso

========= ipconfig /flushdns =========


Configura��o de IP do Windows

Libera��o do Cache do DNS Resolver bem-sucedida.

========= Fim deCMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 79601403 B
Java, Flash, Steam htmlcache => 263606012 B
Windows/system/drivers => 200967182 B
Edge => 0 B
Chrome => 578099027 B
Firefox => 12763799 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6021 B
ProgramData => 0 B
Public => 0 B
systemprofile => 273554 B
systemprofile32 => 7889 B
LocalService => 93710 B
NetworkService => 0 B
Kátia => 1927421657 B

RecycleBin => 0 B
EmptyTemp: => 2.9 GB de dados temporários Removidos.

================================


O sistema precisou ser reiniciado.

==== Fim de Fixlog 11:47:48 ====

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @fabio0193

 

Baixe a Malwarebytes Anti-Malware (MBAM).
 
Clique duas vezes no mbam-setup.exe para instalar o programa.

  • Desmarque a caixa Ativar trial gratuito do MalwareBytes Anti-Malware PRO.
  • Se houver atualizações a serem feitas, serão baixadas e instaladas..
  • Clique em Configurações, clique em Detecção e proteção, marque Verificar por Rootkits.
  • Volte ao Painel e por fim clique em Verificar agora.
  • Começará então o exame. Aguarde, pois pode demorar.
  • Ao acabar o exame, se houver itens encontrados, certifique-se que estejam todas marcados e clique no botão Remover Selecionadas
  • Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo)
  • O log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Histórico -> Registros do aplicativo na janela principal do programa.
  • Clique duas vezes no log (Registro de verificação). Utilize o formato .txt para exportar o log.
  • O log de Proteção é desnecessário para a análise, exporte sempre o log correto.
  • Selecione, copie e cole o conteúdo deste log em sua próxima resposta.

 

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Malwarebytes Anti-Malware
www.malwarebytes.org

Data da verificação: 23/07/2016
Hora da verificação: 14:35
Arquivo de registro: MBAM.txt
Administrador: Sim

Versão: 2.2.1.1043
Banco de dados de malware: v2016.07.23.06
Banco de dados de rootkit: v2016.05.27.01
Licença: Gratuita
Proteção contra malware: Desabilitado
Proteção contra website malicioso: Desabilitado
Autoproteção: Desabilitado

Sistema operacional: Windows 8.1
CPU: x64
Sistema de arquivos: NTFS
Usuário: Kátia

Tipo de verificação: Verificação da ameaça
Resultado: Concluído
Objetos verificados: 312746
Tempo decorrido: 24 min, 33 seg

Memória: Habilitado
Inicialização: Habilitado
Sistema de arquivos: Habilitado
Arquivos compactados: Habilitado
Rootkits: Habilitado
Heurística: Habilitado
PUP: Habilitado
PUM: Habilitado

Processos: 0
(Nenhum item malicioso detectado)

Módulos: 0
(Nenhum item malicioso detectado)

Chaves de registro: 0
(Nenhum item malicioso detectado)

Valores de registro: 0
(Nenhum item malicioso detectado)

Dados de registro: 0
(Nenhum item malicioso detectado)

Pastas: 0
(Nenhum item malicioso detectado)

Arquivos: 1
PUP.Optional.BestOffer, C:\Program Files (x86)\Opera\BestOffer.url, Quarentena, [f0824dda1981e254a5b5e5cd788c07f9], 

Setores físicos: 0
(Nenhum item malicioso detectado)


(end)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @fabio0193

 

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Stinger e salve em sua Área de trabalho (Desktop).
32 bit (x86) ou 64 bit (x64)

  • Execute o arquivo Stinger.exe
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png
  • Clique no botão “I Accept”


Stinger%20a.png

Na nova janela clique em “Advanced” e depois “Settings”

Stinger%20b.png

Na janela configurações deixe conforme imagem abaixo e clique no botão “Save”

9hnsyu.png

Clique em “Customize my Scan”

Stinger%20f.png

Selecione as unidades do sistema e em seguida clique no botão “Scan”

Stinger%20g.png

Ao final clique em “View log”, será aberto uma janela com o log em seu navegador.
Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

McAfee Stinger Scan Results


McAfee® Labs Stinger™ Version 12.1.0.2067 built on Jul 25 2016 at 12:10:05
Copyright© 2015, McAfee, Inc. All Rights Reserved.

AV Engine version v5800.7501 for Windows.
Virus data file v1000.0 created on Jul 25, 2016
Ready to scan for 9843 viruses, trojans and variants.

Custom scan initiated on segunda-feira, julho 25, 2016 12:37:55


Rootkit scan result : Clean.

Summary Report on C:
D:
File(s)
    TotalFiles:............    2364681
    Clean:.................    349255
    Not Scanned:........... 2015426
    Possibly Infected:.....    0

Time: 04:53:07

Scan completed on segunda-feira, julho 25, 2016 17:31:02

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @fabio0193

 

Baixe Security Check, by glax24 e salve em sua Área de trabalho (Desktop).

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • Aguarde enquanto a ferramenta faz o exame.
  • Ao final salve log como SecurityCheck.html
  • Abra o arquivo com o bloco de notas;
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

SecurityCheck by glax24 & Severnyj v.1.4.0.40 [21.05.16]
WebSite: www.safezone.cc
DateLog: 26.07.2016 12:35:23
Path starting: C:\Users\Kátia\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Kátia
VersionXML: 3.24is-22.07.2016
___________________________________________________________________________

Windows 8.1(6.3.9600) (x64) CoreSingleLanguage Lang: Portuguese(0416)
Installation date OS: 22.08.2014 01:31:47
LicenseStatus: Office 15, OfficeProPlusVL_KMS_Client edition Volume activation will expire : 243654 minutes
LicenseStatus: Windows(R), CoreSingleLanguage edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [466.5 Gb] Used: [245.9 Gb] Free: [220.6 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.18378 [+]
User Account Control enabled
Automatic download and scheduled installation
Date install updates: 2016-07-24 17:35:08
Windows Update (wuauserv) - The service is running
Central de Segurança (wscsvc) - The service is running
Registro remoto (RemoteRegistry) - The service has stopped
Descoberta SSDP (SSDPSRV) - The service is running
Serviços de Área de Trabalho Remota (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office 2013 x86 v.15.0.4569.1506
---------------------------- [ Antivirus_WMI ] ----------------------------
Windows Defender (disabled and out of date)
avast! Antivirus (enabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Firewall do Windows (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (disabled and out of date)
avast! Antivirus (enabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Avast Free Antivirus v.12.1.2272
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware versão 2.2.1.1043 v.2.2.1.1043
--------------------------- [ OtherUtilities ] ----------------------------
7-Zip 16.02 (x64 edition) v.16.02.00.0
Oracle VM VirtualBox 4.3.18 v.4.3.18 Warning! Download Update
Microsoft Silverlight v.5.1.50428.0
VLC media player v.2.2.3 Warning! Download Update
--------------------------------- [ P2P ] ---------------------------------
µTorrent v.3.4.5.41372 Warning! P2P-client.
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 71 (64-bit) v.8.0.710.15 Warning! Download Update
Uninstall old version and install new one (jre-8u102-windows-x64.exe).
Java 8 Update 91 (64-bit) v.8.0.910.14 Warning! Download Update
Uninstall old version and install new one (jre-8u102-windows-x64.exe).
Java SE Development Kit 7 Update 79 (64-bit) v.1.7.0.790 Warning! This software is no longer supported. Please uninstall it and use Java SDK 8 (jdk-8u102-windows-x64.exe).
Java SE Development Kit 8 Update 71 (64-bit) v.8.0.710.15 Warning! Download Update
Uninstall old version and install new one (jdk-8u102-windows-x64.exe).
Java SE Development Kit 8 Update 77 (64-bit) v.8.0.770.3 Warning! Download Update
Uninstall old version and install new one (jdk-8u102-windows-x64.exe).
--------------------------- [ AdobeProduction ] ---------------------------
Adobe AIR v.22.0.0.153
Adobe Flash Player 22 NPAPI v.22.0.0.192 Warning! Download Update
------------------------------- [ Browser ] -------------------------------
Google Chrome v.51.0.2704.103 Warning! Download Update
Mozilla Firefox 47.0.1 (x86 pt-BR) v.47.0.1
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.51.0.2704.103
------------------ [ AntivirusFirewallProcessServices ] -------------------
Avast Antivirus (avast! Antivirus) - The service is running
C:\Program Files\AVAST Software\Avast\AvastSvc.exe v.12.1.3076.0
C:\Program Files\AVAST Software\Avast\avastui.exe v.12.1.3076.6
McAfee Validation Trust Protection Service (mfevtp) - The service is running
C:\Windows\System32\mfevtps.exe
Serviço Windows Defender (WinDefend) - The service has stopped
Serviço de Inspeção de Rede do Windows Defender (WdNisSvc) - The service has stopped
---------------------------- [ UnwantedApps ] -----------------------------
Unity Web Player v.5.3.1f1 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
----------------------------- [ End of Log ] ------------------------------
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @fabio0193

 

Como está seu Windows?

 

# Etapa nº 1 #

 

Baixe o Delfix by Xplode e salve na sua área de trabalho.

 

Clique duas vezes no delfix.exe para executá-lo. Marque as caixas conforme imagem.

 

** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo delfix.exe, depois clique em execadmin.png.

 

2mez6ld.png

 

Clique no botão Executar.

 

Ao final será gerado um log, mas não é necessário postar.
 
# Etapa nº 2 #
 
imageproxy.php?img=http%3A%2F%2Fi65.tiny Versões antigas de programas têm vulnerabilidades que alguns malwares podem usar para infectar o seu sistema.
 
Por isso, é recomendável atualizar os programas que o Security Check apontou como desatualizados (os updates opcionais ficam ao seu critério).
 
Basta clicar no Download Update de cada aviso (post acima), que irá para o site do desenvolvedor.

<<@>> Mantenha sempre seu Windows atualizado; mantenha uma vigilância constante com o firewall e antivírus e por fim, lembre-se que, a melhor forma de prevenir começa pelas nossas atitudes!

 

# Etapa nº 3 #

 

O Ccleaner é um excelente utilitário de limpeza para o computador.

 

Faça o download dele aqui Ccleaner

 

  • Após a instalação vá até o local onde o programa foi instalado, geralmente em C:\Arquivos de programas\CCleaner.
  • Clique duas vezes nesta pasta;
  • Numa área vazia desta janela, clique com o botão direito do mouse e escolha Novo > pasta e crie uma nova pasta;
  • Coloque o nome de backups.
  • Abra o programa e clique em Executar Limpeza;
  • Clique no botão Registro > Procurar Erros > Corrigir erro(s) seleciona(s)...
  • Observação: Não se esqueça de aceitar o backup das correções, e salvá-los nas pasta criada acima!

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Está bem mais rápido, mas quando ligo o PC, antes de aparecer a tela de logar no usuário, está ficando com a tela preta durante 1 minuto.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Amigo, não me parece que tenha algo a ver com malware...

 

Pelo que entendi aparece a tela preta e depois entra o Windows normalmente.

 

Interessante, talvez, testar alguma placa de vídeo off-board e ver se ainda continua a tal tela. ;)

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×