Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
giant01

Micro com comportamento estranho. Muita coisa não funciona.

Recommended Posts

Oi pessoal.Meu micro desktop esta muito estranho. Não aceita no painel de contrôle atualizações, ele trava e fica rodando aquela bolinha do mouse.Só consigo sair de lá com o gerenciador de tarefas.

Não consigo fazer atualizações do Ópera e do Chrome . O Firefox, quando abro, depois de alguns minutos, ele estora a memória RAM ou estora a % do processador. e só resetando a máquina.

Já rodei o AVAST em boot, mas não pegou nada. No final do ano passado, pegou e colocou uns malware na quarentena. Verei se  consigo printar a tela do resultado.

Necessito da ajuda de vocês. Obrigado.

giant

 

ZA-Scan.txt

avast.jpg

Compartilhar este post


Link para o post
Compartilhar em outros sites

@giant01

 

Por favor, atente para o seguinte:

  • Sobre o Fórum: Este é um espaço privado, não público. Seu uso é um privilégio, não um direito;
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • IMPORTANTE: Caso tenha programas de ativação do windows ou de compartilhamento de torrent, sugiro desinstalar. Só irei dar procedimento na analise após a remoção. Regras do forum;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Respeite a ordem das instruções passadas;
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Siga os passos abaixo:

ETAPA 1

Baixe o Malwarebytes Anti-Malware (MBAM) do link abaixo e salve no seu desktop.
https://downloads.malwarebytes.org/file/mbam_current/
 
Clique duas vezes no mbam-setup.exe e siga o solicitado para instalar o programa.

  • Na aba Análise > Analise Personalizada marque a opção Procurar rootkits e as entradas referente a instalação do sistema operacional. Normalmente é o drive C:;
  • Clique em Analisar Agora. Aguarde, pois o scan pode demorar;
  • Ao acabar o scan, se houver itens encontrados, certifique-se que estejam todas marcados e clique no botão Remover Selecionadas ou Colocar em Quarentena;
  • Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo);
  • Caso o mbam não seja executado automaticamente após a reinicialização, execute manualmente;
  • O log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Relatórios na janela principal do programa;
  • Clique duas vezes no log (Registro de verificação). Clique no botão Exportar e utilize o formato .txt para exportar o log. Salve na Área de Trabalho.


ATENÇÃO: Abra o arquivo, selecione tudo, copie e cole o conteúdo deste log em sua próxima resposta.

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

ETAPA 2

Faça o download do AdwCleaner de um dos links abaixo e salve no desktop.
https://toolslib.net/downloads/viewdownload/1-adwcleaner/
http://www.bleepingcomputer.com/download/adwcleaner/

Clique em DOWNLOAD NOW para baixar o arquivo.

Execute o adwcleaner.exe

OBS: Usuários do Windows Vista, 7, 8/8.1 e windows 10 clique com o direito sobre o arquivo AdwCleaner.exe, depois clique em VRIfczU.png

Clique em VERIFICAR. Após o termino clique em LIMPAR e aguarde.

Será aberto o bloco de notas com o resultado.

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

@giant01

 

Execute novamente o Adwcleaner e após o scan, remova as entradas. Abra o log, copie e colte na sua próxima resposta.

 

Faça o download do RogueKiller by Tigzy, e salve na sua área de trabalho (Desktop).
roguekiller.exe (x64) << link

  • Feche todos os programas
  • Execute o RogueKiller.exe.
    ** Usuários do Windows Vista, Windows 7, 8, 8.1 e Windows 10:
    Clique com o direito sobre o arquivo rogueKiller.exe, depois clique em VRIfczU.png.
  • Quando a janela da Eula aparecer, clique em Accept.
  • Selecione a aba SCAN
  • Clique em START SCAN
  • Aguarde ate que o scan termine...
  • Clique no botão OPEN REPORT
  • Clique na opção EXPORT TXT e salve na Área de Trabalho com o nome de roguekiller.txt
  • Clique em OK e feche o RogueKiller.


Atente para abrir o arquivo, copiar e colar todo o conteúdo na sua próxima resposta

Compartilhar este post


Link para o post
Compartilhar em outros sites

beleza. 

Tudo executado conforme instrução.

Uma dúvida, no RogueKiller, depois de escaneado, voce não pediu para apagar o que foi encontrado. Pediu para exportar o relatório, só isso.

É isso mesmo?

Segue resultados.

abs

Roguekiller.txt

AdwCleaner[S6].txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Tudo certo Elias.

Depois da semana passada, quando segui as instruções, hoje tentei abrir o painel de contrôle para ver se tinham atualizações de windows, descobri que permanecem os problemas.

abs

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@giant01

 

5 horas atrás, giant01 disse:

Tudo certo Elias.

Depois da semana passada, quando segui as instruções, hoje tentei abrir o painel de contrôle para ver se tinham atualizações de windows, descobri que permanecem os problemas.

abs

 

 

Qual problema? Poste uma imagem do erro que aparece quando tu acessa as atualizações do windows.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Então Elias. 

Quando abro o painel de contrôle, e clico em windows update, ou atualizações, aparece aquele circulo no cursor de processamento em segundo plano e trava o painel. só saio de lá depois do gerenciador de tarefas.

Quando atualizo o Chrome, aparece isso .

Sobre um post anterior, sobre o RogueKiller, posso abrir e corrigir os problemas?

 

elias01.jpg

Compartilhar este post


Link para o post
Compartilhar em outros sites

@giant01

 

5 horas atrás, giant01 disse:

Sobre um post anterior, sobre o RogueKiller, posso abrir e corrigir os problemas?

 

Pode sim. :thumbsup:

 

Desinstale o chrome com o RevoUninstaller e reinicie seu computador. Após isso instale novamente.

 

Abra um prompt de comando (cmd) como administrador e execute o comando abaixo:

sfc /scannow

Poste o resultado.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Fiz tudo certo.

Baixei o desinstalador, executei, reiniciei, etc....

executei o "scannow" no "prompt"

e depois reinstalei o chrome.

o problema de atualização persiste no navegador.

abri o painel de controle e pelo menos consegui tirar um print do que aparece.

segue os relatórios.

elias02.jpg

elias03.jpg

Compartilhar este post


Link para o post
Compartilhar em outros sites

@giant01

 

Abra um prompt de comando (cmd) em modo administrador e execute:

net start wuauserv

Apos o comando acima, execute:

sc config wuauserv start= auto

Reinicie seu computador, abra o windows update e verifique se ocorre a mensagem de erro.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Obrigado Elias.

Segui as instruções,mas esqueci de tirar um print pra voce ver. 

Continua do mesmo jeito, e o Google Chrome ainda sem atualizar também, mostrando aquela mensagem de erro que já postei em dias anteriores.

segue a mensagem de erro do painel de controle de hoje. acho que é igual daquela de ontem.

 

elias04.jpg

Compartilhar este post


Link para o post
Compartilhar em outros sites

acredito que não.

Compartilhar este post


Link para o post
Compartilhar em outros sites

@giant01

 

O ideal é que você consiga, pois do contrario não conseguira recuperar os arquivos.

 

Baixe o Farbar Recovery Scan do link abaixo e salve na sua área de trabalho.
https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

** Usuários do Windows Vista, Windows 7, 8/8.1 e windows 10:
Clique com o direito sobre o arquivo FRST64.EXE, depois clique em VRIfczU.png .
Aceite o contrato e depois clique no botão Scan/Examinar.

Aguarde e ao final, os logs FRST.txt e Addition.txt serão salvos no seu desktop.

Abra cada arquivo em separado, copie seu conteúdo e cole na sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia

Ok Elias, vou ver se arrumo o tal disco de instalação.

Já efetuei as sugestões.

Segue arquivos gerados. Vou copiar e colar os conteúdos como você pediu ao invés de fazer upload dos arquivos gerados.

 

 

FRST:

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 27.01.2018
Executado por user (administrador) em USER-PC (05-02-2018 09:20:30)
Executando a partir de C:\Users\user\Desktop
Perfis Carregados: user (Perfis Disponíveis: user & user-pc)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(AVAST Software) C:\Program Files\avast software\avast\afwServ.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVAST Software) C:\Program Files\avast software\avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
(SafeNet, Inc.) C:\Program Files\SafeNet\Authentication\SAC\x64\SACSrv.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SafeNet, Inc.) C:\Program Files\SafeNet\Authentication\SAC\x64\SACMonitor.exe
(A.E.T. Europe B.V.) C:\Windows\System32\aetcrss1.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVAST Software) C:\Program Files\avast software\avast\AvastUI.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Cyberlink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
(brother) C:\Program Files (x86)\Brownie\BrStsW64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files\avast software\avast\x64\aswidsagenta.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
(brother) C:\Program Files (x86)\Brownie\brpjp04a.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\user\Desktop\FRST64 (2).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SACMonitor] => C:\Program Files\SafeNet\Authentication\SAC\x64\SACMonitor.exe [2162136 2011-10-02] (SafeNet, Inc.)
HKLM\...\Run: [CertificateRegistration] => C:\Windows\system32\aetcrss1.exe [191488 2011-04-20] (A.E.T. Europe B.V.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2018-01-22] (AVAST Software)
HKLM-x32\...\Run: [RemoteControl] => C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [71216 2007-03-14] (Cyberlink Corp.)
HKLM-x32\...\Run: [LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [52256 2007-01-08] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [BrStsWnd] => C:\Program Files (x86)\Brownie\BrstsW64.exe [3695928 2009-08-19] (brother)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [286272 2015-07-27] (RealNetworks, Inc.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [714992 2016-07-05] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: 
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2016-09-21] (Caixa Economica Federal)
Winlogon\Notify\ GbPluginUni: C:\Program Files (x86)\GbPlugin\gbiehUni.dll [2016-12-09] (Banco Itaú Unibanco)
Winlogon\Notify\ScCertProp: 
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO
HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\Run: [Google Update] => C:\Users\user\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6160152 2014-05-20] (Piriform Ltd)
HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\Run: [Dropbox Update] => C:\Users\user\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\Run: [Google Photos Backup] => C:\Users\user\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-08] (Google, Inc)
HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Technologies S.A.)
HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\MountPoints2: {f515166e-40df-11e7-8bfe-f46d0445cd20} - F:\Auto.exe
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\PROGRAM FILES (X86)\GbPlugin\gbiehuni.dll [1951968 2016-12-09] (Banco Itaú Unibanco)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\PROGRAM FILES (X86)\GbPlugin\gbiehcef.dll [1903328 2016-09-21] (Caixa Economica Federal)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-05-04]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2015-07-27]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-12-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * SmartDefragBootTime.exe

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 201.82.0.67 201.82.0.62 201.6.4.116
Tcpip\..\Interfaces\{10E1120D-5177-49EE-B504-E2465C4CFC2E}: [DhcpNameServer] 201.82.0.67 201.82.0.62 201.6.4.116

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-757420601-2912953563-2070738426-1000 -> DefaultScope {E103BBF9-7760-439e-B29B-5E77D874A31C} URL = hxxp://br.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
SearchScopes: HKU\S-1-5-21-757420601-2912953563-2070738426-1000 -> {431EF733-F19C-4f6b-A9EB-E62784F77B1A} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=pt-BR&q={searchTerms}
SearchScopes: HKU\S-1-5-21-757420601-2912953563-2070738426-1000 -> {E103BBF9-7760-439e-B29B-5E77D874A31C} URL = hxxp://br.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2017-05-22] (IObit)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2015-06-17] (RealDownloader)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-12-01] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2015-06-17] (RealDownloader)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-23] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-12-01] (AVAST Software)
BHO-x32: Auxiliar de Conexão de Conta da Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehcef.dll [2016-09-21] (Caixa Economica Federal)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehuni.dll [2016-12-09] (Banco Itaú Unibanco)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-23] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  Nenhum Arquivo
Toolbar: HKLM - Sem Nome - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  Nenhum Arquivo
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yyrtxggw.default [2018-02-05]
FF Homepage: Mozilla\Firefox\Profiles\yyrtxggw.default -> hxxps://www.google.com.br/?hl=en&gws_rd=cr&ei=OAwsVY69BsulsAXZoYHYDw
FF Session Restore: Mozilla\Firefox\Profiles\yyrtxggw.default -> está habilitado.
FF Extension: (Hoxx VPN Proxy) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yyrtxggw.default\Extensions\@hoxx-vpn.xpi [2018-02-01]
FF Extension: (Test Pilot) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yyrtxggw.default\Extensions\@testpilot-addon.xpi [2018-01-29] [Legacy]
FF Extension: (Xmarks Bookmark Sync) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yyrtxggw.default\Extensions\foxmarks@kei.com.xpi [2017-12-05]
FF Extension: (Firefox Notes) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yyrtxggw.default\Extensions\notes@mozilla.com.xpi [2018-01-29]
FF Extension: (Avast SafePrice) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yyrtxggw.default\Extensions\sp@avast.com.xpi [2017-12-05]
FF Extension: (Easy Video Downloader) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yyrtxggw.default\Extensions\vdpure@link64.xpi [2017-08-07]
FF Extension: (Avast Online Security) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yyrtxggw.default\Extensions\wrc@avast.com.xpi [2017-10-06]
FF Extension: (Flagfox) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yyrtxggw.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2018-02-01]
FF Extension: (Flash and Video Download) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yyrtxggw.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}.xpi [2018-01-29]
FF Extension: (Adblock Plus) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yyrtxggw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-12]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-05-04] [Legacy] [não assinado]
FF HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8873}] - C:\Users\user\AppData\Local\GAS Tecnologia\GBBD\uni\xpi
FF Extension: (Guardião - Itaú 30 horas) - C:\Users\user\AppData\Local\GAS Tecnologia\GBBD\uni\xpi [2014-10-21] [Legacy] [não assinado]
FF HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\user\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF Extension: (GBBD Caixa Economica Federal) - C:\Users\user\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2014-12-16] [Legacy] [não assinado]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-22] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-22] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [Nenhum Arquivo]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.0.1.9 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2015-07-27] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.0.1.9 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2015-07-27] (RealTimes)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-757420601-2912953563-2070738426-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\user\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-757420601-2912953563-2070738426-1000: @talk.google.com/O1DPlugin -> C:\Users\user\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-757420601-2912953563-2070738426-1000: @tools.google.com/Google Update;version=3 -> C:\Users\user\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [Nenhum Arquivo]
FF Plugin HKU\S-1-5-21-757420601-2912953563-2070738426-1000: @tools.google.com/Google Update;version=9 -> C:\Users\user\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [Nenhum Arquivo]
FF Plugin HKU\S-1-5-21-757420601-2912953563-2070738426-1000: gastecnologia.com.br/sf/cef -> C:\Users\user\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-12-16] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-757420601-2912953563-2070738426-1000: gastecnologia.com.br/sf/uni -> C:\Users\user\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll [2014-07-15] (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Users\user\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\user\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\autoconf_warsaw.js [2018-02-05]

Chrome: 
=======
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2018-02-05]
CHR Extension: (Apresentações) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-02]
CHR Extension: (Documentos) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-02]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-02]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-02]
CHR Extension: (Planilhas) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-02]
CHR Extension: (Documentos Google off-line) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-02-02]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-02-02]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-02]
CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-02]
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\System Profile [2018-02-02]

Opera: 
=======
OPR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\eeokceolphhfjdfcibaiiopmekmcbedp [2017-03-24]
OPR Extension: (YouTube Downloader) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\kclijeogghhkmenkommbnjobhnndpfba [2015-06-03]
OPR Extension: (Vimeo Video Downloader) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\mpgjfjgapmmhnhbbmhcoocbpcjmcbcmg [2017-08-01]
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7538536 2018-01-22] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2018-01-22] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [351552 2018-01-22] (AVAST Software)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [631520 2017-12-13] (GAS Tecnologia)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Arquivo não assinado]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Arquivo não assinado]
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [206112 2017-06-14] (IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Arquivo não assinado]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Arquivo não assinado]
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Arquivo não assinado]
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2015-06-17] ()
R2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1115224 2015-07-27] (RealNetworks, Inc.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-14] ()
R2 SACSrv; C:\Program Files\SafeNet\Authentication\SAC\x64\SACSrv.exe [10712 2011-10-02] (SafeNet, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [1068376 2017-10-26] (GAS Tecnologia LTDA)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 AKSIFDH; C:\Windows\System32\DRIVERS\aksifdh.sys [62632 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [185096 2018-01-22] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [321512 2018-01-22] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199448 2018-01-22] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343768 2018-01-22] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57696 2018-01-22] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2018-01-22] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [146648 2018-01-22] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2017-07-20] (AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [580480 2018-01-22] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110336 2018-01-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84384 2018-01-22] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1025176 2018-01-22] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [457896 2018-01-22] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [204456 2018-01-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [358672 2018-01-22] (AVAST Software)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77432 2017-11-29] ()
S3 FETNDIS; C:\Windows\System32\DRIVERS\fet6x64.sys [47872 2009-06-10] (VIA Technologies, Inc. )
R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2018-02-05] (GAS Tecnologia)
R3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [130944 2014-11-10] (Gemalto)
R3 iKeyEnum; C:\Windows\System32\DRIVERS\ikeyenum.sys [16160 2010-07-08] (SafeNet, Inc.)
R3 iKeyIFD; C:\Windows\System32\DRIVERS\ikeyifd.sys [22304 2010-07-08] (SafeNet, Inc.)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [21928 2017-06-06] (IObit.com)
R3 IURegProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys [21872 2017-09-28] (IObit.com)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193968 2018-01-24] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2018-02-05] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [46008 2018-02-05] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-01-24] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [84256 2018-02-05] (Malwarebytes)
U5 RnbToken; C:\Windows\System32\Drivers\RnbToken.sys [24352 2010-07-08] (SafeNet, Inc.)
S3 RT61; C:\Windows\System32\DRIVERS\rt61.sys [438784 2009-06-02] (Ralink Technology, Corp.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [155632 2015-08-21] (MBB)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [28376 2018-02-05] (GAS Tecnologia)
R1 wsddntf; C:\Windows\System32\DRIVERS\wsddntf.sys [36984 2016-06-16] (GAS Tecnologia)
S1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [44624 2017-12-14] (GAS Tecnologia)
R3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [43608 2017-12-14] (GAS Tecnologia)
S1 Bfilter; \??\C:\Windows\System32\drivers\Bfilter.sys [X]
S1 Bfmon; \??\C:\Windows\System32\drivers\Bfmon.sys [X]
S1 Bnbase; System32\drivers\bnbasex64.sys [X]
S1 Bndef; \??\C:\Windows\System32\drivers\bndef64.sys [X]
S1 Bprotect; \??\C:\Windows\System32\drivers\Bprotect.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
S3 GBPRCM; \??\C:\Program Files (x86)\GbPlugin\gbprcm64.sys [X]
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 MotDev; system32\DRIVERS\motodrv.sys [X]
S3 motmodem; system32\DRIVERS\motmodem.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 Warsaw_PP; \??\C:\PROGRA~2\GbPlugin\wsftprp64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2018-02-05 09:20 - 2018-02-05 09:22 - 000031518 _____ C:\Users\user\Desktop\FRST.txt
2018-02-05 09:20 - 2018-02-05 09:20 - 000000000 ____D C:\FRST
2018-02-05 09:18 - 2018-02-05 09:18 - 002393088 _____ (Farbar) C:\Users\user\Desktop\FRST64 (2).exe
2018-02-05 09:17 - 2018-02-05 09:17 - 002393088 _____ (Farbar) C:\Users\user\Downloads\FRST64 (1).exe
2018-02-05 09:15 - 2018-02-05 09:16 - 002393088 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2018-02-05 08:52 - 2018-02-05 08:52 - 000003358 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-757420601-2912953563-2070738426-1000
2018-02-05 08:52 - 2018-02-05 08:52 - 000003222 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-757420601-2912953563-2070738426-1000
2018-02-05 08:49 - 2018-02-05 08:49 - 000000000 ____D C:\Users\Todos os Usuários\SWCUTemp
2018-02-05 08:49 - 2018-02-05 08:49 - 000000000 ____D C:\ProgramData\SWCUTemp
2018-02-02 11:10 - 2018-02-02 11:10 - 000002128 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2018-02-02 11:10 - 2018-02-02 11:10 - 000002090 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2018-02-02 11:10 - 2018-02-02 11:10 - 000000000 ____D C:\Program Files\Google
2018-02-02 11:08 - 2018-02-02 11:08 - 001129816 _____ (Google Inc.) C:\Users\user\Downloads\GoogleEarthProSetup.exe
2018-02-02 10:25 - 2018-02-02 10:25 - 000002312 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-02 10:20 - 2018-02-05 09:01 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-02-02 10:19 - 2018-02-02 10:19 - 000003336 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-757420601-2912953563-2070738426-1000
2018-02-02 10:19 - 2018-02-02 10:19 - 000003200 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-757420601-2912953563-2070738426-1000
2018-02-02 10:16 - 2018-02-05 08:47 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-02-02 09:09 - 2018-02-02 10:42 - 000000000 ____D C:\Users\user\AppData\Local\Google
2018-02-01 14:53 - 2018-02-01 14:54 - 050270312 _____ (Google Inc.) C:\Users\user\Downloads\ChromeStandaloneSetup64.exe
2018-02-01 14:45 - 2018-02-01 14:45 - 000001366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2018-02-01 14:45 - 2018-02-01 14:45 - 000001354 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2018-02-01 14:45 - 2018-02-01 14:45 - 000000000 ____D C:\Users\user\AppData\LocalLow\IObit
2018-02-01 14:45 - 2018-02-01 14:45 - 000000000 ____D C:\Users\Todos os Usuários\ProductData
2018-02-01 14:45 - 2018-02-01 14:45 - 000000000 ____D C:\ProgramData\ProductData
2018-02-01 14:45 - 2018-02-01 14:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2018-02-01 14:42 - 2018-02-01 14:43 - 015438128 _____ (IObit ) C:\Users\user\Desktop\iobituninstaller.exe
2018-02-01 12:34 - 2018-02-05 08:48 - 000000000 ____D C:\Users\Todos os Usuários\GbPlugin
2018-02-01 12:34 - 2018-02-05 08:48 - 000000000 ____D C:\ProgramData\GbPlugin
2018-01-31 15:26 - 2018-01-31 15:26 - 001516695 _____ C:\Users\user\Downloads\Activator Windows 7.rar
2018-01-31 12:13 - 2018-01-31 15:37 - 007649280 _____ C:\Program Files (x86)\GUTA573.tmp
2018-01-31 12:13 - 2018-01-31 12:13 - 000000000 ____D C:\Program Files (x86)\GUMA572.tmp
2018-01-31 08:41 - 2018-01-31 11:28 - 000000994 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2018-01-31 08:40 - 2018-01-31 11:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2018-01-31 08:40 - 2018-01-31 08:40 - 000000000 ____D C:\Program Files\VS Revo Group
2018-01-31 08:25 - 2017-12-14 14:06 - 000044624 ____N (GAS Tecnologia) C:\Windows\system32\Drivers\wsddpp.sys
2018-01-31 08:25 - 2017-12-14 14:06 - 000043608 ____N (GAS Tecnologia) C:\Windows\system32\Drivers\wsddprm.sys
2018-01-29 14:40 - 2018-02-05 08:55 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
2018-01-25 15:39 - 2018-01-25 15:39 - 000005536 _____ C:\Users\user\Desktop\Roguekiller.txt
2018-01-25 14:39 - 2018-01-30 16:32 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2018-01-25 14:24 - 2018-01-25 14:24 - 000001417 _____ C:\Users\user\Desktop\AdwCleaner[S6].txt
2018-01-25 14:19 - 2018-01-25 14:20 - 000000000 ____D C:\Users\Todos os Usuários\RogueKiller
2018-01-25 14:19 - 2018-01-25 14:20 - 000000000 ____D C:\ProgramData\RogueKiller
2018-01-25 14:15 - 2018-01-25 14:16 - 026916424 _____ (Adlice Software) C:\Users\user\Desktop\RogueKiller_portable64.exe
2018-01-25 10:43 - 2018-01-25 10:43 - 000001903 _____ C:\Users\user\Desktop\AdwCleaner[S5].txt
2018-01-25 10:36 - 2018-01-25 10:36 - 008206624 _____ (Malwarebytes) C:\Users\user\Desktop\adwcleaner_7.0.7.0.exe
2018-01-25 10:35 - 2018-01-25 10:35 - 000002597 _____ C:\Users\user\Desktop\MBAM-01.txt
2018-01-24 20:17 - 2018-01-24 20:17 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-01-24 12:14 - 2018-02-05 08:48 - 000046008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-01-24 12:14 - 2018-01-24 12:14 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-01-24 12:14 - 2018-01-24 12:14 - 000193968 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-01-24 12:13 - 2018-01-24 13:55 - 000001871 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-01-24 12:13 - 2018-01-24 12:13 - 000000000 ____D C:\Users\Todos os Usuários\MB2Migration
2018-01-24 12:13 - 2018-01-24 12:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-01-24 12:13 - 2018-01-24 12:13 - 000000000 ____D C:\ProgramData\MB2Migration
2018-01-24 12:13 - 2018-01-24 12:13 - 000000000 ____D C:\Program Files\Malwarebytes
2018-01-24 12:13 - 2017-11-29 09:11 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2018-01-24 12:11 - 2018-01-24 12:12 - 082823000 _____ (Malwarebytes ) C:\Users\user\Desktop\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3764.exe
2018-01-23 14:05 - 2018-01-23 14:05 - 000031819 _____ C:\ZA-Scan.txt
2018-01-23 13:57 - 2018-01-23 13:57 - 001368576 _____ C:\Users\user\Desktop\ZA-Scan.exe
2018-01-22 10:24 - 2018-01-22 10:24 - 000365680 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2018-02-05 09:22 - 2017-04-27 18:58 - 000028888 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddfac64.sys
2018-02-05 09:16 - 2016-02-16 09:55 - 000000386 _____ C:\Windows\Tasks\update-S-1-5-21-757420601-2912953563-2070738426-1000.job
2018-02-05 09:14 - 2009-07-14 02:45 - 000021200 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-02-05 09:14 - 2009-07-14 02:45 - 000021200 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-02-05 09:13 - 2015-06-19 10:12 - 000001026 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-757420601-2912953563-2070738426-1000UA.job
2018-02-05 09:06 - 2016-11-17 10:18 - 000000000 ____D C:\Users\user\AppData\LocalLow\Mozilla
2018-02-05 08:59 - 2011-07-15 14:39 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-02-05 08:55 - 2017-07-20 15:47 - 000004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-02-05 08:54 - 2011-07-22 18:39 - 000000000 ____D C:\Users\user\AppData\Roaming\Skype
2018-02-05 08:52 - 2017-06-30 13:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-02-05 08:51 - 2015-05-05 16:12 - 000000000 ___RD C:\Users\user\iCloudDrive
2018-02-05 08:50 - 2016-02-16 09:54 - 000000386 _____ C:\Windows\Tasks\update-sys.job
2018-02-05 08:50 - 2011-08-09 16:24 - 000000332 _____ C:\Windows\Brownie.ini
2018-02-05 08:49 - 2011-07-15 03:50 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2018-02-05 08:47 - 2017-04-27 10:59 - 000028376 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2018-02-05 08:47 - 2014-09-09 16:58 - 000000000 ____D C:\temp
2018-02-05 08:47 - 2014-04-28 10:19 - 000000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2018-02-05 08:46 - 2009-07-14 03:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-02-02 16:39 - 2017-11-21 10:11 - 000000000 ____D C:\Users\user\AppData\Roaming\WhatsApp
2018-02-02 14:45 - 2017-11-30 14:17 - 000000000 ____D C:\Users\user\Desktop\Danila
2018-02-02 14:26 - 2015-06-19 10:12 - 000000974 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-757420601-2912953563-2070738426-1000Core.job
2018-02-02 10:13 - 2017-07-20 16:17 - 000000000 ____D C:\Program Files\Opera
2018-02-02 10:11 - 2014-09-10 09:32 - 001129816 _____ (Google Inc.) C:\Users\user\Downloads\ChromeSetup.exe
2018-02-01 14:53 - 2014-09-23 12:26 - 000000000 ____D C:\Users\user\AppData\Roaming\IObit
2018-02-01 14:45 - 2014-09-23 12:30 - 000000000 ____D C:\Users\Todos os Usuários\IObit
2018-02-01 14:45 - 2014-09-23 12:30 - 000000000 ____D C:\ProgramData\IObit
2018-02-01 14:44 - 2014-09-23 12:26 - 000000000 ____D C:\Program Files (x86)\IObit
2018-02-01 14:43 - 2016-10-05 11:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-02-01 14:43 - 2012-06-28 14:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-01 12:34 - 2013-11-12 11:46 - 000000000 ____D C:\Program Files (x86)\GbPlugin
2018-02-01 08:59 - 2009-07-14 02:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-01-31 12:13 - 2011-07-17 16:34 - 000000000 ____D C:\Program Files (x86)\Google
2018-01-25 14:23 - 2014-08-07 17:01 - 000000000 ____D C:\AdwCleaner
2018-01-25 09:43 - 2016-09-08 10:03 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2018-01-25 09:13 - 2011-07-15 23:59 - 000000000 ____D C:\Users\user\AppData\Local\ElevatedDiagnostics
2018-01-24 20:18 - 2014-06-10 11:06 - 000000000 ____D C:\Users\user\AppData\Roaming\Dropbox
2018-01-24 12:13 - 2015-10-26 09:26 - 000000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2018-01-24 12:13 - 2015-10-26 09:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-01-24 10:39 - 2017-11-21 10:12 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2018-01-24 10:38 - 2017-11-21 10:11 - 000000000 ____D C:\Users\user\AppData\Local\WhatsApp
2018-01-24 10:13 - 2017-07-20 16:18 - 000003840 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1500574701
2018-01-23 09:45 - 2014-10-16 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-01-23 09:45 - 2013-10-25 08:42 - 000000000 ____D C:\Users\Todos os Usuários\Oracle
2018-01-23 09:45 - 2013-10-25 08:42 - 000000000 ____D C:\ProgramData\Oracle
2018-01-23 09:45 - 2013-07-26 18:13 - 000000000 ____D C:\Program Files (x86)\Java
2018-01-23 09:44 - 2015-04-07 11:43 - 000002552 _____ C:\Users\user\Desktop\Emissor de Nota Fiscal Eletronica (NF-e) 3.10.lnk
2018-01-23 09:44 - 2014-05-09 10:17 - 000002556 _____ C:\Users\user\Desktop\Emissor de Nota Fiscal Eletrônica (NF-e) 2.0.lnk
2018-01-23 09:43 - 2014-10-16 11:18 - 000097344 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2018-01-22 15:39 - 2012-09-18 15:14 - 000000000 ____D C:\Users\user\Desktop\Casa varios
2018-01-22 10:37 - 2015-05-15 15:37 - 000004446 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-01-22 10:37 - 2012-06-22 11:00 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-01-22 10:37 - 2012-06-22 11:00 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-01-22 10:37 - 2012-06-22 11:00 - 000004384 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-01-22 10:37 - 2011-11-14 13:54 - 000000000 ____D C:\Windows\system32\Macromed
2018-01-22 10:25 - 2017-07-20 15:46 - 000457896 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-01-22 10:25 - 2017-07-20 15:46 - 000146648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-01-22 10:24 - 2017-12-01 10:40 - 000185096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-01-22 10:24 - 2017-07-20 15:46 - 001025176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-01-22 10:24 - 2017-07-20 15:46 - 000457400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys.151662394685409
2018-01-22 10:24 - 2017-07-20 15:46 - 000358672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-01-22 10:24 - 2017-07-20 15:46 - 000204456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-01-22 10:24 - 2017-07-20 15:46 - 000146664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys.151662394685409
2018-01-22 10:24 - 2017-07-20 15:46 - 000110336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-01-22 10:24 - 2017-07-20 15:46 - 000084384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-01-22 10:24 - 2017-07-20 15:46 - 000046976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-01-22 10:23 - 2017-07-20 15:46 - 000580480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2018-01-22 10:23 - 2017-07-20 15:46 - 000343768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-01-22 10:23 - 2017-07-20 15:46 - 000321512 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-01-22 10:23 - 2017-07-20 15:46 - 000199448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-01-22 10:23 - 2017-07-20 15:46 - 000057696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys

==================== Arquivos na raiz de alguns diretórios =======

2018-01-31 12:13 - 2018-01-31 15:37 - 007649280 _____ () C:\Program Files (x86)\GUTA573.tmp
2013-11-12 11:45 - 2014-10-21 16:25 - 000033012 _____ () C:\Users\user\AppData\Roaming\unins000.dat
2014-10-21 16:25 - 2014-10-21 16:25 - 000720082 _____ () C:\Users\user\AppData\Roaming\unins000.exe
2014-11-03 12:54 - 2014-11-03 12:54 - 000016653 _____ () C:\Users\user\AppData\Roaming\unins001.dat
2014-11-03 12:54 - 2014-11-03 12:54 - 000730322 _____ () C:\Users\user\AppData\Roaming\unins001.exe
2011-08-12 10:47 - 2016-10-04 11:23 - 000009728 _____ () C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-26 11:38 - 2014-05-26 15:20 - 000007604 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg
2013-04-11 16:42 - 2013-04-11 16:42 - 000000003 _____ () C:\Users\user\AppData\Local\updater.log
2013-04-11 16:42 - 2017-05-11 10:58 - 000000425 _____ () C:\Users\user\AppData\Local\UserProducts.xml
2011-11-08 08:47 - 2011-11-08 08:47 - 000000000 _____ () C:\Users\user\AppData\Local\{1A5FAA97-E552-4C60-9A3B-E022B26C1ABA}

Alguns arquivos em TEMP:
====================
2018-01-25 14:20 - 2017-09-13 13:31 - 001732864 _____ (Microsoft Corporation) C:\Users\user\AppData\Local\Temp\dllnt_dump.dll
2017-07-21 13:22 - 2017-07-21 13:22 - 000739904 _____ (Oracle Corporation) C:\Users\user\AppData\Local\Temp\jre-8u141-windows-au.exe
2017-08-01 15:21 - 2017-08-01 15:21 - 000740416 _____ (Oracle Corporation) C:\Users\user\AppData\Local\Temp\jre-8u144-windows-au.exe
2017-10-23 09:33 - 2017-10-23 09:33 - 001856576 _____ (Oracle Corporation) C:\Users\user\AppData\Local\Temp\jre-8u151-windows-au.exe
2018-01-23 09:41 - 2018-01-23 09:41 - 001864256 _____ (Oracle Corporation) C:\Users\user\AppData\Local\Temp\jre-8u161-windows-au.exe

==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

LastRegBack: 2018-01-29 10:49

==================== Fim de FRST.txt ============================

 

 

Addition :

 

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 27.01.2018
Executado por user (05-02-2018 09:23:18)
Executando a partir de C:\Users\user\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2011-07-15 05:30:26)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-757420601-2912953563-2070738426-500 - Administrator - Disabled)
Convidado (S-1-5-21-757420601-2912953563-2070738426-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-757420601-2912953563-2070738426-1002 - Limited - Enabled)
user (S-1-5-21-757420601-2912953563-2070738426-1000 - Administrator - Enabled) => C:\Users\user
user-pc (S-1-5-21-757420601-2912953563-2070738426-1172 - Administrator - Enabled) => C:\Users\user-pc

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\{77DCDCE3-2DED-62F3-8154-05E745472D07}) (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
AirPlus G DWL-G510 (HKLM-x32\...\{8B128562-681D-4FFA-BEBF-A825985B2CB9}) (Version: 1.0.24 - D-Link)
Android_Driver (HKLM-x32\...\Android_Driver) (Version: V2.6.7.0 - Android Communication Equipment Co. Ltd.)
Aplicativo Itaú (HKLM-x32\...\{8C674A6C-0A7E-4A28-AF50-EA41B2E12EA7}) (Version: 1.0.101 - Banco Itaú)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Assistente do certificado digital (HKLM-x32\...\{BE72FB31-7A89-44FA-9E32-56E17F3114BD}) (Version: 1.0.0 - Serasa Experian)
Assistente do Certificado Digital Serasa Experian (HKLM-x32\...\{88F3E537-CED7-41A5-AB7C-C0C7FB3D420F}) (Version: 3.3.0.4 - Serasa Experian)
Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version:  - Microsoft)
Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version:  - Microsoft)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version:  - Microsoft)
Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version:  - Microsoft)
Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 17.9.2322 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother HL-2140 (HKLM-x32\...\{67FD71C2-86E7-45C6-BDEB-2BC06602E49F}) (Version: 1.00 - Brother)
Browser Configuration Utility (HKLM-x32\...\{BA88EE67-8974-459D-A1DB-C8281D9AC6F6}) (Version: 1.0.12.1 - DeviceVM, Inc.) <==== ATENÇÃO
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
C4400 (HKLM-x32\...\{B1E33614-25CC-4C2A-8CBA-88B51ABF67E0}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
calibre (HKLM-x32\...\{F4E73041-BC8B-4D62-BFD4-EC0D408EB357}) (Version: 2.79.1 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{51DD370C-6690-424E-9674-5F14468B323F}) (Version: 15.0.0.487 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\{51DD370C-6690-424E-9674-5F14468B323F}) (Version: 15.0.487 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - BR (HKLM-x32\...\{FD8AE9E2-B61E-4826-9CE7-937E1E9A9EEC}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Capture (HKLM-x32\...\{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Common (HKLM-x32\...\{CA3861BA-1D96-4D66-B577-318E1602C4F3}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Connect (HKLM-x32\...\{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Custom Data (HKLM-x32\...\{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Draw (HKLM-x32\...\{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Filters (HKLM-x32\...\{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - FontNav (HKLM-x32\...\{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - IPM (HKLM-x32\...\{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (HKLM-x32\...\{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Photozoom Plugin (HKLM-x32\...\{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Redist (HKLM-x32\...\{59123CCF-FED2-46FF-9293-D1DC80042219}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Setup Files (HKLM-x32\...\{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VBA (HKLM-x32\...\{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VideoBrowser (HKLM-x32\...\{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VSTA (HKLM-x32\...\{260ED378-2B8C-4831-ADAE-D0712D119AC5}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit (HKLM\...\{66C10F29-31F0-4A9B-B2CF-465F488AE086}) (Version: 15.0.487 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - WT (HKLM-x32\...\{9244E956-5939-4B88-930C-0699D4AB2B95}) (Version: 15.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 (HKLM-x32\...\{B399C91E-96F2-4265-9884-1C9A10E9FCF4}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X5 (HKLM-x32\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.0.0.486 - Corel Corporation)
CPUID CPU-Z 1.63.0 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\Dropbox) (Version: 42.4.114 - Dropbox, Inc.)
DVD Suite (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.0.1319 - CyberLink Corporation)
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.11.0.1 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.140 - Google Inc.)
Google Drive (HKLM-x32\...\{9BC95947-92FD-438B-A168-C01F9A5B7292}) (Version: 2.34.7529.6838 - Google, Inc.)
Google Earth Pro (HKLM\...\{5540AA70-FD7D-428D-B0BE-56492F7FF484}) (Version: 7.3.1.4505 - Google)
Google Photos Backup (HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Guardião - Itaú 30 horas (HKLM-x32\...\{70e5f739-1d2a-40ae-bbc9-4b3e6af4c831}_is1) (Version: 3.10.0.1 - )
Hewlett-Packard ACLM.NET v1.1.0.0 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{8181C5B7-2FF5-4677-BA6A-8E2C3F5A7601}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM-x32\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.2.0.11 - IObit)
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
K-Lite Mega Codec Pack 3.9.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 3.9.0 - )
Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains)
Malwarebytes versão 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (Português (Brasil)) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
MotoHelper MergeModules (HKLM-x32\...\{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}) (Version: 1.2.0 - Motorola) Hidden
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
Mozilla Firefox 58.0.1 (x64 pt-BR) (HKLM\...\Mozilla Firefox 58.0.1 (x64 pt-BR)) (Version: 58.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 58.0.1.6602 - Mozilla)
Mozilla Thunderbird 52.6.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Thunderbird 52.6.0 (x86 pt-BR)) (Version: 52.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
ODF Add-in for Microsoft Office (HKLM-x32\...\{59D1195A-7E64-4120-BB37-F053D9FD45FB}) (Version: 3.0.5254.0 - OpenXML/ODF Translator Team)
Opera Stable 50.0.2762.67 (HKLM-x32\...\Opera 50.0.2762.67) (Version: 50.0.2762.67 - Opera Software)
Pacote de Driver do Windows - Perto S.A. Perifericos para Automacao (PERTO38U) SmartCardReader  (04/10/2007 1.1.5.6) (HKLM\...\F902151BF0E1078D63BA822885D5233B84224A25) (Version: 04/10/2007 1.1.5.6 - Perto S.A. Perifericos para Automacao)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pimaco (HKLM-x32\...\{2610CDBE-07FB-4A4F-932D-5B012469A76A}) (Version: 1.0.0 - Prime)
PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.3409.a - CyberLink Corporation)
PS_AIO_03_C4400_Software_Min (HKLM-x32\...\{7E5A8023-0E90-4503-A1EA-C9FC25680AF9}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
RealDownloader (HKLM-x32\...\{13743594-F75E-491E-9EFF-203C8F8DF705}) (Version: 18.1.4.144 - RealNetworks) Hidden
RealDownloader (HKLM-x32\...\{9F3B20DF-76F2-47F4-9372-F0F56485A58D}) (Version: 18.0.1.10 - RealNetworks, Inc.) Hidden
RealDownloader (HKLM-x32\...\{f05bfa4b-0c78-4a3e-aa74-8c220b4a7782}) (Version: 18.1.4.144 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM\...\{21E47F47-C9A7-4454-BA48-388327B0EA00}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.)
SafeNet Authentication Client 8.1 SP1 (HKLM\...\{4DFE8ACE-8652-4CCE-A2C1-DB23C7D4F4AA}) (Version: 8.1.245.0 - SafeNet, Inc.)
SafeSign 64-bits (HKLM\...\{66913111-2F8A-4950-AA93-51C26182FC35}) (Version: 3.0.45 - A.E.T. Europe B.V.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Sim Plus (HKLM-x32\...\Sim Plus) (Version:  - )
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.0 - IObit)
SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
Video Downloader (HKLM-x32\...\{8B6202FD-3790-4DD4-B343-51736F7FF4E5}) (Version: 1.2.0 - RealNetworks) Hidden
Warsaw 2.3.0.83 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.3.0.83 - GAS Tecnologia)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
WhatsApp (HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\WhatsApp) (Version: 0.2.8082 - WhatsApp)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\user\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0013}\InprocServer32 -> C:\Users\user\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\user\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0013}\InprocServer32 -> C:\Users\user\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{89BB4535-5AE9-43a0-89C5-19B4697E5C5E}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-22] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-22] (AVAST Software)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-22] (AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2015-11-30] (Apple Inc.)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\system32\IObitSmartDefragExtension.dll [2014-01-08] (IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-03-09] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-03-09] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-22] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers3-x32: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => c:\program files (x86)\real\realplayer\RPDS\Bin64\rpcontextmenu.dll [2015-07-27] (RealNetworks, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-03-09] (Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-03-09] (Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-06-01] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-22] (AVAST Software)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\system32\IObitSmartDefragExtension.dll [2014-01-08] (IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-03-09] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-03-09] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-757420601-2912953563-2070738426-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-757420601-2912953563-2070738426-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-757420601-2912953563-2070738426-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {031C61E8-686D-4FFA-A8C7-8DBC02108F8D} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-757420601-2912953563-2070738426-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-06-17] (RealNetworks, Inc.)
Task: {102E4126-CE77-4CA5-BB99-1AF6297BE9D6} - System32\Tasks\{A313D0EF-692A-4924-BC3A-6F2C009F3641} => C:\Windows\system32\pcalua.exe -a "C:\Users\user\Downloads\DiagnosticoItau (1).exe" -d C:\Users\user\Downloads
Task: {1401C7CE-CE1A-4AF3-8B62-277505DBBB0F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-01-22] (AVAST Software)
Task: {28549D25-0936-4F5A-8721-13A01A9ADFE6} - System32\Tasks\{2458043F-38DF-4B79-9DBC-8E1A88BE1A34} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2017-10-06] (Skype Technologies S.A.)
Task: {30CB4A97-999D-41F9-912B-566B83A1C435} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [2018-01-22] (Adobe Systems Incorporated)
Task: {312C6ED4-35C1-455A-8E73-97B0392D4457} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {33FDB3DA-A443-4517-9245-94B73B36DE0A} - System32\Tasks\{79664FDE-CEEF-463E-B496-620BE7711043} => C:\Windows\system32\pcalua.exe -a C:\Users\user\Downloads\Shockwave_Installer_Slim.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {3A594C30-87CB-4E1F-871D-91A7F704318B} - System32\Tasks\update-S-1-5-21-757420601-2912953563-2070738426-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {3F6F2DB6-1AB7-413F-A1EC-9AD284F2D6E8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-22] (AVAST Software)
Task: {430298F5-B078-42E4-B0B4-886275AA87B7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-22] (Adobe Systems Incorporated)
Task: {49082B44-DAD3-46CA-AD0E-674504AA8BEE} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-757420601-2912953563-2070738426-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-06-17] (RealNetworks, Inc.)
Task: {535BD522-E29A-4099-9491-90160452FFFB} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-01-09] (IObit)
Task: {5708C284-BD1B-42C8-BCD5-7E0BDEFE1858} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {5B9B283C-9DA6-413C-9119-61F2908DDF49} - System32\Tasks\{A312D10E-61AF-4A0B-9CBC-467FD9D7FCFD} => C:\Windows\system32\pcalua.exe -a C:\Users\user\Downloads\GoogleEarthWin(4).exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {63647647-8BC6-4C77-A5D4-C3C1FD0FF8DF} - System32\Tasks\AdobeAAMUpdater-1.0-user-PC-user => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {641AA7C4-CFF3-44FE-A752-E019AD322975} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [2014-01-09] (IObit)
Task: {6AD6CBB3-0596-4E94-BE39-2B20A407C34B} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {702F4E73-5737-4285-96AE-7C451A97069D} - System32\Tasks\Opera scheduled Autoupdate 1500574701 => C:\Program Files\Opera\launcher.exe [2018-01-22] (Opera Software)
Task: {72B07DF0-9D26-4009-9194-AD82A423F264} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-757420601-2912953563-2070738426-1000UA => C:\Users\user\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {73D287BB-99D7-4A3A-BB6F-7CFC1130D57F} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-757420601-2912953563-2070738426-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2015-06-17] (RealNetworks, Inc.)
Task: {7915F3D6-E3D4-451E-86F2-6417B5C63A31} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {A3D17B58-44ED-4925-AAAF-5E49B096DC28} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-757420601-2912953563-2070738426-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-06-17] (RealNetworks, Inc.)
Task: {BB3DA255-1B42-4AED-A577-B83168FCB320} - System32\Tasks\SafeZone scheduled Autoupdate 1500573114 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {C0C954AF-F45F-4267-8BF9-D630169B71C4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-757420601-2912953563-2070738426-1000Core1cc550045748c91 => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {C1A1A6E9-E707-4917-BC04-C817315F708E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-757420601-2912953563-2070738426-1000UA => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {C71E2704-DB3F-4392-855D-CF416F35491B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {C801D3F7-A219-4FF6-B936-84CA125C5D9F} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2016-07-05] ()
Task: {CCC15D48-4B53-482E-8878-C345D587E782} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-757420601-2912953563-2070738426-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2015-06-17] (RealNetworks, Inc.)
Task: {CE8DEFA2-6C84-4416-8DAA-2A15698694F7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {D5432E0F-2491-4209-A038-FF76204B86C0} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-757420601-2912953563-2070738426-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2015-06-17] (RealNetworks, Inc.)
Task: {D5B724AF-1B19-49E9-AD11-B03471CB74F8} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-757420601-2912953563-2070738426-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-06-17] (RealNetworks, Inc.)
Task: {D961BB7B-166D-4FCE-84FD-30FCA94FF084} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {DA85EAAE-DE8B-4BEF-B21D-11DE2AA41130} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-757420601-2912953563-2070738426-1000Core => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {E6B0D51D-4A45-4C34-8C98-667434367693} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-757420601-2912953563-2070738426-1000Core => C:\Users\user\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {EB38E0B5-7221-41C3-B70F-566B66E2746D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-757420601-2912953563-2070738426-1000Core.job => C:\Users\user\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-757420601-2912953563-2070738426-1000UA.job => C:\Users\user\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-757420601-2912953563-2070738426-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)


ShortcutWithArgument: C:\Users\user\Desktop\Emissor de Nota Fiscal Eletronica (NF-e) 3.10.lnk -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://downloadnfe.fazenda.sp.gov.br/v310/aplicativo/emissorNFe.jnlp "C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\585cbec4-424cd618"
ShortcutWithArgument: C:\Users\user\Desktop\Emissor de Nota Fiscal Eletrônica (NF-e) 2.0.lnk -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://www.emissornfe.fazenda.sp.gov.br/v2/aplicativo/emissorNFe.jnlp "C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\40c21ab8-7abc7a73"
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas Secretaria da Fazenda\Emissor de Nota Fiscal Eletronica (NF-e) 3.10.lnk -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://downloadnfe.fazenda.sp.gov.br/v310/aplicativo/emissorNFe.jnlp "C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\585cbec4-424cd618"
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas Secretaria da Fazenda\Emissor de Nota Fiscal Eletrônica (NF-e) 2.0.lnk -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://www.emissornfe.fazenda.sp.gov.br/v2/aplicativo/emissorNFe.jnlp "C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\40c21ab8-7abc7a73"

==================== Módulos Carregados (Whitelisted) ==============

2017-05-09 01:44 - 2017-05-09 01:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-05-09 01:44 - 2017-05-09 01:44 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-06-17 04:25 - 2015-06-17 04:25 - 000031856 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2011-07-15 03:50 - 2007-05-14 00:54 - 000272024 ____N () C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
2018-01-24 12:13 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-01-24 12:13 - 2017-11-29 09:11 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2011-07-15 03:40 - 2015-06-01 22:00 - 000102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2017-05-09 04:05 - 2017-05-09 04:05 - 001354040 _____ () C:\Program Files\iTunes\libxml2.dll
2017-05-09 04:05 - 2017-05-09 04:05 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll
2013-08-20 09:44 - 2013-08-20 09:44 - 000006144 ____N () C:\Users\user\AppData\Local\Temp\rad71BE3.tmp\bin\Gadget.Interop.dll
2018-02-05 08:49 - 2013-08-20 09:44 - 001351168 _____ () C:\Users\user\AppData\Local\Temp\radE8BAB.tmp\bin\x64\sharpwrapi_x64.dll
2018-01-22 10:24 - 2018-01-22 10:24 - 000067920 _____ () c:\Program Files\avast software\avast\x64\module_lifetime.dll
2018-01-22 10:24 - 2018-01-22 10:24 - 000067984 _____ () C:\Program Files\avast software\avast\x64\dll_loader.dll
2018-01-22 10:24 - 2018-01-22 10:24 - 000236840 _____ () c:\Program Files\avast software\avast\x64\vaarclient.dll
2018-01-22 10:24 - 2018-01-22 10:24 - 000902824 _____ () C:\Program Files\avast software\avast\x64\ffl2.dll
2018-01-22 10:24 - 2018-01-22 10:24 - 000349568 _____ () c:\Program Files\avast software\avast\x64\StreamBack.dll
2016-07-05 19:18 - 2016-07-05 19:18 - 000714992 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2018-02-02 10:22 - 2018-02-01 04:13 - 004433752 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.140\libglesv2.dll
2018-02-02 10:22 - 2018-02-01 04:13 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.140\libegl.dll
2018-01-22 10:24 - 2018-01-22 10:24 - 000058016 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2018-01-22 10:24 - 2018-01-22 10:24 - 000206152 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2018-01-22 10:24 - 2018-01-22 10:24 - 000057504 _____ () C:\Program Files\avast software\avast\dll_loader.dll
2018-01-22 10:24 - 2018-01-22 10:24 - 000289272 _____ () C:\Program Files\avast software\avast\tasks_core.dll
2018-01-22 10:24 - 2018-01-22 10:24 - 000196248 _____ () C:\Program Files\avast software\avast\network_notifications.dll
2018-01-29 09:18 - 2018-01-29 09:18 - 005779088 _____ () C:\Program Files\AVAST Software\Avast\defs\18012902\algo.dll
2018-01-22 10:24 - 2018-01-22 10:24 - 000745408 _____ () C:\Program Files\avast software\avast\ffl2.dll
2018-01-22 10:23 - 2018-01-22 10:23 - 000148936 _____ () C:\Program Files\avast software\avast\hns_tools.dll
2018-01-22 10:24 - 2018-01-22 10:24 - 000293944 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-02-05 08:58 - 2018-02-05 08:58 - 005777040 _____ () C:\Program Files\AVAST Software\Avast\defs\18020502\algo.dll
2013-10-31 13:05 - 2013-10-31 13:05 - 000172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2015-06-17 04:24 - 2015-06-17 04:24 - 000035976 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2015-06-17 04:24 - 2015-06-17 04:24 - 000039560 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2015-06-17 04:24 - 2015-06-17 04:24 - 000037528 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll
2014-09-23 12:26 - 2012-09-05 19:55 - 000892288 _____ () C:\Program Files (x86)\IObit\Smart Defrag 3\webres.dll
2017-07-20 15:46 - 2017-07-20 15:46 - 067109376 _____ () C:\Program Files\avast software\avast\libcef.dll
2018-01-22 10:23 - 2018-01-22 10:23 - 000282560 _____ () C:\Program Files\avast software\avast\gaming_mode_ui.dll
2017-05-09 01:45 - 2017-05-09 01:45 - 001041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-05-09 01:45 - 2017-05-09 01:45 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-09 01:44 - 2017-05-09 01:44 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2017-09-26 21:22 - 2017-09-26 21:22 - 001984000 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2018-02-01 14:44 - 2017-05-22 11:16 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2018-02-01 14:44 - 2017-05-22 11:16 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2018-02-01 14:44 - 2017-05-22 11:16 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2018-02-01 14:44 - 2017-05-22 11:17 - 000899872 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
2018-02-01 14:44 - 2017-05-23 18:57 - 000631584 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
2018-02-01 14:44 - 2017-05-22 11:16 - 000524064 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\sqlite3.dll
2016-07-05 19:13 - 2016-07-05 19:13 - 001382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2015-07-27 10:29 - 2015-07-27 10:29 - 000594520 _____ () c:\program files (x86)\real\realplayer\RPDS\Lib\r1api.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\Windows\System32:3E2BCF6B_Cef.gbp [2]
AlternateDataStreams: C:\Windows\System32:3E2BCF6B_Uni.gbp [2]
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [1526]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\user\AppData\Local\Temp:IncompleteStartGbprcm.cnt [10]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\.DEFAULT\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\.DEFAULT\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\.DEFAULT\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\caixa.gov.br -> imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br

==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2014-03-13 16:53 - 2014-07-01 10:08 - 000000917 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-757420601-2912953563-2070738426-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 201.82.0.67 - 201.82.0.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==


==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{9491697F-CE96-4592-8178-B44EF63A1D56}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.EXE
FirewallRules: [{C22F98C4-FC8B-4C01-9A63-570C3630282B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E6B14B3C-2656-4279-9E0A-A3052CBDFEB3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{1ECAB7EC-36EB-43DC-A313-23DE50D87C2F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{BC0DDBCB-A153-4657-8F4F-116B7CBB6185}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{AEE95677-F21D-4CDE-BF12-B5F08FA5585F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{A029C3D3-269D-4C4E-901C-19A3E2D975B0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{84F195A4-0858-4789-80FB-D47ACE4DE9E6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{1519F0E1-D29D-4A22-98D9-B802EA9A1470}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{3CB8FEB0-79DB-4BF1-9C81-4AB7E6047FD9}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{3A80B428-E669-4BFC-873B-B7751569D0B3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{2A24268D-C15A-4F4F-80F7-B1A6F9CCFF02}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{D02178FA-E28E-4C7D-B4A6-F9879D853E9A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{CA5499CA-8A36-4A9D-98D6-F43524A17553}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{961505CE-1131-4640-9BE3-E6EB362413DE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{243F01DF-B761-4E11-8DCC-7FF9E87FBB8D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{13BC93AD-92EE-475F-B09C-D2004C4BC7C5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{46D0E17F-9956-4FEA-8E4B-810DAD34777E}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{F0AE798D-2E32-4EAF-801A-7DC44F2FF568}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{0F1AE125-8B05-493D-B9EB-1F78D5C60FFE}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{D6D76CC1-01BC-4641-BB71-B0A1645B7C74}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{30BBD5F8-671B-41B3-B753-36C224108532}] => (Allow) C:\Users\user\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{0AFFDF12-070C-4CC0-B497-A9A7033A5F27}] => (Allow) C:\Users\user\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{2C3809D5-68C1-4A87-A371-29BD416E6B1C}] => (Allow) C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{91582DDA-0BC0-4F5C-8A06-FCBD2F76CDF2}] => (Allow) C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{72EFA3ED-02BB-4F6F-B0BE-63C2DE4D5DF5}C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{9926D34E-2C08-4D3C-BDBA-2974B2F516DE}C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{AEE5BCF2-DB59-4D2A-B1B1-664E4B5EC225}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6A510ADC-E969-4947-8196-603240FED788}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{DE17DE15-ADB0-4E1E-A22A-BBB645F34790}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{43BC49D9-8584-4539-A5D2-29F2FEEBF913}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{5C55B8B3-11E1-466E-8C2D-BF43E1AB3DF9}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [TCP Query User{2C3B5D86-4CD7-4FD0-9942-20D17D07C052}C:\users\user\downloads\ffinstonline.exe] => (Block) C:\users\user\downloads\ffinstonline.exe
FirewallRules: [UDP Query User{861D93C5-5237-4ABD-8984-C9F2A413A307}C:\users\user\downloads\ffinstonline.exe] => (Block) C:\users\user\downloads\ffinstonline.exe
FirewallRules: [TCP Query User{956EF13F-CD1A-4175-8928-309C96A32E64}C:\users\user\downloads\ffinstonline(1).exe] => (Allow) C:\users\user\downloads\ffinstonline(1).exe
FirewallRules: [UDP Query User{1258AFEC-32C7-4EE3-94AF-91FC86462368}C:\users\user\downloads\ffinstonline(1).exe] => (Allow) C:\users\user\downloads\ffinstonline(1).exe
FirewallRules: [{F4D5B426-DEC1-49A1-9EEC-18B1AB5BC148}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{BD181557-8DC8-4867-B726-A3BCED41C638}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1C247896-6C00-4976-B9AE-2023C403CE5D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{44B5D5E3-D1B5-43AB-9E7B-2E0478DFD80D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1A9B0C4F-44F3-463A-A9A0-4BBB0470D461}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{18FF7A84-41FC-420B-A76B-F009A49ED331}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1B1F341B-3F6F-4DCE-8FA4-D60788F5A60E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{7268464A-D950-4FF3-8F18-D38856CAB46B}C:\program files (x86)\java\jre1.8.0_73\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_73\bin\jp2launcher.exe
FirewallRules: [UDP Query User{5A1FE89E-9EF4-43A7-9BB7-BF98AB1DCD55}C:\program files (x86)\java\jre1.8.0_73\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_73\bin\jp2launcher.exe
FirewallRules: [TCP Query User{02CB67BB-3675-4063-8F14-7478678D2B5F}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{221A1514-F6F0-415F-9F9F-5FDD8B32F466}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [TCP Query User{F2B4365A-EE99-421E-9D99-5E95D599E053}C:\program files (x86)\java\jre1.8.0_77\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\jp2launcher.exe
FirewallRules: [UDP Query User{5466C1EA-BAE1-46F3-A199-11FC7FF48769}C:\program files (x86)\java\jre1.8.0_77\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\jp2launcher.exe
FirewallRules: [{46517129-B2C6-4AE1-AACC-F32A5398557D}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{B03E2716-EAD2-435E-8EC0-BCCF3A3E28CE}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{414517BE-F1BA-4CD7-9EE9-CE0CC381170E}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [{48EDA5C4-F867-4339-A9EE-BB9962D7EFCE}] => (Allow) C:\Program Files\Opera\49.0.2725.47\opera.exe
FirewallRules: [{4886A6C4-EB23-47E9-8863-3AE2737F9A4C}] => (Allow) C:\Program Files\Opera\50.0.2762.67\opera.exe
FirewallRules: [{DA0A386E-E69F-4AA0-8FD6-036C8581FEC1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Pontos de Restauração =========================

28-06-2017 10:11:59 Windows Update
29-06-2017 12:05:22 Windows Update
17-07-2017 11:24:15 Windows Update
17-07-2017 15:39:06 Windows Update
01-08-2017 13:48:45 Ponto de Verificação Agendado
01-08-2017 15:29:57 Windows Update
09-08-2017 11:57:32 Ponto de Verificação Agendado
09-08-2017 16:10:09 Windows Update
18-08-2017 12:22:17 Ponto de Verificação Agendado
30-08-2017 11:48:32 Ponto de Verificação Agendado
11-09-2017 13:28:25 Ponto de Verificação Agendado
12-09-2017 17:22:16 Windows Update
20-09-2017 14:16:59 Ponto de Verificação Agendado
27-09-2017 15:07:00 Ponto de Verificação Agendado
05-10-2017 11:42:55 Ponto de Verificação Agendado
17-10-2017 11:44:48 Ponto de Verificação Agendado
17-10-2017 17:02:03 Windows Update
26-10-2017 09:26:07 Ponto de Verificação Agendado
06-11-2017 13:05:24 Ponto de Verificação Agendado
13-11-2017 15:01:37 Ponto de Verificação Agendado
15-11-2017 14:23:04 Windows Update
23-11-2017 10:52:50 Ponto de Verificação Agendado
29-11-2017 16:25:24 Windows Update
01-12-2017 16:56:09 Windows Update
06-12-2017 15:10:12 Removed Motorola Mobile Drivers Installation 6.3.0
14-12-2017 11:25:16 Ponto de Verificação Agendado
24-01-2018 20:02:52 Ponto de Verificação Agendado
31-01-2018 08:43:22 Revo Uninstaller's restore point - Google Chrome
31-01-2018 11:29:49 Revo Uninstaller's restore point - Google Chrome
31-01-2018 11:34:01 Revo Uninstaller's restore point - Google Earth Plug-in
31-01-2018 11:38:29 Revo Uninstaller's restore point - Apple Software Update

==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: Warsaw - Driver (PP)
Description: Warsaw - Driver (PP)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: wsddpp
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Baidu NetDefense
Description: Baidu NetDefense
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Bndef
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Baidu Protect
Description: Baidu Protect
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Bprotect
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (02/05/2018 09:19:10 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Falha na geração de contexto de ativação para "C:\Users\user\Downloads\esetsmartinstaller_enu.exe".Erro no arquivo de manifesto ou de diretiva "", na linha.
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (02/05/2018 08:55:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: Skype.exe, versão: 7.40.0.151, carimbo de hora: 0x59d776d0
Nome do módulo de falhas: mshtml.dll, versão: 11.0.9600.18838, carimbo de hora: 0x59e1b8ff
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00077c4c
Identificação do processo com falha: 0x1a64
Hora de início do aplicativo com falha: 0x01d39e6eed59f73a
Caminho do aplicativo com falha: C:\Program Files (x86)\Skype\Phone\Skype.exe
FCaminho do módulo de falhas: C:\Windows\SysWOW64\mshtml.dll
Identificação do Relatório: 053e1f9f-0a63-11e8-9d7c-f46d0445cd20

Error: (02/02/2018 03:46:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 102929

Error: (02/02/2018 03:46:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 102929

Error: (02/02/2018 03:46:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/02/2018 03:46:51 PM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/02/2018 03:46:51 PM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/02/2018 03:46:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 97157

Error: (02/02/2018 03:46:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 97157

Error: (02/02/2018 03:46:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


Erros de Sistema:
=============
Error: (02/05/2018 08:53:09 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Serviço Windows Update suspenso ao iniciar.

Error: (02/05/2018 08:49:50 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Microsoft .NET Framework NGEN v4.0.30319_X86.

Error: (02/05/2018 08:48:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: 
O sistema não pode encontrar o arquivo especificado.

Error: (02/05/2018 08:47:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: 
O sistema não pode encontrar o arquivo especificado.

Error: (02/05/2018 08:47:15 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: 
Bnbase
Bndef
Bprotect
gbpddreg

Error: (02/05/2018 08:47:14 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.

Error: (02/05/2018 08:47:09 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.

Error: (02/05/2018 08:46:56 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.

Error: (02/05/2018 08:45:52 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Falha na inicialização do despejo de memória!

Error: (02/02/2018 04:52:37 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.


CodeIntegrity:
===================================
  Date: 2016-12-01 18:25:25.709
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-01 13:36:04.850
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-01 13:22:23.542
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-11-30 14:27:46.075
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-11-30 14:15:56.634
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-11-30 14:01:11.954
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-11-28 14:32:08.203
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-11-28 09:55:08.989
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-11-28 09:20:20.648
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-11-28 09:13:00.350
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.


==================== Informações da Memória =========================== 

Processador: Intel(R) Core(TM) i5-2300 CPU @ 2.80GHz
Percentagem de memória em uso: 88%
RAM física total: 4008.31 MB
RAM física disponível: 462.27 MB
Virtual Total: 8014.81 MB
Virtual disponível: 4322.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:911.98 GB) (Free:425.59 GB) NTFS
Drive d: () (Fixed) (Total:19.43 GB) (Free:19.32 GB) NTFS

==================== MBR & Tabela de Partições ==================

==================== Fim de Addition.txt ============================

 

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@giant01

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está no CODE abaixo:

CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO
S1 Bfilter; \??\C:\Windows\System32\drivers\Bfilter.sys [X]
S1 Bfmon; \??\C:\Windows\System32\drivers\Bfmon.sys [X]
S1 Bnbase; System32\drivers\bnbasex64.sys [X]
S1 Bndef; \??\C:\Windows\System32\drivers\bndef64.sys [X]
S1 Bprotect; \??\C:\Windows\System32\drivers\Bprotect.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
S3 GBPRCM; \??\C:\Program Files (x86)\GbPlugin\gbprcm64.sys [X]
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 MotDev; system32\DRIVERS\motodrv.sys [X]
S3 motmodem; system32\DRIVERS\motmodem.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 Warsaw_PP; \??\C:\PROGRA~2\GbPlugin\wsftprp64.sys [X]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\Windows\System32:3E2BCF6B_Cef.gbp [2]
AlternateDataStreams: C:\Windows\System32:3E2BCF6B_Uni.gbp [2]
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [1526]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\user\AppData\Local\Temp:IncompleteStartGbprcm.cnt [10]
CMD: ipconfig /flushdns
RemoveProxy:
EmptyTemp:
CreateRestorePoint:

Salve este arquivo na na sua área de trabalho com o nome fixlist

OBS: É de extrema importância que o arquivo "fixlist" seja salvo na sua Área de Trabalho/Desktop. Verifique também se o FRST.exe encontra-se na Área de Trabalho/Desktop.

** Usuários do Windows Vista, Windows 7, 8/8.1 e windows 10:
Clique com o direito sobre o arquivo FRST.EXE, depois clique em VRIfczU.png.

Clique no botão 0h0YlDEzRbKP9R7xLrUlzA.png

Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.

Abra o arquivo Fixlog.txt, copie e cole seu conteúdo na sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

feito.

Estou enviando o arquivo antes de reiniciar a maquina.

segue :

 

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 27.01.2018
Executado por user (05-02-2018 14:17:52) Run:1
Executando a partir de C:\Users\user\Desktop
Perfis Carregados: user (Perfis Disponíveis: user & user-pc)
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restri��o <==== ATEN��O
S1 Bfilter; \??\C:\Windows\System32\drivers\Bfilter.sys [X]
S1 Bfmon; \??\C:\Windows\System32\drivers\Bfmon.sys [X]
S1 Bnbase; System32\drivers\bnbasex64.sys [X]
S1 Bndef; \??\C:\Windows\System32\drivers\bndef64.sys [X]
S1 Bprotect; \??\C:\Windows\System32\drivers\Bprotect.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
S3 GBPRCM; \??\C:\Program Files (x86)\GbPlugin\gbprcm64.sys [X]
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 MotDev; system32\DRIVERS\motodrv.sys [X]
S3 motmodem; system32\DRIVERS\motmodem.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 Warsaw_PP; \??\C:\PROGRA~2\GbPlugin\wsftprp64.sys [X]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\Windows\System32:3E2BCF6B_Cef.gbp [2]
AlternateDataStreams: C:\Windows\System32:3E2BCF6B_Uni.gbp [2]
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [1526]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usu�rios\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\user\AppData\Local\Temp:IncompleteStartGbprcm.cnt [10]
CMD: ipconfig /flushdns
RemoveProxy:
EmptyTemp:
CreateRestorePoint:
*****************

Ponto de Restauração criado com sucesso.
Processos fechados com sucesso.
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removido (a) com sucesso.
"HKLM\System\CurrentControlSet\Services\Bfilter" => removido (a) com sucesso.
Bfilter => serviço removido (a) com sucesso.
"HKLM\System\CurrentControlSet\Services\Bfmon" => removido (a) com sucesso.
Bfmon => serviço removido (a) com sucesso.
"HKLM\System\CurrentControlSet\Services\Bnbase" => removido (a) com sucesso.
Bnbase => serviço removido (a) com sucesso.
"HKLM\System\CurrentControlSet\Services\Bndef" => removido (a) com sucesso.
Bndef => serviço removido (a) com sucesso.
"HKLM\System\CurrentControlSet\Services\Bprotect" => removido (a) com sucesso.
Bprotect => serviço removido (a) com sucesso.
"HKLM\System\CurrentControlSet\Services\gbpddreg" => removido (a) com sucesso.
gbpddreg => serviço removido (a) com sucesso.
"HKLM\System\CurrentControlSet\Services\GBPRCM" => removido (a) com sucesso.
GBPRCM => serviço removido (a) com sucesso.
"HKLM\System\CurrentControlSet\Services\motccgp" => removido (a) com sucesso.
motccgp => serviço removido (a) com sucesso.
"HKLM\System\CurrentControlSet\Services\motccgpfl" => removido (a) com sucesso.
motccgpfl => serviço removido (a) com sucesso.
"HKLM\System\CurrentControlSet\Services\MotDev" => removido (a) com sucesso.
MotDev => serviço removido (a) com sucesso.
"HKLM\System\CurrentControlSet\Services\motmodem" => removido (a) com sucesso.
motmodem => serviço removido (a) com sucesso.
"HKLM\System\CurrentControlSet\Services\MotoSwitchService" => removido (a) com sucesso.
MotoSwitchService => serviço removido (a) com sucesso.
"HKLM\System\CurrentControlSet\Services\Synth3dVsc" => removido (a) com sucesso.
Synth3dVsc => serviço removido (a) com sucesso.
"HKLM\System\CurrentControlSet\Services\tsusbhub" => removido (a) com sucesso.
tsusbhub => serviço removido (a) com sucesso.
"HKLM\System\CurrentControlSet\Services\VGPU" => removido (a) com sucesso.
VGPU => serviço removido (a) com sucesso.
"HKLM\System\CurrentControlSet\Services\Warsaw_PP" => removido (a) com sucesso.
Warsaw_PP => serviço removido (a) com sucesso.
C:\Program Files (x86)\GbPlugin => ":IncompleteStartProcessProtection.cnt" ADS removido (a) com sucesso.
C:\Program Files (x86)\GbPlugin => ":u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg==" ADS removido (a) com sucesso.
C:\Windows\System32 => ":3E2BCF6B_Cef.gbp" ADS removido (a) com sucesso.
C:\Windows\System32 => ":3E2BCF6B_Uni.gbp" ADS removido (a) com sucesso.
C:\Windows\system32\Drivers\gbpddfac64.sys => ":X5ZN8aGvT4" ADS removido (a) com sucesso.
C:\Windows\system32\Drivers\wsddfac.sys => ":X5ZN8aGXs4" ADS removido (a) com sucesso.
C:\ProgramData\GbPlugin => ":IncompleteStartGbprcm.cnt" ADS removido (a) com sucesso.
"C:\Users\Todos os Usu�rios\GbPlugin" => ":IncompleteStartGbprcm.cnt" ADS não encontrado (a).
C:\Users\user\AppData\Local\Temp => ":IncompleteStartGbprcm.cnt" ADS removido (a) com sucesso.

========= ipconfig /flushdns =========


Configura‡Æo de IP do Windows

Libera‡Æo do Cache do DNS Resolver bem-sucedida.

========= Fim de CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\S-1-5-21-757420601-2912953563-2070738426-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\S-1-5-21-757420601-2912953563-2070738426-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.


========= Fim de RemoveProxy: =========

Ponto de Restauração criado com sucesso.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 75459088 B
Java, Flash, Steam htmlcache => 2312 B
Windows/system/drivers => 509270967 B
Edge => 0 B
Chrome => 345465969 B
Firefox => 482251083 B
Opera => 98464496 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 118543 B
systemprofile32 => 3221339 B
LocalService => 132244 B
NetworkService => 81594 B
user => 514976326 B
user-pc => 393090 B

RecycleBin => 1091402365 B
EmptyTemp: => 2.9 GB de dados temporários Removidos.

================================


O sistema precisou ser reiniciado.

==== Fim de Fixlog 14:24:36 ====

Compartilhar este post


Link para o post
Compartilhar em outros sites

@giant01

 

Conseguiu o CD/DVD do windows 7?

 

Pressione as teclas Windows tecla-windows.gif + R e digite: msconfig
 
- Clique na guia Serviços, marque a opção Ocultar todos os serviços Microsoft e depois clique em Desativar tudo
- Clique na guia Inicialização de Programas e clique em Desativar tudo
 
Siga as mensagens ate que seja solicitado a reiniciar.

Após isso me informe se os problemas em relação a malwares ainda persistem.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ainda não consegui. Estou aguardando um retorno.

É para seguir as instruções mesmo sem ter conseguido o CD Windows?

É isso mesmo?

Vou aguardar seu retorno.

Compartilhar este post


Link para o post
Compartilhar em outros sites

beleza.

Fiz tudo conforme sugeriu.

A bandeja na barra de ferramentas ficou quase vazia. Abri o lightshot, para tirar print, senão nem essa pena estaria lá. uns "gadgets" do windows na área de trabalho também sumiram. tirei um print onde deveriam estar.

e quando abri o painel de contrôle para ver sobre as atualizações, tirei um print da mensagem. É a mesma que aparecia antes. Agora se essa joça é malware ou não eu não sei. 

 

elias06.jpg

elias07.jpg

elias08.jpg

Compartilhar este post


Link para o post
Compartilhar em outros sites

@giant01

 

As opções que você desativou, caso tenha alguma que seja de extrema importância, pode ativá-lá novamente.

 

O erro é devido a arquivos do windows danificados. Pode ser que o motivo foi malware, mas pode ser que não. Consiga o CD/DVD e tenta a reparação.

 

Em relação a malwares, não temos mais problemas.

Ultimas instruções.
 

Baixe o Delfix by Xplode do link abaixo e salve na sua área de trabalho.
http://www.bleepingcomputer.com/download/delfix/dl/281/

Dê dois cliques no delfix.exe para executá-lo. Marque as caixas conforme imagem.

*** Usuários do Windows Vista, 7, 8/8.1 e Windows 10clique com o direito sobre o arquivo delfix.exe, depois clique emVRIfczU.png

ipb9zl.png

Clique no botão Executar.

Ao final será gerado um log, mas não é necessário postar.

MANTENHA O SO ATUALIZADO:
Mantenha como "automatica" as atualizações do windows. Novas brechas de segurança são descobertas com freqüência. Muitos malwares exploram essas brechas, infectando sistemas sem depender de nenhuma ação do usuário. A Microsoft corrige essas brechas através das atualizações. Por isso é fundamental manter o seu sistema atualizado.

Se não tiver mais problema em relação a malwares, clique em Denunciar Post localizado no topo da pagina e diga que seu topico está RESOLVIDO. Se você tiver alguma dúvida relacionada a informática e tecnologia, sinta-se à vontade para postar em qualquer área do CdH.

Att.
Elias Pereira

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×