Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
danirruas

Mouse cliques imprecisos e não encerra programas

Recommended Posts

  • Autor do tópico
  • Olá! Obrigada pela paciência!! ;)
    Segue o log:

    ComboFix 17-10-04.01 - Daniele BR 17/10/2017  11:08:29.4.4 - x64
    Microsoft Windows 7 Home Premium   6.1.7601.1.1252.55.1046.18.4055.2410 [GMT -2:00]
    Executando de: c:\users\Daniele BR\Desktop\ComboFix.exe
    AV: Microsoft Security Essentials *Disabled/Updated* {71A27EC9-3DA6-45FC-60A7-004F623C6189}
    SP: Microsoft Security Essentials *Disabled/Updated* {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((((((   Outras Exclusões   )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\Microsoft
    E:\install.exe
    .
    .
    (((((((((((((((((((((((((((((((((((((((   Drivers/Serviços   )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    -------\Service_AdobeUpdateService
    .
    .
    ((((((((((((((((   Arquivos/Ficheiros criados de 2017-09-17 to 2017-10-17  ))))))))))))))))))))))))))))
    .
    .
    2017-10-17 13:26 . 2017-10-17 13:26    --------    d-----w-    c:\windows\system32\config\systemprofile\AppData\Local\temp
    2017-10-17 13:26 . 2017-10-17 13:26    --------    d-----w-    c:\users\Public\AppData\Local\temp
    2017-10-17 13:26 . 2017-10-17 13:26    --------    d-----w-    c:\users\PESQUISA CASA NOVA\AppData\Local\temp
    2017-10-16 18:18 . 2017-09-18 20:11    13890840    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4CEA0362-589F-4FCB-B1C5-6414356098AE}\mpengine.dll
    2017-10-11 21:01 . 2017-10-11 21:01    126925120    -c--a-w-    c:\windows\system32\MRT-KB890830.exe
    2017-10-11 20:58 . 2017-09-18 20:11    13890840    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2017-10-11 20:48 . 2017-09-07 21:08    25729536    ----a-w-    c:\windows\system32\mshtml.dll
    2017-10-11 20:48 . 2017-09-07 19:44    15262720    ----a-w-    c:\windows\system32\ieframe.dll
    2017-10-11 20:48 . 2017-09-07 20:40    5982208    ----a-w-    c:\windows\system32\jscript9.dll
    2017-10-11 20:48 . 2017-09-07 18:29    4547072    ----a-w-    c:\windows\SysWow64\jscript9.dll
    2017-10-10 18:30 . 2017-10-10 18:30    --------    d-----w-    c:\users\Daniele BR\AppData\Roaming\Trimble Connect for SketchUp
    2017-09-29 18:56 . 2017-09-29 18:56    1057976    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4DA5B371-2436-45BF-96A5-482E9883D295}\gapaengine.dll
    2017-09-26 17:05 . 2017-10-08 19:41    --------    d-----w-    C:\FRST
    2017-09-25 16:59 . 2017-09-25 17:00    --------    d-----w-    c:\users\Daniele BR\AppData\Local\Akamai
    2017-09-24 19:25 . 2017-09-24 19:56    --------    d-----w-    c:\users\Daniele BR\AppData\Roaming\ZHP
    2017-09-24 19:25 . 2017-09-24 19:25    --------    d-----w-    c:\users\Daniele BR\AppData\Local\ZHP
    2017-09-21 13:55 . 2017-09-21 13:55    --------    d-----w-    c:\users\Public\Recorded TV
    2017-09-21 02:34 . 2017-09-21 02:34    --------    d--h--r-    c:\users\Public\Libraries
    2017-09-20 19:43 . 2017-09-20 20:06    --------    d-----w-    C:\zoek_backup
    2017-09-20 19:09 . 2017-09-20 19:09    --------    d---a-w-    c:\programdata\Reprise
    2017-09-20 19:07 . 2017-09-20 19:07    --------    d-----w-    c:\program files\SketchUp
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((   Relatório Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2017-10-11 21:00 . 2010-09-05 06:20    126925120    -c--a-w-    c:\windows\system32\MRT.exe
    2017-10-01 16:40 . 2015-07-06 14:57    113880    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
    2017-09-13 15:08 . 2017-10-11 20:47    44032    ----a-w-    c:\windows\apppatch\acwow64.dll
    2017-09-02 16:07 . 2017-09-02 14:09    28888    ----a-w-    c:\windows\SysWow64\drivers\gbpddfac64.sys
    2017-09-02 14:40 . 2017-09-02 14:40    1856    ----a-w-    c:\windows\Fonts\Warsaw Bold.ttf
    2017-08-19 15:28 . 2017-09-12 19:12    197120    ----a-w-    c:\windows\system32\shdocvw.dll
    2017-08-16 15:29 . 2017-09-12 19:12    806912    ----a-w-    c:\windows\system32\usp10.dll
    2017-08-16 15:10 . 2017-09-12 19:12    629760    ----a-w-    c:\windows\SysWow64\usp10.dll
    2017-08-15 15:29 . 2017-09-12 19:12    14182400    ----a-w-    c:\windows\system32\shell32.dll
    2017-08-15 15:29 . 2017-09-12 19:12    1867264    ----a-w-    c:\windows\system32\ExplorerFrame.dll
    2017-08-15 15:10 . 2017-09-12 19:12    1499648    ----a-w-    c:\windows\SysWow64\ExplorerFrame.dll
    2017-08-14 17:35 . 2017-09-12 19:12    2150912    ----a-w-    c:\windows\SysWow64\mmcndmgr.dll
    2017-08-14 17:35 . 2017-09-12 19:12    303104    ----a-w-    c:\windows\SysWow64\mmcbase.dll
    2017-08-14 17:35 . 2017-09-12 19:12    128512    ----a-w-    c:\windows\SysWow64\mmcshext.dll
    2017-08-14 17:35 . 2017-09-12 19:12    172544    ----a-w-    c:\windows\SysWow64\cic.dll
    2017-08-14 17:35 . 2017-09-12 19:12    3203584    ----a-w-    c:\windows\system32\mmcndmgr.dll
    2017-08-14 17:35 . 2017-09-12 19:12    355328    ----a-w-    c:\windows\system32\mmcbase.dll
    2017-08-14 17:35 . 2017-09-12 19:12    131072    ----a-w-    c:\windows\system32\mmcshext.dll
    2017-08-14 17:34 . 2017-09-12 19:12    211968    ----a-w-    c:\windows\system32\cic.dll
    2017-08-13 21:37 . 2017-09-12 19:12    2144256    ----a-w-    c:\windows\system32\mmc.exe
    2017-08-13 21:30 . 2017-09-12 19:12    1401344    ----a-w-    c:\windows\SysWow64\mmc.exe
    2017-08-13 14:36 . 2012-04-05 20:19    803328    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
    2017-08-13 14:36 . 2011-05-16 19:09    144896    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2017-08-11 06:35 . 2017-09-12 19:12    757248    ----a-w-    c:\windows\system32\win32spl.dll
    2017-08-11 06:35 . 2017-09-12 19:12    313856    ----a-w-    c:\windows\system32\Wldap32.dll
    2017-08-11 06:35 . 2017-09-12 19:12    25600    ----a-w-    c:\windows\system32\winnsi.dll
    2017-08-11 06:35 . 2017-09-12 19:12    512000    ----a-w-    c:\windows\system32\rpcss.dll
    2017-08-11 06:35 . 2017-09-12 19:12    26112    ----a-w-    c:\windows\system32\nsisvc.dll
    2017-08-11 06:35 . 2017-09-12 19:12    346112    ----a-w-    c:\windows\system32\ntprint.dll
    2017-08-11 06:35 . 2017-09-12 19:12    13312    ----a-w-    c:\windows\system32\nsi.dll
    2017-08-11 06:35 . 2017-09-12 19:12    2065408    ----a-w-    c:\windows\system32\ole32.dll
    2017-08-11 06:35 . 2017-09-12 19:12    26112    ----a-w-    c:\windows\system32\oleres.dll
    2017-08-11 06:34 . 2017-09-12 19:12    971776    ----a-w-    c:\windows\system32\localspl.dll
    2017-08-11 06:34 . 2017-09-12 19:12    166400    ----a-w-    c:\windows\system32\inetpp.dll
    2017-08-11 06:34 . 2017-09-12 19:12    22528    ----a-w-    c:\windows\system32\inetppui.dll
    2017-08-11 06:34 . 2017-09-12 19:12    8704    ----a-w-    c:\windows\system32\comcat.dll
    2017-08-11 06:20 . 2017-09-12 19:12    48640    ----a-w-    c:\windows\system32\wpnpinst.exe
    2017-08-11 06:20 . 2017-09-12 19:12    61952    ----a-w-    c:\windows\system32\ntprint.exe
    2017-08-11 06:19 . 2017-09-12 19:12    497664    ----a-w-    c:\windows\SysWow64\win32spl.dll
    2017-08-11 06:19 . 2017-09-12 19:12    271360    ----a-w-    c:\windows\SysWow64\Wldap32.dll
    2017-08-11 06:19 . 2017-09-12 19:12    16384    ----a-w-    c:\windows\SysWow64\winnsi.dll
    2017-08-11 06:19 . 2017-09-12 19:12    299008    ----a-w-    c:\windows\SysWow64\ntprint.dll
    2017-08-11 06:19 . 2017-09-12 19:12    8704    ----a-w-    c:\windows\SysWow64\nsi.dll
    2017-08-11 06:19 . 2017-09-12 19:12    1417728    ----a-w-    c:\windows\SysWow64\ole32.dll
    2017-08-11 06:19 . 2017-09-12 19:12    26112    ----a-w-    c:\windows\SysWow64\oleres.dll
    2017-08-11 06:12 . 2017-09-12 19:12    25088    ----a-w-    c:\windows\system32\netbtugc.exe
    2017-08-11 06:09 . 2017-09-12 19:12    61952    ----a-w-    c:\windows\SysWow64\ntprint.exe
    2017-08-11 06:03 . 2017-09-12 19:12    26624    ----a-w-    c:\windows\SysWow64\netbtugc.exe
    2017-08-11 06:01 . 2017-09-12 19:12    7168    ----a-w-    c:\windows\SysWow64\comcat.dll
    2017-08-11 06:00 . 2017-09-12 19:12    262656    ----a-w-    c:\windows\system32\drivers\netbt.sys
    2017-08-11 05:58 . 2017-09-12 19:12    26112    ----a-w-    c:\windows\system32\drivers\nsiproxy.sys
    2017-07-29 14:56 . 2017-08-09 00:43    117248    ----a-w-    c:\windows\system32\drivers\tdx.sys
    2017-07-21 14:26 . 2017-08-09 00:43    282624    ----a-w-    c:\windows\SysWow64\mstext40.dll
    2017-07-21 14:26 . 2017-08-09 00:44    290816    ----a-w-    c:\windows\SysWow64\msjtes40.dll
    2017-07-21 14:26 . 2017-08-09 00:44    518144    ----a-w-    c:\windows\SysWow64\msjetoledb40.dll
    2017-07-21 14:26 . 2017-08-09 00:43    409600    ----a-w-    c:\windows\SysWow64\msexch40.dll
    .
    .
    ((((((((((((((((((((((((((   Pontos de Carregamento do Registro   )))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* entradas vazias e legítimas por padrão não são apresentadas.
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\    OneDrive1]
    @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
    [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
    2017-09-21 18:35    2602704    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\    OneDrive2]
    @="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
    [HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
    2017-09-21 18:35    2602704    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\    OneDrive3]
    @="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
    [HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
    2017-09-21 18:35    2602704    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\    OneDrive4]
    @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
    [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
    2017-09-21 18:35    2602704    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\    OneDrive5]
    @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
    [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
    2017-09-21 18:35    2602704    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\    OneDrive6]
    @="{9AA2F32D-362A-42D9-9328-24A483E2CCC3}"
    [HKEY_CLASSES_ROOT\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}]
    2017-09-21 18:35    2602704    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt01]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt02]
    @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
    @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt03]
    @="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt04]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt05]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt06]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt07]
    @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
    @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt08]
    @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
    @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt09]
    @="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt10]
    @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
    @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt01]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt05]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt07]
    @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
    @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt10]
    @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
    @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt04]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt02]
    @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
    @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt06]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt08]
    @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
    @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
    "Akamai NetSession Interface"="c:\users\Daniele BR\AppData\Local\Akamai\netsession_win.exe" [2017-09-08 4490200]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "Malwarebytes Anti-Exploit"="c:\program files (x86)\Malwarebytes Anti-Exploit\mbae.exe" [2017-09-18 2480592]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-05 1081224]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginCef]
    2014-07-11 14:46    1718088    ------w-    c:\program files (x86)\GbPlugin\gbiehcef.dll
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute    REG_MULTI_SZ       autocheck autochk *\0PCloudBroom64.exe \systemroot\system32\BroomData.bit
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys;c:\windows\SYSNATIVE\drivers\gbpkm.sys [x]
    R1 gbpddfac;Warsaw File Access svc;c:\windows\system32\drivers\gbpddfac64.sys;c:\windows\SYSNATIVE\drivers\gbpddfac64.sys [x]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
    R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
    R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
    R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
    R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
    R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
    R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
    R3 netr7364;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x]
    R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
    R3 NisSrv;Inspeção de Rede da Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
    R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
    R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
    R3 PTSimHid;PenTablet Simulated HID MiniDriver;c:\windows\system32\DRIVERS\PTSimHid.sys;c:\windows\SYSNATIVE\DRIVERS\PTSimHid.sys [x]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
    R3 RTL8023x64;Driver Realtek 10/100 NIC Family NDIS x64;c:\windows\system32\DRIVERS\Rtnic64.sys;c:\windows\SYSNATIVE\DRIVERS\Rtnic64.sys [x]
    R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
    R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
    R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
    R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
    R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
    R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
    R4 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
    R4 ENAgent;Epson Redirect Agent;c:\windows\SysWOW64\ENAgent.exe;c:\windows\SysWOW64\ENAgent.exe [x]
    R4 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x]
    R4 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [x]
    R4 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
    R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
    S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
    S1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae64.sys;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [x]
    S2 AdAppMgrSvc;Autodesk Desktop App Service;c:\program files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe ;c:\program files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe  [x]
    S2 AGSService;Adobe Genuine Software Integrity Service;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [x]
    S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
    S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
    S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe;c:\program files\Dell\DellDock\DockLogin.exe [x]
    S2 GbpSv;Gbp Service;c:\progra~2\GbPlugin\GbpSv.exe;c:\progra~2\GbPlugin\GbpSv.exe [x]
    S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
    S2 MbaeSvc;Malwarebytes Anti-Exploit Service;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [x]
    S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
    S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
    S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
    S2 WDBackup;WD Backup;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [x]
    S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [x]
    S2 WDRulesService;WD Rules;c:\program files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [x]
    S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
    S3 IntcDAud;Áudio do vídeo Intel(R);c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
    S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
    S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
    S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
    S3 PTSimBus;PenTablet Bus Enumerator;c:\windows\system32\DRIVERS\PTSimBus.sys;c:\windows\SYSNATIVE\DRIVERS\PTSimBus.sys [x]
    S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
    S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
    S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
    S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
    S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
    .
    .
    --- =Outros Serviços/Drivers Na Memória ---
    .
    *Deregistered* - GbFtIn
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
    LocalServiceAndNoImpersonation    REG_MULTI_SZ       SSDPSRV upnphost SCardSvr QWAVE wcncsvc
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
    start [BU]
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
    2017-07-31 22:31    324080    ----a-w-    c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   OneDrive1]
    @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
    [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
    2017-09-21 18:35    2863824    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   OneDrive2]
    @="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
    [HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
    2017-09-21 18:35    2863824    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   OneDrive3]
    @="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
    [HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
    2017-09-21 18:35    2863824    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   OneDrive4]
    @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
    [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
    2017-09-21 18:35    2863824    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   OneDrive5]
    @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
    [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
    2017-09-21 18:35    2863824    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   OneDrive6]
    @="{9AA2F32D-362A-42D9-9328-24A483E2CCC3}"
    [HKEY_CLASSES_ROOT\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}]
    2017-09-21 18:35    2863824    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveBlacklisted]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
    2017-08-31 16:21    775064    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveSynced]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
    2017-08-31 16:21    775064    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveSyncing]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
    2017-08-31 16:21    775064    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
    @="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
    [HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
    2017-08-14 06:48    491600    ----a-w-    c:\program files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
    @="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
    [HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
    2017-08-14 06:48    491600    ----a-w-    c:\program files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
    @="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
    [HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
    2017-08-14 06:48    491600    ----a-w-    c:\program files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    333128    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    333128    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    333128    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    333128    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-09 10060832]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-11-14 1353680]
    "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-10-12 2655520]
    "ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-07-24 1710568]
    .
    ------- Scan Suplementar -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://www.google.com/
    mLocal Page = c:\windows\system32\blank.htm
    uInternet Settings,ProxyOverride = <local>
    IE: Capturar esta página - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
    IE: Capturar favorito - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
    IE: Capturar imagem - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
    IE: Capturar seleção - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
    IE: Capturar URL - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
    IE: Nova nota - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
    Trusted Zone: caixa.gov.br\imagem
    Trusted Zone: caixa.gov.br\imagem2
    Trusted Zone: caixa.gov.br\internetbanking
    Trusted Zone: caixa.gov.br\internetbankingpf
    Trusted Zone: caixa.gov.br\www
    Trusted Zone: google.com\www
    Trusted Zone: google.com.br\www
    Trusted Zone: itau.b.br
    Trusted Zone: itau.b.br\www
    Trusted Zone: itau.com.br
    Trusted Zone: itau.com.br\bankline
    Trusted Zone: itau.com.br\banklineplus
    Trusted Zone: itau.com.br\clickbanking
    Trusted Zone: itau.com.br\guardiao
    Trusted Zone: itau.com.br\internet
    Trusted Zone: itau.com.br\www
    Trusted Zone: itaupersonnalite.com.br\www
    TCP: DhcpNameServer = 177.223.13.43 8.8.8.8
    FF - ProfilePath - c:\users\Daniele BR\AppData\Roaming\Mozilla\Firefox\Profiles\07187q7j.default-1495139530515\
    .
    - - - - ORFÃOS REMOVIDOS - - - -
    .
    Toolbar-Locked - (no file)
    HKLM_Wow6432Node-ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe
    .
    .
    .
    --------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_286_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_286_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker6"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_286_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_286_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_286.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.20"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_286.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_286.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_286.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker6"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
    @="?????????????????? v1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
    @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
    @="?????????????????? v2"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
    @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
    .
    [HKEY_LOCAL_MACHINE\software\McAfee]
    "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
       00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    ------------------------ Outros Processos em Execução ------------------------
    .
    c:\program files (x86)\Dell Support Center\bin\sprtsvc.exe
    .
    **************************************************************************
    .
    Tempo para conclusão: 2017-10-17  11:44:38 - Máquina reiniciou
    ComboFix-quarantined-files.txt  2017-10-17 13:44
    ComboFix2.txt  2013-07-19 05:58
    ComboFix3.txt  2013-07-13 17:30
    .
    Pré-execução: 123.684.204.544 bytes disponíveis
    Pós execução: 123.153.678.336 bytes disponíveis
    .
    - - End Of File - - B54A14266D65B9B9CCCE67FD8EF679F0
    A36C5E4F47E84449FF07ED3517B43A31

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Agradeço a paciência!!
    Segue o log:

     

    ComboFix 17-10-04.01 - Daniele BR 17/10/2017  11:08:29.4.4 - x64
    Microsoft Windows 7 Home Premium   6.1.7601.1.1252.55.1046.18.4055.2410 [GMT -2:00]
    Executando de: c:\users\Daniele BR\Desktop\ComboFix.exe
    AV: Microsoft Security Essentials *Disabled/Updated* {71A27EC9-3DA6-45FC-60A7-004F623C6189}
    SP: Microsoft Security Essentials *Disabled/Updated* {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((((((   Outras Exclusões   )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\Microsoft
    E:\install.exe
    .
    .
    (((((((((((((((((((((((((((((((((((((((   Drivers/Serviços   )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    -------\Service_AdobeUpdateService
    .
    .
    ((((((((((((((((   Arquivos/Ficheiros criados de 2017-09-17 to 2017-10-17  ))))))))))))))))))))))))))))
    .
    .
    2017-10-17 13:26 . 2017-10-17 13:26    --------    d-----w-    c:\windows\system32\config\systemprofile\AppData\Local\temp
    2017-10-17 13:26 . 2017-10-17 13:26    --------    d-----w-    c:\users\Public\AppData\Local\temp
    2017-10-17 13:26 . 2017-10-17 13:26    --------    d-----w-    c:\users\PESQUISA CASA NOVA\AppData\Local\temp
    2017-10-16 18:18 . 2017-09-18 20:11    13890840    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4CEA0362-589F-4FCB-B1C5-6414356098AE}\mpengine.dll
    2017-10-11 21:01 . 2017-10-11 21:01    126925120    -c--a-w-    c:\windows\system32\MRT-KB890830.exe
    2017-10-11 20:58 . 2017-09-18 20:11    13890840    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2017-10-11 20:48 . 2017-09-07 21:08    25729536    ----a-w-    c:\windows\system32\mshtml.dll
    2017-10-11 20:48 . 2017-09-07 19:44    15262720    ----a-w-    c:\windows\system32\ieframe.dll
    2017-10-11 20:48 . 2017-09-07 20:40    5982208    ----a-w-    c:\windows\system32\jscript9.dll
    2017-10-11 20:48 . 2017-09-07 18:29    4547072    ----a-w-    c:\windows\SysWow64\jscript9.dll
    2017-10-10 18:30 . 2017-10-10 18:30    --------    d-----w-    c:\users\Daniele BR\AppData\Roaming\Trimble Connect for SketchUp
    2017-09-29 18:56 . 2017-09-29 18:56    1057976    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4DA5B371-2436-45BF-96A5-482E9883D295}\gapaengine.dll
    2017-09-26 17:05 . 2017-10-08 19:41    --------    d-----w-    C:\FRST
    2017-09-25 16:59 . 2017-09-25 17:00    --------    d-----w-    c:\users\Daniele BR\AppData\Local\Akamai
    2017-09-24 19:25 . 2017-09-24 19:56    --------    d-----w-    c:\users\Daniele BR\AppData\Roaming\ZHP
    2017-09-24 19:25 . 2017-09-24 19:25    --------    d-----w-    c:\users\Daniele BR\AppData\Local\ZHP
    2017-09-21 13:55 . 2017-09-21 13:55    --------    d-----w-    c:\users\Public\Recorded TV
    2017-09-21 02:34 . 2017-09-21 02:34    --------    d--h--r-    c:\users\Public\Libraries
    2017-09-20 19:43 . 2017-09-20 20:06    --------    d-----w-    C:\zoek_backup
    2017-09-20 19:09 . 2017-09-20 19:09    --------    d---a-w-    c:\programdata\Reprise
    2017-09-20 19:07 . 2017-09-20 19:07    --------    d-----w-    c:\program files\SketchUp
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((   Relatório Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2017-10-11 21:00 . 2010-09-05 06:20    126925120    -c--a-w-    c:\windows\system32\MRT.exe
    2017-10-01 16:40 . 2015-07-06 14:57    113880    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
    2017-09-13 15:08 . 2017-10-11 20:47    44032    ----a-w-    c:\windows\apppatch\acwow64.dll
    2017-09-02 16:07 . 2017-09-02 14:09    28888    ----a-w-    c:\windows\SysWow64\drivers\gbpddfac64.sys
    2017-09-02 14:40 . 2017-09-02 14:40    1856    ----a-w-    c:\windows\Fonts\Warsaw Bold.ttf
    2017-08-19 15:28 . 2017-09-12 19:12    197120    ----a-w-    c:\windows\system32\shdocvw.dll
    2017-08-16 15:29 . 2017-09-12 19:12    806912    ----a-w-    c:\windows\system32\usp10.dll
    2017-08-16 15:10 . 2017-09-12 19:12    629760    ----a-w-    c:\windows\SysWow64\usp10.dll
    2017-08-15 15:29 . 2017-09-12 19:12    14182400    ----a-w-    c:\windows\system32\shell32.dll
    2017-08-15 15:29 . 2017-09-12 19:12    1867264    ----a-w-    c:\windows\system32\ExplorerFrame.dll
    2017-08-15 15:10 . 2017-09-12 19:12    1499648    ----a-w-    c:\windows\SysWow64\ExplorerFrame.dll
    2017-08-14 17:35 . 2017-09-12 19:12    2150912    ----a-w-    c:\windows\SysWow64\mmcndmgr.dll
    2017-08-14 17:35 . 2017-09-12 19:12    303104    ----a-w-    c:\windows\SysWow64\mmcbase.dll
    2017-08-14 17:35 . 2017-09-12 19:12    128512    ----a-w-    c:\windows\SysWow64\mmcshext.dll
    2017-08-14 17:35 . 2017-09-12 19:12    172544    ----a-w-    c:\windows\SysWow64\cic.dll
    2017-08-14 17:35 . 2017-09-12 19:12    3203584    ----a-w-    c:\windows\system32\mmcndmgr.dll
    2017-08-14 17:35 . 2017-09-12 19:12    355328    ----a-w-    c:\windows\system32\mmcbase.dll
    2017-08-14 17:35 . 2017-09-12 19:12    131072    ----a-w-    c:\windows\system32\mmcshext.dll
    2017-08-14 17:34 . 2017-09-12 19:12    211968    ----a-w-    c:\windows\system32\cic.dll
    2017-08-13 21:37 . 2017-09-12 19:12    2144256    ----a-w-    c:\windows\system32\mmc.exe
    2017-08-13 21:30 . 2017-09-12 19:12    1401344    ----a-w-    c:\windows\SysWow64\mmc.exe
    2017-08-13 14:36 . 2012-04-05 20:19    803328    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
    2017-08-13 14:36 . 2011-05-16 19:09    144896    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2017-08-11 06:35 . 2017-09-12 19:12    757248    ----a-w-    c:\windows\system32\win32spl.dll
    2017-08-11 06:35 . 2017-09-12 19:12    313856    ----a-w-    c:\windows\system32\Wldap32.dll
    2017-08-11 06:35 . 2017-09-12 19:12    25600    ----a-w-    c:\windows\system32\winnsi.dll
    2017-08-11 06:35 . 2017-09-12 19:12    512000    ----a-w-    c:\windows\system32\rpcss.dll
    2017-08-11 06:35 . 2017-09-12 19:12    26112    ----a-w-    c:\windows\system32\nsisvc.dll
    2017-08-11 06:35 . 2017-09-12 19:12    346112    ----a-w-    c:\windows\system32\ntprint.dll
    2017-08-11 06:35 . 2017-09-12 19:12    13312    ----a-w-    c:\windows\system32\nsi.dll
    2017-08-11 06:35 . 2017-09-12 19:12    2065408    ----a-w-    c:\windows\system32\ole32.dll
    2017-08-11 06:35 . 2017-09-12 19:12    26112    ----a-w-    c:\windows\system32\oleres.dll
    2017-08-11 06:34 . 2017-09-12 19:12    971776    ----a-w-    c:\windows\system32\localspl.dll
    2017-08-11 06:34 . 2017-09-12 19:12    166400    ----a-w-    c:\windows\system32\inetpp.dll
    2017-08-11 06:34 . 2017-09-12 19:12    22528    ----a-w-    c:\windows\system32\inetppui.dll
    2017-08-11 06:34 . 2017-09-12 19:12    8704    ----a-w-    c:\windows\system32\comcat.dll
    2017-08-11 06:20 . 2017-09-12 19:12    48640    ----a-w-    c:\windows\system32\wpnpinst.exe
    2017-08-11 06:20 . 2017-09-12 19:12    61952    ----a-w-    c:\windows\system32\ntprint.exe
    2017-08-11 06:19 . 2017-09-12 19:12    497664    ----a-w-    c:\windows\SysWow64\win32spl.dll
    2017-08-11 06:19 . 2017-09-12 19:12    271360    ----a-w-    c:\windows\SysWow64\Wldap32.dll
    2017-08-11 06:19 . 2017-09-12 19:12    16384    ----a-w-    c:\windows\SysWow64\winnsi.dll
    2017-08-11 06:19 . 2017-09-12 19:12    299008    ----a-w-    c:\windows\SysWow64\ntprint.dll
    2017-08-11 06:19 . 2017-09-12 19:12    8704    ----a-w-    c:\windows\SysWow64\nsi.dll
    2017-08-11 06:19 . 2017-09-12 19:12    1417728    ----a-w-    c:\windows\SysWow64\ole32.dll
    2017-08-11 06:19 . 2017-09-12 19:12    26112    ----a-w-    c:\windows\SysWow64\oleres.dll
    2017-08-11 06:12 . 2017-09-12 19:12    25088    ----a-w-    c:\windows\system32\netbtugc.exe
    2017-08-11 06:09 . 2017-09-12 19:12    61952    ----a-w-    c:\windows\SysWow64\ntprint.exe
    2017-08-11 06:03 . 2017-09-12 19:12    26624    ----a-w-    c:\windows\SysWow64\netbtugc.exe
    2017-08-11 06:01 . 2017-09-12 19:12    7168    ----a-w-    c:\windows\SysWow64\comcat.dll
    2017-08-11 06:00 . 2017-09-12 19:12    262656    ----a-w-    c:\windows\system32\drivers\netbt.sys
    2017-08-11 05:58 . 2017-09-12 19:12    26112    ----a-w-    c:\windows\system32\drivers\nsiproxy.sys
    2017-07-29 14:56 . 2017-08-09 00:43    117248    ----a-w-    c:\windows\system32\drivers\tdx.sys
    2017-07-21 14:26 . 2017-08-09 00:43    282624    ----a-w-    c:\windows\SysWow64\mstext40.dll
    2017-07-21 14:26 . 2017-08-09 00:44    290816    ----a-w-    c:\windows\SysWow64\msjtes40.dll
    2017-07-21 14:26 . 2017-08-09 00:44    518144    ----a-w-    c:\windows\SysWow64\msjetoledb40.dll
    2017-07-21 14:26 . 2017-08-09 00:43    409600    ----a-w-    c:\windows\SysWow64\msexch40.dll
    .
    .
    ((((((((((((((((((((((((((   Pontos de Carregamento do Registro   )))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* entradas vazias e legítimas por padrão não são apresentadas.
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\    OneDrive1]
    @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
    [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
    2017-09-21 18:35    2602704    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\    OneDrive2]
    @="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
    [HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
    2017-09-21 18:35    2602704    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\    OneDrive3]
    @="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
    [HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
    2017-09-21 18:35    2602704    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\    OneDrive4]
    @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
    [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
    2017-09-21 18:35    2602704    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\    OneDrive5]
    @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
    [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
    2017-09-21 18:35    2602704    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\    OneDrive6]
    @="{9AA2F32D-362A-42D9-9328-24A483E2CCC3}"
    [HKEY_CLASSES_ROOT\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}]
    2017-09-21 18:35    2602704    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt01]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt02]
    @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
    @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt03]
    @="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt04]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt05]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt06]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt07]
    @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
    @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt08]
    @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
    @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt09]
    @="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt10]
    @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
    @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt01]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt05]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt07]
    @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
    @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt10]
    @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
    @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt04]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt02]
    @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
    @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt06]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt08]
    @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
    @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
    "Akamai NetSession Interface"="c:\users\Daniele BR\AppData\Local\Akamai\netsession_win.exe" [2017-09-08 4490200]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "Malwarebytes Anti-Exploit"="c:\program files (x86)\Malwarebytes Anti-Exploit\mbae.exe" [2017-09-18 2480592]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-05 1081224]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginCef]
    2014-07-11 14:46    1718088    ------w-    c:\program files (x86)\GbPlugin\gbiehcef.dll
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute    REG_MULTI_SZ       autocheck autochk *\0PCloudBroom64.exe \systemroot\system32\BroomData.bit
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys;c:\windows\SYSNATIVE\drivers\gbpkm.sys [x]
    R1 gbpddfac;Warsaw File Access svc;c:\windows\system32\drivers\gbpddfac64.sys;c:\windows\SYSNATIVE\drivers\gbpddfac64.sys [x]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
    R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
    R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
    R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
    R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
    R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
    R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
    R3 netr7364;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x]
    R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
    R3 NisSrv;Inspeção de Rede da Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
    R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
    R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
    R3 PTSimHid;PenTablet Simulated HID MiniDriver;c:\windows\system32\DRIVERS\PTSimHid.sys;c:\windows\SYSNATIVE\DRIVERS\PTSimHid.sys [x]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
    R3 RTL8023x64;Driver Realtek 10/100 NIC Family NDIS x64;c:\windows\system32\DRIVERS\Rtnic64.sys;c:\windows\SYSNATIVE\DRIVERS\Rtnic64.sys [x]
    R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
    R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
    R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
    R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
    R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
    R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
    R4 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
    R4 ENAgent;Epson Redirect Agent;c:\windows\SysWOW64\ENAgent.exe;c:\windows\SysWOW64\ENAgent.exe [x]
    R4 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x]
    R4 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [x]
    R4 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
    R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
    S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
    S1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae64.sys;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [x]
    S2 AdAppMgrSvc;Autodesk Desktop App Service;c:\program files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe ;c:\program files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe  [x]
    S2 AGSService;Adobe Genuine Software Integrity Service;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [x]
    S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
    S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
    S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe;c:\program files\Dell\DellDock\DockLogin.exe [x]
    S2 GbpSv;Gbp Service;c:\progra~2\GbPlugin\GbpSv.exe;c:\progra~2\GbPlugin\GbpSv.exe [x]
    S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
    S2 MbaeSvc;Malwarebytes Anti-Exploit Service;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [x]
    S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
    S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
    S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
    S2 WDBackup;WD Backup;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [x]
    S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [x]
    S2 WDRulesService;WD Rules;c:\program files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [x]
    S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
    S3 IntcDAud;Áudio do vídeo Intel(R);c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
    S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
    S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
    S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
    S3 PTSimBus;PenTablet Bus Enumerator;c:\windows\system32\DRIVERS\PTSimBus.sys;c:\windows\SYSNATIVE\DRIVERS\PTSimBus.sys [x]
    S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
    S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
    S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
    S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
    S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
    .
    .
    --- =Outros Serviços/Drivers Na Memória ---
    .
    *Deregistered* - GbFtIn
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
    LocalServiceAndNoImpersonation    REG_MULTI_SZ       SSDPSRV upnphost SCardSvr QWAVE wcncsvc
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
    start [BU]
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
    2017-07-31 22:31    324080    ----a-w-    c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   OneDrive1]
    @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
    [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
    2017-09-21 18:35    2863824    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   OneDrive2]
    @="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
    [HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
    2017-09-21 18:35    2863824    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   OneDrive3]
    @="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
    [HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
    2017-09-21 18:35    2863824    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   OneDrive4]
    @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
    [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
    2017-09-21 18:35    2863824    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   OneDrive5]
    @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
    [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
    2017-09-21 18:35    2863824    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   OneDrive6]
    @="{9AA2F32D-362A-42D9-9328-24A483E2CCC3}"
    [HKEY_CLASSES_ROOT\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}]
    2017-09-21 18:35    2863824    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveBlacklisted]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
    2017-08-31 16:21    775064    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveSynced]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
    2017-08-31 16:21    775064    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveSyncing]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
    2017-08-31 16:21    775064    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
    @="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
    [HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
    2017-08-14 06:48    491600    ----a-w-    c:\program files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
    @="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
    [HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
    2017-08-14 06:48    491600    ----a-w-    c:\program files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
    @="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
    [HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
    2017-08-14 06:48    491600    ----a-w-    c:\program files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    333128    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    333128    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    333128    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    333128    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-09 10060832]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-11-14 1353680]
    "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-10-12 2655520]
    "ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-07-24 1710568]
    .
    ------- Scan Suplementar -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://www.google.com/
    mLocal Page = c:\windows\system32\blank.htm
    uInternet Settings,ProxyOverride = <local>
    IE: Capturar esta página - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
    IE: Capturar favorito - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
    IE: Capturar imagem - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
    IE: Capturar seleção - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
    IE: Capturar URL - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
    IE: Nova nota - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
    Trusted Zone: caixa.gov.br\imagem
    Trusted Zone: caixa.gov.br\imagem2
    Trusted Zone: caixa.gov.br\internetbanking
    Trusted Zone: caixa.gov.br\internetbankingpf
    Trusted Zone: caixa.gov.br\www
    Trusted Zone: google.com\www
    Trusted Zone: google.com.br\www
    Trusted Zone: itau.b.br
    Trusted Zone: itau.b.br\www
    Trusted Zone: itau.com.br
    Trusted Zone: itau.com.br\bankline
    Trusted Zone: itau.com.br\banklineplus
    Trusted Zone: itau.com.br\clickbanking
    Trusted Zone: itau.com.br\guardiao
    Trusted Zone: itau.com.br\internet
    Trusted Zone: itau.com.br\www
    Trusted Zone: itaupersonnalite.com.br\www
    TCP: DhcpNameServer = 177.223.13.43 8.8.8.8
    FF - ProfilePath - c:\users\Daniele BR\AppData\Roaming\Mozilla\Firefox\Profiles\07187q7j.default-1495139530515\
    .
    - - - - ORFÃOS REMOVIDOS - - - -
    .
    Toolbar-Locked - (no file)
    HKLM_Wow6432Node-ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe
    .
    .
    .
    --------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_286_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_286_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker6"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_286_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_286_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_286.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.20"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_286.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_286.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_286.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker6"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
    @="?????????????????? v1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
    @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
    @="?????????????????? v2"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
    @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
    .
    [HKEY_LOCAL_MACHINE\software\McAfee]
    "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
       00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    ------------------------ Outros Processos em Execução ------------------------
    .
    c:\program files (x86)\Dell Support Center\bin\sprtsvc.exe
    .
    **************************************************************************
    .
    Tempo para conclusão: 2017-10-17  11:44:38 - Máquina reiniciou
    ComboFix-quarantined-files.txt  2017-10-17 13:44
    ComboFix2.txt  2013-07-19 05:58
    ComboFix3.txt  2013-07-13 17:30
    .
    Pré-execução: 123.684.204.544 bytes disponíveis
    Pós execução: 123.153.678.336 bytes disponíveis
    .
    - - End Of File - - B54A14266D65B9B9CCCE67FD8EF679F0
    A36C5E4F47E84449FF07ED3517B43A31

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Cara @danirruas

     

    Desculpe a demora! :)

     

    Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

     

    Baixe o arquivo (CFScript.txt) no anexo deste post e salve-o na Área de Trabalho (Desktop).

    Tal com exemplificado na animação abaixo, arraste o arquivo CFScript.txt para dentro do ComboFix.exe.

     

    2872959479_997d4500c4_o.gif

     

    Quando a ferramenta terminar, será gerado um log C:\ComboFix.txt

    Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

     

    Abraços :D

    CFScript.txt

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Boa noite!! Agradeço o retorno, segue o log:

     

    ComboFix 17-10-04.01 - Daniele BR 23/10/2017  23:52:18.5.4 - x64
    Microsoft Windows 7 Home Premium   6.1.7601.1.1252.55.1046.18.4055.2547 [GMT -2:00]
    Executando de: c:\users\Daniele BR\Desktop\ComboFix.exe
    Comandos utilizados :: c:\users\Daniele BR\Desktop\CFScript.txt
    AV: Microsoft Security Essentials *Disabled/Updated* {71A27EC9-3DA6-45FC-60A7-004F623C6189}
    SP: Microsoft Security Essentials *Disabled/Updated* {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((   Arquivos/Ficheiros criados de 2017-09-24 to 2017-10-24  ))))))))))))))))))))))))))))
    .
    .
    2017-10-24 02:11 . 2017-10-24 02:11    --------    d-----w-    c:\windows\system32\config\systemprofile\AppData\Local\temp
    2017-10-24 02:11 . 2017-10-24 02:11    --------    d-----w-    c:\users\Public\AppData\Local\temp
    2017-10-24 02:11 . 2017-10-24 02:11    --------    d-----w-    c:\users\PESQUISA CASA NOVA\AppData\Local\temp
    2017-10-24 02:11 . 2017-10-24 02:11    --------    d-----w-    c:\users\Default\AppData\Local\temp
    2017-10-23 08:44 . 2017-09-18 20:11    13890840    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4EFB597A-88B6-440E-90CF-AF95B20DBA97}\mpengine.dll
    2017-10-23 08:43 . 2017-09-18 20:11    13890840    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2017-10-20 18:55 . 2017-10-20 18:55    18896    ----a-w-    c:\program files (x86)\Mozilla Firefox\qipcap64.dll
    2017-10-11 21:01 . 2017-10-11 21:01    126925120    -c--a-w-    c:\windows\system32\MRT-KB890830.exe
    2017-10-11 20:48 . 2017-09-07 21:08    25729536    ----a-w-    c:\windows\system32\mshtml.dll
    2017-10-11 20:48 . 2017-09-07 19:44    15262720    ----a-w-    c:\windows\system32\ieframe.dll
    2017-10-11 20:48 . 2017-09-07 20:40    5982208    ----a-w-    c:\windows\system32\jscript9.dll
    2017-10-11 20:48 . 2017-09-07 18:29    4547072    ----a-w-    c:\windows\SysWow64\jscript9.dll
    2017-10-10 18:30 . 2017-10-10 18:30    --------    d-----w-    c:\users\Daniele BR\AppData\Roaming\Trimble Connect for SketchUp
    2017-09-29 18:56 . 2017-09-29 18:56    1057976    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4DA5B371-2436-45BF-96A5-482E9883D295}\gapaengine.dll
    2017-09-26 17:05 . 2017-10-08 19:41    --------    d-----w-    C:\FRST
    2017-09-25 16:59 . 2017-09-25 17:00    --------    d-----w-    c:\users\Daniele BR\AppData\Local\Akamai
    2017-09-24 19:25 . 2017-09-24 19:56    --------    d-----w-    c:\users\Daniele BR\AppData\Roaming\ZHP
    2017-09-24 19:25 . 2017-09-24 19:25    --------    d-----w-    c:\users\Daniele BR\AppData\Local\ZHP
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((   Relatório Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2017-10-11 21:00 . 2010-09-05 06:20    126925120    -c--a-w-    c:\windows\system32\MRT.exe
    2017-10-01 16:40 . 2015-07-06 14:57    113880    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
    2017-09-13 15:08 . 2017-10-11 20:47    44032    ----a-w-    c:\windows\apppatch\acwow64.dll
    2017-09-02 16:07 . 2017-09-02 14:09    28888    ----a-w-    c:\windows\SysWow64\drivers\gbpddfac64.sys
    2017-09-02 14:40 . 2017-09-02 14:40    1856    ----a-w-    c:\windows\Fonts\Warsaw Bold.ttf
    2017-08-19 15:28 . 2017-09-12 19:12    197120    ----a-w-    c:\windows\system32\shdocvw.dll
    2017-08-17 16:35 . 2013-08-16 13:01    544424    ------w-    c:\windows\system32\MpSigStub.exe
    2017-08-16 15:29 . 2017-09-12 19:12    806912    ----a-w-    c:\windows\system32\usp10.dll
    2017-08-16 15:10 . 2017-09-12 19:12    629760    ----a-w-    c:\windows\SysWow64\usp10.dll
    2017-08-15 15:29 . 2017-09-12 19:12    14182400    ----a-w-    c:\windows\system32\shell32.dll
    2017-08-15 15:29 . 2017-09-12 19:12    1867264    ----a-w-    c:\windows\system32\ExplorerFrame.dll
    2017-08-15 15:10 . 2017-09-12 19:12    1499648    ----a-w-    c:\windows\SysWow64\ExplorerFrame.dll
    2017-08-14 17:35 . 2017-09-12 19:12    2150912    ----a-w-    c:\windows\SysWow64\mmcndmgr.dll
    2017-08-14 17:35 . 2017-09-12 19:12    303104    ----a-w-    c:\windows\SysWow64\mmcbase.dll
    2017-08-14 17:35 . 2017-09-12 19:12    128512    ----a-w-    c:\windows\SysWow64\mmcshext.dll
    2017-08-14 17:35 . 2017-09-12 19:12    172544    ----a-w-    c:\windows\SysWow64\cic.dll
    2017-08-14 17:35 . 2017-09-12 19:12    3203584    ----a-w-    c:\windows\system32\mmcndmgr.dll
    2017-08-14 17:35 . 2017-09-12 19:12    355328    ----a-w-    c:\windows\system32\mmcbase.dll
    2017-08-14 17:35 . 2017-09-12 19:12    131072    ----a-w-    c:\windows\system32\mmcshext.dll
    2017-08-14 17:34 . 2017-09-12 19:12    211968    ----a-w-    c:\windows\system32\cic.dll
    2017-08-13 21:37 . 2017-09-12 19:12    2144256    ----a-w-    c:\windows\system32\mmc.exe
    2017-08-13 21:30 . 2017-09-12 19:12    1401344    ----a-w-    c:\windows\SysWow64\mmc.exe
    2017-08-13 14:36 . 2012-04-05 20:19    803328    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
    2017-08-13 14:36 . 2011-05-16 19:09    144896    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2017-08-11 06:35 . 2017-09-12 19:12    757248    ----a-w-    c:\windows\system32\win32spl.dll
    2017-08-11 06:35 . 2017-09-12 19:12    313856    ----a-w-    c:\windows\system32\Wldap32.dll
    2017-08-11 06:35 . 2017-09-12 19:12    25600    ----a-w-    c:\windows\system32\winnsi.dll
    2017-08-11 06:35 . 2017-09-12 19:12    512000    ----a-w-    c:\windows\system32\rpcss.dll
    2017-08-11 06:35 . 2017-09-12 19:12    26112    ----a-w-    c:\windows\system32\nsisvc.dll
    2017-08-11 06:35 . 2017-09-12 19:12    346112    ----a-w-    c:\windows\system32\ntprint.dll
    2017-08-11 06:35 . 2017-09-12 19:12    13312    ----a-w-    c:\windows\system32\nsi.dll
    2017-08-11 06:35 . 2017-09-12 19:12    2065408    ----a-w-    c:\windows\system32\ole32.dll
    2017-08-11 06:35 . 2017-09-12 19:12    26112    ----a-w-    c:\windows\system32\oleres.dll
    2017-08-11 06:34 . 2017-09-12 19:12    971776    ----a-w-    c:\windows\system32\localspl.dll
    2017-08-11 06:34 . 2017-09-12 19:12    166400    ----a-w-    c:\windows\system32\inetpp.dll
    2017-08-11 06:34 . 2017-09-12 19:12    22528    ----a-w-    c:\windows\system32\inetppui.dll
    2017-08-11 06:34 . 2017-09-12 19:12    8704    ----a-w-    c:\windows\system32\comcat.dll
    2017-08-11 06:20 . 2017-09-12 19:12    48640    ----a-w-    c:\windows\system32\wpnpinst.exe
    2017-08-11 06:20 . 2017-09-12 19:12    61952    ----a-w-    c:\windows\system32\ntprint.exe
    2017-08-11 06:19 . 2017-09-12 19:12    497664    ----a-w-    c:\windows\SysWow64\win32spl.dll
    2017-08-11 06:19 . 2017-09-12 19:12    271360    ----a-w-    c:\windows\SysWow64\Wldap32.dll
    2017-08-11 06:19 . 2017-09-12 19:12    16384    ----a-w-    c:\windows\SysWow64\winnsi.dll
    2017-08-11 06:19 . 2017-09-12 19:12    299008    ----a-w-    c:\windows\SysWow64\ntprint.dll
    2017-08-11 06:19 . 2017-09-12 19:12    8704    ----a-w-    c:\windows\SysWow64\nsi.dll
    2017-08-11 06:19 . 2017-09-12 19:12    1417728    ----a-w-    c:\windows\SysWow64\ole32.dll
    2017-08-11 06:19 . 2017-09-12 19:12    26112    ----a-w-    c:\windows\SysWow64\oleres.dll
    2017-08-11 06:12 . 2017-09-12 19:12    25088    ----a-w-    c:\windows\system32\netbtugc.exe
    2017-08-11 06:09 . 2017-09-12 19:12    61952    ----a-w-    c:\windows\SysWow64\ntprint.exe
    2017-08-11 06:03 . 2017-09-12 19:12    26624    ----a-w-    c:\windows\SysWow64\netbtugc.exe
    2017-08-11 06:01 . 2017-09-12 19:12    7168    ----a-w-    c:\windows\SysWow64\comcat.dll
    2017-08-11 06:00 . 2017-09-12 19:12    262656    ----a-w-    c:\windows\system32\drivers\netbt.sys
    2017-08-11 05:58 . 2017-09-12 19:12    26112    ----a-w-    c:\windows\system32\drivers\nsiproxy.sys
    2017-07-29 14:56 . 2017-08-09 00:43    117248    ----a-w-    c:\windows\system32\drivers\tdx.sys
    .
    .
    ((((((((((((((((((((((((((   Pontos de Carregamento do Registro   )))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* entradas vazias e legítimas por padrão não são apresentadas.
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\    OneDrive1]
    @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
    [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
    2017-09-21 18:35    2602704    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\    OneDrive2]
    @="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
    [HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
    2017-09-21 18:35    2602704    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\    OneDrive3]
    @="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
    [HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
    2017-09-21 18:35    2602704    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\    OneDrive4]
    @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
    [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
    2017-09-21 18:35    2602704    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\    OneDrive5]
    @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
    [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
    2017-09-21 18:35    2602704    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\    OneDrive6]
    @="{9AA2F32D-362A-42D9-9328-24A483E2CCC3}"
    [HKEY_CLASSES_ROOT\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}]
    2017-09-21 18:35    2602704    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt01]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt02]
    @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
    @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt03]
    @="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt04]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt05]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt06]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt07]
    @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
    @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt08]
    @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
    @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt09]
    @="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt10]
    @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
    @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt01]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt05]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt07]
    @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
    @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt10]
    @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
    @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt04]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt02]
    @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
    @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt06]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   DropboxExt08]
    @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
    @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    285000    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
    "Akamai NetSession Interface"="c:\users\Daniele BR\AppData\Local\Akamai\netsession_win.exe" [2017-09-08 4490200]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "Malwarebytes Anti-Exploit"="c:\program files (x86)\Malwarebytes Anti-Exploit\mbae.exe" [2017-09-18 2480592]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-05 1081224]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginCef]
    2014-07-11 14:46    1718088    ------w-    c:\program files (x86)\GbPlugin\gbiehcef.dll
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute    REG_MULTI_SZ       autocheck autochk *\0PCloudBroom64.exe \systemroot\system32\BroomData.bit
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys;c:\windows\SYSNATIVE\drivers\gbpkm.sys [x]
    R1 gbpddfac;Warsaw File Access svc;c:\windows\system32\drivers\gbpddfac64.sys;c:\windows\SYSNATIVE\drivers\gbpddfac64.sys [x]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
    R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
    R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
    R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
    R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
    R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
    R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
    R3 netr7364;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x]
    R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
    R3 NisSrv;Inspeção de Rede da Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
    R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
    R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
    R3 PTSimHid;PenTablet Simulated HID MiniDriver;c:\windows\system32\DRIVERS\PTSimHid.sys;c:\windows\SYSNATIVE\DRIVERS\PTSimHid.sys [x]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
    R3 RTL8023x64;Driver Realtek 10/100 NIC Family NDIS x64;c:\windows\system32\DRIVERS\Rtnic64.sys;c:\windows\SYSNATIVE\DRIVERS\Rtnic64.sys [x]
    R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
    R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
    R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
    R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
    R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
    R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
    R4 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
    R4 ENAgent;Epson Redirect Agent;c:\windows\SysWOW64\ENAgent.exe;c:\windows\SysWOW64\ENAgent.exe [x]
    R4 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x]
    R4 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [x]
    R4 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
    R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
    S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
    S1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae64.sys;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [x]
    S2 AdAppMgrSvc;Autodesk Desktop App Service;c:\program files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe ;c:\program files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe  [x]
    S2 AGSService;Adobe Genuine Software Integrity Service;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [x]
    S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
    S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
    S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe;c:\program files\Dell\DellDock\DockLogin.exe [x]
    S2 GbpSv;Gbp Service;c:\progra~2\GbPlugin\GbpSv.exe;c:\progra~2\GbPlugin\GbpSv.exe [x]
    S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
    S2 MbaeSvc;Malwarebytes Anti-Exploit Service;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [x]
    S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
    S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
    S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
    S2 WDBackup;WD Backup;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [x]
    S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [x]
    S2 WDRulesService;WD Rules;c:\program files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [x]
    S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
    S3 IntcDAud;Áudio do vídeo Intel(R);c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
    S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
    S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
    S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
    S3 PTSimBus;PenTablet Bus Enumerator;c:\windows\system32\DRIVERS\PTSimBus.sys;c:\windows\SYSNATIVE\DRIVERS\PTSimBus.sys [x]
    S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
    S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
    S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
    S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
    S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
    .
    .
    --- =Outros Serviços/Drivers Na Memória ---
    .
    *Deregistered* - GbFtIn
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
    LocalServiceAndNoImpersonation    REG_MULTI_SZ       SSDPSRV upnphost SCardSvr QWAVE wcncsvc
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
    start [BU]
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
    2017-07-31 22:31    324080    ----a-w-    c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   OneDrive1]
    @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
    [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
    2017-09-21 18:35    2863824    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   OneDrive2]
    @="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
    [HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
    2017-09-21 18:35    2863824    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   OneDrive3]
    @="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
    [HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
    2017-09-21 18:35    2863824    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   OneDrive4]
    @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
    [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
    2017-09-21 18:35    2863824    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   OneDrive5]
    @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
    [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
    2017-09-21 18:35    2863824    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\   OneDrive6]
    @="{9AA2F32D-362A-42D9-9328-24A483E2CCC3}"
    [HKEY_CLASSES_ROOT\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}]
    2017-09-21 18:35    2863824    ----a-w-    c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveBlacklisted]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
    2017-10-09 12:33    775064    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveSynced]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
    2017-10-09 12:33    775064    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveSyncing]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
    2017-10-09 12:33    775064    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
    @="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
    [HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
    2017-08-14 06:48    491600    ----a-w-    c:\program files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
    @="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
    [HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
    2017-08-14 06:48    491600    ----a-w-    c:\program files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
    @="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
    [HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
    2017-08-14 06:48    491600    ----a-w-    c:\program files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    333128    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    333128    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    333128    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2017-09-20 16:36    333128    ----a-w-    c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-09 10060832]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-11-14 1353680]
    "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-10-12 2655520]
    "ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-07-24 1710568]
    .
    ------- Scan Suplementar -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://www.google.com/
    mLocal Page = c:\windows\system32\blank.htm
    uInternet Settings,ProxyOverride = <local>
    IE: Capturar esta página - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
    IE: Capturar favorito - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
    IE: Capturar imagem - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
    IE: Capturar seleção - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
    IE: Capturar URL - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
    IE: Nova nota - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
    Trusted Zone: caixa.gov.br\imagem
    Trusted Zone: caixa.gov.br\imagem2
    Trusted Zone: caixa.gov.br\internetbanking
    Trusted Zone: caixa.gov.br\internetbankingpf
    Trusted Zone: caixa.gov.br\www
    Trusted Zone: google.com\www
    Trusted Zone: google.com.br\www
    Trusted Zone: itau.b.br
    Trusted Zone: itau.b.br\www
    Trusted Zone: itau.com.br
    Trusted Zone: itau.com.br\bankline
    Trusted Zone: itau.com.br\banklineplus
    Trusted Zone: itau.com.br\clickbanking
    Trusted Zone: itau.com.br\guardiao
    Trusted Zone: itau.com.br\internet
    Trusted Zone: itau.com.br\www
    Trusted Zone: itaupersonnalite.com.br\www
    TCP: DhcpNameServer = 177.223.13.43 8.8.8.8
    FF - ProfilePath - c:\users\Daniele BR\AppData\Roaming\Mozilla\Firefox\Profiles\07187q7j.default-1495139530515\
    .
    - - - - ORFÃOS REMOVIDOS - - - -
    .
    Toolbar-Locked - (no file)
    .
    .
    .
    --------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_286_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_286_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker6"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
    @="?????????????????? v1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
    @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
    @="?????????????????? v2"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
    @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
    .
    [HKEY_LOCAL_MACHINE\software\McAfee]
    "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
       00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
    .
    Tempo para conclusão: 2017-10-24  00:21:09
    ComboFix-quarantined-files.txt  2017-10-24 02:21
    ComboFix2.txt  2017-10-17 13:44
    ComboFix3.txt  2013-07-19 05:58
    ComboFix4.txt  2013-07-13 17:30
    .
    Pré-execução: 123.728.228.352 bytes disponíveis
    Pós execução: 123.476.209.664 bytes disponíveis
    .
    - - End Of File - - E04C8B38D3E63263664B3AEC2D8BC6ED
    A36C5E4F47E84449FF07ED3517B43A31

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Cara @danirruas

     

    Faça um novo log com o FRST, porém antes de clicar no botão Examinar, marque a opção Addition.

     

    Anexe os logs, por favor.

     

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Boa noite!!
    Segue o log abaixo.
    Abç!!

    Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 08-10-2017
    Executado por Daniele BR (31-10-2017 17:28:33)
    Executando a partir de C:\Users\Daniele BR\Desktop
    Windows 7 Home Premium Service Pack 1 (X64) (2010-09-04 18:13:43)
    Modo da Inicialização: Normal
    ==========================================================


    ==================== Contas: =============================

    Administrador (S-1-5-21-971680230-1680443159-1465981135-500 - Administrator - Disabled)
    Convidado (S-1-5-21-971680230-1680443159-1465981135-501 - Limited - Enabled)
    Daniele BR (S-1-5-21-971680230-1680443159-1465981135-1000 - Administrator - Enabled) => C:\Users\Daniele BR
    HomeGroupUser$ (S-1-5-21-971680230-1680443159-1465981135-1005 - Limited - Enabled)

    ==================== Central de Segurança ========================

    (Se uma entrada for incluída na fixlist, será removida.)

    AV: Microsoft Security Essentials (Disabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
    AS: Microsoft Security Essentials (Disabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Programas Instalados ======================

    (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

    ACA & MEP 2018 Object Enabler (HKLM\...\{28B89EEF-1004-0000-5102-CF3F3A09B77D}) (Version: 8.0.40.0 - Autodesk) Hidden
    ACAD Private (HKLM\...\{28B89EEF-1001-0000-3102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
    Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19530 - Adobe Systems Incorporated)
    Adobe Anchor Service x64 CS4 (HKLM\...\{887797BF-37A5-4199-B0C9-0D38D6196E9A}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe CMaps x64 CS4 (HKLM\...\{90BA8112-80B3-4617-A3C1-BD2771B60F74}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.2.0.211 - Adobe Systems Incorporated)
    Adobe CSI CS4 x64 (HKLM\...\{8DAA31EB-6830-4006-A99F-4DF8AB24714F}) (Version: 1 - Adobe Systems Incorporated) Hidden
    Adobe Drive CS4 x64 (HKLM\...\{A3454894-144A-4D80-B605-C128FE0D7329}) (Version: 1 - Adobe Systems Incorporated) Hidden
    Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
    Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
    Adobe Fonts All x64 (HKLM\...\{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe Linguistics CS4 x64 (HKLM\...\{8875A1C0-6308-4790-8CF6-D34E89880052}) (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
    Adobe PDF Library Files x64 CS4 (HKLM\...\{DFFABE78-8173-4E97-9C5C-22FB26192FC5}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
    Adobe Photoshop CS4 (64 Bit) (HKLM\...\{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
    Adobe Photoshop CS4 (HKLM-x32\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
    Adobe Type Support x64 CS4 (HKLM\...\{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
    Adobe WinSoft Linguistics Plugin x64 (HKLM\...\{295CFB7C-A57E-4313-93E7-68E7CE1D0332}) (Version: 1.1 - Adobe Systems Incorporated) Hidden
    Akamai NetSession Interface (HKU\S-1-5-21-971680230-1680443159-1465981135-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
    AMCap (HKLM-x32\...\AMCap) (Version: 9.20.132.2 - Noël Danjou)
    AMR Converter Pro (HKLM-x32\...\{3651C800-6E7A-47E1-AEAD-ACF68509BF8D}) (Version: 4.0 - Mystik Media) Hidden
    AMR Converter Pro (HKU\S-1-5-21-971680230-1680443159-1465981135-1000\...\AMR Converter Pro) (Version:  - Mystik Media)
    Analysis Bio (HKLM-x32\...\{BFF9F0B5-F673-4865-9DBD-B00938D9360F}) (Version: 2.2.0 - LabEEE - UFSC)
    Analysis CST (HKLM-x32\...\{6866461E-1F1B-4A2E-87C9-DF2B15FE8386}) (Version: 2.10.0000 - LabEEE - UFSC)
    Aplicativo da área de trabalho Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.6.378 - Autodesk)
    Arquivo do WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
    Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version:  - Microsoft)
    Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version:  - Microsoft)
    Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version:  - Microsoft)
    Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version:  - Microsoft)
    Atualizações da NVIDIA 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.5.15.54 - NVIDIA Corporation)
    AutoCAD 2006 - English (HKLM-x32\...\{5783F2D7-4001-0409-0002-0060B0CE6BBA}) (Version: 16.2.54.10 - Autodesk)
    AutoCAD 2011 - English (HKLM\...\{5783F2D7-9001-0409-0102-0060B0CE6BBA}) (Version: 18.1.49.0 - Autodesk) Hidden
    AutoCAD 2011 - English (HKLM\...\AutoCAD 2011 - English) (Version: 18.1.49.0 - Autodesk)
    AutoCAD 2011 Language Pack - English (HKLM\...\{5783F2D7-9001-0409-1102-0060B0CE6BBA}) (Version: 18.1.49.0 - Autodesk) Hidden
    AutoCAD 2018 - English (HKLM\...\{28B89EEF-1001-0409-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
    AutoCAD 2018 (HKLM\...\{28B89EEF-1001-0000-0102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
    AutoCAD 2018 Language Pack - English (HKLM\...\{28B89EEF-1001-0409-1102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
    AutoCAD Architecture 2014 - English (HKLM\...\{5783F2D7-D004-0000-0102-0060B0CE6BBA}) (Version: 7.5.17.0 - Autodesk) Hidden
    AutoCAD Architecture 2014 - English (HKLM\...\{5783F2D7-D004-0409-2102-0060B0CE6BBA}) (Version: 7.5.17.0 - Autodesk) Hidden
    AutoCAD Architecture 2014 Language Pack - English (HKLM\...\{5783F2D7-D004-0409-1102-0060B0CE6BBA}) (Version: 7.5.17.0 - Autodesk) Hidden
    Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
    Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
    Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
    Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
    Autodesk AutoCAD 2018 - English (HKLM\...\AutoCAD 2018 - English) (Version: 22.0.49.0 - Autodesk)
    Autodesk AutoCAD Architecture 2014 - English (HKLM\...\AutoCAD Architecture 2014 - English) (Version: 7.5.17.0 - Autodesk)
    Autodesk Content Service (HKLM-x32\...\{62F029AB-85F2-0000-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden
    Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
    Autodesk Content Service Language Pack (HKLM-x32\...\{62F029AB-85F2-0001-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden
    Autodesk Design Review 2011 (HKLM-x32\...\{8D20B4D7-3422-4099-9332-39F27E617A6F}) (Version: 11.0.0.86 - Autodesk, Inc.) Hidden
    Autodesk Design Review 2011 (HKLM-x32\...\Autodesk Design Review 2011) (Version: 11.0.0.86 - Autodesk, Inc.)
    Autodesk DWF Viewer (HKLM-x32\...\Autodesk DWF Viewer) (Version: 5.1 - Autodesk, Inc.)
    Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
    Autodesk License Service (x64) - 5.1.4 (HKLM\...\{3609A8D9-FC0C-4C9B-9F58-0B1D1A4FE556}) (Version: 5.1.4.0 - Autodesk)
    Autodesk Material Library 2011 Base Image library (HKLM-x32\...\{CD1E078C-A6B9-47DA-B035-6365C85C7832}) (Version: 2.0.0.49 - Autodesk)
    Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
    Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
    Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
    Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
    Central de Mouse e Teclado da Microsoft (HKLM\...\{23D2AFC7-C01E-4413-9D9A-0BABF52569BF}) (Version: 2.3.188.0 - Microsoft Corporation) Hidden
    Central de Mouse e Teclado da Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
    Connect (HKLM-x32\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
    D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
    Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version:  - Dell)
    Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.40 - Dell)
    Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.2.0011 - Dell, Inc.)
    Dell Dock (HKLM\...\{C73A3942-84C8-4597-9F9B-EE227DCBA758}) (Version: 2.0 - Stardock Corporation) Hidden
    Dell Dock (HKLM-x32\...\Dell Dock) (Version:  - Stardock Corporation)
    Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
    Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
    Dell Support Center (Software de Suporte) (HKLM-x32\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.5.09100 - Dell)
    DirectXInstallService (HKLM-x32\...\{098122AB-C605-4853-B441-C0A4EB359B75}) (Version: 9.0.2 - Roxio) Hidden
    Dropbox (HKU\S-1-5-21-971680230-1680443159-1465981135-1000\...\Dropbox) (Version: 35.4.20 - Dropbox, Inc.)
    EMC 10 Content (HKLM-x32\...\{FDB46DE7-9045-47BB-970A-3E4ED5369E03}) (Version: 1.0.035 - Roxo, Inc.) Hidden
    EMCGadgets64 (HKLM\...\{02AD9D20-03D2-4DE0-8793-E8253026AD86}) (Version: 1.0.302 - Nome de sua empresa:) Hidden
    Epson Easy Photo Print Plug-in for Windows Live Photo Gallery (HKLM-x32\...\EEPPPlugIn) (Version:  - SEIKO EPSON Corporation)
    Epson Easy Photo Print Plug-in for Windows Live Photo Gallery Setup (HKLM-x32\...\{7B7044AE-6D1F-456D-B2BA-28BFFFAF3F71}) (Version: 1.00.0000 - SEIKO EPSON Corporation) Hidden
    Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
    Evernote v. 5.9.1 (HKLM-x32\...\{5EA1DED0-5285-11E5-8AA1-0050569584E9}) (Version: 5.9.1.8742 - Evernote Corp.)
    Ferramenta de Carregamento do Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
    Google Drive (HKLM-x32\...\{AC117AF9-316B-4E1D-959E-F0EB85B0DC5F}) (Version: 2.34.7100.0000 - Google, Inc.)
    Google Earth (HKLM-x32\...\{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}) (Version: 4.3.7204.836 - Google)
    Google Earth Pro (HKLM-x32\...\{DE706580-82C7-4B1A-ABA4-EA48AC15B045}) (Version: 7.1.8.3036 - Google)
    Google SketchUp 6 (HKLM-x32\...\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}) (Version: 6.4.247 - Google) Hidden
    Google SketchUp 6 (HKLM-x32\...\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}) (Version: 6.0.01611 - Google)
    Google SketchUp Pro 8 (HKLM-x32\...\{E0A160F1-127B-43AC-AF96-EBB6319B01C7}) (Version: 3.0.4811 - Google, Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
    Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
    IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2012) (Version: 1.0 - Receita Federal do Brasil)
    IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2013) (Version: 1.2 - Receita Federal do Brasil)
    IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2015) (Version: 1.2 - Receita Federal do Brasil)
    IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2016) (Version: 1.2 - Receita Federal do Brasil)
    IRPF2017 (HKLM-x32\...\IRPF2017) (Version: 1.1 - Receita Federal do Brasil)
    Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
    Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
    Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    kuler (HKLM-x32\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
    Malwarebytes Anti-Exploit version 1.10.1.41 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.10.1.41 - Malwarebytes)
    Malwarebytes Anti-Malware versão 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
    McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
    Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
    Microsoft .NET Framework 4.7 (Português (Brasil)) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.7.02053 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
    Microsoft Office com Clique para Executar 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Starter 2010 - Português (Brasil) (HKLM-x32\...\{90140011-0066-0416-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-971680230-1680443159-1465981135-1000\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
    Mozilla Firefox 56.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 56.0 (x86 pt-BR)) (Version: 56.0 - Mozilla)
    Mozilla Firefox 56.0.2 (x64 pt-BR) (HKU\S-1-5-21-971680230-1680443159-1465981135-1000\...\Mozilla Firefox 56.0.2 (x64 pt-BR)) (Version: 56.0.2 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.2.6333 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    NVIDIA Driver de áudio HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
    NVIDIA Driver de controle do 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
    NVIDIA Driver de gráficos 320.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.78 - NVIDIA Corporation)
    NVIDIA Driver do 3D Vision 320.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.78 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
    NVIDIA Software do sistema PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
    Painel de controle da NVIDIA 320.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 320.78 - NVIDIA Corporation) Hidden
    PDF Settings CS4 (HKLM-x32\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
    Photoshop Camera Raw (HKLM-x32\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
    Photoshop Camera Raw_x64 (HKLM\...\{2D74E972-5A85-44DC-9193-8A302BA8C181}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
    PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.6029 - CyberLink Corp.)
    QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6043 - Realtek Semiconductor Corp.)
    Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados)
    Roxio Easy CD and DVD Burning (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)
    Roxio File Backup (HKLM\...\{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}) (Version: 1.3.0 - Roxio) Hidden
    Saraiva Reader ALPHA_7RC11b169 (HKLM-x32\...\8505-5699-0960-8592) (Version: ALPHA_7RC11b169 - Saraiva e Siciliano S.A.)
    Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
    SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.500 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
    SketchUp 2013 (HKLM-x32\...\{E74C0D09-8730-4714-8C6F-019FBF7F1B42}) (Version: 13.0.3689 - Trimble Navigation Limited)
    SketchUp 2017 (HKLM\...\{E59BD84C-169B-4F3F-AC5D-85127CF67051}) (Version: 17.2.2555 - Trimble, Inc.)
    SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
    Skype™ 7.23 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.23.105 - Skype Technologies S.A.)
    Sonic CinePlayer Decoder Pack (HKLM-x32\...\{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}) (Version: 4.3.0 - Sonic Solutions) Hidden
    Suite Shared Configuration CS4 (HKLM-x32\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
    USB Scanner (HKLM-x32\...\{5D6D977D-412E-4B19-9986-5C13EB00B22F}) (Version:  v.2.0.0 - )
    VD64Inst (HKLM\...\{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}) (Version: 1.00.0000 - Roxio, Inc.) Hidden
    VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
    WD Drive Utilities (HKLM-x32\...\{439A51F7-84B1-4603-BEC8-647EB2AC307F}) (Version: 1.0.1.5 - Western Digital)
    WD Security (HKLM-x32\...\{8172B41A-9BB5-4A64-BF28-1FB5FE43C3FF}) (Version: 1.0.1.5 - Western Digital)
    WD SmartWare (HKLM\...\{22A51951-1F45-4C8A-B888-306527F9C45F}) (Version: 1.6.2.6 - Western Digital)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
    Windows Live Sync (HKLM-x32\...\{2DF215E0-BD3C-4C98-8616-AFEF09747285}) (Version: 14.0.8117.416 - Microsoft Corporation)

    ==================== Exame Personalizado CLSID (Whitelisted): ==========================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCad 2018\AutoCAD 2018\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCad 2018\AutoCAD 2018\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCad 2018\AutoCAD 2018\en-US\acadficn.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
    CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-10-09] (Google)
    ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-10-09] (Google)
    ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-10-09] (Google)
    ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] ()
    ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] ()
    ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] ()
    ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc.)
    ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] ()
    ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk)
    ContextMenuHandlers1-x32: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => c:\Program Files (x86)\Common Files\Autodesk Shared\DWF Common\DWFShellExtension.dll [2010-01-11] (Autodesk, Inc.)
    ContextMenuHandlers1-x32: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
    ContextMenuHandlers1-x32: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-10-09] (Google)
    ContextMenuHandlers1-x32: [RXDCExtSvr] -> {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C} => c:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll [2009-06-26] (Sonic Solutions)
    ContextMenuHandlers1-x32: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2012-06-14] (Western Digital)
    ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
    ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
    ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2012-06-14] (Western Digital)
    ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
    ContextMenuHandlers2: [RXDCExtSvr] -> {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C} => c:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll [2009-06-26] (Sonic Solutions)
    ContextMenuHandlers2: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
    ContextMenuHandlers3: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
    ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
    ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-10-09] (Google)
    ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
    ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-08-09] (NVIDIA Corporation)
    ContextMenuHandlers5: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
    ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] ()
    ContextMenuHandlers6: [RXDCExtSvr] -> {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C} => c:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll [2009-06-26] (Sonic Solutions)
    ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2012-06-14] (Western Digital)
    ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
    ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
    ContextMenuHandlers1_S-1-5-21-971680230-1680443159-1465981135-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
    ContextMenuHandlers4_S-1-5-21-971680230-1680443159-1465981135-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
    ContextMenuHandlers5_S-1-5-21-971680230-1680443159-1465981135-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)

    ==================== Tarefas Agendadas (Whitelisted) =============

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    Task: {01D0B934-D7FC-442A-BD58-31AAA9C84C67} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {02F9497B-2769-4DDB-8AD9-E952A6D2A307} - System32\Tasks\{FF6CC4C8-486B-469E-8C96-830EA0A73536} => C:\Windows\system32\pcalua.exe -a "C:\Users\Daniele BR\Downloads\bankerfix.exe" -d "C:\Users\Daniele BR\Downloads"
    Task: {08BE90CA-F87B-496D-98D4-A7F17A5FD0FB} - System32\Tasks\{2321CE59-C648-4B1B-9C66-5F295171DDAD} => C:\Windows\system32\pcalua.exe -a "F:\INSTALADORES\INSTALADORES DANI\pdfMachine1105EN.exe" -d "F:\INSTALADORES\INSTALADORES DANI"
    Task: {110050EC-E9DA-402E-AEE5-520E4454B5D4} - System32\Tasks\{D6AC7C97-9035-42B6-B701-088A999C5FEE} => C:\Program Files (x86)\Leadership\GOTEC 6760-1\Scanutl.exe [2006-05-09] (Plustek Inc)
    Task: {15DFE892-0F5A-490B-B275-F8934288BA29} - System32\Tasks\{75FDDAE2-0B17-4C8F-B99E-FB157990DE95} => C:\Windows\system32\pcalua.exe -a D:\Setupx.exe -d D:\
    Task: {2BA08EF6-67D3-4A9A-9F4A-EE89A114F30C} - System32\Tasks\{2DF61602-0DC9-4178-9B74-227CDADBE224} => C:\Windows\system32\pcalua.exe -a "C:\Users\Daniele BR\Downloads\activescan2_pt.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
    Task: {2CA05528-511F-481E-B87C-F7E2D9668343} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
    Task: {30472F3B-C25A-4766-B94E-2EFB9F57A84A} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {3C0FA1CA-0A9E-4438-AC3E-3C0B31F9B87B} - System32\Tasks\{93E99327-457D-4FFE-9C3B-A39F5D38378E} => C:\Windows\system32\pcalua.exe -a "C:\Users\Daniele BR\Downloads\Canon - driver e programa\Easy Web Print\ewpwin263en\Setup.exe" -d "C:\Users\Daniele BR\Downloads\Canon - driver e programa\Easy Web Print\ewpwin263en"
    Task: {3E9FF288-3708-46AB-B25F-885FE2147903} - System32\Tasks\{F99F357C-EA42-4AEF-9DD1-510BC00B4F1E} => C:\Windows\system32\pcalua.exe -a D:\Setup.exe -d D:\
    Task: {5D820E97-F5D1-4C4E-8D35-41F3CBBF1D20} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {5FA8F18B-D3A7-4C0B-98A3-D1B7D759F428} - System32\Tasks\{5F16FAD4-B996-4D92-BEE7-027D58C2BD63} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Leadership\GOTEC 6760-1\Scanutl.exe"
    Task: {60076A4C-1E93-4F41-B31C-B3B571BAD840} - System32\Tasks\{69819135-E9C6-4B7D-8581-FCF99C8666E0} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Leadership\GOTEC 6760-1\AM32.exe"
    Task: {609ABB7C-6CA7-4989-8F68-E135A3F69B02} - System32\Tasks\{E3BD104F-ABAA-4E98-83BD-83CB3BA429D7} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Epson Software\Common\Easy Photo Print Plugin\WLPG_E\EPPUNINS.EXE" -c /R
    Task: {71244483-03E4-4937-95A2-CB06306B2172} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-13] (Adobe Systems Incorporated)
    Task: {7185BA1F-3A80-4B43-B3C8-A6DC95887DAB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
    Task: {7570F179-2E7B-4473-A2BF-9978C6D2BD36} - System32\Tasks\{33063E80-2BD3-4682-A8FA-67DF783F1604} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Citrix\GoToAssist\514\G2AUninstaller.exe" -c /uninstall
    Task: {84462BA5-3D94-4EB0-A730-85FB6F9553B6} - System32\Tasks\{73A5ECC5-0A04-4F82-96C9-B88D1893568C} => C:\Program Files (x86)\Leadership\GOTEC 6760-1\Scanutl.exe [2006-05-09] (Plustek Inc)
    Task: {88A47CF5-7F96-4B73-8441-A97E12AE570C} - System32\Tasks\{33821288-2519-472F-BDAD-B6E8B82AE785} => C:\Windows\system32\pcalua.exe -a "K:\VIVO INTERNET\Setup.exe" -d "K:\VIVO INTERNET"
    Task: {92326E57-AC5D-4CC6-8176-601DC3A47065} - System32\Tasks\{DC89E10B-B2CB-4C44-98E6-23AED40A5054} => C:\Windows\system32\pcalua.exe -a "F:\BIBLIOTECA 2009 a 2011\Blocos\blocosANTIGOS\Louças_Ravena.exe" -d "F:\BIBLIOTECA 2009 a 2011\Blocos\blocosANTIGOS"
    Task: {93EF5B27-D8BC-48DA-8503-37091DAC837D} - System32\Tasks\{120E81F7-AEA7-4C1F-B6E8-8BA651A63C1D} => C:\Windows\system32\pcalua.exe -a "C:\Users\Daniele BR\Downloads\Scanner 6760-1 Go Tec\Setup.exe" -d "C:\Users\Daniele BR\Downloads\Scanner 6760-1 Go Tec"
    Task: {B2A91601-65FF-47E4-BAEF-2C3A3A3846CD} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
    Task: {B790E836-F517-46B4-A5CB-2C48811016DB} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {BE04446D-033C-4DE2-942D-927D82A14744} - System32\Tasks\AdobeAAMUpdater-1.0-PC-PROGRAMAS-Daniele BR => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
    Task: {C0AA7F19-C934-4049-A50D-EF84EE873356} - System32\Tasks\{8CA8BD32-C810-47AC-8F24-E465FCB4B012} => C:\Program Files (x86)\Leadership\GOTEC 6760-1\Scanutl.exe [2006-05-09] (Plustek Inc)
    Task: {D379D9A9-A2B7-4000-9A42-A34B8E56638B} - System32\Tasks\{D44A97D3-319C-48AB-85B6-0EAF717DA10B} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{5265664F-6128-405C-9225-9782A85954FD}\Setup.exe"
    Task: {D48C8BCB-6FA4-41D2-BAB7-5B0D0BF55462} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
    Task: {D5F08F74-7A0F-4734-9906-283212B36CC0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-20] (Adobe Systems Incorporated)
    Task: {DCC68E83-A595-4F46-AC1B-B1BCEE1F398F} - System32\Tasks\{14A243C9-5D89-4D77-A770-BB342FEB1058} => C:\Program Files (x86)\Leadership\GOTEC 6760-1\AM32.exe [2006-05-26] ()
    Task: {DD350046-BF85-4503-A700-D698503E05F0} - System32\Tasks\{63077E9F-538E-4CDD-9FD2-8625FCD182D8} => C:\Windows\system32\pcalua.exe -a "C:\Users\Daniele BR\Downloads\Br office\BrOOo_3.2.1_Win_x86_install_pt-BR.exe" -d "C:\Users\Daniele BR\Downloads\Br office"
    Task: {E1F548A4-D84A-496A-80B7-3096304D23C8} - System32\Tasks\{9A751EE7-0FD6-488D-9F55-FC7B76AB9432} => C:\Windows\system32\pcalua.exe -a "C:\Users\Daniele BR\Downloads\BrOOo_3.2.1_Win_x86_install_pt-BR.exe" -d "C:\Users\Daniele BR\Downloads"
    Task: {E7D02A94-A845-421C-81E3-0C17916FFD86} - System32\Tasks\{7D7E96BD-DDFA-4B85-9CD0-EF2B241FCE21} => C:\Program Files (x86)\Leadership\GOTEC 6760-1\AM32.exe [2006-05-26] ()

    (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)


    ==================== Atalhos & WMI ========================

    (As entradas podem ser listadas para serem restauradas ou removidas.)


    ==================== Módulos Carregados (Whitelisted) ==============

    2015-07-27 08:33 - 2013-08-09 18:07 - 000087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2017-08-14 04:48 - 2017-08-14 04:48 - 000491600 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll
    2011-04-30 01:23 - 2011-04-30 01:23 - 000125376 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axutil.dll
    2011-04-30 01:23 - 2011-04-30 01:23 - 000385984 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axis2_engine.dll
    2011-04-30 01:23 - 2011-04-30 01:23 - 000158144 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axiom.dll
    2011-04-30 01:23 - 2011-04-30 01:23 - 000034752 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axis2_parser.dll
    2011-04-30 01:27 - 2011-04-30 01:27 - 001315264 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\libxml2.dll
    2011-04-30 01:23 - 2011-04-30 01:23 - 000103360 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\neethi.dll
    2011-04-30 01:23 - 2011-04-30 01:23 - 000046528 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axis2_http_sender.dll
    2011-04-30 01:23 - 2011-04-30 01:23 - 000021440 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axis2_http_receiver.dll
    2011-04-30 01:23 - 2011-04-30 01:23 - 000032192 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\modules\addressing\axis2_mod_addr.dll
    2011-04-30 01:23 - 2011-04-30 01:23 - 000014784 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\modules\logging\axis2_mod_log.dll
    2017-09-25 15:55 - 2017-06-15 12:16 - 000061944 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll
    2017-09-25 15:55 - 2017-06-15 12:15 - 000110584 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll
    2015-07-30 15:01 - 2015-10-12 01:05 - 000013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (Se uma entrada for incluída na fixlist, somente o ADS será removido.)

    AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
    AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
    AlternateDataStreams: C:\Windows\System32:4CFA1FB0_Cef.gbp [2]
    AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
    AlternateDataStreams: C:\Users\Todos os Usuários\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]

    ==================== Modo de Segurança (Whitelisted) ===================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

    ==================== Associação (Whitelisted) ===============

    (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)

    HKU\S-1-5-21-971680230-1680443159-1465981135-1000\Software\Classes\.scr: AutoCADScriptFile => "C:\Windows\SysWOW64\notepad.exe" "%1"

    ==================== Internet Explorer confiável/restrito ===============

    (Se uma entrada for incluída na fixlist, será removida do Registro.)

    IE trusted site: HKU\S-1-5-21-971680230-1680443159-1465981135-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
    IE trusted site: HKU\S-1-5-21-971680230-1680443159-1465981135-1000\...\google.com -> www.google.com
    IE trusted site: HKU\S-1-5-21-971680230-1680443159-1465981135-1000\...\google.com.br -> www.google.com.br
    IE trusted site: HKU\S-1-5-21-971680230-1680443159-1465981135-1000\...\itau.b.br -> www.itau.b.br
    IE trusted site: HKU\S-1-5-21-971680230-1680443159-1465981135-1000\...\itau.com.br -> bankline.itau.com.br
    IE trusted site: HKU\S-1-5-21-971680230-1680443159-1465981135-1000\...\itau.com.br -> hxxps://bankline.itau.com.br
    IE trusted site: HKU\S-1-5-21-971680230-1680443159-1465981135-1000\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br
    IE trusted site: HKU\S-1-5-21-971680230-1680443159-1465981135-1000\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br

    ==================== Hosts Conteúdo: ===============================

    (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

    2009-07-14 00:34 - 2017-10-17 11:30 - 000000027 ____N C:\Windows\system32\Drivers\etc\hosts

    127.0.0.1       localhost

    ==================== Outras Áreas ============================

    (Atualmente não há nenhuma correção automática para esta seção.)

    HKU\S-1-5-21-971680230-1680443159-1465981135-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Daniele BR\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 177.223.13.43 - 8.8.8.8
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Firewall do Windows está habilitado.

    ==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

    MSCONFIG\Services: ABBYY.Licensing.FineReader.Sprint.9.0 => 2
    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
    MSCONFIG\Services: AdobeUpdateService => 2
    MSCONFIG\Services: Autodesk Content Service => 2
    MSCONFIG\Services: Autodesk Licensing Service => 3
    MSCONFIG\Services: AxInstSV => 3
    MSCONFIG\Services: ENAgent => 2
    MSCONFIG\Services: EpsonCustomerParticipation => 2
    MSCONFIG\Services: FLEXnet Licensing Service => 3
    MSCONFIG\Services: FLEXnet Licensing Service 64 => 3
    MSCONFIG\Services: gupdate => 2
    MSCONFIG\Services: gupdatem => 3
    MSCONFIG\Services: HomeNetSvc => 2
    MSCONFIG\Services: McAPExe => 2
    MSCONFIG\Services: McComponentHostService => 3
    MSCONFIG\Services: McMPFSvc => 2
    MSCONFIG\Services: McNaiAnn => 2
    MSCONFIG\Services: McODS => 3
    MSCONFIG\Services: mcpltsvc => 2
    MSCONFIG\Services: McProxy => 2
    MSCONFIG\Services: MozillaMaintenance => 3
    MSCONFIG\Services: MSK80Service => 2
    MSCONFIG\Services: RoxMediaDB10 => 3
    MSCONFIG\Services: SENS => 2
    MSCONFIG\Services: SftService => 2
    MSCONFIG\Services: SkypeUpdate => 2
    MSCONFIG\Services: WinTabService => 2
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Action Manager 32.lnk => C:\Windows\pss\Action Manager 32.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AutoCAD Startup Accelerator.lnk => C:\Windows\pss\AutoCAD Startup Accelerator.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^Users^Daniele BR^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BrOffice.org 3.2.lnk => C:\Windows\pss\BrOffice.org 3.2.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^Daniele BR^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dell Dock.lnk => C:\Windows\pss\Dell Dock.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^Daniele BR^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\Windows\pss\EvernoteClipper.lnk.Startup
    MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
    MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
    MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    MSCONFIG\startupreg: Autodesk Desktop App => "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
    MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
    MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
    MSCONFIG\startupreg: Dell DataSafe Online => "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
    MSCONFIG\startupreg: DellSupportCenter => "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    MSCONFIG\startupreg: Dropbox Update => "C:\Users\Daniele BR\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
    MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
    MSCONFIG\startupreg: EPLTarget =>
    MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
    MSCONFIG\startupreg: LogMeIn GUI => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
    MSCONFIG\startupreg: Malwarebytes Anti-Exploit => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
    MSCONFIG\startupreg: mcpltui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    MSCONFIG\startupreg: OneDrive => "C:\Users\Daniele BR\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
    MSCONFIG\startupreg: PDVDDXSrv => "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
    MSCONFIG\startupreg: PopDeals => C:\Program Files\PopDeals\PopDeals.exe
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    MSCONFIG\startupreg: WD Drive Unlocker => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
    MSCONFIG\startupreg: WD Quick View => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
    MSCONFIG\startupreg: WTClient => WTClient.exe

    ==================== Regras do Firewall (Whitelisted) ===============

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    FirewallRules: [{01864BE4-FA84-4BE1-ACD9-5A0E02C7FD57}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD DX\PowerDVD.exe
    FirewallRules: [{87861224-1E97-484F-9F89-CED42536095E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    FirewallRules: [{61C296DF-9D2F-470B-9891-678862279219}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{019A3D08-A2ED-4C14-9439-02F52AC971A3}] => (Allow) C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
    FirewallRules: [{B631257C-A2C6-4356-B932-AF476634CE89}] => (Allow) C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
    FirewallRules: [TCP Query User{7A084483-2F1B-4482-9CBF-C7B779E51257}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [UDP Query User{7D061925-A91D-4BD7-B1E2-44586F2CB24C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [{C3245DD2-88AE-455F-9A06-2871CF079AEB}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
    FirewallRules: [{B9A93498-EA23-47F0-AA01-E565ED237D91}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
    FirewallRules: [{1715BF78-2CC7-40ED-B7F7-7EAA61FF465B}] => (Allow) C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
    FirewallRules: [{C5FF3214-9D8A-449B-89B0-C2C1703127F5}] => (Allow) C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
    FirewallRules: [{1C43447B-8951-4D35-B1B4-01C022D9EC04}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{C80074B3-4231-449C-9038-D493C3032081}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{E9B579A5-6477-4D75-AF16-9911D5F52C49}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{AEB2A1C5-30DE-4A7F-8A65-9F4C1D50127E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{D01958EE-E023-4754-BA81-DFE32BD0F6E0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{DD57AC63-6394-49F5-9AC0-59416A8911FF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{ADE4D051-78A1-47C3-BAF7-B906C78F925A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{C9464468-4F7C-4CFD-B74C-6B37266C45BA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{193FDC4F-2C24-4456-A7CB-5CD1EC046409}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{AAA27247-7DE1-4E4B-A987-11C05123BE23}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{FA951CC7-DB9A-4A95-98A4-62D248E774EE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{455256B3-F6D9-4CED-AE3B-FB525AF98BCF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{9C7DEAFE-60BD-4108-AE26-565F20FCEDA4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{E2BCEE37-57D7-4098-BBCD-370C1EB08179}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{E24E0122-A319-431C-94FF-D0426338B42A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{CC3700B1-17A8-4608-9C67-EF1CF9253E44}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{435F58E2-D9AB-4508-BE24-85771EC995D7}] => (Allow) C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
    FirewallRules: [{67A88720-B931-4333-BF58-7EE297CB68FB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{EF97ADCE-0950-4920-AE69-994DEA56EB43}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{B962238E-AE97-4CE3-826B-7CA70257C9DF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{CDBBAE9A-1240-484B-B1EB-F67160056E92}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{40FC6C1E-FC6F-41E6-9D3E-8E5A7F9CCE3C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{9D9605E5-0683-40CF-AF59-137ED376AF72}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{9DCF9FB8-3D71-4847-92B1-BA56229EE2A7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{AA0621EA-044F-4436-953F-1348BAF72121}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{3A0AC7A5-5662-4D17-90C4-9435D0047642}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{5A747A7C-CF39-446E-BAEB-FCF54D6F98EF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{B65B707F-7D79-4C09-BC66-3730BD358838}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{DEFD744C-FF2C-490D-8563-56CF625A9CA2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{62B173D1-F722-4575-8296-3F3D4644F59D}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    FirewallRules: [{FC59ED81-42DB-448B-B8AF-D4970B314667}] => (Allow) svchost.exe
    FirewallRules: [{1C4EFE22-4A82-44AA-B833-AAB98C972E49}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
    FirewallRules: [{34FD7E5E-9474-4354-B8B4-349D118DFC3A}] => (Allow) LPort=49162
    FirewallRules: [{AA4AAA34-3804-46F3-B1A9-04D9D5F821C0}] => (Allow) LPort=5000
    FirewallRules: [{C51D7819-080C-4BF0-BA5D-3EFDE2E37090}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{BBED15DD-BCEC-451E-8629-A4F1D05A41C7}] => (Allow) LPort=2869
    FirewallRules: [{6CBC14BD-CBC4-4686-AC00-449A3AD7D815}] => (Allow) LPort=1900
    FirewallRules: [{96A4D9C8-91DD-44C9-A634-A0BF3A83519D}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
    FirewallRules: [{09D85027-F6FD-43C9-A709-B7CC10C870E8}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
    FirewallRules: [TCP Query User{C011CC3E-540F-4BB3-AC47-99F2ED8964FE}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
    FirewallRules: [UDP Query User{438F280E-6315-43EF-9643-F51A9B7C85D4}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
    FirewallRules: [{0513FD6A-7F47-489B-A700-5CCE6581AE4A}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
    FirewallRules: [{B3E7C989-7208-4DE3-98D5-A52890210F24}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
    FirewallRules: [{5FDC9B52-251A-4230-B37F-7004B217541C}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
    FirewallRules: [{98205EA5-838E-472F-BE25-4B8A92FC20FB}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
    FirewallRules: [TCP Query User{2D78E6F3-FEA0-43D1-9184-924CCB8BE329}C:\users\daniele br\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\daniele br\appdata\roaming\dropbox\bin\dropbox.exe
    FirewallRules: [UDP Query User{AC450875-4B49-496F-8732-10979FC4C1A2}C:\users\daniele br\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\daniele br\appdata\roaming\dropbox\bin\dropbox.exe
    FirewallRules: [{7166C624-E612-4343-932B-0EDBBCEAF9B9}] => (Allow) C:\Users\Daniele BR\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    FirewallRules: [TCP Query User{8F35567C-C01C-46C6-A0EF-F24BB70239FF}C:\program files (x86)\google\google sketchup 8\sketchup.exe] => (Block) C:\program files (x86)\google\google sketchup 8\sketchup.exe
    FirewallRules: [UDP Query User{AF73DBB8-0BD7-4942-8EC0-A72AABA2C1C1}C:\program files (x86)\google\google sketchup 8\sketchup.exe] => (Block) C:\program files (x86)\google\google sketchup 8\sketchup.exe
    FirewallRules: [{B3160350-82B9-437A-89ED-EFED7AA7EFF4}] => (Allow) C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\Dropbox.exe
    FirewallRules: [{7F184B91-44D8-4D93-80CC-935CE612450B}] => (Allow) C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\Dropbox.exe
    FirewallRules: [TCP Query User{01C1DF5B-5F1C-4DE4-A98E-E518DF00B1BD}C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe] => (Allow) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe
    FirewallRules: [UDP Query User{D26996EA-315F-42BF-913F-F2875789AECC}C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe] => (Allow) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe
    FirewallRules: [TCP Query User{F2812ADA-CBB5-43C4-8125-607469F5F0E5}C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe] => (Block) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe
    FirewallRules: [UDP Query User{B741F423-EB14-4F96-985F-2769B78B0836}C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe] => (Block) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe
    FirewallRules: [{A32CFABC-DE54-476E-A7D0-49CF49038830}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{6B7ADF3B-6894-49CE-92DA-40A0ED677C3A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{A0EB8D4C-311D-41A4-B02F-C7E21D096A47}] => (Allow) LPort=5353
    FirewallRules: [{39951325-7B66-4ED7-A0AC-9852621A5B59}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
    FirewallRules: [{C7782A3A-D3EB-4DE7-A149-2ACA1ECAF5C8}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
    FirewallRules: [TCP Query User{AA623F49-669A-416D-94ED-BA84E3586443}C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2015.exe] => (Allow) C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2015.exe
    FirewallRules: [UDP Query User{B3A2269A-061B-4AD2-916F-61551D5AABA1}C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2015.exe] => (Allow) C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2015.exe
    FirewallRules: [{065EDAC9-3662-4DE3-BA31-E7D5DE6C5B87}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{5B48782A-EF5E-4E50-9AD8-1146B58807C5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{2C95D396-1432-44F2-9174-106621FC811E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    FirewallRules: [{E20830C2-94B4-4860-BAF0-F0ED8B1A5FA3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    FirewallRules: [{DC5A8A1B-D19A-4F08-9DCA-3C3EB9FB474D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
    FirewallRules: [{120443FE-E750-4D3D-B629-10C65D1AA13F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{871EC78E-1504-4B36-9499-2A58D59D9389}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{75621B04-F160-4B7C-A44B-C33381FECC89}] => (Allow) LPort=50248
    FirewallRules: [TCP Query User{7B9B0A0C-2838-404F-9AEF-FBF9DC872830}C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2016.exe] => (Block) C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2016.exe
    FirewallRules: [UDP Query User{72DB90DC-BADA-46C3-9D12-DBEDAC415ECD}C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2016.exe] => (Block) C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2016.exe
    FirewallRules: [TCP Query User{79706E33-24A7-44C8-9B7B-DBEA78EAE4F0}C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2017.exe] => (Allow) C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2017.exe
    FirewallRules: [UDP Query User{CFBECCD0-CBC0-4223-A183-6D826EA74A4E}C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2017.exe] => (Allow) C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2017.exe
    FirewallRules: [TCP Query User{4DAD9C78-FC84-4974-89C5-DF299EFD96EF}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe
    FirewallRules: [UDP Query User{93E1F29C-35F2-4B73-8FDB-3E5316F3472E}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe
    FirewallRules: [{AF467E18-C3AF-4589-94E7-70D261905FBF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [TCP Query User{78598F84-D5AA-4718-BB6E-C9F030409F4D}C:\users\daniele br\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\daniele br\appdata\local\akamai\netsession_win.exe
    FirewallRules: [UDP Query User{DA82BFF5-2E6B-411E-92C2-33D65A43DA76}C:\users\daniele br\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\daniele br\appdata\local\akamai\netsession_win.exe
    FirewallRules: [TCP Query User{154355DB-5F86-4F72-A0CF-09246955F60B}C:\users\daniele br\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\daniele br\appdata\local\akamai\netsession_win.exe
    FirewallRules: [UDP Query User{18E50129-21B6-45A6-A9ED-FA02FB00B966}C:\users\daniele br\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\daniele br\appdata\local\akamai\netsession_win.exe

    ==================== Pontos de Restauração =========================

    10-10-2017 10:02:22 Windows Update
    11-10-2017 18:49:52 Windows Update
    16-10-2017 16:17:36 Windows Update
    20-10-2017 07:43:04 Windows Update
    23-10-2017 23:46:47 ComboFix created restore point
    24-10-2017 12:06:26 Windows Update
    30-10-2017 22:26:50 Windows Update

    ==================== Dispositivos Apresentando Falhas No Gerenciador =============


    ==================== Erros no Log de eventos: =========================

    Erros em Aplicativos:
    ==================
    Error: (10/31/2017 04:29:56 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nome de aplicativo com falha: WSCommCntr4.exe, versão: 4.0.3.0, carimbo de hora: 0x50dcb523
    Nome do módulo de falhas: WSCommCntr4.exe, versão: 4.0.3.0, carimbo de hora: 0x50dcb523
    Código de exceção: 0xc0000005
    Deslocamento com falha: 0x0000000000016490
    Identificação do processo com falha: 0x16b8
    Hora de início do aplicativo com falha: 0x01d3526ceef718b8
    Caminho do aplicativo com falha: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\WSCommCntr4.exe
    FCaminho do módulo de falhas: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\WSCommCntr4.exe
    Identificação do Relatório: 7e54312a-be69-11e7-a0bb-842b2b7c9834

    Error: (10/30/2017 10:35:47 PM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Falha na geração de contexto de ativação para "c:\program files\Autodesk\autocad 2011\FaroImporter.exe".
    Assembly dependente FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.406.58" não pôde ser localizado.
    Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

    Error: (10/24/2017 12:03:24 PM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Falha na geração de contexto de ativação para "c:\program files\Autodesk\autocad 2011\FaroImporter.exe".
    Assembly dependente FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.406.58" não pôde ser localizado.
    Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

    Error: (10/23/2017 11:47:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: O programa WINWORDC.EXE versão 0.0.0.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

    ID de Processo: 1350

    Hora de Início: 01d34c69726bca30

    Hora de Término: 0

    Caminho do Aplicativo: Q:\140066.ptb\Office14\WINWORDC.EXE

    Id do Relatório: 2b37ef0a-b85d-11e7-836b-842b2b7c9834

    Error: (10/23/2017 06:38:54 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Falha na geração de contexto de ativação para "c:\program files\Autodesk\autocad 2011\FaroImporter.exe".
    Assembly dependente FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.406.58" não pôde ser localizado.
    Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

    Error: (10/22/2017 01:06:10 PM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Falha na geração de contexto de ativação para "c:\program files\Autodesk\autocad 2011\FaroImporter.exe".
    Assembly dependente FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.406.58" não pôde ser localizado.
    Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

    Error: (10/21/2017 04:26:38 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Falha na geração de contexto de ativação para "c:\program files\Autodesk\autocad 2011\FaroImporter.exe".
    Assembly dependente FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.406.58" não pôde ser localizado.
    Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

    Error: (10/21/2017 01:09:41 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nome de aplicativo com falha: AcroRd32.exe, versão: 17.12.20098.44270, carimbo de hora: 0x599eb800
    Nome do módulo de falhas: AcroRd32.dll, versão: 17.12.20098.44270, carimbo de hora: 0x599eb7e4
    Código de exceção: 0xc0000005
    Deslocamento com falha: 0x001cc474
    Identificação do processo com falha: 0x22e4
    Hora de início do aplicativo com falha: 0x01d34a124ddac426
    Caminho do aplicativo com falha: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    FCaminho do módulo de falhas: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
    Identificação do Relatório: 47448f0b-b60d-11e7-b948-842b2b7c9834

    Error: (10/21/2017 12:37:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: O programa POWERPNT.EXE versão 12.0.6775.5000 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

    ID de Processo: 1514

    Hora de Início: 01d34a05acbae7f0

    Hora de Término: 0

    Caminho do Aplicativo: C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE

    Id do Relatório:

    Error: (10/20/2017 07:33:47 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nome de aplicativo com falha: svchost.exe_LanmanServer, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bc3c1
    Nome do módulo de falhas: unknown, versão: 0.0.0.0, carimbo de hora: 0x00000000
    Código de exceção: 0xc0000005
    Deslocamento com falha: 0x0000000000000000
    Identificação do processo com falha: 0x410
    Hora de início do aplicativo com falha: 0x01d3498634db69e3
    Caminho do aplicativo com falha: C:\Windows\system32\svchost.exe
    FCaminho do módulo de falhas: unknown
    Identificação do Relatório: c51d3a78-b579-11e7-b136-842b2b7c9834


    Erros de Sistema:
    =============
    Error: (10/31/2017 03:13:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
    O sistema não pode encontrar o arquivo especificado.

    Error: (10/31/2017 03:13:29 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
    gbpddfac
    RxFilter

    Error: (10/31/2017 03:13:21 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a resposta de uma transação do serviço MsMpSvc.

    Error: (10/31/2017 09:07:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
    O sistema não pode encontrar o arquivo especificado.

    Error: (10/31/2017 09:07:01 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
    gbpddfac
    RxFilter

    Error: (10/31/2017 09:06:02 AM) (Source: EventLog) (EventID: 6008) (User: )
    Description: O desligamento anterior do sistema em 09:01:51 às ‎31/‎10/‎2017 não era esperado.

    Error: (10/31/2017 08:55:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
    O sistema não pode encontrar o arquivo especificado.

    Error: (10/31/2017 08:55:44 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
    gbpddfac
    RxFilter

    Error: (10/30/2017 10:19:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
    O sistema não pode encontrar o arquivo especificado.

    Error: (10/30/2017 10:19:56 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
    gbpddfac
    RxFilter


    CodeIntegrity:
    ===================================
      Date: 2017-10-17 11:26:00.047
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

      Date: 2017-10-17 11:25:59.813
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

      Date: 2014-06-17 10:59:05.079
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

      Date: 2014-06-17 10:59:05.077
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

      Date: 2014-06-17 10:59:05.065
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

      Date: 2014-06-17 07:11:29.840
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

      Date: 2014-06-17 07:11:29.837
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

      Date: 2014-06-17 07:11:29.834
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

      Date: 2014-06-03 00:06:23.137
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

      Date: 2014-06-03 00:06:23.133
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.


    ==================== Informações da Memória ===========================

    Processador: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
    Percentagem de memória em uso: 38%
    RAM física total: 4055.12 MB
    RAM física disponível: 2485.24 MB
    Virtual Total: 8108.42 MB
    Virtual disponível: 6378.98 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:287.14 GB) (Free:114.42 GB) NTFS
    Drive e: () (Fixed) (Total:151.37 GB) (Free:123.78 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]
    Drive f: (Disco local) (Fixed) (Total:314.39 GB) (Free:269.24 GB) NTFS

    ==================== MBR & Tabela de Partições ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: B8000000)
    Partition 1: (Not Active) - (Size=71 MB) - (Type=DE)
    Partition 2: (Active) - (Size=10.9 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=287.1 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 341C341B)
    Partition 1: (Active) - (Size=151.4 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=314.4 GB) - (Type=OF Extended)

    ==================== Fim de Addition.txt ============================

    Editado por danirruas
    mouse ruim não deixa eu publicar direito.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Cara @danirruas

     

    Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

    Baixe o Stinger e salve em sua Área de trabalho (Desktop).
    32 bit (x86) ou 64 bit (x64)

    • Execute o arquivo Stinger.exe como Administrador.
    • Clique no botão “I Accept”


    Stinger%20a.png

    Na nova janela clique em “Advanced” e depois “Settings”

    Stinger%20b.png

    Na janela configurações deixe conforme imagem abaixo e clique no botão “Save”

    9hnsyu.png

    Clique em “Customize my Scan”

    Stinger%20f.png

    Selecione as unidades do sistema e em seguida clique no botão “Scan”

    Stinger%20g.png

    Ao final clique em “View log”, será aberto uma janela com o log em seu navegador.
    Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

     

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Boa tarde!!

    Feito o scan, porém ao clicar em view log nada acontece. o.o

    E não encontrou nada. :)
    Abç!!

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Cara @danirruas

     

    Com relação ao mouse, o problema não é malware, então vamos tentar dar uma "mexida" no Windows. ;)

     

    Baixe o Windows Repair (All In One) e salve em sua Área de Trabalho (Desktop).

    • Execute-o como Administrador;
    • Execute a Step3 e Step4 clicando no botão Do It;
    • Na Step5 faça o backup do Registro clicando no botão Backup e crie um Ponto de Restauração clicando no botão Create;
    • Na aba Start Repairs clique no botão Start;
    • Reinicie o Windows.

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Olá. Gostaria de confirmar se este link é seguro.
    Pois no link o windows repair não me pareceu muito confiável. quando baixei abriram outras 2 janelas sobre vírus... essas que parecem bem suspeitas, fechei. Mas fiquei receosa de passar esse programa...

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Sim, é seguro... é de um fórum/comunidade de segurança, fique tranquila. ;)

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Ok, porém o computador ficou todo errado novamente depois de acessar este link.
    Está super lento... E não entrei em mais nada diferente. Está qse impossível usar o pc, como no início no fórum... :(
    Talvez tenham invadido esse fórum... porque abriu mesmo aquelas janelas estranhas dizendo que o pc está infectado, etc... :(

     

     

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Estranho, eu acessei o link e está normal.

     

    Teria como repassar o link aqui? E, por favor, me envie um print do que está acontecendo.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Gostaria, mas não está anexando o print, ficou horas e não anexou.
    O pc está muitoooo lento. Cada teclada leva alguns segundos para aparecer a letra.

    [Quando eu cliquei no link abriram mais duas janelas. Baixou o link: tweaking.com_windows_repair_aio_setup]

    E para trocar de janela leva alguns minutos....
    :(

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Cara @danirruas

     

    Faça um novo log com o FRST, porém antes de clicar no botão Examinar, marque a opção Addition.

     

    Anexe os logs, por favor.

     

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Olá!! Parece que as coisas estão normalizando (não está travando tanto). Domingo ainda foi impossível usar. Hoje está "mais normal"... Tudo isso antes de passar o FRST. Será que não é hardware (placa, processador)? Muito estranho... de todo modo seguem os logs. MUITO OBRIGADA!!

    FRST3.txt

    Addition3.txt

    Editado por danirruas
    complementar

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Ok... atualize o MalwareBytes, faça um novo scan e se algo for encontrado anexe o log.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Crie uma conta ou entre para comentar

    Você precisar ser um membro para fazer um comentário






    Sobre o Clube do Hardware

    No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

    Direitos autorais

    Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

    ×