Ir ao conteúdo
  • Comunicados

    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.

danirruas

Membros Plenos
  • Total de itens

    57
  • Registro em

  • Última visita

  • Qualificações

    0%

Reputação

0

Sobre danirruas

  • Data de Nascimento 20-08-1981

Informações gerais

  • Cidade e Estado
    Rio de Janeiro
  1. Mouse cliques imprecisos e não encerra programas

    Olá. Nada encontrado!!
  2. Mouse cliques imprecisos e não encerra programas

    Olá!! Parece que as coisas estão normalizando (não está travando tanto). Domingo ainda foi impossível usar. Hoje está "mais normal"... Tudo isso antes de passar o FRST. Será que não é hardware (placa, processador)? Muito estranho... de todo modo seguem os logs. MUITO OBRIGADA!! FRST3.txt Addition3.txt
  3. Mouse cliques imprecisos e não encerra programas

    Gostaria, mas não está anexando o print, ficou horas e não anexou. O pc está muitoooo lento. Cada teclada leva alguns segundos para aparecer a letra. [Quando eu cliquei no link abriram mais duas janelas. Baixou o link: tweaking.com_windows_repair_aio_setup] E para trocar de janela leva alguns minutos....
  4. Mouse cliques imprecisos e não encerra programas

    Ok, porém o computador ficou todo errado novamente depois de acessar este link. Está super lento... E não entrei em mais nada diferente. Está qse impossível usar o pc, como no início no fórum... Talvez tenham invadido esse fórum... porque abriu mesmo aquelas janelas estranhas dizendo que o pc está infectado, etc...
  5. Mouse cliques imprecisos e não encerra programas

    Olá. Gostaria de confirmar se este link é seguro. Pois no link o windows repair não me pareceu muito confiável. quando baixei abriram outras 2 janelas sobre vírus... essas que parecem bem suspeitas, fechei. Mas fiquei receosa de passar esse programa...
  6. Mouse cliques imprecisos e não encerra programas

    Boa tarde!! Feito o scan, porém ao clicar em view log nada acontece. o.o E não encontrou nada. Abç!!
  7. Mouse cliques imprecisos e não encerra programas

    Desculpe. E tb não foi em anexo. Seguem agora. Obrigada!! FRST.txt Addition.txt
  8. Mouse cliques imprecisos e não encerra programas

    Boa noite!! Segue o log abaixo. Abç!! Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 08-10-2017 Executado por Daniele BR (31-10-2017 17:28:33) Executando a partir de C:\Users\Daniele BR\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2010-09-04 18:13:43) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-971680230-1680443159-1465981135-500 - Administrator - Disabled) Convidado (S-1-5-21-971680230-1680443159-1465981135-501 - Limited - Enabled) Daniele BR (S-1-5-21-971680230-1680443159-1465981135-1000 - Administrator - Enabled) => C:\Users\Daniele BR HomeGroupUser$ (S-1-5-21-971680230-1680443159-1465981135-1005 - Limited - Enabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Microsoft Security Essentials (Disabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189} AS: Microsoft Security Essentials (Disabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) ACA & MEP 2018 Object Enabler (HKLM\...\{28B89EEF-1004-0000-5102-CF3F3A09B77D}) (Version: 8.0.40.0 - Autodesk) Hidden ACAD Private (HKLM\...\{28B89EEF-1001-0000-3102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19530 - Adobe Systems Incorporated) Adobe Anchor Service x64 CS4 (HKLM\...\{887797BF-37A5-4199-B0C9-0D38D6196E9A}) (Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe CMaps x64 CS4 (HKLM\...\{90BA8112-80B3-4617-A3C1-BD2771B60F74}) (Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.2.0.211 - Adobe Systems Incorporated) Adobe CSI CS4 x64 (HKLM\...\{8DAA31EB-6830-4006-A99F-4DF8AB24714F}) (Version: 1 - Adobe Systems Incorporated) Hidden Adobe Drive CS4 x64 (HKLM\...\{A3454894-144A-4D80-B605-C128FE0D7329}) (Version: 1 - Adobe Systems Incorporated) Hidden Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated) Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated) Adobe Fonts All x64 (HKLM\...\{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}) (Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Linguistics CS4 x64 (HKLM\...\{8875A1C0-6308-4790-8CF6-D34E89880052}) (Version: 4.0.0 - Adobe Systems Incorporated) Hidden Adobe PDF Library Files x64 CS4 (HKLM\...\{DFFABE78-8173-4E97-9C5C-22FB26192FC5}) (Version: 9.0 - Adobe Systems Incorporated) Hidden Adobe Photoshop CS4 (64 Bit) (HKLM\...\{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}) (Version: 11.0 - Adobe Systems Incorporated) Hidden Adobe Photoshop CS4 (HKLM-x32\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated) Adobe Type Support x64 CS4 (HKLM\...\{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}) (Version: 9.0 - Adobe Systems Incorporated) Hidden Adobe WinSoft Linguistics Plugin x64 (HKLM\...\{295CFB7C-A57E-4313-93E7-68E7CE1D0332}) (Version: 1.1 - Adobe Systems Incorporated) Hidden Akamai NetSession Interface (HKU\S-1-5-21-971680230-1680443159-1465981135-1000\...\Akamai) (Version: - Akamai Technologies, Inc) AMCap (HKLM-x32\...\AMCap) (Version: 9.20.132.2 - Noël Danjou) AMR Converter Pro (HKLM-x32\...\{3651C800-6E7A-47E1-AEAD-ACF68509BF8D}) (Version: 4.0 - Mystik Media) Hidden AMR Converter Pro (HKU\S-1-5-21-971680230-1680443159-1465981135-1000\...\AMR Converter Pro) (Version: - Mystik Media) Analysis Bio (HKLM-x32\...\{BFF9F0B5-F673-4865-9DBD-B00938D9360F}) (Version: 2.2.0 - LabEEE - UFSC) Analysis CST (HKLM-x32\...\{6866461E-1F1B-4A2E-87C9-DF2B15FE8386}) (Version: 2.10.0000 - LabEEE - UFSC) Aplicativo da área de trabalho Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.6.378 - Autodesk) Arquivo do WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft) Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft) Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft) Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft) Atualizações da NVIDIA 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.5.15.54 - NVIDIA Corporation) AutoCAD 2006 - English (HKLM-x32\...\{5783F2D7-4001-0409-0002-0060B0CE6BBA}) (Version: 16.2.54.10 - Autodesk) AutoCAD 2011 - English (HKLM\...\{5783F2D7-9001-0409-0102-0060B0CE6BBA}) (Version: 18.1.49.0 - Autodesk) Hidden AutoCAD 2011 - English (HKLM\...\AutoCAD 2011 - English) (Version: 18.1.49.0 - Autodesk) AutoCAD 2011 Language Pack - English (HKLM\...\{5783F2D7-9001-0409-1102-0060B0CE6BBA}) (Version: 18.1.49.0 - Autodesk) Hidden AutoCAD 2018 - English (HKLM\...\{28B89EEF-1001-0409-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden AutoCAD 2018 (HKLM\...\{28B89EEF-1001-0000-0102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden AutoCAD 2018 Language Pack - English (HKLM\...\{28B89EEF-1001-0409-1102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden AutoCAD Architecture 2014 - English (HKLM\...\{5783F2D7-D004-0000-0102-0060B0CE6BBA}) (Version: 7.5.17.0 - Autodesk) Hidden AutoCAD Architecture 2014 - English (HKLM\...\{5783F2D7-D004-0409-2102-0060B0CE6BBA}) (Version: 7.5.17.0 - Autodesk) Hidden AutoCAD Architecture 2014 Language Pack - English (HKLM\...\{5783F2D7-D004-0409-1102-0060B0CE6BBA}) (Version: 7.5.17.0 - Autodesk) Hidden Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk) Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk) Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk) Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk) Autodesk AutoCAD 2018 - English (HKLM\...\AutoCAD 2018 - English) (Version: 22.0.49.0 - Autodesk) Autodesk AutoCAD Architecture 2014 - English (HKLM\...\AutoCAD Architecture 2014 - English) (Version: 7.5.17.0 - Autodesk) Autodesk Content Service (HKLM-x32\...\{62F029AB-85F2-0000-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk) Autodesk Content Service Language Pack (HKLM-x32\...\{62F029AB-85F2-0001-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden Autodesk Design Review 2011 (HKLM-x32\...\{8D20B4D7-3422-4099-9332-39F27E617A6F}) (Version: 11.0.0.86 - Autodesk, Inc.) Hidden Autodesk Design Review 2011 (HKLM-x32\...\Autodesk Design Review 2011) (Version: 11.0.0.86 - Autodesk, Inc.) Autodesk DWF Viewer (HKLM-x32\...\Autodesk DWF Viewer) (Version: 5.1 - Autodesk, Inc.) Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk) Autodesk License Service (x64) - 5.1.4 (HKLM\...\{3609A8D9-FC0C-4C9B-9F58-0B1D1A4FE556}) (Version: 5.1.4.0 - Autodesk) Autodesk Material Library 2011 Base Image library (HKLM-x32\...\{CD1E078C-A6B9-47DA-B035-6365C85C7832}) (Version: 2.0.0.49 - Autodesk) Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk) Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk) Central de Mouse e Teclado da Microsoft (HKLM\...\{23D2AFC7-C01E-4413-9D9A-0BABF52569BF}) (Version: 2.3.188.0 - Microsoft Corporation) Hidden Central de Mouse e Teclado da Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation) Connect (HKLM-x32\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: - Dell) Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.40 - Dell) Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.2.0011 - Dell, Inc.) Dell Dock (HKLM\...\{C73A3942-84C8-4597-9F9B-EE227DCBA758}) (Version: 2.0 - Stardock Corporation) Hidden Dell Dock (HKLM-x32\...\Dell Dock) (Version: - Stardock Corporation) Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc) Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.) Dell Support Center (Software de Suporte) (HKLM-x32\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.5.09100 - Dell) DirectXInstallService (HKLM-x32\...\{098122AB-C605-4853-B441-C0A4EB359B75}) (Version: 9.0.2 - Roxio) Hidden Dropbox (HKU\S-1-5-21-971680230-1680443159-1465981135-1000\...\Dropbox) (Version: 35.4.20 - Dropbox, Inc.) EMC 10 Content (HKLM-x32\...\{FDB46DE7-9045-47BB-970A-3E4ED5369E03}) (Version: 1.0.035 - Roxo, Inc.) Hidden EMCGadgets64 (HKLM\...\{02AD9D20-03D2-4DE0-8793-E8253026AD86}) (Version: 1.0.302 - Nome de sua empresa:) Hidden Epson Easy Photo Print Plug-in for Windows Live Photo Gallery (HKLM-x32\...\EEPPPlugIn) (Version: - SEIKO EPSON Corporation) Epson Easy Photo Print Plug-in for Windows Live Photo Gallery Setup (HKLM-x32\...\{7B7044AE-6D1F-456D-B2BA-28BFFFAF3F71}) (Version: 1.00.0000 - SEIKO EPSON Corporation) Hidden Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION) Evernote v. 5.9.1 (HKLM-x32\...\{5EA1DED0-5285-11E5-8AA1-0050569584E9}) (Version: 5.9.1.8742 - Evernote Corp.) Ferramenta de Carregamento do Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) Google Drive (HKLM-x32\...\{AC117AF9-316B-4E1D-959E-F0EB85B0DC5F}) (Version: 2.34.7100.0000 - Google, Inc.) Google Earth (HKLM-x32\...\{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}) (Version: 4.3.7204.836 - Google) Google Earth Pro (HKLM-x32\...\{DE706580-82C7-4B1A-ABA4-EA48AC15B045}) (Version: 7.1.8.3036 - Google) Google SketchUp 6 (HKLM-x32\...\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}) (Version: 6.4.247 - Google) Hidden Google SketchUp 6 (HKLM-x32\...\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}) (Version: 6.0.01611 - Google) Google SketchUp Pro 8 (HKLM-x32\...\{E0A160F1-127B-43AC-AF96-EBB6319B01C7}) (Version: 3.0.4811 - Google, Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2012) (Version: 1.0 - Receita Federal do Brasil) IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2013) (Version: 1.2 - Receita Federal do Brasil) IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2015) (Version: 1.2 - Receita Federal do Brasil) IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2016) (Version: 1.2 - Receita Federal do Brasil) IRPF2017 (HKLM-x32\...\IRPF2017) (Version: 1.1 - Receita Federal do Brasil) Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden kuler (HKLM-x32\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden Malwarebytes Anti-Exploit version 1.10.1.41 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.10.1.41 - Malwarebytes) Malwarebytes Anti-Malware versão 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.) Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft .NET Framework 4.7 (Português (Brasil)) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.7.02053 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office com Clique para Executar 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Starter 2010 - Português (Brasil) (HKLM-x32\...\{90140011-0066-0416-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-971680230-1680443159-1465981135-1000\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation) Mozilla Firefox 56.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 56.0 (x86 pt-BR)) (Version: 56.0 - Mozilla) Mozilla Firefox 56.0.2 (x64 pt-BR) (HKU\S-1-5-21-971680230-1680443159-1465981135-1000\...\Mozilla Firefox 56.0.2 (x64 pt-BR)) (Version: 56.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.2.6333 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NVIDIA Driver de áudio HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Driver de controle do 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NVIDIA Driver de gráficos 320.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.78 - NVIDIA Corporation) NVIDIA Driver do 3D Vision 320.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.78 - NVIDIA Corporation) NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) Painel de controle da NVIDIA 320.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 320.78 - NVIDIA Corporation) Hidden PDF Settings CS4 (HKLM-x32\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden Photoshop Camera Raw (HKLM-x32\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden Photoshop Camera Raw_x64 (HKLM\...\{2D74E972-5A85-44DC-9193-8A302BA8C181}) (Version: 5.0 - Adobe Systems Incorporated) Hidden PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.6029 - CyberLink Corp.) QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6043 - Realtek Semiconductor Corp.) Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados) Roxio Easy CD and DVD Burning (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio) Roxio File Backup (HKLM\...\{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}) (Version: 1.3.0 - Roxio) Hidden Saraiva Reader ALPHA_7RC11b169 (HKLM-x32\...\8505-5699-0960-8592) (Version: ALPHA_7RC11b169 - Saraiva e Siciliano S.A.) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.500 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.5.12.11 - NVIDIA Corporation) Hidden SketchUp 2013 (HKLM-x32\...\{E74C0D09-8730-4714-8C6F-019FBF7F1B42}) (Version: 13.0.3689 - Trimble Navigation Limited) SketchUp 2017 (HKLM\...\{E59BD84C-169B-4F3F-AC5D-85127CF67051}) (Version: 17.2.2555 - Trimble, Inc.) SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk) Skype™ 7.23 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.23.105 - Skype Technologies S.A.) Sonic CinePlayer Decoder Pack (HKLM-x32\...\{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}) (Version: 4.3.0 - Sonic Solutions) Hidden Suite Shared Configuration CS4 (HKLM-x32\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) USB Scanner (HKLM-x32\...\{5D6D977D-412E-4B19-9986-5C13EB00B22F}) (Version: v.2.0.0 - ) VD64Inst (HKLM\...\{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}) (Version: 1.00.0000 - Roxio, Inc.) Hidden VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN) WD Drive Utilities (HKLM-x32\...\{439A51F7-84B1-4603-BEC8-647EB2AC307F}) (Version: 1.0.1.5 - Western Digital) WD Security (HKLM-x32\...\{8172B41A-9BB5-4A64-BF28-1FB5FE43C3FF}) (Version: 1.0.1.5 - Western Digital) WD SmartWare (HKLM\...\{22A51951-1F45-4C8A-B888-306527F9C45F}) (Version: 1.6.2.6 - Western Digital) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{2DF215E0-BD3C-4C98-8616-AFEF09747285}) (Version: 14.0.8117.416 - Microsoft Corporation) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCad 2018\AutoCAD 2018\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCad 2018\AutoCAD 2018\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCad 2018\AutoCAD 2018\en-US\acadficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-971680230-1680443159-1465981135-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-10-09] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-10-09] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-10-09] (Google) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] () ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc.) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] () ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk) ContextMenuHandlers1-x32: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => c:\Program Files (x86)\Common Files\Autodesk Shared\DWF Common\DWFShellExtension.dll [2010-01-11] (Autodesk, Inc.) ContextMenuHandlers1-x32: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation) ContextMenuHandlers1-x32: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-10-09] (Google) ContextMenuHandlers1-x32: [RXDCExtSvr] -> {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C} => c:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll [2009-06-26] (Sonic Solutions) ContextMenuHandlers1-x32: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2012-06-14] (Western Digital) ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2012-06-14] (Western Digital) ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation) ContextMenuHandlers2: [RXDCExtSvr] -> {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C} => c:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll [2009-06-26] (Sonic Solutions) ContextMenuHandlers2: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated) ContextMenuHandlers3: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated) ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-10-09] (Google) ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-08-09] (NVIDIA Corporation) ContextMenuHandlers5: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] () ContextMenuHandlers6: [RXDCExtSvr] -> {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C} => c:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll [2009-06-26] (Sonic Solutions) ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2012-06-14] (Western Digital) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers1_S-1-5-21-971680230-1680443159-1465981135-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ContextMenuHandlers4_S-1-5-21-971680230-1680443159-1465981135-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ContextMenuHandlers5_S-1-5-21-971680230-1680443159-1465981135-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {01D0B934-D7FC-442A-BD58-31AAA9C84C67} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {02F9497B-2769-4DDB-8AD9-E952A6D2A307} - System32\Tasks\{FF6CC4C8-486B-469E-8C96-830EA0A73536} => C:\Windows\system32\pcalua.exe -a "C:\Users\Daniele BR\Downloads\bankerfix.exe" -d "C:\Users\Daniele BR\Downloads" Task: {08BE90CA-F87B-496D-98D4-A7F17A5FD0FB} - System32\Tasks\{2321CE59-C648-4B1B-9C66-5F295171DDAD} => C:\Windows\system32\pcalua.exe -a "F:\INSTALADORES\INSTALADORES DANI\pdfMachine1105EN.exe" -d "F:\INSTALADORES\INSTALADORES DANI" Task: {110050EC-E9DA-402E-AEE5-520E4454B5D4} - System32\Tasks\{D6AC7C97-9035-42B6-B701-088A999C5FEE} => C:\Program Files (x86)\Leadership\GOTEC 6760-1\Scanutl.exe [2006-05-09] (Plustek Inc) Task: {15DFE892-0F5A-490B-B275-F8934288BA29} - System32\Tasks\{75FDDAE2-0B17-4C8F-B99E-FB157990DE95} => C:\Windows\system32\pcalua.exe -a D:\Setupx.exe -d D:\ Task: {2BA08EF6-67D3-4A9A-9F4A-EE89A114F30C} - System32\Tasks\{2DF61602-0DC9-4178-9B74-227CDADBE224} => C:\Windows\system32\pcalua.exe -a "C:\Users\Daniele BR\Downloads\activescan2_pt.exe" -d "C:\Program Files (x86)\Mozilla Firefox" Task: {2CA05528-511F-481E-B87C-F7E2D9668343} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft) Task: {30472F3B-C25A-4766-B94E-2EFB9F57A84A} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {3C0FA1CA-0A9E-4438-AC3E-3C0B31F9B87B} - System32\Tasks\{93E99327-457D-4FFE-9C3B-A39F5D38378E} => C:\Windows\system32\pcalua.exe -a "C:\Users\Daniele BR\Downloads\Canon - driver e programa\Easy Web Print\ewpwin263en\Setup.exe" -d "C:\Users\Daniele BR\Downloads\Canon - driver e programa\Easy Web Print\ewpwin263en" Task: {3E9FF288-3708-46AB-B25F-885FE2147903} - System32\Tasks\{F99F357C-EA42-4AEF-9DD1-510BC00B4F1E} => C:\Windows\system32\pcalua.exe -a D:\Setup.exe -d D:\ Task: {5D820E97-F5D1-4C4E-8D35-41F3CBBF1D20} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {5FA8F18B-D3A7-4C0B-98A3-D1B7D759F428} - System32\Tasks\{5F16FAD4-B996-4D92-BEE7-027D58C2BD63} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Leadership\GOTEC 6760-1\Scanutl.exe" Task: {60076A4C-1E93-4F41-B31C-B3B571BAD840} - System32\Tasks\{69819135-E9C6-4B7D-8581-FCF99C8666E0} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Leadership\GOTEC 6760-1\AM32.exe" Task: {609ABB7C-6CA7-4989-8F68-E135A3F69B02} - System32\Tasks\{E3BD104F-ABAA-4E98-83BD-83CB3BA429D7} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Epson Software\Common\Easy Photo Print Plugin\WLPG_E\EPPUNINS.EXE" -c /R Task: {71244483-03E4-4937-95A2-CB06306B2172} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-13] (Adobe Systems Incorporated) Task: {7185BA1F-3A80-4B43-B3C8-A6DC95887DAB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {7570F179-2E7B-4473-A2BF-9978C6D2BD36} - System32\Tasks\{33063E80-2BD3-4682-A8FA-67DF783F1604} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Citrix\GoToAssist\514\G2AUninstaller.exe" -c /uninstall Task: {84462BA5-3D94-4EB0-A730-85FB6F9553B6} - System32\Tasks\{73A5ECC5-0A04-4F82-96C9-B88D1893568C} => C:\Program Files (x86)\Leadership\GOTEC 6760-1\Scanutl.exe [2006-05-09] (Plustek Inc) Task: {88A47CF5-7F96-4B73-8441-A97E12AE570C} - System32\Tasks\{33821288-2519-472F-BDAD-B6E8B82AE785} => C:\Windows\system32\pcalua.exe -a "K:\VIVO INTERNET\Setup.exe" -d "K:\VIVO INTERNET" Task: {92326E57-AC5D-4CC6-8176-601DC3A47065} - System32\Tasks\{DC89E10B-B2CB-4C44-98E6-23AED40A5054} => C:\Windows\system32\pcalua.exe -a "F:\BIBLIOTECA 2009 a 2011\Blocos\blocosANTIGOS\Louças_Ravena.exe" -d "F:\BIBLIOTECA 2009 a 2011\Blocos\blocosANTIGOS" Task: {93EF5B27-D8BC-48DA-8503-37091DAC837D} - System32\Tasks\{120E81F7-AEA7-4C1F-B6E8-8BA651A63C1D} => C:\Windows\system32\pcalua.exe -a "C:\Users\Daniele BR\Downloads\Scanner 6760-1 Go Tec\Setup.exe" -d "C:\Users\Daniele BR\Downloads\Scanner 6760-1 Go Tec" Task: {B2A91601-65FF-47E4-BAEF-2C3A3A3846CD} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation) Task: {B790E836-F517-46B4-A5CB-2C48811016DB} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {BE04446D-033C-4DE2-942D-927D82A14744} - System32\Tasks\AdobeAAMUpdater-1.0-PC-PROGRAMAS-Daniele BR => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated) Task: {C0AA7F19-C934-4049-A50D-EF84EE873356} - System32\Tasks\{8CA8BD32-C810-47AC-8F24-E465FCB4B012} => C:\Program Files (x86)\Leadership\GOTEC 6760-1\Scanutl.exe [2006-05-09] (Plustek Inc) Task: {D379D9A9-A2B7-4000-9A42-A34B8E56638B} - System32\Tasks\{D44A97D3-319C-48AB-85B6-0EAF717DA10B} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{5265664F-6128-405C-9225-9782A85954FD}\Setup.exe" Task: {D48C8BCB-6FA4-41D2-BAB7-5B0D0BF55462} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {D5F08F74-7A0F-4734-9906-283212B36CC0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-20] (Adobe Systems Incorporated) Task: {DCC68E83-A595-4F46-AC1B-B1BCEE1F398F} - System32\Tasks\{14A243C9-5D89-4D77-A770-BB342FEB1058} => C:\Program Files (x86)\Leadership\GOTEC 6760-1\AM32.exe [2006-05-26] () Task: {DD350046-BF85-4503-A700-D698503E05F0} - System32\Tasks\{63077E9F-538E-4CDD-9FD2-8625FCD182D8} => C:\Windows\system32\pcalua.exe -a "C:\Users\Daniele BR\Downloads\Br office\BrOOo_3.2.1_Win_x86_install_pt-BR.exe" -d "C:\Users\Daniele BR\Downloads\Br office" Task: {E1F548A4-D84A-496A-80B7-3096304D23C8} - System32\Tasks\{9A751EE7-0FD6-488D-9F55-FC7B76AB9432} => C:\Windows\system32\pcalua.exe -a "C:\Users\Daniele BR\Downloads\BrOOo_3.2.1_Win_x86_install_pt-BR.exe" -d "C:\Users\Daniele BR\Downloads" Task: {E7D02A94-A845-421C-81E3-0C17916FFD86} - System32\Tasks\{7D7E96BD-DDFA-4B85-9CD0-EF2B241FCE21} => C:\Program Files (x86)\Leadership\GOTEC 6760-1\AM32.exe [2006-05-26] () (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) ==================== Atalhos & WMI ======================== (As entradas podem ser listadas para serem restauradas ou removidas.) ==================== Módulos Carregados (Whitelisted) ============== 2015-07-27 08:33 - 2013-08-09 18:07 - 000087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-08-14 04:48 - 2017-08-14 04:48 - 000491600 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll 2011-04-30 01:23 - 2011-04-30 01:23 - 000125376 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axutil.dll 2011-04-30 01:23 - 2011-04-30 01:23 - 000385984 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axis2_engine.dll 2011-04-30 01:23 - 2011-04-30 01:23 - 000158144 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axiom.dll 2011-04-30 01:23 - 2011-04-30 01:23 - 000034752 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axis2_parser.dll 2011-04-30 01:27 - 2011-04-30 01:27 - 001315264 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\libxml2.dll 2011-04-30 01:23 - 2011-04-30 01:23 - 000103360 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\neethi.dll 2011-04-30 01:23 - 2011-04-30 01:23 - 000046528 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axis2_http_sender.dll 2011-04-30 01:23 - 2011-04-30 01:23 - 000021440 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axis2_http_receiver.dll 2011-04-30 01:23 - 2011-04-30 01:23 - 000032192 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\modules\addressing\axis2_mod_addr.dll 2011-04-30 01:23 - 2011-04-30 01:23 - 000014784 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\modules\logging\axis2_mod_log.dll 2017-09-25 15:55 - 2017-06-15 12:16 - 000061944 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll 2017-09-25 15:55 - 2017-06-15 12:15 - 000110584 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll 2015-07-30 15:01 - 2015-10-12 01:05 - 000013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10] AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32] AlternateDataStreams: C:\Windows\System32:4CFA1FB0_Cef.gbp [2] AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0] AlternateDataStreams: C:\Users\Todos os Usuários\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) HKU\S-1-5-21-971680230-1680443159-1465981135-1000\Software\Classes\.scr: AutoCADScriptFile => "C:\Windows\SysWOW64\notepad.exe" "%1" ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-971680230-1680443159-1465981135-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-971680230-1680443159-1465981135-1000\...\google.com -> www.google.com IE trusted site: HKU\S-1-5-21-971680230-1680443159-1465981135-1000\...\google.com.br -> www.google.com.br IE trusted site: HKU\S-1-5-21-971680230-1680443159-1465981135-1000\...\itau.b.br -> www.itau.b.br IE trusted site: HKU\S-1-5-21-971680230-1680443159-1465981135-1000\...\itau.com.br -> bankline.itau.com.br IE trusted site: HKU\S-1-5-21-971680230-1680443159-1465981135-1000\...\itau.com.br -> hxxps://bankline.itau.com.br IE trusted site: HKU\S-1-5-21-971680230-1680443159-1465981135-1000\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br IE trusted site: HKU\S-1-5-21-971680230-1680443159-1465981135-1000\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-14 00:34 - 2017-10-17 11:30 - 000000027 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-971680230-1680443159-1465981135-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Daniele BR\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 177.223.13.43 - 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == MSCONFIG\Services: ABBYY.Licensing.FineReader.Sprint.9.0 => 2 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AdobeUpdateService => 2 MSCONFIG\Services: Autodesk Content Service => 2 MSCONFIG\Services: Autodesk Licensing Service => 3 MSCONFIG\Services: AxInstSV => 3 MSCONFIG\Services: ENAgent => 2 MSCONFIG\Services: EpsonCustomerParticipation => 2 MSCONFIG\Services: FLEXnet Licensing Service => 3 MSCONFIG\Services: FLEXnet Licensing Service 64 => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: HomeNetSvc => 2 MSCONFIG\Services: McAPExe => 2 MSCONFIG\Services: McComponentHostService => 3 MSCONFIG\Services: McMPFSvc => 2 MSCONFIG\Services: McNaiAnn => 2 MSCONFIG\Services: McODS => 3 MSCONFIG\Services: mcpltsvc => 2 MSCONFIG\Services: McProxy => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: MSK80Service => 2 MSCONFIG\Services: RoxMediaDB10 => 3 MSCONFIG\Services: SENS => 2 MSCONFIG\Services: SftService => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: WinTabService => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Action Manager 32.lnk => C:\Windows\pss\Action Manager 32.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AutoCAD Startup Accelerator.lnk => C:\Windows\pss\AutoCAD Startup Accelerator.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Daniele BR^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BrOffice.org 3.2.lnk => C:\Windows\pss\BrOffice.org 3.2.lnk.Startup MSCONFIG\startupfolder: C:^Users^Daniele BR^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dell Dock.lnk => C:\Windows\pss\Dell Dock.lnk.Startup MSCONFIG\startupfolder: C:^Users^Daniele BR^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\Windows\pss\EvernoteClipper.lnk.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: Autodesk Desktop App => "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: Dell DataSafe Online => "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m MSCONFIG\startupreg: DellSupportCenter => "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter MSCONFIG\startupreg: Dropbox Update => "C:\Users\Daniele BR\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" MSCONFIG\startupreg: EPLTarget => MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart MSCONFIG\startupreg: LogMeIn GUI => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" MSCONFIG\startupreg: Malwarebytes Anti-Exploit => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe MSCONFIG\startupreg: mcpltui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey MSCONFIG\startupreg: OneDrive => "C:\Users\Daniele BR\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background MSCONFIG\startupreg: PDVDDXSrv => "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" MSCONFIG\startupreg: PopDeals => C:\Program Files\PopDeals\PopDeals.exe MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: WD Drive Unlocker => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe MSCONFIG\startupreg: WD Quick View => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe MSCONFIG\startupreg: WTClient => WTClient.exe ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{01864BE4-FA84-4BE1-ACD9-5A0E02C7FD57}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD DX\PowerDVD.exe FirewallRules: [{87861224-1E97-484F-9F89-CED42536095E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe FirewallRules: [{61C296DF-9D2F-470B-9891-678862279219}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{019A3D08-A2ED-4C14-9439-02F52AC971A3}] => (Allow) C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe FirewallRules: [{B631257C-A2C6-4356-B932-AF476634CE89}] => (Allow) C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe FirewallRules: [TCP Query User{7A084483-2F1B-4482-9CBF-C7B779E51257}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{7D061925-A91D-4BD7-B1E2-44586F2CB24C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{C3245DD2-88AE-455F-9A06-2871CF079AEB}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe FirewallRules: [{B9A93498-EA23-47F0-AA01-E565ED237D91}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe FirewallRules: [{1715BF78-2CC7-40ED-B7F7-7EAA61FF465B}] => (Allow) C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe FirewallRules: [{C5FF3214-9D8A-449B-89B0-C2C1703127F5}] => (Allow) C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe FirewallRules: [{1C43447B-8951-4D35-B1B4-01C022D9EC04}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{C80074B3-4231-449C-9038-D493C3032081}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{E9B579A5-6477-4D75-AF16-9911D5F52C49}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{AEB2A1C5-30DE-4A7F-8A65-9F4C1D50127E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{D01958EE-E023-4754-BA81-DFE32BD0F6E0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{DD57AC63-6394-49F5-9AC0-59416A8911FF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{ADE4D051-78A1-47C3-BAF7-B906C78F925A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{C9464468-4F7C-4CFD-B74C-6B37266C45BA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{193FDC4F-2C24-4456-A7CB-5CD1EC046409}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{AAA27247-7DE1-4E4B-A987-11C05123BE23}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{FA951CC7-DB9A-4A95-98A4-62D248E774EE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{455256B3-F6D9-4CED-AE3B-FB525AF98BCF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{9C7DEAFE-60BD-4108-AE26-565F20FCEDA4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{E2BCEE37-57D7-4098-BBCD-370C1EB08179}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{E24E0122-A319-431C-94FF-D0426338B42A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{CC3700B1-17A8-4608-9C67-EF1CF9253E44}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{435F58E2-D9AB-4508-BE24-85771EC995D7}] => (Allow) C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe FirewallRules: [{67A88720-B931-4333-BF58-7EE297CB68FB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{EF97ADCE-0950-4920-AE69-994DEA56EB43}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{B962238E-AE97-4CE3-826B-7CA70257C9DF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{CDBBAE9A-1240-484B-B1EB-F67160056E92}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{40FC6C1E-FC6F-41E6-9D3E-8E5A7F9CCE3C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{9D9605E5-0683-40CF-AF59-137ED376AF72}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{9DCF9FB8-3D71-4847-92B1-BA56229EE2A7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{AA0621EA-044F-4436-953F-1348BAF72121}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{3A0AC7A5-5662-4D17-90C4-9435D0047642}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{5A747A7C-CF39-446E-BAEB-FCF54D6F98EF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{B65B707F-7D79-4C09-BC66-3730BD358838}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{DEFD744C-FF2C-490D-8563-56CF625A9CA2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{62B173D1-F722-4575-8296-3F3D4644F59D}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{FC59ED81-42DB-448B-B8AF-D4970B314667}] => (Allow) svchost.exe FirewallRules: [{1C4EFE22-4A82-44AA-B833-AAB98C972E49}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [{34FD7E5E-9474-4354-B8B4-349D118DFC3A}] => (Allow) LPort=49162 FirewallRules: [{AA4AAA34-3804-46F3-B1A9-04D9D5F821C0}] => (Allow) LPort=5000 FirewallRules: [{C51D7819-080C-4BF0-BA5D-3EFDE2E37090}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{BBED15DD-BCEC-451E-8629-A4F1D05A41C7}] => (Allow) LPort=2869 FirewallRules: [{6CBC14BD-CBC4-4686-AC00-449A3AD7D815}] => (Allow) LPort=1900 FirewallRules: [{96A4D9C8-91DD-44C9-A634-A0BF3A83519D}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe FirewallRules: [{09D85027-F6FD-43C9-A709-B7CC10C870E8}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe FirewallRules: [TCP Query User{C011CC3E-540F-4BB3-AC47-99F2ED8964FE}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{438F280E-6315-43EF-9643-F51A9B7C85D4}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [{0513FD6A-7F47-489B-A700-5CCE6581AE4A}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe FirewallRules: [{B3E7C989-7208-4DE3-98D5-A52890210F24}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe FirewallRules: [{5FDC9B52-251A-4230-B37F-7004B217541C}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe FirewallRules: [{98205EA5-838E-472F-BE25-4B8A92FC20FB}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe FirewallRules: [TCP Query User{2D78E6F3-FEA0-43D1-9184-924CCB8BE329}C:\users\daniele br\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\daniele br\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{AC450875-4B49-496F-8732-10979FC4C1A2}C:\users\daniele br\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\daniele br\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{7166C624-E612-4343-932B-0EDBBCEAF9B9}] => (Allow) C:\Users\Daniele BR\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [TCP Query User{8F35567C-C01C-46C6-A0EF-F24BB70239FF}C:\program files (x86)\google\google sketchup 8\sketchup.exe] => (Block) C:\program files (x86)\google\google sketchup 8\sketchup.exe FirewallRules: [UDP Query User{AF73DBB8-0BD7-4942-8EC0-A72AABA2C1C1}C:\program files (x86)\google\google sketchup 8\sketchup.exe] => (Block) C:\program files (x86)\google\google sketchup 8\sketchup.exe FirewallRules: [{B3160350-82B9-437A-89ED-EFED7AA7EFF4}] => (Allow) C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{7F184B91-44D8-4D93-80CC-935CE612450B}] => (Allow) C:\Users\Daniele BR\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{01C1DF5B-5F1C-4DE4-A98E-E518DF00B1BD}C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe] => (Allow) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe FirewallRules: [UDP Query User{D26996EA-315F-42BF-913F-F2875789AECC}C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe] => (Allow) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe FirewallRules: [TCP Query User{F2812ADA-CBB5-43C4-8125-607469F5F0E5}C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe] => (Block) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe FirewallRules: [UDP Query User{B741F423-EB14-4F96-985F-2769B78B0836}C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe] => (Block) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe FirewallRules: [{A32CFABC-DE54-476E-A7D0-49CF49038830}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{6B7ADF3B-6894-49CE-92DA-40A0ED677C3A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{A0EB8D4C-311D-41A4-B02F-C7E21D096A47}] => (Allow) LPort=5353 FirewallRules: [{39951325-7B66-4ED7-A0AC-9852621A5B59}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe FirewallRules: [{C7782A3A-D3EB-4DE7-A149-2ACA1ECAF5C8}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe FirewallRules: [TCP Query User{AA623F49-669A-416D-94ED-BA84E3586443}C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2015.exe] => (Allow) C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2015.exe FirewallRules: [UDP Query User{B3A2269A-061B-4AD2-916F-61551D5AABA1}C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2015.exe] => (Allow) C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2015.exe FirewallRules: [{065EDAC9-3662-4DE3-BA31-E7D5DE6C5B87}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{5B48782A-EF5E-4E50-9AD8-1146B58807C5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{2C95D396-1432-44F2-9174-106621FC811E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{E20830C2-94B4-4860-BAF0-F0ED8B1A5FA3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{DC5A8A1B-D19A-4F08-9DCA-3C3EB9FB474D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{120443FE-E750-4D3D-B629-10C65D1AA13F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{871EC78E-1504-4B36-9499-2A58D59D9389}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{75621B04-F160-4B7C-A44B-C33381FECC89}] => (Allow) LPort=50248 FirewallRules: [TCP Query User{7B9B0A0C-2838-404F-9AEF-FBF9DC872830}C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2016.exe] => (Block) C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2016.exe FirewallRules: [UDP Query User{72DB90DC-BADA-46C3-9D12-DBEDAC415ECD}C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2016.exe] => (Block) C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2016.exe FirewallRules: [TCP Query User{79706E33-24A7-44C8-9B7B-DBEA78EAE4F0}C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2017.exe] => (Allow) C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2017.exe FirewallRules: [UDP Query User{CFBECCD0-CBC0-4223-A183-6D826EA74A4E}C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2017.exe] => (Allow) C:\program files\java\jre1.8.0_31\launch4j-tmp\irpf2017.exe FirewallRules: [TCP Query User{4DAD9C78-FC84-4974-89C5-DF299EFD96EF}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe FirewallRules: [UDP Query User{93E1F29C-35F2-4B73-8FDB-3E5316F3472E}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe FirewallRules: [{AF467E18-C3AF-4589-94E7-70D261905FBF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{78598F84-D5AA-4718-BB6E-C9F030409F4D}C:\users\daniele br\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\daniele br\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{DA82BFF5-2E6B-411E-92C2-33D65A43DA76}C:\users\daniele br\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\daniele br\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{154355DB-5F86-4F72-A0CF-09246955F60B}C:\users\daniele br\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\daniele br\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{18E50129-21B6-45A6-A9ED-FA02FB00B966}C:\users\daniele br\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\daniele br\appdata\local\akamai\netsession_win.exe ==================== Pontos de Restauração ========================= 10-10-2017 10:02:22 Windows Update 11-10-2017 18:49:52 Windows Update 16-10-2017 16:17:36 Windows Update 20-10-2017 07:43:04 Windows Update 23-10-2017 23:46:47 ComboFix created restore point 24-10-2017 12:06:26 Windows Update 30-10-2017 22:26:50 Windows Update ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (10/31/2017 04:29:56 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: WSCommCntr4.exe, versão: 4.0.3.0, carimbo de hora: 0x50dcb523 Nome do módulo de falhas: WSCommCntr4.exe, versão: 4.0.3.0, carimbo de hora: 0x50dcb523 Código de exceção: 0xc0000005 Deslocamento com falha: 0x0000000000016490 Identificação do processo com falha: 0x16b8 Hora de início do aplicativo com falha: 0x01d3526ceef718b8 Caminho do aplicativo com falha: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\WSCommCntr4.exe FCaminho do módulo de falhas: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\WSCommCntr4.exe Identificação do Relatório: 7e54312a-be69-11e7-a0bb-842b2b7c9834 Error: (10/30/2017 10:35:47 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Falha na geração de contexto de ativação para "c:\program files\Autodesk\autocad 2011\FaroImporter.exe". Assembly dependente FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.406.58" não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado. Error: (10/24/2017 12:03:24 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Falha na geração de contexto de ativação para "c:\program files\Autodesk\autocad 2011\FaroImporter.exe". Assembly dependente FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.406.58" não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado. Error: (10/23/2017 11:47:00 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa WINWORDC.EXE versão 0.0.0.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: 1350 Hora de Início: 01d34c69726bca30 Hora de Término: 0 Caminho do Aplicativo: Q:\140066.ptb\Office14\WINWORDC.EXE Id do Relatório: 2b37ef0a-b85d-11e7-836b-842b2b7c9834 Error: (10/23/2017 06:38:54 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Falha na geração de contexto de ativação para "c:\program files\Autodesk\autocad 2011\FaroImporter.exe". Assembly dependente FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.406.58" não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado. Error: (10/22/2017 01:06:10 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Falha na geração de contexto de ativação para "c:\program files\Autodesk\autocad 2011\FaroImporter.exe". Assembly dependente FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.406.58" não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado. Error: (10/21/2017 04:26:38 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Falha na geração de contexto de ativação para "c:\program files\Autodesk\autocad 2011\FaroImporter.exe". Assembly dependente FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.406.58" não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado. Error: (10/21/2017 01:09:41 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: AcroRd32.exe, versão: 17.12.20098.44270, carimbo de hora: 0x599eb800 Nome do módulo de falhas: AcroRd32.dll, versão: 17.12.20098.44270, carimbo de hora: 0x599eb7e4 Código de exceção: 0xc0000005 Deslocamento com falha: 0x001cc474 Identificação do processo com falha: 0x22e4 Hora de início do aplicativo com falha: 0x01d34a124ddac426 Caminho do aplicativo com falha: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe FCaminho do módulo de falhas: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll Identificação do Relatório: 47448f0b-b60d-11e7-b948-842b2b7c9834 Error: (10/21/2017 12:37:19 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa POWERPNT.EXE versão 12.0.6775.5000 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: 1514 Hora de Início: 01d34a05acbae7f0 Hora de Término: 0 Caminho do Aplicativo: C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE Id do Relatório: Error: (10/20/2017 07:33:47 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: svchost.exe_LanmanServer, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bc3c1 Nome do módulo de falhas: unknown, versão: 0.0.0.0, carimbo de hora: 0x00000000 Código de exceção: 0xc0000005 Deslocamento com falha: 0x0000000000000000 Identificação do processo com falha: 0x410 Hora de início do aplicativo com falha: 0x01d3498634db69e3 Caminho do aplicativo com falha: C:\Windows\system32\svchost.exe FCaminho do módulo de falhas: unknown Identificação do Relatório: c51d3a78-b579-11e7-b136-842b2b7c9834 Erros de Sistema: ============= Error: (10/31/2017 03:13:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (10/31/2017 03:13:29 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: gbpddfac RxFilter Error: (10/31/2017 03:13:21 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a resposta de uma transação do serviço MsMpSvc. Error: (10/31/2017 09:07:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (10/31/2017 09:07:01 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: gbpddfac RxFilter Error: (10/31/2017 09:06:02 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: O desligamento anterior do sistema em 09:01:51 às ‎31/‎10/‎2017 não era esperado. Error: (10/31/2017 08:55:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (10/31/2017 08:55:44 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: gbpddfac RxFilter Error: (10/30/2017 10:19:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (10/30/2017 10:19:56 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: gbpddfac RxFilter CodeIntegrity: =================================== Date: 2017-10-17 11:26:00.047 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-10-17 11:25:59.813 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-06-17 10:59:05.079 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-06-17 10:59:05.077 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-06-17 10:59:05.065 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-06-17 07:11:29.840 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-06-17 07:11:29.837 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-06-17 07:11:29.834 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-06-03 00:06:23.137 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-06-03 00:06:23.133 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz Percentagem de memória em uso: 38% RAM física total: 4055.12 MB RAM física disponível: 2485.24 MB Virtual Total: 8108.42 MB Virtual disponível: 6378.98 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:287.14 GB) (Free:114.42 GB) NTFS Drive e: () (Fixed) (Total:151.37 GB) (Free:123.78 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)] Drive f: (Disco local) (Fixed) (Total:314.39 GB) (Free:269.24 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: B8000000) Partition 1: (Not Active) - (Size=71 MB) - (Type=DE) Partition 2: (Active) - (Size=10.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=287.1 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 341C341B) Partition 1: (Active) - (Size=151.4 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=314.4 GB) - (Type=OF Extended) ==================== Fim de Addition.txt ============================
  9. Mouse cliques imprecisos e não encerra programas

    Boa noite!! Agradeço o retorno, segue o log: ComboFix 17-10-04.01 - Daniele BR 23/10/2017 23:52:18.5.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.55.1046.18.4055.2547 [GMT -2:00] Executando de: c:\users\Daniele BR\Desktop\ComboFix.exe Comandos utilizados :: c:\users\Daniele BR\Desktop\CFScript.txt AV: Microsoft Security Essentials *Disabled/Updated* {71A27EC9-3DA6-45FC-60A7-004F623C6189} SP: Microsoft Security Essentials *Disabled/Updated* {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((( Arquivos/Ficheiros criados de 2017-09-24 to 2017-10-24 )))))))))))))))))))))))))))) . . 2017-10-24 02:11 . 2017-10-24 02:11 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp 2017-10-24 02:11 . 2017-10-24 02:11 -------- d-----w- c:\users\Public\AppData\Local\temp 2017-10-24 02:11 . 2017-10-24 02:11 -------- d-----w- c:\users\PESQUISA CASA NOVA\AppData\Local\temp 2017-10-24 02:11 . 2017-10-24 02:11 -------- d-----w- c:\users\Default\AppData\Local\temp 2017-10-23 08:44 . 2017-09-18 20:11 13890840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4EFB597A-88B6-440E-90CF-AF95B20DBA97}\mpengine.dll 2017-10-23 08:43 . 2017-09-18 20:11 13890840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2017-10-20 18:55 . 2017-10-20 18:55 18896 ----a-w- c:\program files (x86)\Mozilla Firefox\qipcap64.dll 2017-10-11 21:01 . 2017-10-11 21:01 126925120 -c--a-w- c:\windows\system32\MRT-KB890830.exe 2017-10-11 20:48 . 2017-09-07 21:08 25729536 ----a-w- c:\windows\system32\mshtml.dll 2017-10-11 20:48 . 2017-09-07 19:44 15262720 ----a-w- c:\windows\system32\ieframe.dll 2017-10-11 20:48 . 2017-09-07 20:40 5982208 ----a-w- c:\windows\system32\jscript9.dll 2017-10-11 20:48 . 2017-09-07 18:29 4547072 ----a-w- c:\windows\SysWow64\jscript9.dll 2017-10-10 18:30 . 2017-10-10 18:30 -------- d-----w- c:\users\Daniele BR\AppData\Roaming\Trimble Connect for SketchUp 2017-09-29 18:56 . 2017-09-29 18:56 1057976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4DA5B371-2436-45BF-96A5-482E9883D295}\gapaengine.dll 2017-09-26 17:05 . 2017-10-08 19:41 -------- d-----w- C:\FRST 2017-09-25 16:59 . 2017-09-25 17:00 -------- d-----w- c:\users\Daniele BR\AppData\Local\Akamai 2017-09-24 19:25 . 2017-09-24 19:56 -------- d-----w- c:\users\Daniele BR\AppData\Roaming\ZHP 2017-09-24 19:25 . 2017-09-24 19:25 -------- d-----w- c:\users\Daniele BR\AppData\Local\ZHP . . . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2017-10-11 21:00 . 2010-09-05 06:20 126925120 -c--a-w- c:\windows\system32\MRT.exe 2017-10-01 16:40 . 2015-07-06 14:57 113880 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2017-09-13 15:08 . 2017-10-11 20:47 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2017-09-02 16:07 . 2017-09-02 14:09 28888 ----a-w- c:\windows\SysWow64\drivers\gbpddfac64.sys 2017-09-02 14:40 . 2017-09-02 14:40 1856 ----a-w- c:\windows\Fonts\Warsaw Bold.ttf 2017-08-19 15:28 . 2017-09-12 19:12 197120 ----a-w- c:\windows\system32\shdocvw.dll 2017-08-17 16:35 . 2013-08-16 13:01 544424 ------w- c:\windows\system32\MpSigStub.exe 2017-08-16 15:29 . 2017-09-12 19:12 806912 ----a-w- c:\windows\system32\usp10.dll 2017-08-16 15:10 . 2017-09-12 19:12 629760 ----a-w- c:\windows\SysWow64\usp10.dll 2017-08-15 15:29 . 2017-09-12 19:12 14182400 ----a-w- c:\windows\system32\shell32.dll 2017-08-15 15:29 . 2017-09-12 19:12 1867264 ----a-w- c:\windows\system32\ExplorerFrame.dll 2017-08-15 15:10 . 2017-09-12 19:12 1499648 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll 2017-08-14 17:35 . 2017-09-12 19:12 2150912 ----a-w- c:\windows\SysWow64\mmcndmgr.dll 2017-08-14 17:35 . 2017-09-12 19:12 303104 ----a-w- c:\windows\SysWow64\mmcbase.dll 2017-08-14 17:35 . 2017-09-12 19:12 128512 ----a-w- c:\windows\SysWow64\mmcshext.dll 2017-08-14 17:35 . 2017-09-12 19:12 172544 ----a-w- c:\windows\SysWow64\cic.dll 2017-08-14 17:35 . 2017-09-12 19:12 3203584 ----a-w- c:\windows\system32\mmcndmgr.dll 2017-08-14 17:35 . 2017-09-12 19:12 355328 ----a-w- c:\windows\system32\mmcbase.dll 2017-08-14 17:35 . 2017-09-12 19:12 131072 ----a-w- c:\windows\system32\mmcshext.dll 2017-08-14 17:34 . 2017-09-12 19:12 211968 ----a-w- c:\windows\system32\cic.dll 2017-08-13 21:37 . 2017-09-12 19:12 2144256 ----a-w- c:\windows\system32\mmc.exe 2017-08-13 21:30 . 2017-09-12 19:12 1401344 ----a-w- c:\windows\SysWow64\mmc.exe 2017-08-13 14:36 . 2012-04-05 20:19 803328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2017-08-13 14:36 . 2011-05-16 19:09 144896 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2017-08-11 06:35 . 2017-09-12 19:12 757248 ----a-w- c:\windows\system32\win32spl.dll 2017-08-11 06:35 . 2017-09-12 19:12 313856 ----a-w- c:\windows\system32\Wldap32.dll 2017-08-11 06:35 . 2017-09-12 19:12 25600 ----a-w- c:\windows\system32\winnsi.dll 2017-08-11 06:35 . 2017-09-12 19:12 512000 ----a-w- c:\windows\system32\rpcss.dll 2017-08-11 06:35 . 2017-09-12 19:12 26112 ----a-w- c:\windows\system32\nsisvc.dll 2017-08-11 06:35 . 2017-09-12 19:12 346112 ----a-w- c:\windows\system32\ntprint.dll 2017-08-11 06:35 . 2017-09-12 19:12 13312 ----a-w- c:\windows\system32\nsi.dll 2017-08-11 06:35 . 2017-09-12 19:12 2065408 ----a-w- c:\windows\system32\ole32.dll 2017-08-11 06:35 . 2017-09-12 19:12 26112 ----a-w- c:\windows\system32\oleres.dll 2017-08-11 06:34 . 2017-09-12 19:12 971776 ----a-w- c:\windows\system32\localspl.dll 2017-08-11 06:34 . 2017-09-12 19:12 166400 ----a-w- c:\windows\system32\inetpp.dll 2017-08-11 06:34 . 2017-09-12 19:12 22528 ----a-w- c:\windows\system32\inetppui.dll 2017-08-11 06:34 . 2017-09-12 19:12 8704 ----a-w- c:\windows\system32\comcat.dll 2017-08-11 06:20 . 2017-09-12 19:12 48640 ----a-w- c:\windows\system32\wpnpinst.exe 2017-08-11 06:20 . 2017-09-12 19:12 61952 ----a-w- c:\windows\system32\ntprint.exe 2017-08-11 06:19 . 2017-09-12 19:12 497664 ----a-w- c:\windows\SysWow64\win32spl.dll 2017-08-11 06:19 . 2017-09-12 19:12 271360 ----a-w- c:\windows\SysWow64\Wldap32.dll 2017-08-11 06:19 . 2017-09-12 19:12 16384 ----a-w- c:\windows\SysWow64\winnsi.dll 2017-08-11 06:19 . 2017-09-12 19:12 299008 ----a-w- c:\windows\SysWow64\ntprint.dll 2017-08-11 06:19 . 2017-09-12 19:12 8704 ----a-w- c:\windows\SysWow64\nsi.dll 2017-08-11 06:19 . 2017-09-12 19:12 1417728 ----a-w- c:\windows\SysWow64\ole32.dll 2017-08-11 06:19 . 2017-09-12 19:12 26112 ----a-w- c:\windows\SysWow64\oleres.dll 2017-08-11 06:12 . 2017-09-12 19:12 25088 ----a-w- c:\windows\system32\netbtugc.exe 2017-08-11 06:09 . 2017-09-12 19:12 61952 ----a-w- c:\windows\SysWow64\ntprint.exe 2017-08-11 06:03 . 2017-09-12 19:12 26624 ----a-w- c:\windows\SysWow64\netbtugc.exe 2017-08-11 06:01 . 2017-09-12 19:12 7168 ----a-w- c:\windows\SysWow64\comcat.dll 2017-08-11 06:00 . 2017-09-12 19:12 262656 ----a-w- c:\windows\system32\drivers\netbt.sys 2017-08-11 05:58 . 2017-09-12 19:12 26112 ----a-w- c:\windows\system32\drivers\nsiproxy.sys 2017-07-29 14:56 . 2017-08-09 00:43 117248 ----a-w- c:\windows\system32\drivers\tdx.sys . . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por padrão não são apresentadas. REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2017-09-21 18:35 2602704 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2] @="{5AB7172C-9C11-405C-8DD5-AF20F3606282}" [HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}] 2017-09-21 18:35 2602704 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3] @="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}" [HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}] 2017-09-21 18:35 2602704 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2017-09-21 18:35 2602704 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2017-09-21 18:35 2602704 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive6] @="{9AA2F32D-362A-42D9-9328-24A483E2CCC3}" [HKEY_CLASSES_ROOT\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}] 2017-09-21 18:35 2602704 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03] @="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09] @="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "Akamai NetSession Interface"="c:\users\Daniele BR\AppData\Local\Akamai\netsession_win.exe" [2017-09-08 4490200] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Malwarebytes Anti-Exploit"="c:\program files (x86)\Malwarebytes Anti-Exploit\mbae.exe" [2017-09-18 2480592] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-05 1081224] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginCef] 2014-07-11 14:46 1718088 ------w- c:\program files (x86)\GbPlugin\gbiehcef.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0PCloudBroom64.exe \systemroot\system32\BroomData.bit . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys;c:\windows\SYSNATIVE\drivers\gbpkm.sys [x] R1 gbpddfac;Warsaw File Access svc;c:\windows\system32\drivers\gbpddfac64.sys;c:\windows\SYSNATIVE\drivers\gbpddfac64.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x] R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x] R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x] R3 netr7364;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Inspeção de Rede da Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x] R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x] R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x] R3 PTSimHid;PenTablet Simulated HID MiniDriver;c:\windows\system32\DRIVERS\PTSimHid.sys;c:\windows\SYSNATIVE\DRIVERS\PTSimHid.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 RTL8023x64;Driver Realtek 10/100 NIC Family NDIS x64;c:\windows\system32\DRIVERS\Rtnic64.sys;c:\windows\SYSNATIVE\DRIVERS\Rtnic64.sys [x] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x] R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x] R4 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x] R4 ENAgent;Epson Redirect Agent;c:\windows\SysWOW64\ENAgent.exe;c:\windows\SysWOW64\ENAgent.exe [x] R4 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x] R4 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [x] R4 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x] R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x] S1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae64.sys;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [x] S2 AdAppMgrSvc;Autodesk Desktop App Service;c:\program files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe ;c:\program files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [x] S2 AGSService;Adobe Genuine Software Integrity Service;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [x] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x] S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x] S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe;c:\program files\Dell\DellDock\DockLogin.exe [x] S2 GbpSv;Gbp Service;c:\progra~2\GbPlugin\GbpSv.exe;c:\progra~2\GbPlugin\GbpSv.exe [x] S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x] S2 MbaeSvc;Malwarebytes Anti-Exploit Service;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [x] S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x] S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 WDBackup;WD Backup;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [x] S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [x] S2 WDRulesService;WD Rules;c:\program files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [x] S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x] S3 IntcDAud;Áudio do vídeo Intel(R);c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] S3 PTSimBus;PenTablet Bus Enumerator;c:\windows\system32\DRIVERS\PTSimBus.sys;c:\windows\SYSNATIVE\DRIVERS\PTSimBus.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x] . . --- =Outros Serviços/Drivers Na Memória --- . *Deregistered* - GbFtIn . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}] start [BU] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}] 2017-07-31 22:31 324080 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2017-09-21 18:35 2863824 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2] @="{5AB7172C-9C11-405C-8DD5-AF20F3606282}" [HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}] 2017-09-21 18:35 2863824 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3] @="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}" [HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}] 2017-09-21 18:35 2863824 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2017-09-21 18:35 2863824 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2017-09-21 18:35 2863824 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive6] @="{9AA2F32D-362A-42D9-9328-24A483E2CCC3}" [HKEY_CLASSES_ROOT\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}] 2017-09-21 18:35 2863824 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveBlacklisted] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2017-10-09 12:33 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSynced] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2017-10-09 12:33 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSyncing] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2017-10-09 12:33 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1] @="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}" [HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}] 2017-08-14 06:48 491600 ----a-w- c:\program files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2] @="{853B7E05-C47D-4985-909A-D0DC5C6D7303}" [HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}] 2017-08-14 06:48 491600 ----a-w- c:\program files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3] @="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}" [HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}] 2017-08-14 06:48 491600 ----a-w- c:\program files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 333128 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 333128 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 333128 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 333128 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-09 10060832] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-11-14 1353680] "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-10-12 2655520] "ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-07-24 1710568] . ------- Scan Suplementar ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com/ mLocal Page = c:\windows\system32\blank.htm uInternet Settings,ProxyOverride = <local> IE: Capturar esta página - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 IE: Capturar favorito - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 IE: Capturar imagem - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 IE: Capturar seleção - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 IE: Capturar URL - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 IE: Nova nota - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html Trusted Zone: caixa.gov.br\imagem Trusted Zone: caixa.gov.br\imagem2 Trusted Zone: caixa.gov.br\internetbanking Trusted Zone: caixa.gov.br\internetbankingpf Trusted Zone: caixa.gov.br\www Trusted Zone: google.com\www Trusted Zone: google.com.br\www Trusted Zone: itau.b.br Trusted Zone: itau.b.br\www Trusted Zone: itau.com.br Trusted Zone: itau.com.br\bankline Trusted Zone: itau.com.br\banklineplus Trusted Zone: itau.com.br\clickbanking Trusted Zone: itau.com.br\guardiao Trusted Zone: itau.com.br\internet Trusted Zone: itau.com.br\www Trusted Zone: itaupersonnalite.com.br\www TCP: DhcpNameServer = 177.223.13.43 8.8.8.8 FF - ProfilePath - c:\users\Daniele BR\AppData\Roaming\Mozilla\Firefox\Profiles\07187q7j.default-1495139530515\ . - - - - ORFÃOS REMOVIDOS - - - - . Toolbar-Locked - (no file) . . . --------------------- CHAVES DO REGISTRO BLOQUEADAS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_286_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_286_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\software\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . Tempo para conclusão: 2017-10-24 00:21:09 ComboFix-quarantined-files.txt 2017-10-24 02:21 ComboFix2.txt 2017-10-17 13:44 ComboFix3.txt 2013-07-19 05:58 ComboFix4.txt 2013-07-13 17:30 . Pré-execução: 123.728.228.352 bytes disponíveis Pós execução: 123.476.209.664 bytes disponíveis . - - End Of File - - E04C8B38D3E63263664B3AEC2D8BC6ED A36C5E4F47E84449FF07ED3517B43A31
  10. Mouse cliques imprecisos e não encerra programas

    Agradeço a paciência!! Segue o log: ComboFix 17-10-04.01 - Daniele BR 17/10/2017 11:08:29.4.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.55.1046.18.4055.2410 [GMT -2:00] Executando de: c:\users\Daniele BR\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {71A27EC9-3DA6-45FC-60A7-004F623C6189} SP: Microsoft Security Essentials *Disabled/Updated* {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\Microsoft E:\install.exe . . ((((((((((((((((((((((((((((((((((((((( Drivers/Serviços ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_AdobeUpdateService . . (((((((((((((((( Arquivos/Ficheiros criados de 2017-09-17 to 2017-10-17 )))))))))))))))))))))))))))) . . 2017-10-17 13:26 . 2017-10-17 13:26 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp 2017-10-17 13:26 . 2017-10-17 13:26 -------- d-----w- c:\users\Public\AppData\Local\temp 2017-10-17 13:26 . 2017-10-17 13:26 -------- d-----w- c:\users\PESQUISA CASA NOVA\AppData\Local\temp 2017-10-16 18:18 . 2017-09-18 20:11 13890840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4CEA0362-589F-4FCB-B1C5-6414356098AE}\mpengine.dll 2017-10-11 21:01 . 2017-10-11 21:01 126925120 -c--a-w- c:\windows\system32\MRT-KB890830.exe 2017-10-11 20:58 . 2017-09-18 20:11 13890840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2017-10-11 20:48 . 2017-09-07 21:08 25729536 ----a-w- c:\windows\system32\mshtml.dll 2017-10-11 20:48 . 2017-09-07 19:44 15262720 ----a-w- c:\windows\system32\ieframe.dll 2017-10-11 20:48 . 2017-09-07 20:40 5982208 ----a-w- c:\windows\system32\jscript9.dll 2017-10-11 20:48 . 2017-09-07 18:29 4547072 ----a-w- c:\windows\SysWow64\jscript9.dll 2017-10-10 18:30 . 2017-10-10 18:30 -------- d-----w- c:\users\Daniele BR\AppData\Roaming\Trimble Connect for SketchUp 2017-09-29 18:56 . 2017-09-29 18:56 1057976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4DA5B371-2436-45BF-96A5-482E9883D295}\gapaengine.dll 2017-09-26 17:05 . 2017-10-08 19:41 -------- d-----w- C:\FRST 2017-09-25 16:59 . 2017-09-25 17:00 -------- d-----w- c:\users\Daniele BR\AppData\Local\Akamai 2017-09-24 19:25 . 2017-09-24 19:56 -------- d-----w- c:\users\Daniele BR\AppData\Roaming\ZHP 2017-09-24 19:25 . 2017-09-24 19:25 -------- d-----w- c:\users\Daniele BR\AppData\Local\ZHP 2017-09-21 13:55 . 2017-09-21 13:55 -------- d-----w- c:\users\Public\Recorded TV 2017-09-21 02:34 . 2017-09-21 02:34 -------- d--h--r- c:\users\Public\Libraries 2017-09-20 19:43 . 2017-09-20 20:06 -------- d-----w- C:\zoek_backup 2017-09-20 19:09 . 2017-09-20 19:09 -------- d---a-w- c:\programdata\Reprise 2017-09-20 19:07 . 2017-09-20 19:07 -------- d-----w- c:\program files\SketchUp . . . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2017-10-11 21:00 . 2010-09-05 06:20 126925120 -c--a-w- c:\windows\system32\MRT.exe 2017-10-01 16:40 . 2015-07-06 14:57 113880 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2017-09-13 15:08 . 2017-10-11 20:47 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2017-09-02 16:07 . 2017-09-02 14:09 28888 ----a-w- c:\windows\SysWow64\drivers\gbpddfac64.sys 2017-09-02 14:40 . 2017-09-02 14:40 1856 ----a-w- c:\windows\Fonts\Warsaw Bold.ttf 2017-08-19 15:28 . 2017-09-12 19:12 197120 ----a-w- c:\windows\system32\shdocvw.dll 2017-08-16 15:29 . 2017-09-12 19:12 806912 ----a-w- c:\windows\system32\usp10.dll 2017-08-16 15:10 . 2017-09-12 19:12 629760 ----a-w- c:\windows\SysWow64\usp10.dll 2017-08-15 15:29 . 2017-09-12 19:12 14182400 ----a-w- c:\windows\system32\shell32.dll 2017-08-15 15:29 . 2017-09-12 19:12 1867264 ----a-w- c:\windows\system32\ExplorerFrame.dll 2017-08-15 15:10 . 2017-09-12 19:12 1499648 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll 2017-08-14 17:35 . 2017-09-12 19:12 2150912 ----a-w- c:\windows\SysWow64\mmcndmgr.dll 2017-08-14 17:35 . 2017-09-12 19:12 303104 ----a-w- c:\windows\SysWow64\mmcbase.dll 2017-08-14 17:35 . 2017-09-12 19:12 128512 ----a-w- c:\windows\SysWow64\mmcshext.dll 2017-08-14 17:35 . 2017-09-12 19:12 172544 ----a-w- c:\windows\SysWow64\cic.dll 2017-08-14 17:35 . 2017-09-12 19:12 3203584 ----a-w- c:\windows\system32\mmcndmgr.dll 2017-08-14 17:35 . 2017-09-12 19:12 355328 ----a-w- c:\windows\system32\mmcbase.dll 2017-08-14 17:35 . 2017-09-12 19:12 131072 ----a-w- c:\windows\system32\mmcshext.dll 2017-08-14 17:34 . 2017-09-12 19:12 211968 ----a-w- c:\windows\system32\cic.dll 2017-08-13 21:37 . 2017-09-12 19:12 2144256 ----a-w- c:\windows\system32\mmc.exe 2017-08-13 21:30 . 2017-09-12 19:12 1401344 ----a-w- c:\windows\SysWow64\mmc.exe 2017-08-13 14:36 . 2012-04-05 20:19 803328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2017-08-13 14:36 . 2011-05-16 19:09 144896 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2017-08-11 06:35 . 2017-09-12 19:12 757248 ----a-w- c:\windows\system32\win32spl.dll 2017-08-11 06:35 . 2017-09-12 19:12 313856 ----a-w- c:\windows\system32\Wldap32.dll 2017-08-11 06:35 . 2017-09-12 19:12 25600 ----a-w- c:\windows\system32\winnsi.dll 2017-08-11 06:35 . 2017-09-12 19:12 512000 ----a-w- c:\windows\system32\rpcss.dll 2017-08-11 06:35 . 2017-09-12 19:12 26112 ----a-w- c:\windows\system32\nsisvc.dll 2017-08-11 06:35 . 2017-09-12 19:12 346112 ----a-w- c:\windows\system32\ntprint.dll 2017-08-11 06:35 . 2017-09-12 19:12 13312 ----a-w- c:\windows\system32\nsi.dll 2017-08-11 06:35 . 2017-09-12 19:12 2065408 ----a-w- c:\windows\system32\ole32.dll 2017-08-11 06:35 . 2017-09-12 19:12 26112 ----a-w- c:\windows\system32\oleres.dll 2017-08-11 06:34 . 2017-09-12 19:12 971776 ----a-w- c:\windows\system32\localspl.dll 2017-08-11 06:34 . 2017-09-12 19:12 166400 ----a-w- c:\windows\system32\inetpp.dll 2017-08-11 06:34 . 2017-09-12 19:12 22528 ----a-w- c:\windows\system32\inetppui.dll 2017-08-11 06:34 . 2017-09-12 19:12 8704 ----a-w- c:\windows\system32\comcat.dll 2017-08-11 06:20 . 2017-09-12 19:12 48640 ----a-w- c:\windows\system32\wpnpinst.exe 2017-08-11 06:20 . 2017-09-12 19:12 61952 ----a-w- c:\windows\system32\ntprint.exe 2017-08-11 06:19 . 2017-09-12 19:12 497664 ----a-w- c:\windows\SysWow64\win32spl.dll 2017-08-11 06:19 . 2017-09-12 19:12 271360 ----a-w- c:\windows\SysWow64\Wldap32.dll 2017-08-11 06:19 . 2017-09-12 19:12 16384 ----a-w- c:\windows\SysWow64\winnsi.dll 2017-08-11 06:19 . 2017-09-12 19:12 299008 ----a-w- c:\windows\SysWow64\ntprint.dll 2017-08-11 06:19 . 2017-09-12 19:12 8704 ----a-w- c:\windows\SysWow64\nsi.dll 2017-08-11 06:19 . 2017-09-12 19:12 1417728 ----a-w- c:\windows\SysWow64\ole32.dll 2017-08-11 06:19 . 2017-09-12 19:12 26112 ----a-w- c:\windows\SysWow64\oleres.dll 2017-08-11 06:12 . 2017-09-12 19:12 25088 ----a-w- c:\windows\system32\netbtugc.exe 2017-08-11 06:09 . 2017-09-12 19:12 61952 ----a-w- c:\windows\SysWow64\ntprint.exe 2017-08-11 06:03 . 2017-09-12 19:12 26624 ----a-w- c:\windows\SysWow64\netbtugc.exe 2017-08-11 06:01 . 2017-09-12 19:12 7168 ----a-w- c:\windows\SysWow64\comcat.dll 2017-08-11 06:00 . 2017-09-12 19:12 262656 ----a-w- c:\windows\system32\drivers\netbt.sys 2017-08-11 05:58 . 2017-09-12 19:12 26112 ----a-w- c:\windows\system32\drivers\nsiproxy.sys 2017-07-29 14:56 . 2017-08-09 00:43 117248 ----a-w- c:\windows\system32\drivers\tdx.sys 2017-07-21 14:26 . 2017-08-09 00:43 282624 ----a-w- c:\windows\SysWow64\mstext40.dll 2017-07-21 14:26 . 2017-08-09 00:44 290816 ----a-w- c:\windows\SysWow64\msjtes40.dll 2017-07-21 14:26 . 2017-08-09 00:44 518144 ----a-w- c:\windows\SysWow64\msjetoledb40.dll 2017-07-21 14:26 . 2017-08-09 00:43 409600 ----a-w- c:\windows\SysWow64\msexch40.dll . . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por padrão não são apresentadas. REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2017-09-21 18:35 2602704 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2] @="{5AB7172C-9C11-405C-8DD5-AF20F3606282}" [HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}] 2017-09-21 18:35 2602704 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3] @="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}" [HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}] 2017-09-21 18:35 2602704 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2017-09-21 18:35 2602704 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2017-09-21 18:35 2602704 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive6] @="{9AA2F32D-362A-42D9-9328-24A483E2CCC3}" [HKEY_CLASSES_ROOT\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}] 2017-09-21 18:35 2602704 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03] @="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09] @="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "Akamai NetSession Interface"="c:\users\Daniele BR\AppData\Local\Akamai\netsession_win.exe" [2017-09-08 4490200] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Malwarebytes Anti-Exploit"="c:\program files (x86)\Malwarebytes Anti-Exploit\mbae.exe" [2017-09-18 2480592] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-05 1081224] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginCef] 2014-07-11 14:46 1718088 ------w- c:\program files (x86)\GbPlugin\gbiehcef.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0PCloudBroom64.exe \systemroot\system32\BroomData.bit . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys;c:\windows\SYSNATIVE\drivers\gbpkm.sys [x] R1 gbpddfac;Warsaw File Access svc;c:\windows\system32\drivers\gbpddfac64.sys;c:\windows\SYSNATIVE\drivers\gbpddfac64.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x] R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x] R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x] R3 netr7364;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Inspeção de Rede da Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x] R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x] R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x] R3 PTSimHid;PenTablet Simulated HID MiniDriver;c:\windows\system32\DRIVERS\PTSimHid.sys;c:\windows\SYSNATIVE\DRIVERS\PTSimHid.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 RTL8023x64;Driver Realtek 10/100 NIC Family NDIS x64;c:\windows\system32\DRIVERS\Rtnic64.sys;c:\windows\SYSNATIVE\DRIVERS\Rtnic64.sys [x] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x] R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x] R4 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x] R4 ENAgent;Epson Redirect Agent;c:\windows\SysWOW64\ENAgent.exe;c:\windows\SysWOW64\ENAgent.exe [x] R4 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x] R4 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [x] R4 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x] R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x] S1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae64.sys;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [x] S2 AdAppMgrSvc;Autodesk Desktop App Service;c:\program files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe ;c:\program files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [x] S2 AGSService;Adobe Genuine Software Integrity Service;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [x] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x] S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x] S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe;c:\program files\Dell\DellDock\DockLogin.exe [x] S2 GbpSv;Gbp Service;c:\progra~2\GbPlugin\GbpSv.exe;c:\progra~2\GbPlugin\GbpSv.exe [x] S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x] S2 MbaeSvc;Malwarebytes Anti-Exploit Service;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [x] S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x] S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 WDBackup;WD Backup;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [x] S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [x] S2 WDRulesService;WD Rules;c:\program files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [x] S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x] S3 IntcDAud;Áudio do vídeo Intel(R);c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] S3 PTSimBus;PenTablet Bus Enumerator;c:\windows\system32\DRIVERS\PTSimBus.sys;c:\windows\SYSNATIVE\DRIVERS\PTSimBus.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x] . . --- =Outros Serviços/Drivers Na Memória --- . *Deregistered* - GbFtIn . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}] start [BU] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}] 2017-07-31 22:31 324080 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2017-09-21 18:35 2863824 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2] @="{5AB7172C-9C11-405C-8DD5-AF20F3606282}" [HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}] 2017-09-21 18:35 2863824 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3] @="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}" [HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}] 2017-09-21 18:35 2863824 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2017-09-21 18:35 2863824 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2017-09-21 18:35 2863824 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive6] @="{9AA2F32D-362A-42D9-9328-24A483E2CCC3}" [HKEY_CLASSES_ROOT\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}] 2017-09-21 18:35 2863824 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveBlacklisted] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2017-08-31 16:21 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSynced] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2017-08-31 16:21 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSyncing] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2017-08-31 16:21 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1] @="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}" [HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}] 2017-08-14 06:48 491600 ----a-w- c:\program files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2] @="{853B7E05-C47D-4985-909A-D0DC5C6D7303}" [HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}] 2017-08-14 06:48 491600 ----a-w- c:\program files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3] @="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}" [HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}] 2017-08-14 06:48 491600 ----a-w- c:\program files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 333128 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 333128 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 333128 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 333128 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-09 10060832] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-11-14 1353680] "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-10-12 2655520] "ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-07-24 1710568] . ------- Scan Suplementar ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com/ mLocal Page = c:\windows\system32\blank.htm uInternet Settings,ProxyOverride = <local> IE: Capturar esta página - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 IE: Capturar favorito - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 IE: Capturar imagem - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 IE: Capturar seleção - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 IE: Capturar URL - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 IE: Nova nota - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html Trusted Zone: caixa.gov.br\imagem Trusted Zone: caixa.gov.br\imagem2 Trusted Zone: caixa.gov.br\internetbanking Trusted Zone: caixa.gov.br\internetbankingpf Trusted Zone: caixa.gov.br\www Trusted Zone: google.com\www Trusted Zone: google.com.br\www Trusted Zone: itau.b.br Trusted Zone: itau.b.br\www Trusted Zone: itau.com.br Trusted Zone: itau.com.br\bankline Trusted Zone: itau.com.br\banklineplus Trusted Zone: itau.com.br\clickbanking Trusted Zone: itau.com.br\guardiao Trusted Zone: itau.com.br\internet Trusted Zone: itau.com.br\www Trusted Zone: itaupersonnalite.com.br\www TCP: DhcpNameServer = 177.223.13.43 8.8.8.8 FF - ProfilePath - c:\users\Daniele BR\AppData\Roaming\Mozilla\Firefox\Profiles\07187q7j.default-1495139530515\ . - - - - ORFÃOS REMOVIDOS - - - - . Toolbar-Locked - (no file) HKLM_Wow6432Node-ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe . . . --------------------- CHAVES DO REGISTRO BLOQUEADAS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_286_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_286_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_286_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_286_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_286.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.20" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_286.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_286.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_286.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\software\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . ------------------------ Outros Processos em Execução ------------------------ . c:\program files (x86)\Dell Support Center\bin\sprtsvc.exe . ************************************************************************** . Tempo para conclusão: 2017-10-17 11:44:38 - Máquina reiniciou ComboFix-quarantined-files.txt 2017-10-17 13:44 ComboFix2.txt 2013-07-19 05:58 ComboFix3.txt 2013-07-13 17:30 . Pré-execução: 123.684.204.544 bytes disponíveis Pós execução: 123.153.678.336 bytes disponíveis . - - End Of File - - B54A14266D65B9B9CCCE67FD8EF679F0 A36C5E4F47E84449FF07ED3517B43A31
  11. Mouse cliques imprecisos e não encerra programas

    Olá! Obrigada pela paciência!! Segue o log: ComboFix 17-10-04.01 - Daniele BR 17/10/2017 11:08:29.4.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.55.1046.18.4055.2410 [GMT -2:00] Executando de: c:\users\Daniele BR\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {71A27EC9-3DA6-45FC-60A7-004F623C6189} SP: Microsoft Security Essentials *Disabled/Updated* {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\Microsoft E:\install.exe . . ((((((((((((((((((((((((((((((((((((((( Drivers/Serviços ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_AdobeUpdateService . . (((((((((((((((( Arquivos/Ficheiros criados de 2017-09-17 to 2017-10-17 )))))))))))))))))))))))))))) . . 2017-10-17 13:26 . 2017-10-17 13:26 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp 2017-10-17 13:26 . 2017-10-17 13:26 -------- d-----w- c:\users\Public\AppData\Local\temp 2017-10-17 13:26 . 2017-10-17 13:26 -------- d-----w- c:\users\PESQUISA CASA NOVA\AppData\Local\temp 2017-10-16 18:18 . 2017-09-18 20:11 13890840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4CEA0362-589F-4FCB-B1C5-6414356098AE}\mpengine.dll 2017-10-11 21:01 . 2017-10-11 21:01 126925120 -c--a-w- c:\windows\system32\MRT-KB890830.exe 2017-10-11 20:58 . 2017-09-18 20:11 13890840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2017-10-11 20:48 . 2017-09-07 21:08 25729536 ----a-w- c:\windows\system32\mshtml.dll 2017-10-11 20:48 . 2017-09-07 19:44 15262720 ----a-w- c:\windows\system32\ieframe.dll 2017-10-11 20:48 . 2017-09-07 20:40 5982208 ----a-w- c:\windows\system32\jscript9.dll 2017-10-11 20:48 . 2017-09-07 18:29 4547072 ----a-w- c:\windows\SysWow64\jscript9.dll 2017-10-10 18:30 . 2017-10-10 18:30 -------- d-----w- c:\users\Daniele BR\AppData\Roaming\Trimble Connect for SketchUp 2017-09-29 18:56 . 2017-09-29 18:56 1057976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4DA5B371-2436-45BF-96A5-482E9883D295}\gapaengine.dll 2017-09-26 17:05 . 2017-10-08 19:41 -------- d-----w- C:\FRST 2017-09-25 16:59 . 2017-09-25 17:00 -------- d-----w- c:\users\Daniele BR\AppData\Local\Akamai 2017-09-24 19:25 . 2017-09-24 19:56 -------- d-----w- c:\users\Daniele BR\AppData\Roaming\ZHP 2017-09-24 19:25 . 2017-09-24 19:25 -------- d-----w- c:\users\Daniele BR\AppData\Local\ZHP 2017-09-21 13:55 . 2017-09-21 13:55 -------- d-----w- c:\users\Public\Recorded TV 2017-09-21 02:34 . 2017-09-21 02:34 -------- d--h--r- c:\users\Public\Libraries 2017-09-20 19:43 . 2017-09-20 20:06 -------- d-----w- C:\zoek_backup 2017-09-20 19:09 . 2017-09-20 19:09 -------- d---a-w- c:\programdata\Reprise 2017-09-20 19:07 . 2017-09-20 19:07 -------- d-----w- c:\program files\SketchUp . . . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2017-10-11 21:00 . 2010-09-05 06:20 126925120 -c--a-w- c:\windows\system32\MRT.exe 2017-10-01 16:40 . 2015-07-06 14:57 113880 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2017-09-13 15:08 . 2017-10-11 20:47 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2017-09-02 16:07 . 2017-09-02 14:09 28888 ----a-w- c:\windows\SysWow64\drivers\gbpddfac64.sys 2017-09-02 14:40 . 2017-09-02 14:40 1856 ----a-w- c:\windows\Fonts\Warsaw Bold.ttf 2017-08-19 15:28 . 2017-09-12 19:12 197120 ----a-w- c:\windows\system32\shdocvw.dll 2017-08-16 15:29 . 2017-09-12 19:12 806912 ----a-w- c:\windows\system32\usp10.dll 2017-08-16 15:10 . 2017-09-12 19:12 629760 ----a-w- c:\windows\SysWow64\usp10.dll 2017-08-15 15:29 . 2017-09-12 19:12 14182400 ----a-w- c:\windows\system32\shell32.dll 2017-08-15 15:29 . 2017-09-12 19:12 1867264 ----a-w- c:\windows\system32\ExplorerFrame.dll 2017-08-15 15:10 . 2017-09-12 19:12 1499648 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll 2017-08-14 17:35 . 2017-09-12 19:12 2150912 ----a-w- c:\windows\SysWow64\mmcndmgr.dll 2017-08-14 17:35 . 2017-09-12 19:12 303104 ----a-w- c:\windows\SysWow64\mmcbase.dll 2017-08-14 17:35 . 2017-09-12 19:12 128512 ----a-w- c:\windows\SysWow64\mmcshext.dll 2017-08-14 17:35 . 2017-09-12 19:12 172544 ----a-w- c:\windows\SysWow64\cic.dll 2017-08-14 17:35 . 2017-09-12 19:12 3203584 ----a-w- c:\windows\system32\mmcndmgr.dll 2017-08-14 17:35 . 2017-09-12 19:12 355328 ----a-w- c:\windows\system32\mmcbase.dll 2017-08-14 17:35 . 2017-09-12 19:12 131072 ----a-w- c:\windows\system32\mmcshext.dll 2017-08-14 17:34 . 2017-09-12 19:12 211968 ----a-w- c:\windows\system32\cic.dll 2017-08-13 21:37 . 2017-09-12 19:12 2144256 ----a-w- c:\windows\system32\mmc.exe 2017-08-13 21:30 . 2017-09-12 19:12 1401344 ----a-w- c:\windows\SysWow64\mmc.exe 2017-08-13 14:36 . 2012-04-05 20:19 803328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2017-08-13 14:36 . 2011-05-16 19:09 144896 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2017-08-11 06:35 . 2017-09-12 19:12 757248 ----a-w- c:\windows\system32\win32spl.dll 2017-08-11 06:35 . 2017-09-12 19:12 313856 ----a-w- c:\windows\system32\Wldap32.dll 2017-08-11 06:35 . 2017-09-12 19:12 25600 ----a-w- c:\windows\system32\winnsi.dll 2017-08-11 06:35 . 2017-09-12 19:12 512000 ----a-w- c:\windows\system32\rpcss.dll 2017-08-11 06:35 . 2017-09-12 19:12 26112 ----a-w- c:\windows\system32\nsisvc.dll 2017-08-11 06:35 . 2017-09-12 19:12 346112 ----a-w- c:\windows\system32\ntprint.dll 2017-08-11 06:35 . 2017-09-12 19:12 13312 ----a-w- c:\windows\system32\nsi.dll 2017-08-11 06:35 . 2017-09-12 19:12 2065408 ----a-w- c:\windows\system32\ole32.dll 2017-08-11 06:35 . 2017-09-12 19:12 26112 ----a-w- c:\windows\system32\oleres.dll 2017-08-11 06:34 . 2017-09-12 19:12 971776 ----a-w- c:\windows\system32\localspl.dll 2017-08-11 06:34 . 2017-09-12 19:12 166400 ----a-w- c:\windows\system32\inetpp.dll 2017-08-11 06:34 . 2017-09-12 19:12 22528 ----a-w- c:\windows\system32\inetppui.dll 2017-08-11 06:34 . 2017-09-12 19:12 8704 ----a-w- c:\windows\system32\comcat.dll 2017-08-11 06:20 . 2017-09-12 19:12 48640 ----a-w- c:\windows\system32\wpnpinst.exe 2017-08-11 06:20 . 2017-09-12 19:12 61952 ----a-w- c:\windows\system32\ntprint.exe 2017-08-11 06:19 . 2017-09-12 19:12 497664 ----a-w- c:\windows\SysWow64\win32spl.dll 2017-08-11 06:19 . 2017-09-12 19:12 271360 ----a-w- c:\windows\SysWow64\Wldap32.dll 2017-08-11 06:19 . 2017-09-12 19:12 16384 ----a-w- c:\windows\SysWow64\winnsi.dll 2017-08-11 06:19 . 2017-09-12 19:12 299008 ----a-w- c:\windows\SysWow64\ntprint.dll 2017-08-11 06:19 . 2017-09-12 19:12 8704 ----a-w- c:\windows\SysWow64\nsi.dll 2017-08-11 06:19 . 2017-09-12 19:12 1417728 ----a-w- c:\windows\SysWow64\ole32.dll 2017-08-11 06:19 . 2017-09-12 19:12 26112 ----a-w- c:\windows\SysWow64\oleres.dll 2017-08-11 06:12 . 2017-09-12 19:12 25088 ----a-w- c:\windows\system32\netbtugc.exe 2017-08-11 06:09 . 2017-09-12 19:12 61952 ----a-w- c:\windows\SysWow64\ntprint.exe 2017-08-11 06:03 . 2017-09-12 19:12 26624 ----a-w- c:\windows\SysWow64\netbtugc.exe 2017-08-11 06:01 . 2017-09-12 19:12 7168 ----a-w- c:\windows\SysWow64\comcat.dll 2017-08-11 06:00 . 2017-09-12 19:12 262656 ----a-w- c:\windows\system32\drivers\netbt.sys 2017-08-11 05:58 . 2017-09-12 19:12 26112 ----a-w- c:\windows\system32\drivers\nsiproxy.sys 2017-07-29 14:56 . 2017-08-09 00:43 117248 ----a-w- c:\windows\system32\drivers\tdx.sys 2017-07-21 14:26 . 2017-08-09 00:43 282624 ----a-w- c:\windows\SysWow64\mstext40.dll 2017-07-21 14:26 . 2017-08-09 00:44 290816 ----a-w- c:\windows\SysWow64\msjtes40.dll 2017-07-21 14:26 . 2017-08-09 00:44 518144 ----a-w- c:\windows\SysWow64\msjetoledb40.dll 2017-07-21 14:26 . 2017-08-09 00:43 409600 ----a-w- c:\windows\SysWow64\msexch40.dll . . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por padrão não são apresentadas. REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2017-09-21 18:35 2602704 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2] @="{5AB7172C-9C11-405C-8DD5-AF20F3606282}" [HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}] 2017-09-21 18:35 2602704 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3] @="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}" [HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}] 2017-09-21 18:35 2602704 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2017-09-21 18:35 2602704 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2017-09-21 18:35 2602704 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive6] @="{9AA2F32D-362A-42D9-9328-24A483E2CCC3}" [HKEY_CLASSES_ROOT\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}] 2017-09-21 18:35 2602704 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03] @="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09] @="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 285000 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt.18.0.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "Akamai NetSession Interface"="c:\users\Daniele BR\AppData\Local\Akamai\netsession_win.exe" [2017-09-08 4490200] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Malwarebytes Anti-Exploit"="c:\program files (x86)\Malwarebytes Anti-Exploit\mbae.exe" [2017-09-18 2480592] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-05 1081224] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginCef] 2014-07-11 14:46 1718088 ------w- c:\program files (x86)\GbPlugin\gbiehcef.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0PCloudBroom64.exe \systemroot\system32\BroomData.bit . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys;c:\windows\SYSNATIVE\drivers\gbpkm.sys [x] R1 gbpddfac;Warsaw File Access svc;c:\windows\system32\drivers\gbpddfac64.sys;c:\windows\SYSNATIVE\drivers\gbpddfac64.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x] R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x] R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x] R3 netr7364;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Inspeção de Rede da Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x] R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x] R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x] R3 PTSimHid;PenTablet Simulated HID MiniDriver;c:\windows\system32\DRIVERS\PTSimHid.sys;c:\windows\SYSNATIVE\DRIVERS\PTSimHid.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 RTL8023x64;Driver Realtek 10/100 NIC Family NDIS x64;c:\windows\system32\DRIVERS\Rtnic64.sys;c:\windows\SYSNATIVE\DRIVERS\Rtnic64.sys [x] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x] R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x] R4 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x] R4 ENAgent;Epson Redirect Agent;c:\windows\SysWOW64\ENAgent.exe;c:\windows\SysWOW64\ENAgent.exe [x] R4 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x] R4 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [x] R4 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x] R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x] S1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae64.sys;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [x] S2 AdAppMgrSvc;Autodesk Desktop App Service;c:\program files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe ;c:\program files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [x] S2 AGSService;Adobe Genuine Software Integrity Service;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [x] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x] S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x] S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe;c:\program files\Dell\DellDock\DockLogin.exe [x] S2 GbpSv;Gbp Service;c:\progra~2\GbPlugin\GbpSv.exe;c:\progra~2\GbPlugin\GbpSv.exe [x] S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x] S2 MbaeSvc;Malwarebytes Anti-Exploit Service;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [x] S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x] S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 WDBackup;WD Backup;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [x] S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [x] S2 WDRulesService;WD Rules;c:\program files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [x] S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x] S3 IntcDAud;Áudio do vídeo Intel(R);c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] S3 PTSimBus;PenTablet Bus Enumerator;c:\windows\system32\DRIVERS\PTSimBus.sys;c:\windows\SYSNATIVE\DRIVERS\PTSimBus.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x] . . --- =Outros Serviços/Drivers Na Memória --- . *Deregistered* - GbFtIn . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}] start [BU] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}] 2017-07-31 22:31 324080 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2017-09-21 18:35 2863824 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2] @="{5AB7172C-9C11-405C-8DD5-AF20F3606282}" [HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}] 2017-09-21 18:35 2863824 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3] @="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}" [HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}] 2017-09-21 18:35 2863824 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2017-09-21 18:35 2863824 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2017-09-21 18:35 2863824 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive6] @="{9AA2F32D-362A-42D9-9328-24A483E2CCC3}" [HKEY_CLASSES_ROOT\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}] 2017-09-21 18:35 2863824 ----a-w- c:\users\Daniele BR\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveBlacklisted] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2017-08-31 16:21 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSynced] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2017-08-31 16:21 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSyncing] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2017-08-31 16:21 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1] @="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}" [HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}] 2017-08-14 06:48 491600 ----a-w- c:\program files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2] @="{853B7E05-C47D-4985-909A-D0DC5C6D7303}" [HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}] 2017-08-14 06:48 491600 ----a-w- c:\program files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3] @="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}" [HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}] 2017-08-14 06:48 491600 ----a-w- c:\program files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 333128 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 333128 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 333128 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2017-09-20 16:36 333128 ----a-w- c:\users\Daniele BR\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-09 10060832] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-11-14 1353680] "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-10-12 2655520] "ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-07-24 1710568] . ------- Scan Suplementar ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com/ mLocal Page = c:\windows\system32\blank.htm uInternet Settings,ProxyOverride = <local> IE: Capturar esta página - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 IE: Capturar favorito - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 IE: Capturar imagem - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 IE: Capturar seleção - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 IE: Capturar URL - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 IE: Nova nota - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html Trusted Zone: caixa.gov.br\imagem Trusted Zone: caixa.gov.br\imagem2 Trusted Zone: caixa.gov.br\internetbanking Trusted Zone: caixa.gov.br\internetbankingpf Trusted Zone: caixa.gov.br\www Trusted Zone: google.com\www Trusted Zone: google.com.br\www Trusted Zone: itau.b.br Trusted Zone: itau.b.br\www Trusted Zone: itau.com.br Trusted Zone: itau.com.br\bankline Trusted Zone: itau.com.br\banklineplus Trusted Zone: itau.com.br\clickbanking Trusted Zone: itau.com.br\guardiao Trusted Zone: itau.com.br\internet Trusted Zone: itau.com.br\www Trusted Zone: itaupersonnalite.com.br\www TCP: DhcpNameServer = 177.223.13.43 8.8.8.8 FF - ProfilePath - c:\users\Daniele BR\AppData\Roaming\Mozilla\Firefox\Profiles\07187q7j.default-1495139530515\ . - - - - ORFÃOS REMOVIDOS - - - - . Toolbar-Locked - (no file) HKLM_Wow6432Node-ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe . . . --------------------- CHAVES DO REGISTRO BLOQUEADAS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_286_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_286_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_286_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_286_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_286.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.20" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_286.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_286.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_286.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\software\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . ------------------------ Outros Processos em Execução ------------------------ . c:\program files (x86)\Dell Support Center\bin\sprtsvc.exe . ************************************************************************** . Tempo para conclusão: 2017-10-17 11:44:38 - Máquina reiniciou ComboFix-quarantined-files.txt 2017-10-17 13:44 ComboFix2.txt 2013-07-19 05:58 ComboFix3.txt 2013-07-13 17:30 . Pré-execução: 123.684.204.544 bytes disponíveis Pós execução: 123.153.678.336 bytes disponíveis . - - End Of File - - B54A14266D65B9B9CCCE67FD8EF679F0 A36C5E4F47E84449FF07ED3517B43A31
  12. Mouse cliques imprecisos e não encerra programas

    Estou com um pouco de dificuldade de utilizar o Combofix, estou anotando as instruções antes e não tive o tempo necessário. E estarei fora até segunda feira. Peço por gentileza que não feche o tópico por ausência, pois não é a intenção, estou com outras demandas de médicos e trabalhos. Agradeço.
  13. Mouse cliques imprecisos e não encerra programas

    Farbar Recovery Scan Tool (x64) Versão: 08-10-2017 Executado por Daniele BR (08-10-2017 16:01:18) Executando a partir de C:\Users\Daniele BR\Desktop Modo da Inicialização: Normal ================== Pesquisar Arquivos: "*sptd.sys" ============= C:\Windows\System32\drivers\sptd.sys [2010-09-06 22:22][2010-09-06 22:22] 000834544 _____ () D41D8CD98F00B204E9800998ECF8427E [Arquivo não assinado] ====== Fim de Pesquisar ====== Farbar Recovery Scan Tool (x64) Versão: 08-10-2017 Executado por Daniele BR (08-10-2017 16:41:24) Executando a partir de C:\Users\Daniele BR\Desktop Modo da Inicialização: Normal ================== Pesquisar Registro: "sptd.sys" =========== ====== Fim de Pesquisar ======
  14. Mouse cliques imprecisos e não encerra programas

    Boa tarde!! Segue o log de pesquisa como arquivo: Farbar Recovery Scan Tool (x64) Versão: 03-10-2017 01 Executado por Daniele BR (06-10-2017 14:42:13) Executando a partir de C:\Users\Daniele BR\Desktop Modo da Inicialização: Normal ================== Pesquisar Arquivos: "sptd.sys*" ============= C:\Windows\System32\drivers\sptd.sys [2010-09-06 22:22][2010-09-06 22:22] 000834544 _____ () D41D8CD98F00B204E9800998ECF8427E [Arquivo não assinado] ====== Fim de Pesquisar ====== E o log de pesquisa como registro: Farbar Recovery Scan Tool (x64) Versão: 03-10-2017 01 Executado por Daniele BR (06-10-2017 14:55:11) Executando a partir de C:\Users\Daniele BR\Desktop Modo da Inicialização: Normal ================== Pesquisar Registro: "sptd.sys" =========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\sptd] "ImagePath"="System32\Drivers\sptd.sys" ====== Fim de Pesquisar ====== Abç!!
  15. Mouse cliques imprecisos e não encerra programas

    16:59:22.0967 0x1038 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02 16:59:27.0521 0x1038 ============================================================ 16:59:27.0521 0x1038 Current date / time: 2017/10/04 16:59:27.0521 16:59:27.0521 0x1038 SystemInfo: 16:59:27.0521 0x1038 16:59:27.0521 0x1038 OS Version: 6.1.7601 ServicePack: 1.0 16:59:27.0521 0x1038 Product type: Workstation 16:59:27.0521 0x1038 ComputerName: PC-PROGRAMAS 16:59:27.0521 0x1038 UserName: Daniele BR 16:59:27.0521 0x1038 Windows directory: C:\Windows 16:59:27.0521 0x1038 System windows directory: C:\Windows 16:59:27.0521 0x1038 Running under WOW64 16:59:27.0521 0x1038 Processor architecture: Intel x64 16:59:27.0521 0x1038 Number of processors: 4 16:59:27.0521 0x1038 Page size: 0x1000 16:59:27.0521 0x1038 Boot type: Normal boot 16:59:27.0521 0x1038 CodeIntegrityOptions = 0x00000001 16:59:27.0521 0x1038 ============================================================ 16:59:29.0929 0x1038 KLMD registered as C:\Windows\system32\drivers\46000209.sys 16:59:29.0929 0x1038 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23889, osProperties = 0x1 16:59:31.0012 0x1038 System UUID: {AC51AED5-E72D-9A51-1B52-B9BA1CC52E30} 16:59:31.0619 0x1038 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 16:59:31.0619 0x1038 Drive \Device\Harddisk1\DR1 - Size: 0x7470AFDE00 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 16:59:31.0658 0x1038 ============================================================ 16:59:31.0659 0x1038 \Device\Harddisk0\DR0: 16:59:31.0661 0x1038 MBR partitions: 16:59:31.0661 0x1038 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23800, BlocksNum 0x15C3000 16:59:31.0661 0x1038 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x15E6800, BlocksNum 0x23E47800 16:59:31.0661 0x1038 \Device\Harddisk1\DR1: 16:59:31.0662 0x1038 MBR partitions: 16:59:31.0662 0x1038 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12EBD0F1 16:59:31.0675 0x1038 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x12EBD16F, BlocksNum 0x274C7AD2 16:59:31.0675 0x1038 ============================================================ 16:59:31.0712 0x1038 C: <-> \Device\Harddisk0\DR0\Partition2 16:59:31.0714 0x1038 E: <-> \Device\Harddisk1\DR1\Partition1 16:59:31.0735 0x1038 F: <-> \Device\Harddisk1\DR1\Partition2 16:59:31.0735 0x1038 ============================================================ 16:59:31.0735 0x1038 Initialize success 16:59:31.0735 0x1038 ============================================================ Imagino!! Tomara que seja esse caso também!! Baixei o 64x e cliquei para executar como Administrador, ele diz q não vai executar porque não é um aplicativo WIN32 válido. Seguem as imagens.

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×