Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
giant01

Micro com comportamento estranho. Muita coisa não funciona.

Recommended Posts

Oi pessoal.Meu micro desktop esta muito estranho. Não aceita no painel de contrôle atualizações, ele trava e fica rodando aquela bolinha do mouse.Só consigo sair de lá com o gerenciador de tarefas.

Não consigo fazer atualizações do Ópera e do Chrome . O Firefox, quando abro, depois de alguns minutos, ele estora a memória RAM ou estora a % do processador. e só resetando a máquina.

Já rodei o AVAST em boot, mas não pegou nada. No final do ano passado, pegou e colocou uns malware na quarentena. Verei se  consigo printar a tela do resultado.

Necessito da ajuda de vocês. Obrigado.

giant

 

ZA-Scan.txt

avast.jpg

Compartilhar este post


Link para o post
Compartilhar em outros sites

@giant01

 

Por favor, atente para o seguinte:

  • Sobre o Fórum: Este é um espaço privado, não público. Seu uso é um privilégio, não um direito;
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • IMPORTANTE: Caso tenha programas de ativação do windows ou de compartilhamento de torrent, sugiro desinstalar. Só irei dar procedimento na analise após a remoção. Regras do forum;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Respeite a ordem das instruções passadas;
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Siga os passos abaixo:

ETAPA 1

Baixe o Malwarebytes Anti-Malware (MBAM) do link abaixo e salve no seu desktop.
https://downloads.malwarebytes.org/file/mbam_current/
 
Clique duas vezes no mbam-setup.exe e siga o solicitado para instalar o programa.

  • Na aba Análise > Analise Personalizada marque a opção Procurar rootkits e as entradas referente a instalação do sistema operacional. Normalmente é o drive C:;
  • Clique em Analisar Agora. Aguarde, pois o scan pode demorar;
  • Ao acabar o scan, se houver itens encontrados, certifique-se que estejam todas marcados e clique no botão Remover Selecionadas ou Colocar em Quarentena;
  • Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo);
  • Caso o mbam não seja executado automaticamente após a reinicialização, execute manualmente;
  • O log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Relatórios na janela principal do programa;
  • Clique duas vezes no log (Registro de verificação). Clique no botão Exportar e utilize o formato .txt para exportar o log. Salve na Área de Trabalho.


ATENÇÃO: Abra o arquivo, selecione tudo, copie e cole o conteúdo deste log em sua próxima resposta.

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

ETAPA 2

Faça o download do AdwCleaner de um dos links abaixo e salve no desktop.
https://toolslib.net/downloads/viewdownload/1-adwcleaner/
http://www.bleepingcomputer.com/download/adwcleaner/

Clique em DOWNLOAD NOW para baixar o arquivo.

Execute o adwcleaner.exe

OBS: Usuários do Windows Vista, 7, 8/8.1 e windows 10 clique com o direito sobre o arquivo AdwCleaner.exe, depois clique em VRIfczU.png

Clique em VERIFICAR. Após o termino clique em LIMPAR e aguarde.

Será aberto o bloco de notas com o resultado.

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

@giant01

 

Execute novamente o Adwcleaner e após o scan, remova as entradas. Abra o log, copie e colte na sua próxima resposta.

 

Faça o download do RogueKiller by Tigzy, e salve na sua área de trabalho (Desktop).
roguekiller.exe (x64) << link

  • Feche todos os programas
  • Execute o RogueKiller.exe.
    ** Usuários do Windows Vista, Windows 7, 8, 8.1 e Windows 10:
    Clique com o direito sobre o arquivo rogueKiller.exe, depois clique em VRIfczU.png.
  • Quando a janela da Eula aparecer, clique em Accept.
  • Selecione a aba SCAN
  • Clique em START SCAN
  • Aguarde ate que o scan termine...
  • Clique no botão OPEN REPORT
  • Clique na opção EXPORT TXT e salve na Área de Trabalho com o nome de roguekiller.txt
  • Clique em OK e feche o RogueKiller.


Atente para abrir o arquivo, copiar e colar todo o conteúdo na sua próxima resposta

Compartilhar este post


Link para o post
Compartilhar em outros sites
  • Autor do tópico
  • beleza. 

    Tudo executado conforme instrução.

    Uma dúvida, no RogueKiller, depois de escaneado, voce não pediu para apagar o que foi encontrado. Pediu para exportar o relatório, só isso.

    É isso mesmo?

    Segue resultados.

    abs

    Roguekiller.txt

    AdwCleaner[S6].txt

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Tudo certo Elias.

    Depois da semana passada, quando segui as instruções, hoje tentei abrir o painel de contrôle para ver se tinham atualizações de windows, descobri que permanecem os problemas.

    abs

     

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    @giant01

     

    5 horas atrás, giant01 disse:

    Tudo certo Elias.

    Depois da semana passada, quando segui as instruções, hoje tentei abrir o painel de contrôle para ver se tinham atualizações de windows, descobri que permanecem os problemas.

    abs

     

     

    Qual problema? Poste uma imagem do erro que aparece quando tu acessa as atualizações do windows.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Então Elias. 

    Quando abro o painel de contrôle, e clico em windows update, ou atualizações, aparece aquele circulo no cursor de processamento em segundo plano e trava o painel. só saio de lá depois do gerenciador de tarefas.

    Quando atualizo o Chrome, aparece isso .

    Sobre um post anterior, sobre o RogueKiller, posso abrir e corrigir os problemas?

     

    elias01.jpg

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    @giant01

     

    5 horas atrás, giant01 disse:

    Sobre um post anterior, sobre o RogueKiller, posso abrir e corrigir os problemas?

     

    Pode sim. :thumbsup:

     

    Desinstale o chrome com o RevoUninstaller e reinicie seu computador. Após isso instale novamente.

     

    Abra um prompt de comando (cmd) como administrador e execute o comando abaixo:

    sfc /scannow

    Poste o resultado.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Fiz tudo certo.

    Baixei o desinstalador, executei, reiniciei, etc....

    executei o "scannow" no "prompt"

    e depois reinstalei o chrome.

    o problema de atualização persiste no navegador.

    abri o painel de controle e pelo menos consegui tirar um print do que aparece.

    segue os relatórios.

    elias02.jpg

    elias03.jpg

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    @giant01

     

    Abra um prompt de comando (cmd) em modo administrador e execute:

    net start wuauserv

    Apos o comando acima, execute:

    sc config wuauserv start= auto

    Reinicie seu computador, abra o windows update e verifique se ocorre a mensagem de erro.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Obrigado Elias.

    Segui as instruções,mas esqueci de tirar um print pra voce ver. 

    Continua do mesmo jeito, e o Google Chrome ainda sem atualizar também, mostrando aquela mensagem de erro que já postei em dias anteriores.

    segue a mensagem de erro do painel de controle de hoje. acho que é igual daquela de ontem.

     

    elias04.jpg

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • acredito que não.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    @giant01

     

    O ideal é que você consiga, pois do contrario não conseguira recuperar os arquivos.

     

    Baixe o Farbar Recovery Scan do link abaixo e salve na sua área de trabalho.
    https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

    ** Usuários do Windows Vista, Windows 7, 8/8.1 e windows 10:
    Clique com o direito sobre o arquivo FRST64.EXE, depois clique em VRIfczU.png .
    Aceite o contrato e depois clique no botão Scan/Examinar.

    Aguarde e ao final, os logs FRST.txt e Addition.txt serão salvos no seu desktop.

    Abra cada arquivo em separado, copie seu conteúdo e cole na sua próxima resposta.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Bom dia

    Ok Elias, vou ver se arrumo o tal disco de instalação.

    Já efetuei as sugestões.

    Segue arquivos gerados. Vou copiar e colar os conteúdos como você pediu ao invés de fazer upload dos arquivos gerados.

     

     

    FRST:

    Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 27.01.2018
    Executado por user (administrador) em USER-PC (05-02-2018 09:20:30)
    Executando a partir de C:\Users\user\Desktop
    Perfis Carregados: user (Perfis Disponíveis: user & user-pc)
    Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
    Internet Explorer Versão 11 (Navegador padrão: FF)
    Modo da Inicialização: Normal
    Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processos (Whitelisted) =================

    (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

    (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
    (AVAST Software) C:\Program Files\avast software\avast\afwServ.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (AVAST Software) C:\Program Files\avast software\avast\AvastSvc.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
    (Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
    (Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
    () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
    (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
    () C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
    (SafeNet, Inc.) C:\Program Files\SafeNet\Authentication\SAC\x64\SACSrv.exe
    (GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Microsoft Corporation) C:\Windows\System32\alg.exe
    (GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
    (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
    (Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
    (IObit) C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (SafeNet, Inc.) C:\Program Files\SafeNet\Authentication\SAC\x64\SACMonitor.exe
    (A.E.T. Europe B.V.) C:\Windows\System32\aetcrss1.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
    (AVAST Software) C:\Program Files\avast software\avast\AvastUI.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe
    (IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
    (Cyberlink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
    (brother) C:\Program Files (x86)\Brownie\BrStsW64.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (AVAST Software) C:\Program Files\avast software\avast\x64\aswidsagenta.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
    (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
    (brother) C:\Program Files (x86)\Brownie\brpjp04a.exe
    (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
    (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Farbar) C:\Users\user\Desktop\FRST64 (2).exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe

    ==================== Registro (Whitelisted) ===========================

    (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
    HKLM\...\Run: [SACMonitor] => C:\Program Files\SafeNet\Authentication\SAC\x64\SACMonitor.exe [2162136 2011-10-02] (SafeNet, Inc.)
    HKLM\...\Run: [CertificateRegistration] => C:\Windows\system32\aetcrss1.exe [191488 2011-04-20] (A.E.T. Europe B.V.)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2018-01-22] (AVAST Software)
    HKLM-x32\...\Run: [RemoteControl] => C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [71216 2007-03-14] (Cyberlink Corp.)
    HKLM-x32\...\Run: [LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [52256 2007-01-08] ()
    HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
    HKLM-x32\...\Run: [BrStsWnd] => C:\Program Files (x86)\Brownie\BrstsW64.exe [3695928 2009-08-19] (brother)
    HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [286272 2015-07-27] (RealNetworks, Inc.)
    HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
    HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [714992 2016-07-05] ()
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    Winlogon\Notify\ScCertProp: 
    Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2016-09-21] (Caixa Economica Federal)
    Winlogon\Notify\ GbPluginUni: C:\Program Files (x86)\GbPlugin\gbiehUni.dll [2016-12-09] (Banco Itaú Unibanco)
    Winlogon\Notify\ScCertProp: 
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO
    HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\Run: [Google Update] => C:\Users\user\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
    HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6160152 2014-05-20] (Piriform Ltd)
    HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-11-30] (Apple Inc.)
    HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-11-30] (Apple Inc.)
    HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-11-30] (Apple Inc.)
    HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\Run: [Dropbox Update] => C:\Users\user\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
    HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\Run: [Google Photos Backup] => C:\Users\user\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-08] (Google, Inc)
    HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Technologies S.A.)
    HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\MountPoints2: {f515166e-40df-11e7-8bfe-f46d0445cd20} - F:\Auto.exe
    ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\PROGRAM FILES (X86)\GbPlugin\gbiehuni.dll [1951968 2016-12-09] (Banco Itaú Unibanco)
    ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\PROGRAM FILES (X86)\GbPlugin\gbiehcef.dll [1903328 2016-09-21] (Caixa Economica Federal)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-05-04]
    ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2015-07-27]
    ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
    Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-12-11]
    ShortcutTarget: Dropbox.lnk -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    BootExecute: autocheck autochk * SmartDefragBootTime.exe

    ==================== Internet (Whitelisted) ====================

    (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

    Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 201.82.0.67 201.82.0.62 201.6.4.116
    Tcpip\..\Interfaces\{10E1120D-5177-49EE-B504-E2465C4CFC2E}: [DhcpNameServer] 201.82.0.67 201.82.0.62 201.6.4.116

    Internet Explorer:
    ==================
    SearchScopes: HKU\S-1-5-21-757420601-2912953563-2070738426-1000 -> DefaultScope {E103BBF9-7760-439e-B29B-5E77D874A31C} URL = hxxp://br.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
    SearchScopes: HKU\S-1-5-21-757420601-2912953563-2070738426-1000 -> {431EF733-F19C-4f6b-A9EB-E62784F77B1A} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=pt-BR&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-757420601-2912953563-2070738426-1000 -> {E103BBF9-7760-439e-B29B-5E77D874A31C} URL = hxxp://br.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
    BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2017-05-22] (IObit)
    BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2015-06-17] (RealDownloader)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-12-01] (AVAST Software)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
    BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2015-06-17] (RealDownloader)
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-23] (Oracle Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-12-01] (AVAST Software)
    BHO-x32: Auxiliar de Conexão de Conta da Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
    BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehcef.dll [2016-09-21] (Caixa Economica Federal)
    BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehuni.dll [2016-12-09] (Banco Itaú Unibanco)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-23] (Oracle Corporation)
    Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  Nenhum Arquivo
    Toolbar: HKLM - Sem Nome - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  Nenhum Arquivo
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)

    FireFox:
    ========
    FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yyrtxggw.default [2018-02-05]
    FF Homepage: Mozilla\Firefox\Profiles\yyrtxggw.default -> hxxps://www.google.com.br/?hl=en&gws_rd=cr&ei=OAwsVY69BsulsAXZoYHYDw
    FF Session Restore: Mozilla\Firefox\Profiles\yyrtxggw.default -> está habilitado.
    FF Extension: (Hoxx VPN Proxy) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yyrtxggw.default\Extensions\@hoxx-vpn.xpi [2018-02-01]
    FF Extension: (Test Pilot) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yyrtxggw.default\Extensions\@testpilot-addon.xpi [2018-01-29] [Legacy]
    FF Extension: (Xmarks Bookmark Sync) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yyrtxggw.default\Extensions\foxmarks@kei.com.xpi [2017-12-05]
    FF Extension: (Firefox Notes) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yyrtxggw.default\Extensions\notes@mozilla.com.xpi [2018-01-29]
    FF Extension: (Avast SafePrice) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yyrtxggw.default\Extensions\sp@avast.com.xpi [2017-12-05]
    FF Extension: (Easy Video Downloader) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yyrtxggw.default\Extensions\vdpure@link64.xpi [2017-08-07]
    FF Extension: (Avast Online Security) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yyrtxggw.default\Extensions\wrc@avast.com.xpi [2017-10-06]
    FF Extension: (Flagfox) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yyrtxggw.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2018-02-01]
    FF Extension: (Flash and Video Download) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yyrtxggw.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}.xpi [2018-01-29]
    FF Extension: (Adblock Plus) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yyrtxggw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-12]
    FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-05-04] [Legacy] [não assinado]
    FF HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8873}] - C:\Users\user\AppData\Local\GAS Tecnologia\GBBD\uni\xpi
    FF Extension: (Guardião - Itaú 30 horas) - C:\Users\user\AppData\Local\GAS Tecnologia\GBBD\uni\xpi [2014-10-21] [Legacy] [não assinado]
    FF HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\user\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
    FF Extension: (GBBD Caixa Economica Federal) - C:\Users\user\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2014-12-16] [Legacy] [não assinado]
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-22] ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-04] ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-22] ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.)
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [Nenhum Arquivo]
    FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
    FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-23] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-23] (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
    FF Plugin-x32: @real.com/nppl3260;version=18.0.1.9 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2015-07-27] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprpplugin;version=18.0.1.9 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2015-07-27] (RealTimes)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-757420601-2912953563-2070738426-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\user\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
    FF Plugin HKU\S-1-5-21-757420601-2912953563-2070738426-1000: @talk.google.com/O1DPlugin -> C:\Users\user\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
    FF Plugin HKU\S-1-5-21-757420601-2912953563-2070738426-1000: @tools.google.com/Google Update;version=3 -> C:\Users\user\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [Nenhum Arquivo]
    FF Plugin HKU\S-1-5-21-757420601-2912953563-2070738426-1000: @tools.google.com/Google Update;version=9 -> C:\Users\user\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [Nenhum Arquivo]
    FF Plugin HKU\S-1-5-21-757420601-2912953563-2070738426-1000: gastecnologia.com.br/sf/cef -> C:\Users\user\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-12-16] (GAS Tecnologia)
    FF Plugin HKU\S-1-5-21-757420601-2912953563-2070738426-1000: gastecnologia.com.br/sf/uni -> C:\Users\user\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll [2014-07-15] (GAS Tecnologia)
    FF Plugin ProgramFiles/Appdata: C:\Users\user\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\user\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\autoconf_warsaw.js [2018-02-05]

    Chrome: 
    =======
    CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2018-02-05]
    CHR Extension: (Apresentações) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-02]
    CHR Extension: (Documentos) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-02]
    CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-02]
    CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-02]
    CHR Extension: (Planilhas) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-02]
    CHR Extension: (Documentos Google off-line) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-02-02]
    CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-02-02]
    CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-02]
    CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-02]
    CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\System Profile [2018-02-02]

    Opera: 
    =======
    OPR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\eeokceolphhfjdfcibaiiopmekmcbedp [2017-03-24]
    OPR Extension: (YouTube Downloader) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\kclijeogghhkmenkommbnjobhnndpfba [2015-06-03]
    OPR Extension: (Vimeo Video Downloader) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\mpgjfjgapmmhnhbbmhcoocbpcjmcbcmg [2017-08-01]
    StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe

    ==================== Serviços (Whitelisted) ====================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
    R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7538536 2018-01-22] (AVAST Software)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2018-01-22] (AVAST Software)
    R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [351552 2018-01-22] (AVAST Software)
    R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [631520 2017-12-13] (GAS Tecnologia)
    R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Arquivo não assinado]
    R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Arquivo não assinado]
    S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [206112 2017-06-14] (IObit)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
    R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
    R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Arquivo não assinado]
    R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Arquivo não assinado]
    R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Arquivo não assinado]
    R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2015-06-17] ()
    R2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1115224 2015-07-27] (RealNetworks, Inc.)
    R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-14] ()
    R2 SACSrv; C:\Program Files\SafeNet\Authentication\SAC\x64\SACSrv.exe [10712 2011-10-02] (SafeNet, Inc.)
    S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
    R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [1068376 2017-10-26] (GAS Tecnologia LTDA)
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ======================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    R3 AKSIFDH; C:\Windows\System32\DRIVERS\aksifdh.sys [62632 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
    R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [185096 2018-01-22] (AVAST Software)
    R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [321512 2018-01-22] (AVAST Software)
    R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199448 2018-01-22] (AVAST Software)
    R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343768 2018-01-22] (AVAST Software)
    R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57696 2018-01-22] (AVAST Software)
    S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2018-01-22] (AVAST Software)
    R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-04] (AVAST Software)
    R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [146648 2018-01-22] (AVAST Software)
    R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2017-07-20] (AVAST Software)
    R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [580480 2018-01-22] (AVAST Software)
    R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110336 2018-01-22] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84384 2018-01-22] (AVAST Software)
    R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1025176 2018-01-22] (AVAST Software)
    R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [457896 2018-01-22] (AVAST Software)
    R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [204456 2018-01-22] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [358672 2018-01-22] (AVAST Software)
    R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77432 2017-11-29] ()
    S3 FETNDIS; C:\Windows\System32\DRIVERS\fet6x64.sys [47872 2009-06-10] (VIA Technologies, Inc. )
    R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2018-02-05] (GAS Tecnologia)
    R3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [130944 2014-11-10] (Gemalto)
    R3 iKeyEnum; C:\Windows\System32\DRIVERS\ikeyenum.sys [16160 2010-07-08] (SafeNet, Inc.)
    R3 iKeyIFD; C:\Windows\System32\DRIVERS\ikeyifd.sys [22304 2010-07-08] (SafeNet, Inc.)
    R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [21928 2017-06-06] (IObit.com)
    R3 IURegProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys [21872 2017-09-28] (IObit.com)
    R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193968 2018-01-24] (Malwarebytes)
    R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2018-02-05] (Malwarebytes)
    R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [46008 2018-02-05] (Malwarebytes)
    R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-01-24] (Malwarebytes)
    R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [84256 2018-02-05] (Malwarebytes)
    U5 RnbToken; C:\Windows\System32\Drivers\RnbToken.sys [24352 2010-07-08] (SafeNet, Inc.)
    S3 RT61; C:\Windows\System32\DRIVERS\rt61.sys [438784 2009-06-02] (Ralink Technology, Corp.)
    R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
    S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [155632 2015-08-21] (MBB)
    R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [28376 2018-02-05] (GAS Tecnologia)
    R1 wsddntf; C:\Windows\System32\DRIVERS\wsddntf.sys [36984 2016-06-16] (GAS Tecnologia)
    S1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [44624 2017-12-14] (GAS Tecnologia)
    R3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [43608 2017-12-14] (GAS Tecnologia)
    S1 Bfilter; \??\C:\Windows\System32\drivers\Bfilter.sys [X]
    S1 Bfmon; \??\C:\Windows\System32\drivers\Bfmon.sys [X]
    S1 Bnbase; System32\drivers\bnbasex64.sys [X]
    S1 Bndef; \??\C:\Windows\System32\drivers\bndef64.sys [X]
    S1 Bprotect; \??\C:\Windows\System32\drivers\Bprotect.sys [X]
    S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
    S3 GBPRCM; \??\C:\Program Files (x86)\GbPlugin\gbprcm64.sys [X]
    S3 motccgp; system32\DRIVERS\motccgp.sys [X]
    S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
    S3 MotDev; system32\DRIVERS\motodrv.sys [X]
    S3 motmodem; system32\DRIVERS\motmodem.sys [X]
    S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    S3 Warsaw_PP; \??\C:\PROGRA~2\GbPlugin\wsftprp64.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


    ==================== Um Mês Criados arquivos e pastas ========

    (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

    2018-02-05 09:20 - 2018-02-05 09:22 - 000031518 _____ C:\Users\user\Desktop\FRST.txt
    2018-02-05 09:20 - 2018-02-05 09:20 - 000000000 ____D C:\FRST
    2018-02-05 09:18 - 2018-02-05 09:18 - 002393088 _____ (Farbar) C:\Users\user\Desktop\FRST64 (2).exe
    2018-02-05 09:17 - 2018-02-05 09:17 - 002393088 _____ (Farbar) C:\Users\user\Downloads\FRST64 (1).exe
    2018-02-05 09:15 - 2018-02-05 09:16 - 002393088 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
    2018-02-05 08:52 - 2018-02-05 08:52 - 000003358 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-757420601-2912953563-2070738426-1000
    2018-02-05 08:52 - 2018-02-05 08:52 - 000003222 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-757420601-2912953563-2070738426-1000
    2018-02-05 08:49 - 2018-02-05 08:49 - 000000000 ____D C:\Users\Todos os Usuários\SWCUTemp
    2018-02-05 08:49 - 2018-02-05 08:49 - 000000000 ____D C:\ProgramData\SWCUTemp
    2018-02-02 11:10 - 2018-02-02 11:10 - 000002128 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
    2018-02-02 11:10 - 2018-02-02 11:10 - 000002090 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
    2018-02-02 11:10 - 2018-02-02 11:10 - 000000000 ____D C:\Program Files\Google
    2018-02-02 11:08 - 2018-02-02 11:08 - 001129816 _____ (Google Inc.) C:\Users\user\Downloads\GoogleEarthProSetup.exe
    2018-02-02 10:25 - 2018-02-02 10:25 - 000002312 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2018-02-02 10:20 - 2018-02-05 09:01 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
    2018-02-02 10:19 - 2018-02-02 10:19 - 000003336 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-757420601-2912953563-2070738426-1000
    2018-02-02 10:19 - 2018-02-02 10:19 - 000003200 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-757420601-2912953563-2070738426-1000
    2018-02-02 10:16 - 2018-02-05 08:47 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
    2018-02-02 09:09 - 2018-02-02 10:42 - 000000000 ____D C:\Users\user\AppData\Local\Google
    2018-02-01 14:53 - 2018-02-01 14:54 - 050270312 _____ (Google Inc.) C:\Users\user\Downloads\ChromeStandaloneSetup64.exe
    2018-02-01 14:45 - 2018-02-01 14:45 - 000001366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
    2018-02-01 14:45 - 2018-02-01 14:45 - 000001354 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
    2018-02-01 14:45 - 2018-02-01 14:45 - 000000000 ____D C:\Users\user\AppData\LocalLow\IObit
    2018-02-01 14:45 - 2018-02-01 14:45 - 000000000 ____D C:\Users\Todos os Usuários\ProductData
    2018-02-01 14:45 - 2018-02-01 14:45 - 000000000 ____D C:\ProgramData\ProductData
    2018-02-01 14:45 - 2018-02-01 14:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
    2018-02-01 14:42 - 2018-02-01 14:43 - 015438128 _____ (IObit ) C:\Users\user\Desktop\iobituninstaller.exe
    2018-02-01 12:34 - 2018-02-05 08:48 - 000000000 ____D C:\Users\Todos os Usuários\GbPlugin
    2018-02-01 12:34 - 2018-02-05 08:48 - 000000000 ____D C:\ProgramData\GbPlugin
    2018-01-31 15:26 - 2018-01-31 15:26 - 001516695 _____ C:\Users\user\Downloads\Activator Windows 7.rar
    2018-01-31 12:13 - 2018-01-31 15:37 - 007649280 _____ C:\Program Files (x86)\GUTA573.tmp
    2018-01-31 12:13 - 2018-01-31 12:13 - 000000000 ____D C:\Program Files (x86)\GUMA572.tmp
    2018-01-31 08:41 - 2018-01-31 11:28 - 000000994 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
    2018-01-31 08:40 - 2018-01-31 11:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
    2018-01-31 08:40 - 2018-01-31 08:40 - 000000000 ____D C:\Program Files\VS Revo Group
    2018-01-31 08:25 - 2017-12-14 14:06 - 000044624 ____N (GAS Tecnologia) C:\Windows\system32\Drivers\wsddpp.sys
    2018-01-31 08:25 - 2017-12-14 14:06 - 000043608 ____N (GAS Tecnologia) C:\Windows\system32\Drivers\wsddprm.sys
    2018-01-29 14:40 - 2018-02-05 08:55 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
    2018-01-25 15:39 - 2018-01-25 15:39 - 000005536 _____ C:\Users\user\Desktop\Roguekiller.txt
    2018-01-25 14:39 - 2018-01-30 16:32 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
    2018-01-25 14:24 - 2018-01-25 14:24 - 000001417 _____ C:\Users\user\Desktop\AdwCleaner[S6].txt
    2018-01-25 14:19 - 2018-01-25 14:20 - 000000000 ____D C:\Users\Todos os Usuários\RogueKiller
    2018-01-25 14:19 - 2018-01-25 14:20 - 000000000 ____D C:\ProgramData\RogueKiller
    2018-01-25 14:15 - 2018-01-25 14:16 - 026916424 _____ (Adlice Software) C:\Users\user\Desktop\RogueKiller_portable64.exe
    2018-01-25 10:43 - 2018-01-25 10:43 - 000001903 _____ C:\Users\user\Desktop\AdwCleaner[S5].txt
    2018-01-25 10:36 - 2018-01-25 10:36 - 008206624 _____ (Malwarebytes) C:\Users\user\Desktop\adwcleaner_7.0.7.0.exe
    2018-01-25 10:35 - 2018-01-25 10:35 - 000002597 _____ C:\Users\user\Desktop\MBAM-01.txt
    2018-01-24 20:17 - 2018-01-24 20:17 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2018-01-24 12:14 - 2018-02-05 08:48 - 000046008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
    2018-01-24 12:14 - 2018-01-24 12:14 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
    2018-01-24 12:14 - 2018-01-24 12:14 - 000193968 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
    2018-01-24 12:13 - 2018-01-24 13:55 - 000001871 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2018-01-24 12:13 - 2018-01-24 12:13 - 000000000 ____D C:\Users\Todos os Usuários\MB2Migration
    2018-01-24 12:13 - 2018-01-24 12:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2018-01-24 12:13 - 2018-01-24 12:13 - 000000000 ____D C:\ProgramData\MB2Migration
    2018-01-24 12:13 - 2018-01-24 12:13 - 000000000 ____D C:\Program Files\Malwarebytes
    2018-01-24 12:13 - 2017-11-29 09:11 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
    2018-01-24 12:11 - 2018-01-24 12:12 - 082823000 _____ (Malwarebytes ) C:\Users\user\Desktop\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3764.exe
    2018-01-23 14:05 - 2018-01-23 14:05 - 000031819 _____ C:\ZA-Scan.txt
    2018-01-23 13:57 - 2018-01-23 13:57 - 001368576 _____ C:\Users\user\Desktop\ZA-Scan.exe
    2018-01-22 10:24 - 2018-01-22 10:24 - 000365680 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

    ==================== Um Mês Modificados arquivos e pastas ========

    (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

    2018-02-05 09:22 - 2017-04-27 18:58 - 000028888 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddfac64.sys
    2018-02-05 09:16 - 2016-02-16 09:55 - 000000386 _____ C:\Windows\Tasks\update-S-1-5-21-757420601-2912953563-2070738426-1000.job
    2018-02-05 09:14 - 2009-07-14 02:45 - 000021200 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2018-02-05 09:14 - 2009-07-14 02:45 - 000021200 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2018-02-05 09:13 - 2015-06-19 10:12 - 000001026 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-757420601-2912953563-2070738426-1000UA.job
    2018-02-05 09:06 - 2016-11-17 10:18 - 000000000 ____D C:\Users\user\AppData\LocalLow\Mozilla
    2018-02-05 08:59 - 2011-07-15 14:39 - 000000000 ____D C:\Windows\SysWOW64\Macromed
    2018-02-05 08:55 - 2017-07-20 15:47 - 000004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
    2018-02-05 08:54 - 2011-07-22 18:39 - 000000000 ____D C:\Users\user\AppData\Roaming\Skype
    2018-02-05 08:52 - 2017-06-30 13:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2018-02-05 08:51 - 2015-05-05 16:12 - 000000000 ___RD C:\Users\user\iCloudDrive
    2018-02-05 08:50 - 2016-02-16 09:54 - 000000386 _____ C:\Windows\Tasks\update-sys.job
    2018-02-05 08:50 - 2011-08-09 16:24 - 000000332 _____ C:\Windows\Brownie.ini
    2018-02-05 08:49 - 2011-07-15 03:50 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
    2018-02-05 08:47 - 2017-04-27 10:59 - 000028376 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
    2018-02-05 08:47 - 2014-09-09 16:58 - 000000000 ____D C:\temp
    2018-02-05 08:47 - 2014-04-28 10:19 - 000000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
    2018-02-05 08:46 - 2009-07-14 03:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
    2018-02-02 16:39 - 2017-11-21 10:11 - 000000000 ____D C:\Users\user\AppData\Roaming\WhatsApp
    2018-02-02 14:45 - 2017-11-30 14:17 - 000000000 ____D C:\Users\user\Desktop\Danila
    2018-02-02 14:26 - 2015-06-19 10:12 - 000000974 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-757420601-2912953563-2070738426-1000Core.job
    2018-02-02 10:13 - 2017-07-20 16:17 - 000000000 ____D C:\Program Files\Opera
    2018-02-02 10:11 - 2014-09-10 09:32 - 001129816 _____ (Google Inc.) C:\Users\user\Downloads\ChromeSetup.exe
    2018-02-01 14:53 - 2014-09-23 12:26 - 000000000 ____D C:\Users\user\AppData\Roaming\IObit
    2018-02-01 14:45 - 2014-09-23 12:30 - 000000000 ____D C:\Users\Todos os Usuários\IObit
    2018-02-01 14:45 - 2014-09-23 12:30 - 000000000 ____D C:\ProgramData\IObit
    2018-02-01 14:44 - 2014-09-23 12:26 - 000000000 ____D C:\Program Files (x86)\IObit
    2018-02-01 14:43 - 2016-10-05 11:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
    2018-02-01 14:43 - 2012-06-28 14:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2018-02-01 12:34 - 2013-11-12 11:46 - 000000000 ____D C:\Program Files (x86)\GbPlugin
    2018-02-01 08:59 - 2009-07-14 02:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
    2018-01-31 12:13 - 2011-07-17 16:34 - 000000000 ____D C:\Program Files (x86)\Google
    2018-01-25 14:23 - 2014-08-07 17:01 - 000000000 ____D C:\AdwCleaner
    2018-01-25 09:43 - 2016-09-08 10:03 - 000000000 _____ C:\Windows\SysWOW64\last.dump
    2018-01-25 09:13 - 2011-07-15 23:59 - 000000000 ____D C:\Users\user\AppData\Local\ElevatedDiagnostics
    2018-01-24 20:18 - 2014-06-10 11:06 - 000000000 ____D C:\Users\user\AppData\Roaming\Dropbox
    2018-01-24 12:13 - 2015-10-26 09:26 - 000000000 ____D C:\Users\Todos os Usuários\Malwarebytes
    2018-01-24 12:13 - 2015-10-26 09:26 - 000000000 ____D C:\ProgramData\Malwarebytes
    2018-01-24 10:39 - 2017-11-21 10:12 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
    2018-01-24 10:38 - 2017-11-21 10:11 - 000000000 ____D C:\Users\user\AppData\Local\WhatsApp
    2018-01-24 10:13 - 2017-07-20 16:18 - 000003840 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1500574701
    2018-01-23 09:45 - 2014-10-16 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2018-01-23 09:45 - 2013-10-25 08:42 - 000000000 ____D C:\Users\Todos os Usuários\Oracle
    2018-01-23 09:45 - 2013-10-25 08:42 - 000000000 ____D C:\ProgramData\Oracle
    2018-01-23 09:45 - 2013-07-26 18:13 - 000000000 ____D C:\Program Files (x86)\Java
    2018-01-23 09:44 - 2015-04-07 11:43 - 000002552 _____ C:\Users\user\Desktop\Emissor de Nota Fiscal Eletronica (NF-e) 3.10.lnk
    2018-01-23 09:44 - 2014-05-09 10:17 - 000002556 _____ C:\Users\user\Desktop\Emissor de Nota Fiscal Eletrônica (NF-e) 2.0.lnk
    2018-01-23 09:43 - 2014-10-16 11:18 - 000097344 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2018-01-22 15:39 - 2012-09-18 15:14 - 000000000 ____D C:\Users\user\Desktop\Casa varios
    2018-01-22 10:37 - 2015-05-15 15:37 - 000004446 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
    2018-01-22 10:37 - 2012-06-22 11:00 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2018-01-22 10:37 - 2012-06-22 11:00 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2018-01-22 10:37 - 2012-06-22 11:00 - 000004384 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2018-01-22 10:37 - 2011-11-14 13:54 - 000000000 ____D C:\Windows\system32\Macromed
    2018-01-22 10:25 - 2017-07-20 15:46 - 000457896 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
    2018-01-22 10:25 - 2017-07-20 15:46 - 000146648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2018-01-22 10:24 - 2017-12-01 10:40 - 000185096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
    2018-01-22 10:24 - 2017-07-20 15:46 - 001025176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
    2018-01-22 10:24 - 2017-07-20 15:46 - 000457400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys.151662394685409
    2018-01-22 10:24 - 2017-07-20 15:46 - 000358672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
    2018-01-22 10:24 - 2017-07-20 15:46 - 000204456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
    2018-01-22 10:24 - 2017-07-20 15:46 - 000146664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys.151662394685409
    2018-01-22 10:24 - 2017-07-20 15:46 - 000110336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2018-01-22 10:24 - 2017-07-20 15:46 - 000084384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
    2018-01-22 10:24 - 2017-07-20 15:46 - 000046976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
    2018-01-22 10:23 - 2017-07-20 15:46 - 000580480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
    2018-01-22 10:23 - 2017-07-20 15:46 - 000343768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
    2018-01-22 10:23 - 2017-07-20 15:46 - 000321512 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
    2018-01-22 10:23 - 2017-07-20 15:46 - 000199448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
    2018-01-22 10:23 - 2017-07-20 15:46 - 000057696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys

    ==================== Arquivos na raiz de alguns diretórios =======

    2018-01-31 12:13 - 2018-01-31 15:37 - 007649280 _____ () C:\Program Files (x86)\GUTA573.tmp
    2013-11-12 11:45 - 2014-10-21 16:25 - 000033012 _____ () C:\Users\user\AppData\Roaming\unins000.dat
    2014-10-21 16:25 - 2014-10-21 16:25 - 000720082 _____ () C:\Users\user\AppData\Roaming\unins000.exe
    2014-11-03 12:54 - 2014-11-03 12:54 - 000016653 _____ () C:\Users\user\AppData\Roaming\unins001.dat
    2014-11-03 12:54 - 2014-11-03 12:54 - 000730322 _____ () C:\Users\user\AppData\Roaming\unins001.exe
    2011-08-12 10:47 - 2016-10-04 11:23 - 000009728 _____ () C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-05-26 11:38 - 2014-05-26 15:20 - 000007604 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg
    2013-04-11 16:42 - 2013-04-11 16:42 - 000000003 _____ () C:\Users\user\AppData\Local\updater.log
    2013-04-11 16:42 - 2017-05-11 10:58 - 000000425 _____ () C:\Users\user\AppData\Local\UserProducts.xml
    2011-11-08 08:47 - 2011-11-08 08:47 - 000000000 _____ () C:\Users\user\AppData\Local\{1A5FAA97-E552-4C60-9A3B-E022B26C1ABA}

    Alguns arquivos em TEMP:
    ====================
    2018-01-25 14:20 - 2017-09-13 13:31 - 001732864 _____ (Microsoft Corporation) C:\Users\user\AppData\Local\Temp\dllnt_dump.dll
    2017-07-21 13:22 - 2017-07-21 13:22 - 000739904 _____ (Oracle Corporation) C:\Users\user\AppData\Local\Temp\jre-8u141-windows-au.exe
    2017-08-01 15:21 - 2017-08-01 15:21 - 000740416 _____ (Oracle Corporation) C:\Users\user\AppData\Local\Temp\jre-8u144-windows-au.exe
    2017-10-23 09:33 - 2017-10-23 09:33 - 001856576 _____ (Oracle Corporation) C:\Users\user\AppData\Local\Temp\jre-8u151-windows-au.exe
    2018-01-23 09:41 - 2018-01-23 09:41 - 001864256 _____ (Oracle Corporation) C:\Users\user\AppData\Local\Temp\jre-8u161-windows-au.exe

    ==================== Bamital & volsnap ======================

    (Não há correção automática para arquivos que não passaram na verificação.)

    C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
    C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
    C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
    C:\Windows\explorer.exe => O arquivo é assinado digitalmente
    C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
    C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
    C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
    C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
    C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
    C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
    C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
    C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
    C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
    C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
    C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
    C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

    LastRegBack: 2018-01-29 10:49

    ==================== Fim de FRST.txt ============================

     

     

    Addition :

     

    Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 27.01.2018
    Executado por user (05-02-2018 09:23:18)
    Executando a partir de C:\Users\user\Desktop
    Windows 7 Ultimate Service Pack 1 (X64) (2011-07-15 05:30:26)
    Modo da Inicialização: Normal
    ==========================================================


    ==================== Contas: =============================

    Administrador (S-1-5-21-757420601-2912953563-2070738426-500 - Administrator - Disabled)
    Convidado (S-1-5-21-757420601-2912953563-2070738426-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-757420601-2912953563-2070738426-1002 - Limited - Enabled)
    user (S-1-5-21-757420601-2912953563-2070738426-1000 - Administrator - Enabled) => C:\Users\user
    user-pc (S-1-5-21-757420601-2912953563-2070738426-1172 - Administrator - Enabled) => C:\Users\user-pc

    ==================== Central de Segurança ========================

    (Se uma entrada for incluída na fixlist, será removida.)

    AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
    AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
    AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
    FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

    ==================== Programas Instalados ======================

    (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

    64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
    Acrobat.com (HKLM-x32\...\{77DCDCE3-2DED-62F3-8154-05E745472D07}) (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
    Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
    Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
    Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
    Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.137 - Adobe Systems Incorporated)
    Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
    Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
    Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
    Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
    AirPlus G DWL-G510 (HKLM-x32\...\{8B128562-681D-4FFA-BEBF-A825985B2CB9}) (Version: 1.0.24 - D-Link)
    Android_Driver (HKLM-x32\...\Android_Driver) (Version: V2.6.7.0 - Android Communication Equipment Co. Ltd.)
    Aplicativo Itaú (HKLM-x32\...\{8C674A6C-0A7E-4A28-AF50-EA41B2E12EA7}) (Version: 1.0.101 - Banco Itaú)
    Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
    Assistente do certificado digital (HKLM-x32\...\{BE72FB31-7A89-44FA-9E32-56E17F3114BD}) (Version: 1.0.0 - Serasa Experian)
    Assistente do Certificado Digital Serasa Experian (HKLM-x32\...\{88F3E537-CED7-41A5-AB7C-C0C7FB3D420F}) (Version: 3.3.0.4 - Serasa Experian)
    Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version:  - Microsoft)
    Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version:  - Microsoft)
    Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version:  - Microsoft)
    Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version:  - Microsoft)
    Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 17.9.2322 - AVAST Software)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    Brother HL-2140 (HKLM-x32\...\{67FD71C2-86E7-45C6-BDEB-2BC06602E49F}) (Version: 1.00 - Brother)
    Browser Configuration Utility (HKLM-x32\...\{BA88EE67-8974-459D-A1DB-C8281D9AC6F6}) (Version: 1.0.12.1 - DeviceVM, Inc.) <==== ATENÇÃO
    BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
    C4400 (HKLM-x32\...\{B1E33614-25CC-4C2A-8CBA-88B51ABF67E0}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
    calibre (HKLM-x32\...\{F4E73041-BC8B-4D62-BFD4-EC0D408EB357}) (Version: 2.79.1 - Kovid Goyal)
    CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
    Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
    Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{51DD370C-6690-424E-9674-5F14468B323F}) (Version: 15.0.0.487 - Corel Corporation)
    Corel Graphics - Windows Shell Extension (HKLM-x32\...\{51DD370C-6690-424E-9674-5F14468B323F}) (Version: 15.0.487 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X5 - BR (HKLM-x32\...\{FD8AE9E2-B61E-4826-9CE7-937E1E9A9EEC}) (Version: 15.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X5 - Capture (HKLM-x32\...\{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}) (Version: 15.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X5 - Common (HKLM-x32\...\{CA3861BA-1D96-4D66-B577-318E1602C4F3}) (Version: 15.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X5 - Connect (HKLM-x32\...\{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}) (Version: 15.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X5 - Custom Data (HKLM-x32\...\{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}) (Version: 15.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X5 - Draw (HKLM-x32\...\{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}) (Version: 15.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X5 - Filters (HKLM-x32\...\{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}) (Version: 15.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X5 - FontNav (HKLM-x32\...\{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}) (Version: 15.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X5 - IPM (HKLM-x32\...\{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}) (Version: 15.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X5 - PHOTO-PAINT (HKLM-x32\...\{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}) (Version: 15.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X5 - Photozoom Plugin (HKLM-x32\...\{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}) (Version: 15.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X5 - Redist (HKLM-x32\...\{59123CCF-FED2-46FF-9293-D1DC80042219}) (Version: 15.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X5 - Setup Files (HKLM-x32\...\{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X5 - VBA (HKLM-x32\...\{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}) (Version: 15.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X5 - VideoBrowser (HKLM-x32\...\{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}) (Version: 15.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X5 - VSTA (HKLM-x32\...\{260ED378-2B8C-4831-ADAE-D0712D119AC5}) (Version: 15.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit (HKLM\...\{66C10F29-31F0-4A9B-B2CF-465F488AE086}) (Version: 15.0.487 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X5 - WT (HKLM-x32\...\{9244E956-5939-4B88-930C-0699D4AB2B95}) (Version: 15.0 -  Corel Corporation) Hidden
    CorelDRAW Graphics Suite X5 (HKLM-x32\...\{B399C91E-96F2-4265-9884-1C9A10E9FCF4}) (Version: 15.0 - Corel Corporation) Hidden
    CorelDRAW(R) Graphics Suite X5 (HKLM-x32\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.0.0.486 - Corel Corporation)
    CPUID CPU-Z 1.63.0 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
    Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
    DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
    DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Dropbox (HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\Dropbox) (Version: 42.4.114 - Dropbox, Inc.)
    DVD Suite (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.0.1319 - CyberLink Corporation)
    FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
    GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.11.0.1 - )
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.140 - Google Inc.)
    Google Drive (HKLM-x32\...\{9BC95947-92FD-438B-A168-C01F9A5B7292}) (Version: 2.34.7529.6838 - Google, Inc.)
    Google Earth Pro (HKLM\...\{5540AA70-FD7D-428D-B0BE-56492F7FF484}) (Version: 7.3.1.4505 - Google)
    Google Photos Backup (HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
    Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
    Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
    Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
    GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
    Guardião - Itaú 30 horas (HKLM-x32\...\{70e5f739-1d2a-40ae-bbc9-4b3e6af4c831}_is1) (Version: 3.10.0.1 - )
    Hewlett-Packard ACLM.NET v1.1.0.0 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
    HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
    HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
    HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{8181C5B7-2FF5-4677-BA6A-8E2C3F5A7601}) (Version: 13.0 - HP)
    HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
    HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
    HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
    HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
    HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    HPDiagnosticAlert (HKLM-x32\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
    HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
    HPPhotoSmartDiscLabelContent1 (HKLM-x32\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
    HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
    HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
    HPSSupply (HKLM-x32\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
    iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
    Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
    IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.2.0.11 - IObit)
    iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
    Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
    K-Lite Mega Codec Pack 3.9.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 3.9.0 - )
    Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains)
    Malwarebytes versão 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
    MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
    Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
    Microsoft .NET Framework 4.7 (Português (Brasil)) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.7.02053 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
    Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
    MotoHelper MergeModules (HKLM-x32\...\{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}) (Version: 1.2.0 - Motorola) Hidden
    Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
    Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
    Mozilla Firefox 58.0.1 (x64 pt-BR) (HKLM\...\Mozilla Firefox 58.0.1 (x64 pt-BR)) (Version: 58.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 58.0.1.6602 - Mozilla)
    Mozilla Thunderbird 52.6.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Thunderbird 52.6.0 (x86 pt-BR)) (Version: 52.6.0 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
    OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
    ODF Add-in for Microsoft Office (HKLM-x32\...\{59D1195A-7E64-4120-BB37-F053D9FD45FB}) (Version: 3.0.5254.0 - OpenXML/ODF Translator Team)
    Opera Stable 50.0.2762.67 (HKLM-x32\...\Opera 50.0.2762.67) (Version: 50.0.2762.67 - Opera Software)
    Pacote de Driver do Windows - Perto S.A. Perifericos para Automacao (PERTO38U) SmartCardReader  (04/10/2007 1.1.5.6) (HKLM\...\F902151BF0E1078D63BA822885D5233B84224A25) (Version: 04/10/2007 1.1.5.6 - Perto S.A. Perifericos para Automacao)
    PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
    Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
    Pimaco (HKLM-x32\...\{2610CDBE-07FB-4A4F-932D-5B012469A76A}) (Version: 1.0.0 - Prime)
    PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.3409.a - CyberLink Corporation)
    PS_AIO_03_C4400_Software_Min (HKLM-x32\...\{7E5A8023-0E90-4503-A1EA-C9FC25680AF9}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
    RealDownloader (HKLM-x32\...\{13743594-F75E-491E-9EFF-203C8F8DF705}) (Version: 18.1.4.144 - RealNetworks) Hidden
    RealDownloader (HKLM-x32\...\{9F3B20DF-76F2-47F4-9372-F0F56485A58D}) (Version: 18.0.1.10 - RealNetworks, Inc.) Hidden
    RealDownloader (HKLM-x32\...\{f05bfa4b-0c78-4a3e-aa74-8c220b4a7782}) (Version: 18.1.4.144 - RealNetworks) Hidden
    RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
    RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM\...\{21E47F47-C9A7-4454-BA48-388327B0EA00}) (Version: 10.0 - RealNetworks, Inc) Hidden
    RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
    RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
    Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.)
    SafeNet Authentication Client 8.1 SP1 (HKLM\...\{4DFE8ACE-8652-4CCE-A2C1-DB23C7D4F4AA}) (Version: 8.1.245.0 - SafeNet, Inc.)
    SafeSign 64-bits (HKLM\...\{66913111-2F8A-4950-AA93-51C26182FC35}) (Version: 3.0.45 - A.E.T. Europe B.V.)
    SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
    Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
    Sim Plus (HKLM-x32\...\Sim Plus) (Version:  - )
    Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
    Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.0 - IObit)
    SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
    SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
    Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
    Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
    Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
    swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
    TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
    UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
    UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
    Video Downloader (HKLM-x32\...\{8B6202FD-3790-4DD4-B343-51736F7FF4E5}) (Version: 1.2.0 - RealNetworks) Hidden
    Warsaw 2.3.0.83 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.3.0.83 - GAS Tecnologia)
    WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
    WhatsApp (HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\WhatsApp) (Version: 0.2.8082 - WhatsApp)
    WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

    ==================== Exame Personalizado CLSID (Whitelisted): ==========================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\user\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
    CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0013}\InprocServer32 -> C:\Users\user\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll (GAS Tecnologia)
    CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\user\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
    CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0013}\InprocServer32 -> C:\Users\user\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll (GAS Tecnologia)
    CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => Nenhum Arquivo
    CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Nenhum Arquivo
    CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Nenhum Arquivo
    CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Nenhum Arquivo
    CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{89BB4535-5AE9-43a0-89C5-19B4697E5C5E}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => Nenhum Arquivo
    CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => Nenhum Arquivo
    CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Nenhum Arquivo
    CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => Nenhum Arquivo
    CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-757420601-2912953563-2070738426-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
    ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
    ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-22] (AVAST Software)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-22] (AVAST Software)
    ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-22] (AVAST Software)
    ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google)
    ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit)
    ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2015-11-30] (Apple Inc.)
    ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\system32\IObitSmartDefragExtension.dll [2014-01-08] (IObit)
    ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-03-09] (Alexander Roshal)
    ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-03-09] (Alexander Roshal)
    ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-22] (AVAST Software)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
    ContextMenuHandlers3-x32: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => c:\program files (x86)\real\realplayer\RPDS\Bin64\rpcontextmenu.dll [2015-07-27] (RealNetworks, Inc.)
    ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google)
    ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit)
    ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-03-09] (Alexander Roshal)
    ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-03-09] (Alexander Roshal)
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-06-01] (Intel Corporation)
    ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-22] (AVAST Software)
    ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
    ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\system32\IObitSmartDefragExtension.dll [2014-01-08] (IObit)
    ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-03-09] (Alexander Roshal)
    ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-03-09] (Alexander Roshal)
    ContextMenuHandlers1_S-1-5-21-757420601-2912953563-2070738426-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ContextMenuHandlers4_S-1-5-21-757420601-2912953563-2070738426-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)
    ContextMenuHandlers5_S-1-5-21-757420601-2912953563-2070738426-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.)

    ==================== Tarefas Agendadas (Whitelisted) =============

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    Task: {031C61E8-686D-4FFA-A8C7-8DBC02108F8D} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-757420601-2912953563-2070738426-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-06-17] (RealNetworks, Inc.)
    Task: {102E4126-CE77-4CA5-BB99-1AF6297BE9D6} - System32\Tasks\{A313D0EF-692A-4924-BC3A-6F2C009F3641} => C:\Windows\system32\pcalua.exe -a "C:\Users\user\Downloads\DiagnosticoItau (1).exe" -d C:\Users\user\Downloads
    Task: {1401C7CE-CE1A-4AF3-8B62-277505DBBB0F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-01-22] (AVAST Software)
    Task: {28549D25-0936-4F5A-8721-13A01A9ADFE6} - System32\Tasks\{2458043F-38DF-4B79-9DBC-8E1A88BE1A34} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2017-10-06] (Skype Technologies S.A.)
    Task: {30CB4A97-999D-41F9-912B-566B83A1C435} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [2018-01-22] (Adobe Systems Incorporated)
    Task: {312C6ED4-35C1-455A-8E73-97B0392D4457} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
    Task: {33FDB3DA-A443-4517-9245-94B73B36DE0A} - System32\Tasks\{79664FDE-CEEF-463E-B496-620BE7711043} => C:\Windows\system32\pcalua.exe -a C:\Users\user\Downloads\Shockwave_Installer_Slim.exe -d "C:\Program Files (x86)\Mozilla Firefox"
    Task: {3A594C30-87CB-4E1F-871D-91A7F704318B} - System32\Tasks\update-S-1-5-21-757420601-2912953563-2070738426-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
    Task: {3F6F2DB6-1AB7-413F-A1EC-9AD284F2D6E8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-22] (AVAST Software)
    Task: {430298F5-B078-42E4-B0B4-886275AA87B7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-22] (Adobe Systems Incorporated)
    Task: {49082B44-DAD3-46CA-AD0E-674504AA8BEE} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-757420601-2912953563-2070738426-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-06-17] (RealNetworks, Inc.)
    Task: {535BD522-E29A-4099-9491-90160452FFFB} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-01-09] (IObit)
    Task: {5708C284-BD1B-42C8-BCD5-7E0BDEFE1858} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
    Task: {5B9B283C-9DA6-413C-9119-61F2908DDF49} - System32\Tasks\{A312D10E-61AF-4A0B-9CBC-467FD9D7FCFD} => C:\Windows\system32\pcalua.exe -a C:\Users\user\Downloads\GoogleEarthWin(4).exe -d "C:\Program Files (x86)\Mozilla Firefox"
    Task: {63647647-8BC6-4C77-A5D4-C3C1FD0FF8DF} - System32\Tasks\AdobeAAMUpdater-1.0-user-PC-user => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
    Task: {641AA7C4-CFF3-44FE-A752-E019AD322975} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [2014-01-09] (IObit)
    Task: {6AD6CBB3-0596-4E94-BE39-2B20A407C34B} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
    Task: {702F4E73-5737-4285-96AE-7C451A97069D} - System32\Tasks\Opera scheduled Autoupdate 1500574701 => C:\Program Files\Opera\launcher.exe [2018-01-22] (Opera Software)
    Task: {72B07DF0-9D26-4009-9194-AD82A423F264} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-757420601-2912953563-2070738426-1000UA => C:\Users\user\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
    Task: {73D287BB-99D7-4A3A-BB6F-7CFC1130D57F} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-757420601-2912953563-2070738426-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2015-06-17] (RealNetworks, Inc.)
    Task: {7915F3D6-E3D4-451E-86F2-6417B5C63A31} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
    Task: {A3D17B58-44ED-4925-AAAF-5E49B096DC28} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-757420601-2912953563-2070738426-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-06-17] (RealNetworks, Inc.)
    Task: {BB3DA255-1B42-4AED-A577-B83168FCB320} - System32\Tasks\SafeZone scheduled Autoupdate 1500573114 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
    Task: {C0C954AF-F45F-4267-8BF9-D630169B71C4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-757420601-2912953563-2070738426-1000Core1cc550045748c91 => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: {C1A1A6E9-E707-4917-BC04-C817315F708E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-757420601-2912953563-2070738426-1000UA => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: {C71E2704-DB3F-4392-855D-CF416F35491B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {C801D3F7-A219-4FF6-B936-84CA125C5D9F} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2016-07-05] ()
    Task: {CCC15D48-4B53-482E-8878-C345D587E782} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-757420601-2912953563-2070738426-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2015-06-17] (RealNetworks, Inc.)
    Task: {CE8DEFA2-6C84-4416-8DAA-2A15698694F7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
    Task: {D5432E0F-2491-4209-A038-FF76204B86C0} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-757420601-2912953563-2070738426-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2015-06-17] (RealNetworks, Inc.)
    Task: {D5B724AF-1B19-49E9-AD11-B03471CB74F8} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-757420601-2912953563-2070738426-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2015-06-17] (RealNetworks, Inc.)
    Task: {D961BB7B-166D-4FCE-84FD-30FCA94FF084} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
    Task: {DA85EAAE-DE8B-4BEF-B21D-11DE2AA41130} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-757420601-2912953563-2070738426-1000Core => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: {E6B0D51D-4A45-4C34-8C98-667434367693} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-757420601-2912953563-2070738426-1000Core => C:\Users\user\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
    Task: {EB38E0B5-7221-41C3-B70F-566B66E2746D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)

    (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

    Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-757420601-2912953563-2070738426-1000Core.job => C:\Users\user\AppData\Local\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-757420601-2912953563-2070738426-1000UA.job => C:\Users\user\AppData\Local\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\update-S-1-5-21-757420601-2912953563-2070738426-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
    Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

    ==================== Atalhos & WMI ========================

    (As entradas podem ser listadas para serem restauradas ou removidas.)


    ShortcutWithArgument: C:\Users\user\Desktop\Emissor de Nota Fiscal Eletronica (NF-e) 3.10.lnk -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://downloadnfe.fazenda.sp.gov.br/v310/aplicativo/emissorNFe.jnlp "C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\585cbec4-424cd618"
    ShortcutWithArgument: C:\Users\user\Desktop\Emissor de Nota Fiscal Eletrônica (NF-e) 2.0.lnk -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://www.emissornfe.fazenda.sp.gov.br/v2/aplicativo/emissorNFe.jnlp "C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\40c21ab8-7abc7a73"
    ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas Secretaria da Fazenda\Emissor de Nota Fiscal Eletronica (NF-e) 3.10.lnk -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://downloadnfe.fazenda.sp.gov.br/v310/aplicativo/emissorNFe.jnlp "C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\585cbec4-424cd618"
    ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas Secretaria da Fazenda\Emissor de Nota Fiscal Eletrônica (NF-e) 2.0.lnk -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://www.emissornfe.fazenda.sp.gov.br/v2/aplicativo/emissorNFe.jnlp "C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\40c21ab8-7abc7a73"

    ==================== Módulos Carregados (Whitelisted) ==============

    2017-05-09 01:44 - 2017-05-09 01:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2017-05-09 01:44 - 2017-05-09 01:44 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2015-06-17 04:25 - 2015-06-17 04:25 - 000031856 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
    2011-07-15 03:50 - 2007-05-14 00:54 - 000272024 ____N () C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
    2018-01-24 12:13 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
    2018-01-24 12:13 - 2017-11-29 09:11 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
    2011-07-15 03:40 - 2015-06-01 22:00 - 000102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2017-05-09 04:05 - 2017-05-09 04:05 - 001354040 _____ () C:\Program Files\iTunes\libxml2.dll
    2017-05-09 04:05 - 2017-05-09 04:05 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll
    2013-08-20 09:44 - 2013-08-20 09:44 - 000006144 ____N () C:\Users\user\AppData\Local\Temp\rad71BE3.tmp\bin\Gadget.Interop.dll
    2018-02-05 08:49 - 2013-08-20 09:44 - 001351168 _____ () C:\Users\user\AppData\Local\Temp\radE8BAB.tmp\bin\x64\sharpwrapi_x64.dll
    2018-01-22 10:24 - 2018-01-22 10:24 - 000067920 _____ () c:\Program Files\avast software\avast\x64\module_lifetime.dll
    2018-01-22 10:24 - 2018-01-22 10:24 - 000067984 _____ () C:\Program Files\avast software\avast\x64\dll_loader.dll
    2018-01-22 10:24 - 2018-01-22 10:24 - 000236840 _____ () c:\Program Files\avast software\avast\x64\vaarclient.dll
    2018-01-22 10:24 - 2018-01-22 10:24 - 000902824 _____ () C:\Program Files\avast software\avast\x64\ffl2.dll
    2018-01-22 10:24 - 2018-01-22 10:24 - 000349568 _____ () c:\Program Files\avast software\avast\x64\StreamBack.dll
    2016-07-05 19:18 - 2016-07-05 19:18 - 000714992 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
    2018-02-02 10:22 - 2018-02-01 04:13 - 004433752 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.140\libglesv2.dll
    2018-02-02 10:22 - 2018-02-01 04:13 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.140\libegl.dll
    2018-01-22 10:24 - 2018-01-22 10:24 - 000058016 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
    2018-01-22 10:24 - 2018-01-22 10:24 - 000206152 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
    2018-01-22 10:24 - 2018-01-22 10:24 - 000057504 _____ () C:\Program Files\avast software\avast\dll_loader.dll
    2018-01-22 10:24 - 2018-01-22 10:24 - 000289272 _____ () C:\Program Files\avast software\avast\tasks_core.dll
    2018-01-22 10:24 - 2018-01-22 10:24 - 000196248 _____ () C:\Program Files\avast software\avast\network_notifications.dll
    2018-01-29 09:18 - 2018-01-29 09:18 - 005779088 _____ () C:\Program Files\AVAST Software\Avast\defs\18012902\algo.dll
    2018-01-22 10:24 - 2018-01-22 10:24 - 000745408 _____ () C:\Program Files\avast software\avast\ffl2.dll
    2018-01-22 10:23 - 2018-01-22 10:23 - 000148936 _____ () C:\Program Files\avast software\avast\hns_tools.dll
    2018-01-22 10:24 - 2018-01-22 10:24 - 000293944 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
    2018-02-05 08:58 - 2018-02-05 08:58 - 005777040 _____ () C:\Program Files\AVAST Software\Avast\defs\18020502\algo.dll
    2013-10-31 13:05 - 2013-10-31 13:05 - 000172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
    2015-06-17 04:24 - 2015-06-17 04:24 - 000035976 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
    2015-06-17 04:24 - 2015-06-17 04:24 - 000039560 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
    2015-06-17 04:24 - 2015-06-17 04:24 - 000037528 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll
    2014-09-23 12:26 - 2012-09-05 19:55 - 000892288 _____ () C:\Program Files (x86)\IObit\Smart Defrag 3\webres.dll
    2017-07-20 15:46 - 2017-07-20 15:46 - 067109376 _____ () C:\Program Files\avast software\avast\libcef.dll
    2018-01-22 10:23 - 2018-01-22 10:23 - 000282560 _____ () C:\Program Files\avast software\avast\gaming_mode_ui.dll
    2017-05-09 01:45 - 2017-05-09 01:45 - 001041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2017-05-09 01:45 - 2017-05-09 01:45 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2017-05-09 01:44 - 2017-05-09 01:44 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
    2017-09-26 21:22 - 2017-09-26 21:22 - 001984000 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
    2018-02-01 14:44 - 2017-05-22 11:16 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
    2018-02-01 14:44 - 2017-05-22 11:16 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
    2018-02-01 14:44 - 2017-05-22 11:16 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
    2018-02-01 14:44 - 2017-05-22 11:17 - 000899872 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
    2018-02-01 14:44 - 2017-05-23 18:57 - 000631584 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
    2018-02-01 14:44 - 2017-05-22 11:16 - 000524064 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\sqlite3.dll
    2016-07-05 19:13 - 2016-07-05 19:13 - 001382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
    2015-07-27 10:29 - 2015-07-27 10:29 - 000594520 _____ () c:\program files (x86)\real\realplayer\RPDS\Lib\r1api.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (Se uma entrada for incluída na fixlist, somente o ADS será removido.)

    AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
    AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
    AlternateDataStreams: C:\Windows\System32:3E2BCF6B_Cef.gbp [2]
    AlternateDataStreams: C:\Windows\System32:3E2BCF6B_Uni.gbp [2]
    AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [1526]
    AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
    AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
    AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
    AlternateDataStreams: C:\Users\user\AppData\Local\Temp:IncompleteStartGbprcm.cnt [10]

    ==================== Modo de Segurança (Whitelisted) ===================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Associação (Whitelisted) ===============

    (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


    ==================== Internet Explorer confiável/restrito ===============

    (Se uma entrada for incluída na fixlist, será removida do Registro.)

    IE trusted site: HKU\.DEFAULT\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
    IE trusted site: HKU\.DEFAULT\...\itau.com.br -> hxxps://bankline.itau.com.br
    IE trusted site: HKU\.DEFAULT\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
    IE trusted site: HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\caixa.gov.br -> imagem.caixa.gov.br
    IE trusted site: HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
    IE trusted site: HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\itau.com.br -> bankline.itau.com.br
    IE trusted site: HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\itau.com.br -> hxxps://bankline.itau.com.br
    IE trusted site: HKU\S-1-5-21-757420601-2912953563-2070738426-1000\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br

    ==================== Hosts Conteúdo: ==========================

    (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

    2014-03-13 16:53 - 2014-07-01 10:08 - 000000917 ____N C:\Windows\system32\Drivers\etc\hosts

    127.0.0.1 genuine.microsoft.com
    127.0.0.1 mpa.one.microsoft.com
    127.0.0.1 sls.microsoft.com

    ==================== Outras Áreas ============================

    (Atualmente não há nenhuma correção automática para esta seção.)

    HKU\S-1-5-21-757420601-2912953563-2070738426-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 201.82.0.67 - 201.82.0.62
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
    Firewall do Windows está habilitado.

    ==================== MSCONFIG/TASK MANAGER ítens desabilitados ==


    ==================== Regras do Firewall (Whitelisted) ===============

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    FirewallRules: [{9491697F-CE96-4592-8178-B44EF63A1D56}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.EXE
    FirewallRules: [{C22F98C4-FC8B-4C01-9A63-570C3630282B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{E6B14B3C-2656-4279-9E0A-A3052CBDFEB3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    FirewallRules: [{1ECAB7EC-36EB-43DC-A313-23DE50D87C2F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
    FirewallRules: [{BC0DDBCB-A153-4657-8F4F-116B7CBB6185}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
    FirewallRules: [{AEE95677-F21D-4CDE-BF12-B5F08FA5585F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
    FirewallRules: [{A029C3D3-269D-4C4E-901C-19A3E2D975B0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
    FirewallRules: [{84F195A4-0858-4789-80FB-D47ACE4DE9E6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
    FirewallRules: [{1519F0E1-D29D-4A22-98D9-B802EA9A1470}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
    FirewallRules: [{3CB8FEB0-79DB-4BF1-9C81-4AB7E6047FD9}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
    FirewallRules: [{3A80B428-E669-4BFC-873B-B7751569D0B3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
    FirewallRules: [{2A24268D-C15A-4F4F-80F7-B1A6F9CCFF02}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
    FirewallRules: [{D02178FA-E28E-4C7D-B4A6-F9879D853E9A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
    FirewallRules: [{CA5499CA-8A36-4A9D-98D6-F43524A17553}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
    FirewallRules: [{961505CE-1131-4640-9BE3-E6EB362413DE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    FirewallRules: [{243F01DF-B761-4E11-8DCC-7FF9E87FBB8D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
    FirewallRules: [{13BC93AD-92EE-475F-B09C-D2004C4BC7C5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
    FirewallRules: [{46D0E17F-9956-4FEA-8E4B-810DAD34777E}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
    FirewallRules: [{F0AE798D-2E32-4EAF-801A-7DC44F2FF568}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
    FirewallRules: [{0F1AE125-8B05-493D-B9EB-1F78D5C60FFE}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
    FirewallRules: [{D6D76CC1-01BC-4641-BB71-B0A1645B7C74}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
    FirewallRules: [{30BBD5F8-671B-41B3-B753-36C224108532}] => (Allow) C:\Users\user\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    FirewallRules: [{0AFFDF12-070C-4CC0-B497-A9A7033A5F27}] => (Allow) C:\Users\user\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    FirewallRules: [{2C3809D5-68C1-4A87-A371-29BD416E6B1C}] => (Allow) C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
    FirewallRules: [{91582DDA-0BC0-4F5C-8A06-FCBD2F76CDF2}] => (Allow) C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
    FirewallRules: [TCP Query User{72EFA3ED-02BB-4F6F-B0BE-63C2DE4D5DF5}C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe
    FirewallRules: [UDP Query User{9926D34E-2C08-4D3C-BDBA-2974B2F516DE}C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe
    FirewallRules: [{AEE5BCF2-DB59-4D2A-B1B1-664E4B5EC225}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{6A510ADC-E969-4947-8196-603240FED788}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [TCP Query User{DE17DE15-ADB0-4E1E-A22A-BBB645F34790}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [UDP Query User{43BC49D9-8584-4539-A5D2-29F2FEEBF913}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [{5C55B8B3-11E1-466E-8C2D-BF43E1AB3DF9}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
    FirewallRules: [TCP Query User{2C3B5D86-4CD7-4FD0-9942-20D17D07C052}C:\users\user\downloads\ffinstonline.exe] => (Block) C:\users\user\downloads\ffinstonline.exe
    FirewallRules: [UDP Query User{861D93C5-5237-4ABD-8984-C9F2A413A307}C:\users\user\downloads\ffinstonline.exe] => (Block) C:\users\user\downloads\ffinstonline.exe
    FirewallRules: [TCP Query User{956EF13F-CD1A-4175-8928-309C96A32E64}C:\users\user\downloads\ffinstonline(1).exe] => (Allow) C:\users\user\downloads\ffinstonline(1).exe
    FirewallRules: [UDP Query User{1258AFEC-32C7-4EE3-94AF-91FC86462368}C:\users\user\downloads\ffinstonline(1).exe] => (Allow) C:\users\user\downloads\ffinstonline(1).exe
    FirewallRules: [{F4D5B426-DEC1-49A1-9EEC-18B1AB5BC148}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
    FirewallRules: [{BD181557-8DC8-4867-B726-A3BCED41C638}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{1C247896-6C00-4976-B9AE-2023C403CE5D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{44B5D5E3-D1B5-43AB-9E7B-2E0478DFD80D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{1A9B0C4F-44F3-463A-A9A0-4BBB0470D461}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{18FF7A84-41FC-420B-A76B-F009A49ED331}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{1B1F341B-3F6F-4DCE-8FA4-D60788F5A60E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [TCP Query User{7268464A-D950-4FF3-8F18-D38856CAB46B}C:\program files (x86)\java\jre1.8.0_73\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_73\bin\jp2launcher.exe
    FirewallRules: [UDP Query User{5A1FE89E-9EF4-43A7-9BB7-BF98AB1DCD55}C:\program files (x86)\java\jre1.8.0_73\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_73\bin\jp2launcher.exe
    FirewallRules: [TCP Query User{02CB67BB-3675-4063-8F14-7478678D2B5F}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
    FirewallRules: [UDP Query User{221A1514-F6F0-415F-9F9F-5FDD8B32F466}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
    FirewallRules: [TCP Query User{F2B4365A-EE99-421E-9D99-5E95D599E053}C:\program files (x86)\java\jre1.8.0_77\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\jp2launcher.exe
    FirewallRules: [UDP Query User{5466C1EA-BAE1-46F3-A199-11FC7FF48769}C:\program files (x86)\java\jre1.8.0_77\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\jp2launcher.exe
    FirewallRules: [{46517129-B2C6-4AE1-AACC-F32A5398557D}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{B03E2716-EAD2-435E-8EC0-BCCF3A3E28CE}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
    FirewallRules: [{414517BE-F1BA-4CD7-9EE9-CE0CC381170E}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
    FirewallRules: [{48EDA5C4-F867-4339-A9EE-BB9962D7EFCE}] => (Allow) C:\Program Files\Opera\49.0.2725.47\opera.exe
    FirewallRules: [{4886A6C4-EB23-47E9-8863-3AE2737F9A4C}] => (Allow) C:\Program Files\Opera\50.0.2762.67\opera.exe
    FirewallRules: [{DA0A386E-E69F-4AA0-8FD6-036C8581FEC1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Pontos de Restauração =========================

    28-06-2017 10:11:59 Windows Update
    29-06-2017 12:05:22 Windows Update
    17-07-2017 11:24:15 Windows Update
    17-07-2017 15:39:06 Windows Update
    01-08-2017 13:48:45 Ponto de Verificação Agendado
    01-08-2017 15:29:57 Windows Update
    09-08-2017 11:57:32 Ponto de Verificação Agendado
    09-08-2017 16:10:09 Windows Update
    18-08-2017 12:22:17 Ponto de Verificação Agendado
    30-08-2017 11:48:32 Ponto de Verificação Agendado
    11-09-2017 13:28:25 Ponto de Verificação Agendado
    12-09-2017 17:22:16 Windows Update
    20-09-2017 14:16:59 Ponto de Verificação Agendado
    27-09-2017 15:07:00 Ponto de Verificação Agendado
    05-10-2017 11:42:55 Ponto de Verificação Agendado
    17-10-2017 11:44:48 Ponto de Verificação Agendado
    17-10-2017 17:02:03 Windows Update
    26-10-2017 09:26:07 Ponto de Verificação Agendado
    06-11-2017 13:05:24 Ponto de Verificação Agendado
    13-11-2017 15:01:37 Ponto de Verificação Agendado
    15-11-2017 14:23:04 Windows Update
    23-11-2017 10:52:50 Ponto de Verificação Agendado
    29-11-2017 16:25:24 Windows Update
    01-12-2017 16:56:09 Windows Update
    06-12-2017 15:10:12 Removed Motorola Mobile Drivers Installation 6.3.0
    14-12-2017 11:25:16 Ponto de Verificação Agendado
    24-01-2018 20:02:52 Ponto de Verificação Agendado
    31-01-2018 08:43:22 Revo Uninstaller's restore point - Google Chrome
    31-01-2018 11:29:49 Revo Uninstaller's restore point - Google Chrome
    31-01-2018 11:34:01 Revo Uninstaller's restore point - Google Earth Plug-in
    31-01-2018 11:38:29 Revo Uninstaller's restore point - Apple Software Update

    ==================== Dispositivos Apresentando Falhas No Gerenciador =============

    Name: Warsaw - Driver (PP)
    Description: Warsaw - Driver (PP)
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer: 
    Service: wsddpp
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.

    Name: Baidu NetDefense
    Description: Baidu NetDefense
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer: 
    Service: Bndef
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.

    Name: Baidu Protect
    Description: Baidu Protect
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer: 
    Service: Bprotect
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.


    ==================== Erros no Log de eventos: =========================

    Erros em Aplicativos:
    ==================
    Error: (02/05/2018 09:19:10 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Falha na geração de contexto de ativação para "C:\Users\user\Downloads\esetsmartinstaller_enu.exe".Erro no arquivo de manifesto ou de diretiva "", na linha.
    Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
    Os componentes conflitantes são:.
    Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
    Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

    Error: (02/05/2018 08:55:05 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nome de aplicativo com falha: Skype.exe, versão: 7.40.0.151, carimbo de hora: 0x59d776d0
    Nome do módulo de falhas: mshtml.dll, versão: 11.0.9600.18838, carimbo de hora: 0x59e1b8ff
    Código de exceção: 0xc0000005
    Deslocamento com falha: 0x00077c4c
    Identificação do processo com falha: 0x1a64
    Hora de início do aplicativo com falha: 0x01d39e6eed59f73a
    Caminho do aplicativo com falha: C:\Program Files (x86)\Skype\Phone\Skype.exe
    FCaminho do módulo de falhas: C:\Windows\SysWOW64\mshtml.dll
    Identificação do Relatório: 053e1f9f-0a63-11e8-9d7c-f46d0445cd20

    Error: (02/02/2018 03:46:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 102929

    Error: (02/02/2018 03:46:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 102929

    Error: (02/02/2018 03:46:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (02/02/2018 03:46:51 PM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
    Description: Event-ID 0

    Error: (02/02/2018 03:46:51 PM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
    Description: Event-ID 0

    Error: (02/02/2018 03:46:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 97157

    Error: (02/02/2018 03:46:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 97157

    Error: (02/02/2018 03:46:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second


    Erros de Sistema:
    =============
    Error: (02/05/2018 08:53:09 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: Serviço Windows Update suspenso ao iniciar.

    Error: (02/05/2018 08:49:50 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Microsoft .NET Framework NGEN v4.0.30319_X86.

    Error: (02/05/2018 08:48:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: 
    O sistema não pode encontrar o arquivo especificado.

    Error: (02/05/2018 08:47:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: 
    O sistema não pode encontrar o arquivo especificado.

    Error: (02/05/2018 08:47:15 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: 
    Bnbase
    Bndef
    Bprotect
    gbpddreg

    Error: (02/05/2018 08:47:14 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
    Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.

    Error: (02/05/2018 08:47:09 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
    Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.

    Error: (02/05/2018 08:46:56 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
    Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.

    Error: (02/05/2018 08:45:52 AM) (Source: volmgr) (EventID: 46) (User: )
    Description: Falha na inicialização do despejo de memória!

    Error: (02/02/2018 04:52:37 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
    Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.


    CodeIntegrity:
    ===================================
      Date: 2016-12-01 18:25:25.709
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2016-12-01 13:36:04.850
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2016-12-01 13:22:23.542
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2016-11-30 14:27:46.075
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2016-11-30 14:15:56.634
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2016-11-30 14:01:11.954
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2016-11-28 14:32:08.203
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2016-11-28 09:55:08.989
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2016-11-28 09:20:20.648
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2016-11-28 09:13:00.350
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.


    ==================== Informações da Memória =========================== 

    Processador: Intel(R) Core(TM) i5-2300 CPU @ 2.80GHz
    Percentagem de memória em uso: 88%
    RAM física total: 4008.31 MB
    RAM física disponível: 462.27 MB
    Virtual Total: 8014.81 MB
    Virtual disponível: 4322.77 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:911.98 GB) (Free:425.59 GB) NTFS
    Drive d: () (Fixed) (Total:19.43 GB) (Free:19.32 GB) NTFS

    ==================== MBR & Tabela de Partições ==================

    ==================== Fim de Addition.txt ============================

     

     

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    @giant01

     

    Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

    Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está no CODE abaixo:

    CreateRestorePoint:
    CloseProcesses:
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO
    S1 Bfilter; \??\C:\Windows\System32\drivers\Bfilter.sys [X]
    S1 Bfmon; \??\C:\Windows\System32\drivers\Bfmon.sys [X]
    S1 Bnbase; System32\drivers\bnbasex64.sys [X]
    S1 Bndef; \??\C:\Windows\System32\drivers\bndef64.sys [X]
    S1 Bprotect; \??\C:\Windows\System32\drivers\Bprotect.sys [X]
    S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
    S3 GBPRCM; \??\C:\Program Files (x86)\GbPlugin\gbprcm64.sys [X]
    S3 motccgp; system32\DRIVERS\motccgp.sys [X]
    S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
    S3 MotDev; system32\DRIVERS\motodrv.sys [X]
    S3 motmodem; system32\DRIVERS\motmodem.sys [X]
    S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    S3 Warsaw_PP; \??\C:\PROGRA~2\GbPlugin\wsftprp64.sys [X]
    AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
    AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
    AlternateDataStreams: C:\Windows\System32:3E2BCF6B_Cef.gbp [2]
    AlternateDataStreams: C:\Windows\System32:3E2BCF6B_Uni.gbp [2]
    AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [1526]
    AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
    AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
    AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
    AlternateDataStreams: C:\Users\user\AppData\Local\Temp:IncompleteStartGbprcm.cnt [10]
    CMD: ipconfig /flushdns
    RemoveProxy:
    EmptyTemp:
    CreateRestorePoint:

    Salve este arquivo na na sua área de trabalho com o nome fixlist

    OBS: É de extrema importância que o arquivo "fixlist" seja salvo na sua Área de Trabalho/Desktop. Verifique também se o FRST.exe encontra-se na Área de Trabalho/Desktop.

    ** Usuários do Windows Vista, Windows 7, 8/8.1 e windows 10:
    Clique com o direito sobre o arquivo FRST.EXE, depois clique em VRIfczU.png.

    Clique no botão 0h0YlDEzRbKP9R7xLrUlzA.png

    Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.

    Abra o arquivo Fixlog.txt, copie e cole seu conteúdo na sua próxima resposta.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • feito.

    Estou enviando o arquivo antes de reiniciar a maquina.

    segue :

     

    Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 27.01.2018
    Executado por user (05-02-2018 14:17:52) Run:1
    Executando a partir de C:\Users\user\Desktop
    Perfis Carregados: user (Perfis Disponíveis: user & user-pc)
    Modo da Inicialização: Normal
    ==============================================

    fixlist Conteúdo:
    *****************
    CreateRestorePoint:
    CloseProcesses:
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restri��o <==== ATEN��O
    S1 Bfilter; \??\C:\Windows\System32\drivers\Bfilter.sys [X]
    S1 Bfmon; \??\C:\Windows\System32\drivers\Bfmon.sys [X]
    S1 Bnbase; System32\drivers\bnbasex64.sys [X]
    S1 Bndef; \??\C:\Windows\System32\drivers\bndef64.sys [X]
    S1 Bprotect; \??\C:\Windows\System32\drivers\Bprotect.sys [X]
    S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
    S3 GBPRCM; \??\C:\Program Files (x86)\GbPlugin\gbprcm64.sys [X]
    S3 motccgp; system32\DRIVERS\motccgp.sys [X]
    S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
    S3 MotDev; system32\DRIVERS\motodrv.sys [X]
    S3 motmodem; system32\DRIVERS\motmodem.sys [X]
    S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    S3 Warsaw_PP; \??\C:\PROGRA~2\GbPlugin\wsftprp64.sys [X]
    AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
    AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
    AlternateDataStreams: C:\Windows\System32:3E2BCF6B_Cef.gbp [2]
    AlternateDataStreams: C:\Windows\System32:3E2BCF6B_Uni.gbp [2]
    AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [1526]
    AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
    AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
    AlternateDataStreams: C:\Users\Todos os Usu�rios\GbPlugin:IncompleteStartGbprcm.cnt [10]
    AlternateDataStreams: C:\Users\user\AppData\Local\Temp:IncompleteStartGbprcm.cnt [10]
    CMD: ipconfig /flushdns
    RemoveProxy:
    EmptyTemp:
    CreateRestorePoint:
    *****************

    Ponto de Restauração criado com sucesso.
    Processos fechados com sucesso.
    "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removido (a) com sucesso.
    "HKLM\System\CurrentControlSet\Services\Bfilter" => removido (a) com sucesso.
    Bfilter => serviço removido (a) com sucesso.
    "HKLM\System\CurrentControlSet\Services\Bfmon" => removido (a) com sucesso.
    Bfmon => serviço removido (a) com sucesso.
    "HKLM\System\CurrentControlSet\Services\Bnbase" => removido (a) com sucesso.
    Bnbase => serviço removido (a) com sucesso.
    "HKLM\System\CurrentControlSet\Services\Bndef" => removido (a) com sucesso.
    Bndef => serviço removido (a) com sucesso.
    "HKLM\System\CurrentControlSet\Services\Bprotect" => removido (a) com sucesso.
    Bprotect => serviço removido (a) com sucesso.
    "HKLM\System\CurrentControlSet\Services\gbpddreg" => removido (a) com sucesso.
    gbpddreg => serviço removido (a) com sucesso.
    "HKLM\System\CurrentControlSet\Services\GBPRCM" => removido (a) com sucesso.
    GBPRCM => serviço removido (a) com sucesso.
    "HKLM\System\CurrentControlSet\Services\motccgp" => removido (a) com sucesso.
    motccgp => serviço removido (a) com sucesso.
    "HKLM\System\CurrentControlSet\Services\motccgpfl" => removido (a) com sucesso.
    motccgpfl => serviço removido (a) com sucesso.
    "HKLM\System\CurrentControlSet\Services\MotDev" => removido (a) com sucesso.
    MotDev => serviço removido (a) com sucesso.
    "HKLM\System\CurrentControlSet\Services\motmodem" => removido (a) com sucesso.
    motmodem => serviço removido (a) com sucesso.
    "HKLM\System\CurrentControlSet\Services\MotoSwitchService" => removido (a) com sucesso.
    MotoSwitchService => serviço removido (a) com sucesso.
    "HKLM\System\CurrentControlSet\Services\Synth3dVsc" => removido (a) com sucesso.
    Synth3dVsc => serviço removido (a) com sucesso.
    "HKLM\System\CurrentControlSet\Services\tsusbhub" => removido (a) com sucesso.
    tsusbhub => serviço removido (a) com sucesso.
    "HKLM\System\CurrentControlSet\Services\VGPU" => removido (a) com sucesso.
    VGPU => serviço removido (a) com sucesso.
    "HKLM\System\CurrentControlSet\Services\Warsaw_PP" => removido (a) com sucesso.
    Warsaw_PP => serviço removido (a) com sucesso.
    C:\Program Files (x86)\GbPlugin => ":IncompleteStartProcessProtection.cnt" ADS removido (a) com sucesso.
    C:\Program Files (x86)\GbPlugin => ":u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg==" ADS removido (a) com sucesso.
    C:\Windows\System32 => ":3E2BCF6B_Cef.gbp" ADS removido (a) com sucesso.
    C:\Windows\System32 => ":3E2BCF6B_Uni.gbp" ADS removido (a) com sucesso.
    C:\Windows\system32\Drivers\gbpddfac64.sys => ":X5ZN8aGvT4" ADS removido (a) com sucesso.
    C:\Windows\system32\Drivers\wsddfac.sys => ":X5ZN8aGXs4" ADS removido (a) com sucesso.
    C:\ProgramData\GbPlugin => ":IncompleteStartGbprcm.cnt" ADS removido (a) com sucesso.
    "C:\Users\Todos os Usu�rios\GbPlugin" => ":IncompleteStartGbprcm.cnt" ADS não encontrado (a).
    C:\Users\user\AppData\Local\Temp => ":IncompleteStartGbprcm.cnt" ADS removido (a) com sucesso.

    ========= ipconfig /flushdns =========


    Configura‡Æo de IP do Windows

    Libera‡Æo do Cache do DNS Resolver bem-sucedida.

    ========= Fim de CMD: =========


    ========= RemoveProxy: =========

    "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
    "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.
    "HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
    "HKU\S-1-5-21-757420601-2912953563-2070738426-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
    "HKU\S-1-5-21-757420601-2912953563-2070738426-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.


    ========= Fim de RemoveProxy: =========

    Ponto de Restauração criado com sucesso.

    =========== EmptyTemp: ==========

    BITS transfer queue => 8388608 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 75459088 B
    Java, Flash, Steam htmlcache => 2312 B
    Windows/system/drivers => 509270967 B
    Edge => 0 B
    Chrome => 345465969 B
    Firefox => 482251083 B
    Opera => 98464496 B

    Temp, IE cache, history, cookies, recent:
    Users => 0 B
    Default => 66228 B
    Public => 0 B
    ProgramData => 0 B
    systemprofile => 118543 B
    systemprofile32 => 3221339 B
    LocalService => 132244 B
    NetworkService => 81594 B
    user => 514976326 B
    user-pc => 393090 B

    RecycleBin => 1091402365 B
    EmptyTemp: => 2.9 GB de dados temporários Removidos.

    ================================


    O sistema precisou ser reiniciado.

    ==== Fim de Fixlog 14:24:36 ====

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    @giant01

     

    Conseguiu o CD/DVD do windows 7?

     

    Pressione as teclas Windows tecla-windows.gif + R e digite: msconfig
     
    - Clique na guia Serviços, marque a opção Ocultar todos os serviços Microsoft e depois clique em Desativar tudo
    - Clique na guia Inicialização de Programas e clique em Desativar tudo
     
    Siga as mensagens ate que seja solicitado a reiniciar.

    Após isso me informe se os problemas em relação a malwares ainda persistem.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Ainda não consegui. Estou aguardando um retorno.

    É para seguir as instruções mesmo sem ter conseguido o CD Windows?

    É isso mesmo?

    Vou aguardar seu retorno.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • beleza.

    Fiz tudo conforme sugeriu.

    A bandeja na barra de ferramentas ficou quase vazia. Abri o lightshot, para tirar print, senão nem essa pena estaria lá. uns "gadgets" do windows na área de trabalho também sumiram. tirei um print onde deveriam estar.

    e quando abri o painel de contrôle para ver sobre as atualizações, tirei um print da mensagem. É a mesma que aparecia antes. Agora se essa joça é malware ou não eu não sei. 

     

    elias06.jpg

    elias07.jpg

    elias08.jpg

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    @giant01

     

    As opções que você desativou, caso tenha alguma que seja de extrema importância, pode ativá-lá novamente.

     

    O erro é devido a arquivos do windows danificados. Pode ser que o motivo foi malware, mas pode ser que não. Consiga o CD/DVD e tenta a reparação.

     

    Em relação a malwares, não temos mais problemas.

    Ultimas instruções.
     

    Baixe o Delfix by Xplode do link abaixo e salve na sua área de trabalho.
    http://www.bleepingcomputer.com/download/delfix/dl/281/

    Dê dois cliques no delfix.exe para executá-lo. Marque as caixas conforme imagem.

    *** Usuários do Windows Vista, 7, 8/8.1 e Windows 10clique com o direito sobre o arquivo delfix.exe, depois clique emVRIfczU.png

    ipb9zl.png

    Clique no botão Executar.

    Ao final será gerado um log, mas não é necessário postar.

    MANTENHA O SO ATUALIZADO:
    Mantenha como "automatica" as atualizações do windows. Novas brechas de segurança são descobertas com freqüência. Muitos malwares exploram essas brechas, infectando sistemas sem depender de nenhuma ação do usuário. A Microsoft corrige essas brechas através das atualizações. Por isso é fundamental manter o seu sistema atualizado.

    Se não tiver mais problema em relação a malwares, clique em Denunciar Post localizado no topo da pagina e diga que seu topico está RESOLVIDO. Se você tiver alguma dúvida relacionada a informática e tecnologia, sinta-se à vontade para postar em qualquer área do CdH.

    Att.
    Elias Pereira

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Crie uma conta ou entre para comentar

    Você precisar ser um membro para fazer um comentário






    Sobre o Clube do Hardware

    No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

    Direitos autorais

    Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

    ×