ZA-Scan V1.0.0.6 Updated 03-May-2018(Online Version) Tool run by Iuri on 04/07/2021 at 12:39:33.77. Microsoft Windows 8.1 Single Language 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Iuri\Desktop\ZA-Scan.exe [Z-Analyse Scan] ==== Running Processes ====================== C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe C:\Program Files (x86)\Samsung\Settings\sSettings.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Users\Iuri\AppData\Local\Temp\ZAScan.exe C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe ==== Services(whitelist) ====================== Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url] R2 - [ClickToRunSvc] - Serviço Clique para Executar do Microsoft Office - c:\program files\common files\microsoft shared\clicktorun\officeclicktorun.exe R2 - [mfevtp] - McAfee Validation Trust Protection Service - c:\windows\system32\mfevtps.exe R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe S2 - [FLEXnet Licensing Service] - FLEXnet Licensing Service - c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe S2 - [gupdate] - Serviço do Google Update (gupdate) - c:\program files (x86)\google\update\googleupdate.exe S2 - [Service KMSELDI] - Service KMSELDI - c:\program files\kmspico\service_kms.exe S2 - [sppsvc] - Proteção de Software - c:\windows\system32\sppsvc.exe S2 - [Warsaw Technology] - Warsaw Technology - c:\program files\diebold\warsaw\core.exe S3 - [ALG] - Serviço Gateway de Camada de Aplicativo - c:\windows\system32\alg.exe S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe S3 - [FLEXnet Licensing Service 64] - FLEXnet Licensing Service 64 - c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice64.exe S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe S3 - [GoogleChromeElevationService] - Google Chrome Elevation Service - c:\program files (x86)\google\chrome\application\91.0.4472.124\elevation_service.exe S3 - [gupdatem] - Serviço do Google Update (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe S3 - [IEEtwCollectorService] - Serviço Coletor ETW do Internet Explorer - c:\windows\system32\ieetwcollector.exe S3 - [LS_Service.exe] - Aligner License Server Service - c:\program files (x86)\aligner license server\ls_service.exe S3 - [Microsoft Office Groove Audit Service] - Microsoft Office Groove Audit Service - c:\program files (x86)\microsoft office\office12\grooveauditservice.exe S3 - [MSDTC] - Coordenador de transações distribuídas - c:\windows\system32\msdtc.exe S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe S3 - [odserv] - Microsoft Office Diagnostics Service - c:\program files (x86)\common files\microsoft shared\office12\odserv.exe S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe S3 - [PerfHost] - Host de DLL de Contador de Desempenho - c:\windows\syswow64\perfhost.exe S3 - [RpcLocator] - Alocador Remote Procedure Call (RPC) - c:\windows\system32\locator.exe S3 - [SNMPTRAP] - Interceptação SNMP - c:\windows\system32\snmptrap.exe S3 - [TrustedInstaller] - Instalador de Módulos do Windows - c:\windows\servicing\trustedinstaller.exe S3 - [vds] - Disco Virtual - c:\windows\system32\vds.exe S3 - [VSS] - Cópia de Sombra de Volume - c:\windows\system32\vssvc.exe S3 - [wbengine] - Serviço de Mecanismo de Backup em Nível de Bloco - c:\windows\system32\wbengine.exe S3 - [WdNisSvc] - Serviço de Inspeção de Rede do Windows Defender - c:\program files\windows defender\nissrv.exe S3 - [WinDefend] - Serviço Windows Defender - c:\program files\windows defender\msmpeng.exe S3 - [wmiApSrv] - Adaptador de Desempenho WMI - c:\windows\system32\wbem\wmiapsrv.exe S3 - [WMPNetworkSvc] - Serviço de Compartilhamento de Rede do Windows Media Player - c:\program files\windows media player\wmpnetwk.exe S4 - [AdobeActiveFileMonitor11.0] - Adobe Active File Monitor V11 - c:\program files (x86)\adobe\elements 11 organizer\photoshopelementsfileagent.exe S4 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe S4 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe S4 - [AdobeUpdateService] - AdobeUpdateService - c:\program files (x86)\common files\adobe\adobe desktop common\elevationmanager\adobeupdateservice.exe S4 - [AGSService] - Adobe Genuine Software Integrity Service - c:\program files (x86)\common files\adobe\adobegcclient\agsservice.exe S4 - [AMD External Events Utility] - AMD External Events Utility - c:\windows\system32\atiesrxx.exe S4 - [AMPPALR3] - Intel® Centrino® Wireless Bluetooth® + High Speed Service - c:\program files\intel\bluetoothhs\bthsamppalservice.exe S4 - [Bluetooth Device Monitor] - Bluetooth Device Monitor - c:\program files (x86)\intel\bluetooth\devmonsrv.exe S4 - [Bluetooth OBEX Service] - Bluetooth OBEX Service - c:\program files (x86)\intel\bluetooth\obexsrv.exe S4 - [BTHSSecurityMgr] - Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service - c:\program files\intel\bluetoothhs\bthssecuritymgr.exe S4 - [cphs] - Intel(R) Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe S4 - [EvtEng] - Intel(R) PROSet/Wireless Event Log - c:\program files\intel\wifi\bin\evteng.exe S4 - [ICCS] - Intel(R) Integrated Clock Controller Service - Intel(R) ICCS - c:\program files (x86)\intel\intel(r) integrated clock controller service\iccproxy.exe S4 - [igfxCUIService1.0.0.0] - Intel(R) HD Graphics Control Panel Service - c:\windows\system32\igfxcuiservice.exe S4 - [Intel(R) Capability Licensing Service Interface] - Intel(R) Capability Licensing Service Interface - c:\program files\intel\icls client\heciserver.exe S4 - [Intel(R) Capability Licensing Service TCP IP Interface] - Intel(R) Capability Licensing Service TCP IP Interface - c:\program files\intel\icls client\socketheciserver.exe S4 - [Intel(R) ME Service] - Intel(R) ME Service - c:\program files (x86)\intel\intel(r) management engine components\fwservice\intelmefwservice.exe S4 - [Intel(R) Wireless Bluetooth(R) 4.0 Radio Management] - Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - c:\program files (x86)\intel\bluetooth\ibtrksrv.exe S4 - [IntelliMemory] - IntelliMemory - c:\program files\condusiv technologies\intellimemory\intellimem.exe S4 - [jhi_service] - Intel(R) Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe S4 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe S4 - [MBAMService] - Malwarebytes Service - c:\program files\malwarebytes\anti-malware\mbamservice.exe S4 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe S4 - [MyWiFiDHCPDNS] - Wireless PAN DHCP Server - c:\program files\intel\wifi\bin\pandhcpdns.exe S4 - [RegSrvc] - Intel(R) PROSet/Wireless Registry Service - c:\program files\common files\intel\wirelesscommon\regsrvc.exe S4 - [UNS] - Intel(R) Management and Security Application User Notification Service - c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe S4 - [uSHAREitSvc] - SHAREit Hotspot Service - c:\program files (x86)\shareit technologies\shareit\shareit.service.exe S4 - [ZeroConfigService] - Intel(R) PROSet/Wireless Zero Configuration Service - c:\program files\intel\wifi\bin\zeroconfigservice.exe ==== Drivers(whitelist) ====================== Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url] R0 - [FileInfo] - File Information FS MiniFilter - C:\WINDOWS\system32\Drivers\FileInfo.sys R0 - [FltMgr] - FltMgr - C:\WINDOWS\system32\Drivers\FltMgr.sys R0 - [Mup] - Mup - C:\WINDOWS\system32\Drivers\Mup.sys R0 - [Wof] - Windows Overlay File System Filter Driver - C:\WINDOWS\system32\Drivers\Wof.sys R1 - [NetBIOS] - NetBIOS Interface - C:\WINDOWS\system32\Drivers\NetBIOS.sys R2 - [srv] - Driver SMB 1.xxx do Servidor - C:\WINDOWS\system32\Drivers\srv.sys R3 - [srv2] - Driver SMB 2.xxx do Servidor - C:\WINDOWS\system32\Drivers\srv2.sys R0 - [ACPI] - Microsoft ACPI Driver - C:\WINDOWS\system32\Drivers\ACPI.sys R0 - [acpiex] - Microsoft ACPIEx Driver - C:\WINDOWS\system32\Drivers\acpiex.sys R0 - [amdkmpfd] - AMD PCI Root Bus Lower Filter - C:\WINDOWS\system32\Drivers\amdkmpfd.sys R0 - [CLFS] - Common Log (CLFS) - C:\WINDOWS\system32\Drivers\CLFS.sys R0 - [CNG] - CNG - C:\WINDOWS\system32\Drivers\CNG.sys R0 - [disk] - Driver de disco - C:\WINDOWS\system32\Drivers\disk.sys R0 - [EhStorClass] - Enhanced Storage Filter Driver - C:\WINDOWS\system32\Drivers\EhStorClass.sys R0 - [fvevol] - Driver de Filtro de Criptografia de Unidade de Disco BitLocker - C:\WINDOWS\system32\Drivers\fvevol.sys R0 - [iaStorA] - iaStorA - C:\WINDOWS\system32\Drivers\iaStorA.sys R0 - [intelpep] - Driver Intel(R) Power Engine Plug-in - C:\WINDOWS\system32\Drivers\intelpep.sys R0 - [intmsd] - IntelliMemory Storage Filter Driver - C:\WINDOWS\system32\Drivers\intmsd.sys R0 - [KSecDD] - KSecDD - C:\WINDOWS\system32\Drivers\KSecDD.sys R0 - [KSecPkg] - KSecPkg - C:\WINDOWS\system32\Drivers\KSecPkg.sys R0 - [mfehidk] - McAfee Inc. mfehidk - C:\WINDOWS\system32\Drivers\mfehidk.sys R0 - [mountmgr] - Gerenciador de Pontos de Montagem - C:\WINDOWS\system32\Drivers\mountmgr.sys R0 - [msisadrv] - msisadrv - C:\WINDOWS\system32\Drivers\msisadrv.sys R0 - [NDIS] - Driver do Sistema NDIS - C:\WINDOWS\system32\Drivers\NDIS.sys R0 - [partmgr] - Gerenciador de Partições - C:\WINDOWS\system32\Drivers\partmgr.sys R0 - [pci] - PCI Bus Driver - C:\WINDOWS\system32\Drivers\pci.sys R0 - [pcw] - Performance Counters for Windows Driver - C:\WINDOWS\system32\Drivers\pcw.sys R0 - [pdc] - pdc - C:\WINDOWS\system32\Drivers\pdc.sys R0 - [PxHlpa64] - PxHlpa64 - C:\WINDOWS\system32\Drivers\PxHlpa64.sys R0 - [rdyboost] - ReadyBoost - C:\WINDOWS\system32\Drivers\rdyboost.sys R0 - [spaceport] - Driver de Espaços de Armazenamento - C:\WINDOWS\system32\Drivers\spaceport.sys R0 - [Tcpip] - Driver de Protocolo TCP/IP - C:\WINDOWS\system32\Drivers\Tcpip.sys R0 - [vdrvroot] - Enumerador de Unidade Virtual Microsoft - C:\WINDOWS\system32\Drivers\vdrvroot.sys R0 - [volmgr] - Driver de Gerenciador de Volumes - C:\WINDOWS\system32\Drivers\volmgr.sys R0 - [volmgrx] - Gerenciador de Volume Dinâmico - C:\WINDOWS\system32\Drivers\volmgrx.sys R0 - [volsnap] - Volumes de armazenamento - C:\WINDOWS\system32\Drivers\volsnap.sys R0 - [Wdf01000] - Serviço de Estruturas de Driver em Modo Kernel - C:\WINDOWS\system32\Drivers\Wdf01000.sys R0 - [WFPLWFS] - Plataforma para Filtros do Microsoft Windows - C:\WINDOWS\system32\Drivers\WFPLWFS.sys R1 - [AFD] - Ancillary Function Driver for Winsock - C:\WINDOWS\system32\Drivers\AFD.sys R1 - [Beep] - Beep - C:\WINDOWS\system32\Drivers\Beep.sys R1 - [tdx] - Driver de Suporte a TDI Herdado de NetIO - C:\WINDOWS\system32\Drivers\tdx.sys R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\WINDOWS\system32\Drivers\tcpipreg.sys S0 - [hwpolicy] - Hardware Policy Driver - C:\WINDOWS\system32\Drivers\hwpolicy.sys S3 - [atapi] - Canal de IDE - C:\WINDOWS\system32\Drivers\atapi.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-140852086-2964459469-3421718239-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Dropbox Update"="C:\Users\Iuri\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "uTorrent"="C:\Users\Iuri\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "RESTART_STICKY_NOTES"="C:\WINDOWS\system32\StikyNot.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Dropbox Update"="C:\Users\Iuri\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "uTorrent"="C:\Users\Iuri\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "RESTART_STICKY_NOTES"="C:\WINDOWS\system32\StikyNot.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /S3HpProtect " "RtHDVBg_SRSSA"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SRSSA" "IgfxTray"="C:\windows\system32\igfxtray.exe" "HotKeysCmds"="C:\windows\system32\hkcmd.exe" "Persistence"="C:\windows\system32\igfxpers.exe" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll,TrayApp" "ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeActiveFileMonitor11.0] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeFlashPlayerUpdateSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeUpdateService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AGSService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AMD External Events Utility] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AMPPALR3] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ArcGIS License Manager] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bluetooth Device Monitor] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bluetooth OBEX Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BTHSSecurityMgr] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\cphs] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Easy Launcher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\EvtEng] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\FLEXnet Licensing Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\FoxitCloudUpdateService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ICCS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\igfxCUIService1.0.0.0] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Intel(R) Capability Licensing Service Interface] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Intel(R) Capability Licensing Service TCP IP Interface] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Intel(R) ME Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Intel(R) Wireless Bluetooth(R) 4.0 Radio Management] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IntelliMemory] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\jhi_service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\LMS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MBAMService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MozillaMaintenance] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MyWiFiDHCPDNS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NitroReaderDriverReadSpool3] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RegSrvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SWUpdateService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\UNS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\uSHAREitSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ZeroConfigService] ==== Startup Folders ====================== 2021-04-29 22:48:04 1183 ----a-w- C:\Users\Iuri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2021-02-25 00:29:23 40960 ----a-w- C:\Users\Iuri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MouseFix.exe 2021-02-25 00:29:23 45056 ---ha-w- C:\Users\Iuri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MouseFixDll.dll ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/07/2016 12:41] C:\WINDOWS\tasks\ArcGIS Indexing (MicrosoftAccount_iuridaedias@gmail.com).job --a-------- [Undetermined Task] C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-140852086-2964459469-3421718239-1001Core.job --a-------- C:\Users\Iuri\AppData\Local\Dropbox\Update\DropboxUpdate.exe [04/11/2016 19:47] C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-140852086-2964459469-3421718239-1001UA.job --a-------- [Undetermined Task] C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-140852086-2964459469-3421718239-1001Core.job --a-------- [Undetermined Task] C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-140852086-2964459469-3421718239-1001UA.job --a-------- [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\advRecovery" ["C:\Program Files\Samsung\Recovery\WCScheduler.exe"] "C:\WINDOWS\SysNative\tasks\AutoPico Daily Restart" ["C:\Program Files\KMSpico\AutoPico.exe"] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-140852086-2964459469-3421718239-1001Core" [C:\Users\Iuri\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-140852086-2964459469-3421718239-1001UA" [C:\Users\Iuri\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\WINDOWS\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-140852086-2964459469-3421718239-1001Core" [C:\Users\Iuri\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\WINDOWS\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-140852086-2964459469-3421718239-1001UA" [C:\Users\Iuri\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\HPCustParticipation HP Deskjet 1510 series" ["C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe"] "C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task-S-1-5-21-140852086-2964459469-3421718239-1001" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe] "C:\WINDOWS\SysNative\tasks\Rerun Warsaw's CoreFixer" [C:\WINDOWS\TEMP\is-DPIHJ.tmp\corefixer.exe] "C:\WINDOWS\SysNative\tasks\SAgent" ["C:\Program Files\Samsung\S Agent\CommonAgent.exe"] "C:\WINDOWS\SysNative\tasks\Settings" ["C:\Program Files (x86)\Samsung\Settings\sSettings.exe"] "C:\WINDOWS\SysNative\tasks\SUPatchForW10Up" ["%programdata%\Samsung\SamsungUpdatePatch\SUPatchForW10Up.exe"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{F6C927A7-C568-403C-B1B4-2AE40DC4C426}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B" [C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe] ==== Firefox Extensions Registry ====================== [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{b9aa91db-385d-4c69-8a2f-96790aa9405b}"="c:\program files (x86)\copernic\desktopsearch\firefoxconnector" [] ==== Chromium Look ====================== Google Chrome Version: 91.0.4472.124 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions nahhmpbckpgdidfnmfkfgiflpjijilce - No path found[] njpedbdniajflhgfoipnjkednnlkngbj - No path found[] pilplloabdedfmialnfchjomjmpjcoej - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions cnnbdaahphjgdgfhliignpepgnbnfomp - c:\program files (x86)\copernic\desktopsearch\ChromeConnector\ChromeConnector.crx[] nahhmpbckpgdidfnmfkfgiflpjijilce - No path found[] pgacfjdigcddmmncljpflgcfpfahebkh - C:\Users\Iuri\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx[] pilplloabdedfmialnfchjomjmpjcoej - No path found[] Docs - Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Docs Offline - Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Search Manager - Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce Search and New Tab by AOL - Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\njpedbdniajflhgfoipnjkednnlkngbj Chrome Web Store Payments - Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Search Manager - Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej Gmail - Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm Dark - Iuri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom Chrome Web Store Payments - Iuri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Chrome Media Router - Iuri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE09&ocid=UE09DHP" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{AF63D074-9668-45A1-801E-29599D461F4B}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\SearchScopes\{AF63D074-9668-45A1-801E-29599D461F4B} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS HKLM\Wow6432Node\SearchScopes "DefaultScope"="" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes\{AF63D074-9668-45A1-801E-29599D461F4B} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE10 HKCU\SearchScopes\{518b33ae-375d-712d-6742-d1fe0400268d} - https://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=bgy_bjiqs279bdfhjvqgikmoqs1f_19_35_ssg00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwingy%26cd%3D2XzuyEtN2Y1L1Qzu0ByC0ByCyByCyC0FtC0BtCyCyD0F0AyEtN0D0Tzu0StByBzyyEtN1L2XzuyEtFyDyDtFtDtFtCtDtAtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2SyB0AyCyB0D0C0CyEtGtCzyyCyBtGyCyEyEyEtGtCyE0AyEtG0B0E0A0AtByC0D0F0EyDyDyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD1Qzy1RyEtB1TyCtGyB1O1TtAtGyEyCtDyCtGzytB1Q1TtGyBtAzzzz1OyDyC1TtB1P1RtD2QtN0A0LzutDtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyCyCzzyDtDtByEyC%26cr%3D1704874551%26a%3Dbgy_bjiqs279bdfhjvqgikmoqs1f_19_35_ssg00%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BSingle%2BLanguage&p={searchTerms} HKCU\SearchScopes\{8A2AAEB8-0B3C-4C9C-916C-E1A7F02D98DD} - https://br.search.yahoo.com/search?p={searchTerms}&intl=br&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle HKCU\SearchScopes\{AF63D074-9668-45A1-801E-29599D461F4B} - No_Url_Value ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll ==== EOF on 04/07/2021 at 13:38:18.49 ======================