Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version) Tool run by camil on 17/08/2021 at 18:55:59,37. Microsoft Windows 10 Home Single Language 10.0.19042 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\camil\Desktop\zoek\ZA-Scan.exe [Z-Analyse Scan] ==== Running Processes ====================== C:\Program Files\Samsung\sService\sServiceKeyMonitor.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Users\camil\AppData\Local\Temp\ZAScan.exe ==== Drivers(whitelist) ====================== Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url] ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SecurityHealth"="%windir%\system32\SecurityHealthSystray.exe " ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\ColorEngine" ["C:\Program Files\Samsung\ColorEngine\ColorEngine.exe"] "C:\Windows\SysNative\tasks\ColorSettings" ["C:\Program Files\Samsung\ColorEngine\SetParam3264.exe"] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\McAfeeLogon" [C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe] "C:\Windows\SysNative\tasks\OneDrive Standalone Update Task-S-1-5-21-2123662491-2532545654-3335919578-500" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe] "C:\Windows\SysNative\tasks\OneDrive Standalone Update Task-S-1-5-21-615813026-2011834896-3341451427-500" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe] "C:\Windows\SysNative\tasks\OneDrive Standalone Update Task-S-1-5-21-834016555-1465169623-4214689632-500" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe] "C:\Windows\SysNative\tasks\RtkAudUService64_BG" [""C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_12da6ad5ef67a6ed\RtkAudUService64.exe""] "C:\Windows\SysNative\tasks\McAfee\DAD.Execute.Updates" ["C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe"] "C:\Windows\SysNative\tasks\Samsung\Recovery8\BulletUserModeWorker" ["C:\Program Files\Samsung\Recovery\BulletUserModeWorker.exe"] "C:\Windows\SysNative\tasks\Samsung\SamsungPCCleaner\SecurityCheck" ["%programfiles%\Samsung\Samsung PC Cleaner 2 Service\SecurityAppChecker.exe"] ==== Chromium Look ====================== Slides - camil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Docs - camil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - camil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - camil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo uBlock₀ - camil\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm Sheets - camil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - camil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi SearchPreview - camil\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo Méliuz Cashback e cupons em suas compras - camil\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdcfmebflppkljibgpdlboifpcaalolg User Agent Switcher URL sniffer - camil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljfpjnehmoiabkefmnjegmpdddgcdnpo Chrome Web Store Payments - camil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - camil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - camil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/?pc=SMTE" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{791EFDD8-2D09-4605-8A97-61B71535963A}" HKLM\SearchScopes\{791EFDD8-2D09-4605-8A97-61B71535963A} - http://www.bing.com/search?q={searchTerms}&form=PRSMS1&src=IE11TR&pc=SMTE HKLM\Wow6432Node\SearchScopes "DefaultScope"="{791EFDD8-2D09-4605-8A97-61B71535963A}" HKLM\Wow6432Node\SearchScopes\{791EFDD8-2D09-4605-8A97-61B71535963A} - http://www.bing.com/search?q={searchTerms}&form=PRSMS1&src=IE11TR&pc=SMTE ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 F2 - REG:system.ini: UserInit= O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.73\BHO\ie_to_edge_bho.dll O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL ==== EOF on 17/08/2021 at 18:57:48,15 ======================