Ir ao conteúdo
  • Cadastre-se

Adauto2

Membros Juniores
  • Total de itens

    13
  • Registro em

  • Última visita

  • Qualificações

    0%

Reputação

1

Sobre Adauto2

  • Data de Nascimento 24/04/1988 (31 anos)

Informações gerais

  • Cidade e Estado
    Sao paulo, Sao paulo
  1. @Turco, feito! Agradeço pela atenção e pela ajuda.
  2. @Turco , acabei indo no impulso e não vi a parte para salvar o log. Foi encontrado 9 ameaças e colocadas em quarentena conforme o print anexo que tirei.
  3. @Turco Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 12-01-2020 Executado por Usuario (15-01-2020 10:35:00) Run:1 Executando a partir de C:\Users\Usuario\Desktop Perfis Carregados: Usuario (Perfis Disponíveis: Usuario) Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** CreateRestorePoint: CloseProcesses: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restri��o <==== ATEN��O FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restri��o <==== ATEN��O CHR HKLM\SOFTWARE\Policies\Google: Restri��o <==== ATEN��O VirusTotal: C:\Bkp_Flext\Backup Flext Cash.bat CMD: type C:\Bkp_Flext\Backup Flext Cash.bat HOSTS: RemoveProxy: CMD: bitsadmin /reset /allusers CMD: ipconfig /flushdns EmptyTemp: ***************** Ponto de Restauração criado com sucesso. Processos fechados com sucesso. HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removido (a) com sucesso. HKLM\SOFTWARE\Policies\Mozilla => removido (a) com sucesso. HKLM\SOFTWARE\Policies\Google => removido (a) com sucesso. VirusTotal: C:\Bkp_Flext\Backup Flext Cash.bat => https://www.virustotal.com/file/9ebd96342fee5a8e843a63ede2351d907ff01b10d8a7f8159cf810c6ea1b5eea/analysis/1579095309/ ========= type C:\Bkp_Flext\Backup Flext Cash.bat ========= O sistema nÆo pode encontrar o arquivo especificado. Erro ao processar: C:\Bkp_Flext\Backup. O sistema nÆo pode encontrar o arquivo especificado. Erro ao processar: Flext. O sistema nÆo pode encontrar o arquivo especificado. Erro ao processar: Cash.bat. ========= Fim de CMD: ========= C:\Windows\System32\Drivers\etc\hosts => movido com sucesso Hosts restaurado com sucesso. ========= RemoveProxy: ========= "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso. "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso. "HKU\S-1-5-21-3210410832-52721733-420004279-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso. "HKU\S-1-5-21-3210410832-52721733-420004279-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso. ========= Fim de RemoveProxy: ========= ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 [ 7.5.7601 ] BITS administration utility. (C) Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. Unable to cancel {223F1500-4EB0-4E82-8419-4E7D82DB3781}. Unable to cancel {0B5AF6B9-AC1F-4735-9C6A-B25E5A470B97}. 0 out of 2 jobs canceled. ========= Fim de CMD: ========= ========= ipconfig /flushdns ========= Configura‡Æo de IP do Windows Libera‡Æo do Cache do DNS Resolver bem-sucedida. ========= Fim de CMD: ========= =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17485256 B Java, Flash, Steam htmlcache => 1154 B Windows/system/drivers => 2292686 B Edge => 0 B Chrome => 419611922 B Firefox => 74357938 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 66228 B systemprofile32 => 132584 B LocalService => 132584 B NetworkService => 198812 B Usuario => 151259978 B RecycleBin => 495 B EmptyTemp: => 642.7 MB de dados temporários Removidos. ================================ O sistema precisou ser reiniciado. ==== Fim de Fixlog 10:35:52 ====
  4. @Turco, segue abaixo FRST.txt e o Addition.txt anexo. Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 12-01-2020 Executado por Usuario (administrador) em USUARIO-PC (Gigabyte Technology Co., Ltd. GA-78LMT-S2) (14-01-2020 07:27:05) Executando a partir de C:\Users\Usuario\Desktop Perfis Carregados: Usuario (Perfis Disponíveis: Usuario) Platform: Windows 7 Professional Service Pack 1 (X64) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão: IE) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Banco Bradesco S.A. -> Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradguard.exe (Banco Bradesco S.A. -> Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradserv.exe (Brother Industries, Ltd.) [Arquivo não assinado] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) [Arquivo não assinado] C:\Program Files (x86)\Browny02\BrYNSvc.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\88.4.172\QtWebEngineProcess.exe (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\88.4.172\QtWebEngineProcess.exe (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\88.4.172\QtWebEngineProcess.exe (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIC.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIMTE.EXE (TeamViewer GmbH -> TeamViewer GmbH) D:\TeamViewer\TeamViewer_Service.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-10-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) [Arquivo não assinado] HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1092304 2016-03-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [653352 2017-07-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [862248 2017-07-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6261760 2020-01-07] (Dropbox, Inc -> Dropbox, Inc.) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO HKU\S-1-5-21-3210410832-52721733-420004279-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIMTE.EXE [298560 2014-03-19] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-3210410832-52721733-420004279-1000\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIMTE.EXE [298560 2014-03-19] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-3210410832-52721733-420004279-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [47773264 2019-12-22] (Google LLC -> ) HKU\S-1-5-21-3210410832-52721733-420004279-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-06] (Piriform Ltd -> Piriform Ltd) HKU\S-1-5-21-3210410832-52721733-420004279-1000\...\Run: [GoogleChromeAutoLaunch_CF0D12F859BF15DAB73FDD0B7E1E013D] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-09] (Google LLC -> Google LLC) Startup: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Backup Flext Cash - Atalho.lnk [2018-01-17] ShortcutTarget: Backup Flext Cash - Atalho.lnk -> C:\Bkp_Flext\Backup Flext Cash.bat () [Arquivo não assinado] FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrição <==== ATENÇÃO CHR HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO ==================== Tarefas Agendadas (Whitelisted) ============ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {0366A6D1-4C4D-4B9F-B8DC-F2B5D1C707EE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-11] (Adobe Inc. -> Adobe Systems) Task: {427D46B9-E191-4DF2-8E71-0B555AD25BE1} - \Backup Flext Cash -> Nenhum Arquivo <==== ATENÇÃO Task: {43E3FD7F-3A61-4BD2-93EE-58BD221B198F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd) Task: {47927B21-D44B-4F7E-8EBA-A340357BE950} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-20] (Google Inc -> Google Inc.) Task: {4A8AAADF-6C78-448B-AB75-810B217686DB} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_Plugin.exe [1457720 2020-01-13] (Adobe Inc. -> Adobe) Task: {4F9AE161-E033-4731-B364-39C06202287E} - System32\Tasks\bkpFlextCanadense => C:\Bkp_Flext\Backup Flext Cash.bat [362 2018-01-17] () [Arquivo não assinado] Task: {503D5683-63E3-4899-8224-88270B510607} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-17] (Dropbox, Inc -> Dropbox, Inc.) Task: {58B4DD9E-BFBD-43BD-A862-61FFCFDFE401} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-17] (Dropbox, Inc -> Dropbox, Inc.) Task: {853279D5-99D6-4B8A-A686-F5C3A5000C84} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-20] (Google Inc -> Google Inc.) Task: {85C260CE-C70A-4E42-97E4-B11F4A156CB2} - System32\Tasks\R@1n-KMS\Office14ProPlus => wmic path OfficeSoftwareProtectionProduct where (ID="6f327760-8c5c-417c-9b61-836a98287e0c") call Activate Task: {968E26EC-BEDD-467E-BDE0-CA66D9E1785E} - \Backup Flext -> Nenhum Arquivo <==== ATENÇÃO Task: {99FA0528-70ED-4C94-859C-938016719D51} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-06] (Piriform Ltd -> Piriform Ltd) Task: {A8815D3E-2AC4-4425-A779-2CBA6FBF1497} - System32\Tasks\{E63EEC93-DC24-4FBC-A7D8-2D505CCB8750} => C:\Windows\system32\pcalua.exe -a C:\Users\Usuario\Downloads\Instalador_BULL_Tecfinance.exe -d C:\Users\Usuario\Downloads Task: {BFCC5694-665F-46B2-9C4D-86EDD7D25F12} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) Task: {DD1A9351-A316-4A2F-BB89-886C2D5F32C2} - System32\Tasks\EPSON L575 Series Update {715D002F-8365-463A-A8B5-5316E8534B2E} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSMTE.EXE [690536 2013-11-21] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Task: {EBD95865-C8F3-4D13-AA4C-65F99042F06A} - System32\Tasks\canadenseflext => C:\Bkp_Flext\Backup Flext Cash.bat [362 2018-01-17] () [Arquivo não assinado] Task: {F2E3685B-BCB5-47E0-A979-119876311AD3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software) Task: {F52C23E1-6D31-4014-B6E0-649C11AF3F88} - System32\Tasks\EPSON L575 Series Update {B772D739-1987-4B99-87DF-624BCA37323C} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSMTE.EXE [690536 2013-11-21] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\EPSON L575 Series Update {715D002F-8365-463A-A8B5-5316E8534B2E}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSMTE.EXE:/EXE:{715D002F-8365-463A-A8B5-5316E8534B2E} /F:UpdateSISTEMAĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\Windows\Tasks\EPSON L575 Series Update {B772D739-1987-4B99-87DF-624BCA37323C}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSMTE.EXE:/EXE:{B772D739-1987-4B99-87DF-624BCA37323C} /F:UpdateSISTEMAĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0 Tcpip\..\Interfaces\{AC0059A4-1252-4D7A-835B-F2444471C92A}: [DhcpNameServer] 200.204.0.138 192.168.0.1 Tcpip\..\Interfaces\{C0831335-F326-4356-91B0-10B7E7E0DB26}: [DhcpNameServer] 192.168.0.1 0.0.0.0 Internet Explorer: ================== BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-06-12] (Oracle America, Inc. -> Oracle Corporation) BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-06-12] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-26] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2017-03-20] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-26] (Oracle America, Inc. -> Oracle Corporation) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) FireFox: ======== FF DefaultProfile: w1s1vdw5.default FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\w1s1vdw5.default [2020-01-14] FF Homepage: Mozilla\Firefox\Profiles\w1s1vdw5.default -> hxxps://www.bbc.com/portuguese FF Notifications: Mozilla\Firefox\Profiles\w1s1vdw5.default -> hxxps://www.dafiti.com.br; hxxps://support.cloud.google.com FF Extension: (Avast SafePrice | Comparação, ofertas, cupons) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\w1s1vdw5.default\Extensions\sp@avast.com.xpi [2020-01-06] FF Extension: (Avast Online Security) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\w1s1vdw5.default\Extensions\wrc@avast.com.xpi [2020-01-09] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_303.dll [2020-01-13] (Adobe Inc. -> ) FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-06-12] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-06-12] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-04] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_303.dll [2020-01-13] (Adobe Inc. -> ) FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-26] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-26] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Notifications: Default -> hxxps://123milhas.com; hxxps://kmdevantagens-com-br-5afc9025e1efe.pushnews.eu; hxxps://www.facebook.com CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default [2020-01-14] CHR Extension: (Apresentações) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-20] CHR Extension: (Jaxx Blockchain Wallet) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ancbofgphhmhcchnaognahmjfajaecmo [2018-07-18] CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20] CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-18] CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-26] CHR Extension: (Postman) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhpolonmjbamaehfecdmhbdphcmgckdn [2019-04-01] CHR Extension: (Avast SafePrice | Comparação, ofertas, cupons) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-01-06] CHR Extension: (Planilhas) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-20] CHR Extension: (Postman) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbjgbiflinjbdggehcddcbncdddomop [2019-04-01] CHR Extension: (Documentos Google off-line) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-11] CHR Extension: (Avast Online Security) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-12-20] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-07-29] CHR Extension: (Allow-Control-Allow-Origin: *) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlfbmbojpeacfghkpbjhddihlkkiljbi [2019-07-17] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04] CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30] CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-11] CHR HKU\S-1-5-21-3210410832-52721733-420004279-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-08-23] (Apple Inc. -> Apple Inc.) S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8395968 2019-10-22] (BattlEye Innovations e.K. -> ) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Arquivo não assinado] S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-17] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-17] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [44552 2020-01-07] (Dropbox, Inc -> Dropbox, Inc.) R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [681400 2018-12-17] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2016-11-08] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2020-01-10] (Malwarebytes Inc -> Malwarebytes) S4 NetExpress Updater; C:\Program Files (x86)\AppBrad\NetExpressUpdater.exe [20424 2017-07-31] (Banco Bradesco S.A. -> ) R2 scpbradserv; C:\Program Files (x86)\scpbrad\scpbradserv.exe [2269568 2019-11-29] (Banco Bradesco S.A. -> Scopus Soluções em TI Ltda) R2 TeamViewer; D:\TeamViewer\TeamViewer_Service.exe [11446104 2019-04-24] (TeamViewer GmbH -> TeamViewer GmbH) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) S2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [X] ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2017-10-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37616 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [204824 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [274456 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [209552 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [65120 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [276952 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42736 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [171520 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110320 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83792 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848432 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460448 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [236024 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316528 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) S3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [5020672 2009-07-13] (Microsoft Windows -> ATI Technologies Inc.) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-10-19] (Martin Malik - REALiX -> REALiX(tm)) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2018-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) =================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2020-01-14 07:27 - 2020-01-14 07:27 - 000027580 _____ C:\Users\Usuario\Desktop\FRST.txt 2020-01-14 07:26 - 2020-01-14 07:27 - 000000000 ____D C:\FRST 2020-01-14 07:26 - 2020-01-14 07:26 - 002573312 _____ (Farbar) C:\Users\Usuario\Desktop\FRST64.exe 2020-01-13 10:45 - 2020-01-13 10:45 - 000002358 _____ C:\Users\Usuario\Desktop\ZHPCleaner (R).txt 2020-01-13 10:44 - 2020-01-13 10:44 - 000002101 _____ C:\Users\Usuario\Desktop\ZHPCleaner (S).txt 2020-01-13 10:31 - 2020-01-13 10:45 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\ZHP 2020-01-13 10:31 - 2020-01-13 10:31 - 003329408 _____ (Nicolas Coolman) C:\Users\Usuario\Desktop\ZHPCleaner.exe 2020-01-13 10:31 - 2020-01-13 10:31 - 000000834 _____ C:\Users\Usuario\Desktop\ZHPCleaner.lnk 2020-01-13 10:31 - 2020-01-13 10:31 - 000000000 ____D C:\Users\Usuario\AppData\Local\ZHP 2020-01-13 10:21 - 2020-01-13 10:21 - 000011664 _____ C:\Users\Usuario\.bash_history 2020-01-10 12:51 - 2020-01-10 12:51 - 000001972 _____ C:\Users\Usuario\Desktop\malwareb.txt 2020-01-10 09:59 - 2020-01-10 09:59 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbam 2020-01-10 09:58 - 2020-01-10 09:58 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2020-01-10 09:58 - 2020-01-10 09:58 - 000001948 _____ C:\Users\Todos os Usuários\Desktop\Malwarebytes.lnk 2020-01-10 09:58 - 2020-01-10 09:58 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2020-01-10 09:58 - 2020-01-10 09:58 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk 2020-01-10 09:58 - 2020-01-10 09:58 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbamtray 2020-01-10 09:58 - 2020-01-10 09:58 - 000000000 ____D C:\Users\Todos os Usuários\Malwarebytes 2020-01-10 09:58 - 2020-01-10 09:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2020-01-10 09:58 - 2020-01-10 09:58 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-01-10 09:58 - 2020-01-10 09:58 - 000000000 ____D C:\Program Files\Malwarebytes 2020-01-10 09:55 - 2020-01-10 09:55 - 000002660 _____ C:\Users\Usuario\Desktop\AdwCleaner[C00].txt 2020-01-10 09:44 - 2020-01-10 09:46 - 000000000 ____D C:\AdwCleaner 2020-01-10 09:43 - 2020-01-10 09:43 - 001883976 _____ (Malwarebytes) C:\Users\Usuario\Desktop\MBSetup.exe 2020-01-10 09:41 - 2020-01-10 09:42 - 008237744 _____ (Malwarebytes) C:\Users\Usuario\Desktop\adwcleaner_8.0.1.exe 2020-01-09 07:29 - 2020-01-09 07:29 - 000026232 _____ C:\ZA-Scan.txt 2020-01-09 07:20 - 2020-01-10 12:46 - 000000000 ____D C:\Users\Usuario\Desktop\zoek 2020-01-09 07:20 - 2020-01-09 07:20 - 000000000 ____D C:\zoek_backup 2020-01-08 06:36 - 2020-01-08 06:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2020-01-07 11:21 - 2020-01-07 11:21 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys 2020-01-07 11:21 - 2020-01-07 11:21 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys 2020-01-07 11:21 - 2020-01-07 11:21 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys 2020-01-07 11:21 - 2020-01-07 11:21 - 000044552 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe 2019-12-19 15:28 - 2019-12-19 15:30 - 000174314 _____ C:\Users\Usuario\Desktop\161219-50 Rest. Estampo de Furar e Recortar Nº 100414-08-01-00-1.pdf 2019-12-19 15:28 - 2019-12-19 15:28 - 000162678 _____ C:\Users\Usuario\Desktop\161219-10 - Proposta Técnica da Rest. Estampo de Furar e Flangear Nº 100414-08-01-00-1.pdf 2019-12-19 15:06 - 2019-12-19 15:29 - 000312832 _____ C:\Users\Usuario\Desktop\161219-50 Rest. Estampo de Furar e Recortar Nº 100414-08-01-00-1.xls 2019-12-19 14:39 - 2019-12-19 14:39 - 000315392 _____ C:\Users\Usuario\Desktop\161219-50 Rest. Estampo de Furar e Recortar Nº 100414-08-01-00.xls 2019-12-19 14:31 - 2019-12-19 14:31 - 000467456 _____ C:\Users\Usuario\Downloads\161219-50 Rest. Estampo de Furar e Recortar Nº 100414-08-01-00.xls 2019-12-19 14:04 - 2019-12-19 14:04 - 000022854 _____ C:\Users\Usuario\Desktop\correios.pdf ==================== Um mês (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2020-01-14 07:27 - 2017-07-21 10:59 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\Mozilla 2020-01-14 07:01 - 2018-01-17 11:28 - 000001022 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2020-01-14 06:50 - 2009-07-14 02:45 - 000021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-01-14 06:50 - 2009-07-14 02:45 - 000021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-01-14 06:39 - 2011-01-27 21:29 - 000707970 _____ C:\Windows\system32\prfh0416.dat 2020-01-14 06:39 - 2011-01-27 21:29 - 000147754 _____ C:\Windows\system32\prfc0416.dat 2020-01-14 06:39 - 2009-07-14 03:13 - 001641422 _____ C:\Windows\system32\PerfStringBackup.INI 2020-01-14 06:39 - 2009-07-14 01:20 - 000000000 ____D C:\Windows\inf 2020-01-14 06:35 - 2019-07-29 11:53 - 000000000 ___RD C:\Users\Usuario\Google Drive 2020-01-14 06:34 - 2017-12-11 15:23 - 000000000 ____D C:\Bkp_Flext 2020-01-14 06:34 - 2009-07-14 03:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-01-13 11:00 - 2017-07-26 17:04 - 000000000 ____D C:\Users\Usuario\.ionic 2020-01-13 10:51 - 2017-07-21 11:28 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe 2020-01-13 10:51 - 2017-07-21 11:28 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2020-01-13 10:51 - 2017-07-21 11:28 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2020-01-13 10:51 - 2017-07-21 11:28 - 000000000 ____D C:\Windows\system32\Macromed 2020-01-13 10:51 - 2017-07-21 11:23 - 000000000 ____D C:\Users\Usuario\AppData\Local\Adobe 2020-01-13 10:28 - 2019-10-08 14:33 - 000003176 _____ C:\Windows\system32\Tasks\{E63EEC93-DC24-4FBC-A7D8-2D505CCB8750} 2020-01-13 10:28 - 2019-03-27 10:59 - 000004542 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier 2020-01-13 10:28 - 2018-09-06 11:36 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update 2020-01-13 10:28 - 2018-02-14 08:39 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2020-01-13 10:28 - 2018-01-17 13:27 - 000003560 _____ C:\Windows\system32\Tasks\canadenseflext 2020-01-13 10:28 - 2018-01-17 13:22 - 000003712 _____ C:\Windows\system32\Tasks\bkpFlextCanadense 2020-01-13 10:28 - 2018-01-17 11:28 - 000004028 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineUA 2020-01-13 10:28 - 2017-12-06 11:11 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software 2020-01-13 10:28 - 2017-07-26 17:25 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Code 2020-01-13 10:28 - 2017-07-21 10:46 - 000002798 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC 2020-01-13 10:28 - 2017-07-20 18:59 - 000003504 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2020-01-13 10:28 - 2017-07-20 18:59 - 000003376 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2020-01-13 10:21 - 2017-07-20 18:56 - 000000000 ____D C:\Users\Usuario 2020-01-10 12:11 - 2019-07-29 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google 2020-01-10 09:59 - 2019-10-09 14:53 - 000000000 ____D C:\Users\Usuario\AppData\Local\cache 2020-01-10 09:46 - 2017-10-19 13:59 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\IObit 2020-01-10 09:46 - 2017-10-19 13:59 - 000000000 ____D C:\Users\Todos os Usuários\IObit 2020-01-10 09:46 - 2017-10-19 13:59 - 000000000 ____D C:\ProgramData\IObit 2020-01-10 09:46 - 2017-10-19 13:59 - 000000000 ____D C:\Program Files (x86)\IObit 2020-01-10 06:38 - 2019-12-06 08:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2020-01-10 06:38 - 2017-07-20 18:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-01-09 07:51 - 2017-07-31 11:40 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\TeamViewer 2020-01-09 07:51 - 2017-07-26 15:09 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\MPC-HC 2020-01-09 07:51 - 2017-07-21 12:09 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\PhotoScape 2020-01-09 07:50 - 2017-09-26 14:50 - 000000000 ____D C:\Windows\Minidump 2020-01-09 07:05 - 2018-07-18 10:25 - 000000000 ____D C:\Users\Usuario\AppData\Local\AVAST Software 2020-01-09 06:46 - 2017-07-20 18:59 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-01-09 06:46 - 2017-07-20 18:59 - 000002181 _____ C:\Users\Todos os Usuários\Desktop\Google Chrome.lnk 2020-01-09 06:46 - 2017-07-20 18:59 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-01-09 06:46 - 2017-07-20 18:59 - 000002181 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2020-01-08 06:36 - 2018-01-17 11:28 - 000000000 ____D C:\Program Files (x86)\Dropbox 2020-01-07 08:56 - 2019-02-19 17:30 - 000001554 _____ C:\Users\Usuario\Desktop\jan-fev-19.txt 2019-12-19 10:55 - 2017-07-21 11:25 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2019-12-18 06:43 - 2018-01-17 11:28 - 000001018 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2019-12-17 10:15 - 2018-01-17 11:28 - 000003778 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineCore ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) LastRegBack: 2020-01-08 07:27 ==================== Fim de FRST.txt ======================== Addition.txt
  5. @Turco ~ ZHPCleaner v2020.1.12.169 by Nicolas Coolman (2020/01/12) ~ Run by Usuario (Administrator) (13/01/2020 10:34:06) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version KO ~ Type : Scan ~ Report : C:\Users\Usuario\Desktop\ZHPCleaner (S).txt ~ Quarantine : C:\Users\Usuario\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ System Restore Point : ~ UAC : Deactivate ~ Boot Mode : Normal (Normal boot) Windows 7 Professional, 64-bit Service Pack 1 (Build 7601) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (1) FOUND data: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [Bad : 127.0.0.1;localhost;<local>;;*.local] =>Hijacker.Proxy ---\\ Hosts file (1) ~ The hosts file is legitimate (21) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (0) ~ No malicious or unnecessary items found. ---\\ Registry ( Key, Value, Data) (2) FOUND value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_CF0D12F859BF15DAB73FDD0B7E1E013D ["C:\Program Files (x86)\Google\Chrome\Application\] =>PUP.Optional.MyBrowser FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool] =>Toolbar.Ask ---\\ Summary of the elements found (3) https://nicolascoolman.eu/2017/04/03/hijacker-proxy/ =>Hijacker.Proxy https://nicolascoolman.eu/2017/11/01/adware-mybrowser/ =>PUP.Optional.MyBrowser https://nicolascoolman.eu/2017/02/28/toolbar-ask/ =>Toolbar.Ask ---\\ Result of repair ~ Any repair made ~ Mozilla Firefox OK ~ Internet Explorer OK ---\\ Statistics ~ Items scanned : 88659 ~ Items found : 3 ~ Items cancelled : 0 ~ Items options : 8/15 ~ Space saving (bytes) : 0 ~ End of search in 00h10mn01s ---\\ Reports (0) ZHPCleaner--13012020-10_44_07.txt
  6. Boa tarde @Turco, obrigado desde já. Segue abaixo os logs: - ADWCleaner: # ------------------------------- # Malwarebytes AdwCleaner 8.0.1.0 # ------------------------------- # Build: 12-17-2019 # Database: 2020-01-06.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 01-10-2020 # Duration: 00:00:01 # OS: Windows 7 Professional # Cleaned: 14 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\Program Files (x86)\IOBIT\Driver Booster Deleted C:\ProgramData\IOBIT\Driver Booster Deleted C:\ProgramData\IObit\Advanced SystemCare Deleted C:\Users\Usuario\AppData\Roaming\IOBIT\Driver Booster Deleted C:\Users\Usuario\AppData\Roaming\IObit\Advanced SystemCare ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** Deleted C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER Deleted C:\Windows\System32\Tasks\DRIVER BOOSTER SKIPUAC (USUARIO) ***** [ Registry ] ***** Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E59B58DE-3283-4A37-8762-FF838C26FEEC} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1650264-E8A1-4794-A897-1D3BDE57736A} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E59B58DE-3283-4A37-8762-FF838C26FEEC} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DRIVER BOOSTER SKIPUAC (USUARIO) Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler Deleted HKLM\Software\Wow6432Node\IObit\Driver Booster Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Driver Booster_is1 ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [3092 octets] - [10/01/2020 09:45:06] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## - MalwareBytes: Malwarebytes www.malwarebytes.com -Detalhes do Relatório- Data da análise: 10/01/2020 Hora da análise: 10:01 Arquivo de relatório: de00e472-33a0-11ea-ae02-fcaa14fc2e26.json -Informações do Software- Versão: 4.0.4.49 Versão de componentes: 1.0.793 Versão do pacote de definições: 1.0.17529 Licença: Gratuita -Informações do Sistema- Sistema operacional: Windows 7 Service Pack 1 CPU: x64 Sistema de arquivos: NTFS Usuário: Usuario-PC\Usuario -Resumo da Análise- Tipo de análise: Análise Customizada Análise Iniciada Por: Manual Resultado: Concluída Objetos verificados: 513684 Ameaças detectadas: 4 Ameaças em quarentena: 4 Tempo decorrido: 2 hr, 30 min, 11 seg -Opções da Análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado Programa Potencialmente Indesejado: Detetar PUM: Detetar -Detalhes da Análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 0 (Nenhum item malicioso detectado) Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 4 Generic.Malware/Suspicious, C:\USERS\USUARIO\APPDATA\ROAMING\Microsoft\Windows\Recent\zoek.lnk, Quarentena, 0, 392686, , , , Generic.Malware/Suspicious, C:\USERS\USUARIO\DESKTOP\ZOEK.ZIP, Quarentena, 0, 392686, 1.0.17529, , shuriken, Generic.Malware/Suspicious, C:\USERS\USUARIO\DESKTOP\ZOEK\ZA-SCAN.EXE, Quarentena, 0, 392686, 1.0.17529, , shuriken, HackTool.Agent.KMS, C:\WINDOWS\KMS-QADHOOK.DLL, Quarentena, 7634, 151261, 1.0.17529, , ame, Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) (end)
  7. Bom dia, tive um acesso de uma outra pessoa em um email meu, gostaria de verificar se não há nenhum malware em meu computador para isso ter ocorrido. Agradeço muito a ajuda. ZA-Scan.txt
  8. Eu já reinstalei ele duas vezes, e sempre da o mesmo problema, e a key não tem nada a ver, só precisa da key pra criar a conta no steam, e eu ja tenho conta no steam... Alguem tem alguma outra ideia? ;s
  9. Opa... Eu to tentando jogar o Counter strike source, mas não estou conseguindo. Eu abro o steam, e na hora que vai abrir o jogo aparece uma mensagem de erro: ''o hl2 encontrou um problema e precisa ser fechado'', e nem abre o jogo... Eu não faço ideia do que é isso porque eu ja jogava cs antes, inclusive eu tenho ele instalado no meu outro HD. Eu já instalei o novo directx, instalei driver pra placa de vídeo, já não sei mais uq fazer... Se alguém puder ajudar...obrigado
  10. galera to com 1 duvida meio besta...mas eu n sei, eu uso windows xp.... como eu crio 1 atalho pra me conecta no speedy? c alguém pudeh me ajuda valeu
  11. Bom, tem hora q eu to mexendo no computador e do nada td para, menos o mouse, trava td e num consigo faze nd, ai depois d uns 20 seg +- ele volta....eu queria sab ql é o problema, c alguém souber a solução também ...obrigado
  12. Bom, eu tenho um monitor e estou tentando modificar sua configuração, no momento ela se encontra 800 x 600 mas eu quero mudar para 1024 x 768. Quando eu mudo a tela fica toda preta e aparece uma mensagem do monitor. E eu tenho q reiniciar o computador e mesmo assim quando ele vai entrar na tela do desktop a tela fica preta e aparece a mesma mensagem. E para mudar a configuração para 800 x 600 de volta eu tenho q entrar em modo d segurança ou em modo avs. Eu queria saber se tem algum jeito de colocar a configuração 1024 x 768 sem dar problema... por favor ajudem obrigado
  13. Bom, eu tenho um monitor e estou tentando modificar sua configuração, no momento ela se encontra 800 x 600 mas eu quero mudar para 1024 x 768. Quando eu mudo a tela fica toda preta e aparece uma mensagem do monitor. E eu tenho q reiniciar o computador e mesmo assim quando ele vai entrar na tela do desktop a tela fica preta e aparece a mesma mensagem. E para mudar a configuração para 800 x 600 de volta eu tenho q entrar em modo d segurança ou em modo avs. Eu queria saber se tem algum jeito de colocar a configuração 1024 x 768 sem dar problema... por favor ajudem obrigado

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...

Aprenda_a_Ler_Resistores_e_Capacitores-capa-3d-newsletter.jpg

EBOOK GRÁTIS!

CLIQUE AQUI E BAIXE AGORA MESMO!