Ir ao conteúdo
  • Cadastre-se

Moacir Johann

Membros VIP
  • Total de itens

    4
  • Registro em

  • Última visita

  • Qualificações

    N/D

Reputação

0

Sobre Moacir Johann

Informações gerais

  • Cidade e Estado
    SÃO JOSÉ DO HORTÊNCIO
  • Sexo
    Masculino
  1. Boa tarde, segue log solicitado. Eu já havia feito a remoção após o scan de ontem, realizei novo scan a pouco que resultou "limpo'. Seguem ambos os logs. RogueKiller Anti-Malware V14.0.2.0 (x64) [Dec 16 2019] (Free) by Adlice Software mail : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits Started in : Normal mode User : moacir [Administrator] Started from : C:\Users\moacir\Desktop\RogueKiller_portable64.exe Signatures : 20191218_151754, Driver : Loaded Mode : Standard Scan, Delete -- Date : 2019/12/18 16:30:45 (Duration : 00:25:49) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ [PUP.HackTool (Potentially Malicious)] KMS-R@1n.exe -- %SystemRoot%\KMS-R@1n.exe -> Killed [TermThr] [Suspicious.Path (Potentially Malicious)] iscFlash -- %localappdata%\Temp\7zSFE99.tmp\iscflashx64.sys -> Stopped [PUP.HackTool (Potentially Malicious)] KMS-R@1n -- %SystemRoot%\KMS-R@1n.exe -> Stopped [PUP.Easeware (Potentially Malicious)] \{61BC48D6-4AE7-4326-B141-9D22B691F39B} -- C:\Windows\system32\pcalua.exe (-a C:\Users\moacir\AppData\Roaming\Easeware\DriverEasy\drivers\b2bkogu4.eik\Video_AMD_W7W8_A01_Setup-HC6HJ_ZPE.exe -d C:\Users\moacir\AppData\Roaming\Easeware\DriverEasy\drivers\b2bkogu4.eik) -> Deleted [PUP.Easeware (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\DriverEasy_is1 -- -> Deleted [Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\iscFlash -- [%localappdata%\Temp\7zSFE99.tmp\iscflashx64.sys] -> Deleted [PUP.HackTool (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\KMS-R@1n -- [%SystemRoot%\KMS-R@1n.exe] -> Deleted [Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\iscFlash -- [%localappdata%\Temp\7zSFE99.tmp\iscflashx64.sys] -> Deleted [PUP.HackTool (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\KMS-R@1n -- [%SystemRoot%\KMS-R@1n.exe] -> Deleted [PUP.HackTool (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{BD46A595-2558-4444-B50B-C08C1023ED89} -- [%SystemRoot%\KMS-R@1n.exe] -> Deleted [PUP.HackTool (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{4B083371-3599-4F04-BD3A-DD1BC2AE7C2E} -- [%SystemRoot%\KMS-R@1n.exe] -> Deleted [PUP.HackTool (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{BD46A595-2558-4444-B50B-C08C1023ED89} -- [%SystemRoot%\KMS-R@1n.exe] -> Deleted [PUP.HackTool (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{4B083371-3599-4F04-BD3A-DD1BC2AE7C2E} -- [%SystemRoot%\KMS-R@1n.exe] -> Deleted [PUP.Easeware (Potentially Malicious)] Easeware -- %_moacir_appdata%\Easeware -> Deleted => Video_Driver_YHKT2_WN_12.105.4.0000_A00.EXE -- C:\Users\moacir\AppData\Roaming\Easeware\DRIVER~1\drivers\5hfnaz5o.3sz\VIDEO_~1.EXE [1] => 5hfnaz5o.3sz -- C:\Users\moacir\AppData\Roaming\Easeware\DRIVER~1\drivers\5hfnaz5o.3sz [1] => 5hnxtubs.hy1 -- C:\Users\moacir\AppData\Roaming\Easeware\DRIVER~1\drivers\5hnxtubs.hy1 [1] => Video_AMD_W7W8_A01_Setup-HC6HJ_ZPE.exe -- C:\Users\moacir\AppData\Roaming\Easeware\DRIVER~1\drivers\b2bkogu4.eik\VIDEO_~1.EXE [1] => b2bkogu4.eik -- C:\Users\moacir\AppData\Roaming\Easeware\DRIVER~1\drivers\b2bkogu4.eik [1] => cbqrgeca.nb3 -- C:\Users\moacir\AppData\Roaming\Easeware\DRIVER~1\drivers\cbqrgeca.nb3 [1] => ConvertXtoDVD -- C:\Users\moacir\AppData\Roaming\Easeware\DRIVER~1\drivers\CONVER~1 [1] => DownloadDrivers.data -- C:\Users\moacir\AppData\Roaming\Easeware\DRIVER~1\drivers\DOWNLO~1.DAT [1] => gutzusfm.tmt -- C:\Users\moacir\AppData\Roaming\Easeware\DRIVER~1\drivers\gutzusfm.tmt [1] => gy2uiuyj.3wj -- C:\Users\moacir\AppData\Roaming\Easeware\DRIVER~1\drivers\gy2uiuyj.3wj [1] => jntj1opn.1ki -- C:\Users\moacir\AppData\Roaming\Easeware\DRIVER~1\drivers\jntj1opn.1ki [1] => kjsetus2.nhs -- C:\Users\moacir\AppData\Roaming\Easeware\DRIVER~1\drivers\kjsetus2.nhs [1] => mn3b1zca.mhp -- C:\Users\moacir\AppData\Roaming\Easeware\DRIVER~1\drivers\mn3b1zca.mhp [1] => uh4sojl1.zfy -- C:\Users\moacir\AppData\Roaming\Easeware\DRIVER~1\drivers\uh4sojl1.zfy [1] => vj5i0e2z.egp -- C:\Users\moacir\AppData\Roaming\Easeware\DRIVER~1\drivers\vj5i0e2z.egp [1] => vll3vrua.vmu -- C:\Users\moacir\AppData\Roaming\Easeware\DRIVER~1\drivers\vll3vrua.vmu [1] => vwwugowd.nqp -- C:\Users\moacir\AppData\Roaming\Easeware\DRIVER~1\drivers\vwwugowd.nqp [1] => w3eo2iry.d55 -- C:\Users\moacir\AppData\Roaming\Easeware\DRIVER~1\drivers\w3eo2iry.d55 [1] => drivers -- C:\Users\moacir\AppData\Roaming\Easeware\DRIVER~1\drivers [1] => settings.dat -- C:\Users\moacir\AppData\Roaming\Easeware\DRIVER~1\settings.dat [1] => DriverEasy -- C:\Users\moacir\AppData\Roaming\Easeware\DRIVER~1 [1] [PUP.Easeware (Potentially Malicious)] DriverEasy -- %programdata%\Microsoft\Windows\Start Menu\Programs\DriverEasy -> Deleted => DriverEasy.lnk -- C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\DRIVER~1\DRIVER~1.LNK [1] => Uninstall DriverEasy.lnk -- C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\DRIVER~1\UNINST~1.LNK [1] [Adw.WifiHotSpot (Malicious)] HotSpot -- %programdata%\Microsoft\Windows\Start Menu\Programs\HotSpot -> Deleted => HotSpot.lnk -- C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\HotSpot\HotSpot.lnk [1] [PUP.Easeware (Potentially Malicious)] Easeware -- %ProgramFiles%\Easeware -> Deleted => DriverEasy.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\ar\DRIVER~1.DLL [1] => Easeware.DriverInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\ar\EASEWA~1.DLL [1] => Easeware.PatchInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\ar\EASEWA~2.DLL [1] => ar -- C:\PROGRA~1\Easeware\DRIVER~1\ar [1] => DriverEasy.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\de\DRIVER~1.DLL [1] => Easeware.DriverInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\de\EASEWA~1.DLL [1] => Easeware.PatchInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\de\EASEWA~2.DLL [1] => de -- C:\PROGRA~1\Easeware\DRIVER~1\de [1] => DriverEasy.exe -- C:\PROGRA~1\Easeware\DRIVER~1\DRIVER~1.EXE [1] => Easeware.CheckingDevice.exe -- C:\PROGRA~1\Easeware\DRIVER~1\EASEWA~1.EXE [1] => Easeware.CheckScheduledScan.exe -- C:\PROGRA~1\Easeware\DRIVER~1\EASEWA~2.EXE [1] => Easeware.Driver.Backup.dll -- C:\PROGRA~1\Easeware\DRIVER~1\EASEWA~2.DLL [1] => Easeware.Driver.Core.dll -- C:\PROGRA~1\Easeware\DRIVER~1\EASEWA~1.DLL [1] => Easeware.DriverInstall.exe -- C:\PROGRA~1\Easeware\DRIVER~1\EASEWA~3.EXE [1] => Easeware.PatchInstall.exe -- C:\PROGRA~1\Easeware\DRIVER~1\EAE601~1.EXE [1] => DriverEasy.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\es-AR\DRIVER~1.DLL [1] => Easeware.DriverInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\es-AR\EASEWA~1.DLL [1] => Easeware.PatchInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\es-AR\EASEWA~2.DLL [1] => es-AR -- C:\PROGRA~1\Easeware\DRIVER~1\es-AR [1] => DriverEasy.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\fr\DRIVER~1.DLL [1] => Easeware.DriverInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\fr\EASEWA~1.DLL [1] => Easeware.PatchInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\fr\EASEWA~2.DLL [1] => fr -- C:\PROGRA~1\Easeware\DRIVER~1\fr [1] => DriverEasy.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\hu\DRIVER~1.DLL [1] => Easeware.DriverInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\hu\EASEWA~1.DLL [1] => Easeware.PatchInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\hu\EASEWA~2.DLL [1] => hu -- C:\PROGRA~1\Easeware\DRIVER~1\hu [1] => Interop.WUApiLib.dll -- C:\PROGRA~1\Easeware\DRIVER~1\inteiro~1.DLL [1] => DriverEasy.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\it\DRIVER~1.DLL [1] => Easeware.DriverInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\it\EASEWA~1.DLL [1] => Easeware.PatchInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\it\EASEWA~2.DLL [1] => it -- C:\PROGRA~1\Easeware\DRIVER~1\it [1] => DriverEasy.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\ko\DRIVER~1.DLL [1] => Easeware.DriverInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\ko\EASEWA~1.DLL [1] => Easeware.PatchInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\ko\EASEWA~2.DLL [1] => ko -- C:\PROGRA~1\Easeware\DRIVER~1\ko [1] => DriverEasy.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\nl\DRIVER~1.DLL [1] => Easeware.DriverInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\nl\EASEWA~1.DLL [1] => Easeware.PatchInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\nl\EASEWA~2.DLL [1] => nl -- C:\PROGRA~1\Easeware\DRIVER~1\nl [1] => DriverEasy.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\pl\DRIVER~1.DLL [1] => Easeware.DriverInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\pl\EASEWA~1.DLL [1] => Easeware.PatchInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\pl\EASEWA~2.DLL [1] => pl -- C:\PROGRA~1\Easeware\DRIVER~1\pl [1] => DriverEasy.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\pt-BR\DRIVER~1.DLL [1] => Easeware.DriverInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\pt-BR\EASEWA~1.DLL [1] => Easeware.PatchInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\pt-BR\EASEWA~2.DLL [1] => pt-BR -- C:\PROGRA~1\Easeware\DRIVER~1\pt-BR [1] => DriverEasy.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\uk\DRIVER~1.DLL [1] => Easeware.DriverInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\uk\EASEWA~1.DLL [1] => Easeware.PatchInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\uk\EASEWA~2.DLL [1] => uk -- C:\PROGRA~1\Easeware\DRIVER~1\uk [1] => unins000.dat -- C:\PROGRA~1\Easeware\DRIVER~1\unins000.dat [1] => unins000.exe -- C:\PROGRA~1\Easeware\DRIVER~1\unins000.exe [1] => unins000.msg -- C:\PROGRA~1\Easeware\DRIVER~1\unins000.msg [1] => UnRAR.exe -- C:\PROGRA~1\Easeware\DRIVER~1\UnRAR.exe [1] => UnRAR_license.txt -- C:\PROGRA~1\Easeware\DRIVER~1\UNRAR_~1.TXT [1] => Easeware.DriverInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\x64\ar\EASEWA~1.DLL [1] => ar -- C:\PROGRA~1\Easeware\DRIVER~1\x64\ar [1] => Easeware.DriverInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\x64\de\EASEWA~1.DLL [1] => de -- C:\PROGRA~1\Easeware\DRIVER~1\x64\de [1] => Easeware.Driver.Backup.dll -- C:\PROGRA~1\Easeware\DRIVER~1\x64\EASEWA~2.DLL [1] => Easeware.Driver.Core.dll -- C:\PROGRA~1\Easeware\DRIVER~1\x64\EASEWA~1.DLL [1] => Easeware.DriverInstall.exe -- C:\PROGRA~1\Easeware\DRIVER~1\x64\EASEWA~1.EXE [1] => Easeware.DriverInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\x64\es-AR\EASEWA~1.DLL [1] => es-AR -- C:\PROGRA~1\Easeware\DRIVER~1\x64\es-AR [1] => Easeware.DriverInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\x64\fr\EASEWA~1.DLL [1] => fr -- C:\PROGRA~1\Easeware\DRIVER~1\x64\fr [1] => Easeware.DriverInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\x64\hu\EASEWA~1.DLL [1] => hu -- C:\PROGRA~1\Easeware\DRIVER~1\x64\hu [1] => Interop.WUApiLib.dll -- C:\PROGRA~1\Easeware\DRIVER~1\x64\inteiro~1.DLL [1] => Easeware.DriverInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\x64\it\EASEWA~1.DLL [1] => it -- C:\PROGRA~1\Easeware\DRIVER~1\x64\it [1] => Easeware.DriverInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\x64\ko\EASEWA~1.DLL [1] => ko -- C:\PROGRA~1\Easeware\DRIVER~1\x64\ko [1] => Easeware.DriverInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\x64\nl\EASEWA~1.DLL [1] => nl -- C:\PROGRA~1\Easeware\DRIVER~1\x64\nl [1] => Easeware.DriverInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\x64\pl\EASEWA~1.DLL [1] => pl -- C:\PROGRA~1\Easeware\DRIVER~1\x64\pl [1] => Easeware.DriverInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\x64\pt-BR\EASEWA~1.DLL [1] => pt-BR -- C:\PROGRA~1\Easeware\DRIVER~1\x64\pt-BR [1] => Easeware.DriverInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\x64\uk\EASEWA~1.DLL [1] => uk -- C:\PROGRA~1\Easeware\DRIVER~1\x64\uk [1] => Easeware.DriverInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\x64\zh-CN\EASEWA~1.DLL [1] => zh-CN -- C:\PROGRA~1\Easeware\DRIVER~1\x64\zh-CN [1] => x64 -- C:\PROGRA~1\Easeware\DRIVER~1\x64 [1] => DriverEasy.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\zh-CN\DRIVER~1.DLL [1] => Easeware.DriverInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\zh-CN\EASEWA~1.DLL [1] => Easeware.PatchInstall.resources.dll -- C:\PROGRA~1\Easeware\DRIVER~1\zh-CN\EASEWA~2.DLL [1] => zh-CN -- C:\PROGRA~1\Easeware\DRIVER~1\zh-CN [1] => DriverEasy -- C:\PROGRA~1\Easeware\DRIVER~1 [1] RogueKiller Anti-Malware V14.0.2.0 (x64) [Dec 16 2019] (Free) by Adlice Software mail : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits Started in : Normal mode User : moacir [Administrator] Started from : C:\Users\moacir\Desktop\RogueKiller_portable64.exe Signatures : 20191219_093130, Driver : Loaded Mode : Standard Scan, Scan -- Date : 2019/12/19 16:54:48 (Duration : 00:26:52) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
  2. RogueKiller Anti-Malware V14.0.2.0 (x64) [Dec 16 2019] (Free) by Adlice Software mail : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits Started in : Normal mode User : moacir [Administrator] Started from : C:\Users\moacir\Desktop\RogueKiller_portable64.exe Signatures : 20191218_151754, Driver : Loaded Mode : Standard Scan, Scan -- Date : 2019/12/18 15:51:24 (Duration : 00:25:49) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ [PUP.HackTool (Potentially Malicious)] KMS-R@1n.exe (2732) -- C:\Windows\KMS-R@1n.exe -> Found ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ [Suspicious.Path (Potentially Malicious)] iscFlash (0) -- \??\C:\Users\moacir\AppData\Local\Temp\7zSFE99.tmp\iscflashx64.sys -> Found [PUP.HackTool (Potentially Malicious)] KMS-R@1n (2732) -- C:\Windows\KMS-R@1n.exe -> Found ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ [PUP.Easeware (Potentially Malicious)] (Microsoft Windows) \{61BC48D6-4AE7-4326-B141-9D22B691F39B} -- C:\Windows\system32\pcalua.exe [-a C:\Users\moacir\AppData\Roaming\Easeware\DriverEasy\drivers\b2bkogu4.eik\Video_AMD_W7W8_A01_Setup-HC6HJ_ZPE.exe -d C:\Users\moacir\AppData\Roaming\Easeware\DriverEasy\drivers\b2bkogu4.eik] -> Found ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ >>>>>> XX - Uninstall [PUP.Easeware (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\DriverEasy_is1 -- N/A -> Found >>>>>> O23 - Services [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\iscFlash -- C:\Users\moacir\AppData\Local\Temp\7zSFE99.tmp\iscflashx64.sys (missing) -> Found [PUP.HackTool (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\KMS-R@1n -- C:\Windows\KMS-R@1n.exe (missing) -> Found [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\iscFlash -- C:\Users\moacir\AppData\Local\Temp\7zSFE99.tmp\iscflashx64.sys (missing) -> Found [PUP.HackTool (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\KMS-R@1n -- C:\Windows\KMS-R@1n.exe (missing) -> Found >>>>>> O87 - Firewall [PUP.HackTool (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{BD46A595-2558-4444-B50B-C08C1023ED89} -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=1688|App=C:\Windows\KMS-R@1n.exe|Name=KMS-R@1n| (C:\Windows\KMS-R@1n.exe) (missing) -> Found [PUP.HackTool (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{4B083371-3599-4F04-BD3A-DD1BC2AE7C2E} -- v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|LPort=1688|App=C:\Windows\KMS-R@1n.exe|Name=KMS-R@1n| (C:\Windows\KMS-R@1n.exe) (missing) -> Found [PUP.HackTool (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{BD46A595-2558-4444-B50B-C08C1023ED89} -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=1688|App=C:\Windows\KMS-R@1n.exe|Name=KMS-R@1n| (C:\Windows\KMS-R@1n.exe) (missing) -> Found [PUP.HackTool (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{4B083371-3599-4F04-BD3A-DD1BC2AE7C2E} -- v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|LPort=1688|App=C:\Windows\KMS-R@1n.exe|Name=KMS-R@1n| (C:\Windows\KMS-R@1n.exe) (missing) -> Found ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ [PUP.Easeware (Potentially Malicious)] (folder) Easeware -- C:\Users\moacir\AppData\Roaming\Easeware -> Found [PUP.Easeware (Potentially Malicious)] (folder) DriverEasy -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverEasy -> Found [Adw.WifiHotSpot (Malicious)] (folder) HotSpot -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HotSpot -> Found [PUP.Easeware (Potentially Malicious)] (folder) Easeware -- C:\Program Files\Easeware -> Found ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
  3. Olá, Logs ETAPA 1 conforme solicitado, Obrigado pela ajuda! Malwarebytes www.malwarebytes.com -Detalhes do Relatório- Data da análise: 17/12/2019 Hora da análise: 22:07 Arquivo de relatório: 4fed168e-212a-11ea-a744-0c84dcd48a06.json -Informações do Software- Versão: 4.0.4.49 Versão de componentes: 1.0.785 Versão do pacote de definições: 1.0.16350 Licença: Gratuita -Informações do Sistema- Sistema operacional: Windows 7 Service Pack 1 CPU: x64 Sistema de arquivos: NTFS Usuário: moacir-PC\moacir -Resumo da Análise- Tipo de análise: Análise de Ameaças Análise Iniciada Por: Manual Resultado: Concluída Objetos verificados: 227647 Ameaças detectadas: 9 Ameaças em quarentena: 0 Tempo decorrido: 19 min, 52 seg -Opções da Análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Desabilitado Heurística: Habilitado Programa Potencialmente Indesejado: Detetar PUM: Detetar -Detalhes da Análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 1 PUP.Optional.DefaultSearch, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\nladljmabboanhihfkjacnnkgjhnokhj, Nenhuma ação pelo usuário, 316, 550469, 1.0.16350, , ame, Valor de registro: 1 PUP.Optional.DefaultSearch, HKU\S-1-5-21-2617726091-2471822668-223822095-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Profile 1\extensions.settings|NLADLJMABBOANHIHFKJACNNKGJHNOKHJ, Nenhuma ação pelo usuário, 316, 550469, , , , Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 7 PUP.Optional.DefaultSearch, C:\USERS\MOACIR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Nenhuma ação pelo usuário, 316, 550469, , , , HackTool.WinActivator, C:\WINDOWS\RE-LOADER.EXE, Nenhuma ação pelo usuário, 7964, 595564, 1.0.16350, D6D5245950D230DB5DBDDECD, dds, 00505345 Trojan.BitCoinMiner.BAT, C:\WINDOWS\WINDOWS.BAT, Nenhuma ação pelo usuário, 8149, 506830, 1.0.16350, , ame, Trojan.BitCoinMiner.VBS, C:\WINDOWS\SYSTEM32.VBS, Nenhuma ação pelo usuário, 3895, 506829, 1.0.16350, , ame, PUP.Optional.BundleInstaller, C:\USERS\MOACIR\DOWNLOADS\UTORRENT.EXE, Nenhuma ação pelo usuário, 491, 774106, 1.0.16350, , ame, Generic.Malware/Suspicious, C:\USERS\MOACIR\DESKTOP\ZOEK\ZOEK.EXE, Nenhuma ação pelo usuário, 0, 392686, 1.0.16350, , shuriken, Generic.Malware/Suspicious, C:\USERS\MOACIR\DESKTOP\ZOEK\ZA-SCAN.EXE, Nenhuma ação pelo usuário, 0, 392686, 1.0.16350, , shuriken, Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) (end) # ------------------------------- # Malwarebytes AdwCleaner 8.0.0.0 # ------------------------------- # Build: 11-21-2019 # Database: 2019-12-17.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 12-17-2019 # Duration: 00:00:19 # OS: Windows 7 Professional # Cleaned: 12 # Failed: 3 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\Lavasoft\Web Companion Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion ***** [ Chromium (and derivatives) ] ***** Deleted nladljmabboanhihfkjacnnkgjhnokhj ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Preinstalled Software ] ***** Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\SUPPORTASSIST Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{383AB477-8CC6-4428-ACBB-888D1E88182F} Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{383AB477-8CC6-4428-ACBB-888D1E88182F} Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate Deleted Preinstalled.DellSupportAssistAgent Task C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE Not Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSISTAGENT Not Deleted Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATESERVICE Not Deleted Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner_Debug.log - [16110 octets] - [17/12/2019 22:41:52] AdwCleaner[S00].txt - [2943 octets] - [17/12/2019 22:42:37] AdwCleaner[S01].txt - [3005 octets] - [17/12/2019 22:49:21] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ########## adicionado 32 minutos depois Log Etapa 2 ZHPCleaner Report ~ ZHPCleaner v2019.12.14.163 by Nicolas Coolman (2019/12/14) ~ Run by moacir (Administrator) (17/12/2019 23:45:14) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version KO ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\moacir\Desktop\ZHPCleaner (R).txt ~ Quarantine : C:\Users\moacir\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 7 Professional, 64-bit Service Pack 1 (Build 7601) ---\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. (ADS) ---\ Services (0) ~ No malicious or unnecessary items found. (Service) ---\ Browser internet (0) ~ No malicious or unnecessary items found. (Browser) ---\ Hosts file (1) ~ The hosts file is legitimate (32) ---\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. (Task) ---\ Explorer ( File, Folder) (20) MOVED file: C:\Users\moacir\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [Bad : C:\Users\moacir\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..) =>BitTorrent (P2P) MOVED file: C:\Users\moacir\Downloads\uTorrent.exe [BitTorrent Inc. - µTorrent] =>BitTorrent (P2P) MOVED file: C:\Windows\KMS-R@1n.exe =>Adware.Suspect MOVED folder: C:\Users\moacir\AppData\Local\Tempzxpsign0ba726f3257fd15f =>.SUP.Temporary MOVED folder: C:\Users\moacir\AppData\Local\Tempzxpsign0e8b0e5d24a603d4 =>.SUP.Temporary MOVED folder: C:\Users\moacir\AppData\Local\Tempzxpsign28e59de93485e870 =>.SUP.Temporary MOVED folder: C:\Users\moacir\AppData\Local\Tempzxpsign383c2b0b75d63f89 =>.SUP.Temporary MOVED folder: C:\Users\moacir\AppData\Local\Tempzxpsign526fdd9fd65a75e4 =>.SUP.Temporary MOVED folder: C:\Users\moacir\AppData\Local\Tempzxpsign5beaa6e70052b662 =>.SUP.Temporary MOVED folder: C:\Users\moacir\AppData\Local\Tempzxpsign5d71486653b449ab =>.SUP.Temporary MOVED folder: C:\Users\moacir\AppData\Local\Tempzxpsign6634234147b91b5b =>.SUP.Temporary MOVED folder: C:\Users\moacir\AppData\Local\Tempzxpsign7aaacf73ee5d82b1 =>.SUP.Temporary MOVED folder: C:\Users\moacir\AppData\Local\Tempzxpsign8135be5250310993 =>.SUP.Temporary MOVED folder: C:\Users\moacir\AppData\Local\Tempzxpsign972fa7e9edd38fee =>.SUP.Temporary MOVED folder: C:\Users\moacir\AppData\Local\Tempzxpsigna5cec1f0ba888d05 =>.SUP.Temporary MOVED folder: C:\Users\moacir\AppData\Local\Tempzxpsignd06230aaabae2f73 =>.SUP.Temporary MOVED folder: C:\Users\moacir\AppData\Local\Tempzxpsigndb2ec79c65dd52e1 =>.SUP.Temporary MOVED folder: C:\Users\moacir\AppData\Local\Tempzxpsigne27fb20cea918be2 =>.SUP.Temporary MOVED folder: C:\Users\moacir\AppData\Local\Tempzxpsigne3a12a011018f43a =>.SUP.Temporary MOVED folder: C:\Users\moacir\AppData\Local\Tempzxpsigne90825c47ab14532 =>.SUP.Temporary ---\ Registry ( Key, Value, Data) (2) DELETED key*: HKCU\Software\undefined [AdditionalScan 148] =>.SUP.Downloader DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent [BitTorrent Inc.] =>BitTorrent (P2P) ---\ Summary of the elements found (4) https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>BitTorrent (P2P) https://nicolascoolman.eu/2017/03/02/adware-suspect/ =>Adware.Suspect https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary https://nicolascoolman.eu/2017/12/22/sup-downloader/ =>.SUP.Downloader ---\ Other deletions. (15) ~ Registry Keys Tracing deleted (15) ~ Remove the old reports ZHPCleaner. (0) ---\ Result of repair ~ Repair carried out successfully ~ Google Chrome OK ~ Internet Explorer OK ---\ Statistics ~ Items scanned : 1081 ~ Items found : 0 ~ Items cancelled : 0 ~ Items options : 6/13 ~ Space saving (bytes) : 0 ~ End of clean in 00h00mn15s ---\ Reports (3) ZHPCleaner--17122019-23_28_13.txt ZHPCleaner--17122019-23_41_46.txt ZHPCleaner-[R]-17122019-23_45_29.txt ZHPCleaner report End
  4. Boa tarde, notebook travando, muito lento, com mouse se movendo sozinho sem ter habilitados programas de acesso remoto. Agradeço desde já! Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version) Tool run by moacir on 13/12/2019 at 14:02:56,47. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\moacir\Desktop\zoek\ZA-Scan.exe [Z-Analyse Scan] ==== Running Processes ====================== C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe C:\Program Files\Conexant\SA3\CxUtilSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Users\moacir\AppData\Local\Temp\ZAScan.exe ==== Services(whitelist) ====================== Powered by E Dev R2 - [AMD External Events Utility] - AMD External Events Utility - c:\windows\system32\atiesrxx.exe R2 - [CleanupPSvc] - Avast Cleanup Premium - c:\program files (x86)\avast software\avast cleanup\tuneupsvc.exe R2 - [ClickToRunSvc] - Serviço Clique para Executar do Microsoft Office - c:\program files\common files\microsoft shared\clicktorun\officeclicktorun.exe R2 - [CxUtilSvc] - CxUtilSvc - c:\program files\conexant\sa3\cxutilsvc.exe R2 - [DbxSvc] - DbxSvc - c:\windows\system32\dbxsvc.exe R2 - [DDVCollectorSvcApi] - Dell Data Vault Service API - c:\program files\dell\delldatavault\ddvcollectorsvcapi.exe R2 - [DDVDataCollector] - Dell Data Vault Collector - c:\program files\dell\delldatavault\ddvdatacollector.exe R2 - [DDVRulesProcessor] - Dell Data Vault Processor - c:\program files\dell\delldatavault\ddvrulesprocessor.exe R2 - [DellClientManagementService] - Dell Client Management Service - c:\program files (x86)\dell\updateservice\serviceshell.exe R2 - [EPSON_PM_RPCV4_04] - EPSON V3 Service4(04) - c:\program files\common files\epson\epw!3 ssrp\e_s50rpb.exe R2 - [EpsonBidirectionalService] - EpsonBidirectionalService - c:\program files (x86)\common files\epson\ebapi\eebsvc.exe R2 - [EpsonCustomerParticipation] - EpsonCustomerParticipation - c:\program files\epson\epsoncustomerparticipation\epcp.exe R2 - [IconMan_R] - IconMan_R - c:\program files (x86)\realtek\realtek usb 2.0 card reader\riconman.exe R2 - [Intel(R) Capability Licensing Service Interface] - Intel(R) Capability Licensing Service Interface - c:\program files\intel\icls client\heciserver.exe R2 - [jhi_service] - Intel(R) Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe R2 - [KMS-R@1n] - KMS-R@1n - c:\windows\kms-r@1n.exe R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe R2 - [SupportAssistAgent] - Dell SupportAssist - c:\program files\dell\supportassistagent\bin\supportassistagent.exe R2 - [UNS] - Intel(R) Management and Security Application User Notification Service - c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe R2 - [vcsFPService] - Validity VCS Fingerprint Service - c:\windows\system32\vcsfpservice.exe R2 - [WMPNetworkSvc] - Serviço de Compartilhamento de Rede do Windows Media Player - c:\program files\windows media player\wmpnetwk.exe R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe R2 - [ZAtheros Wlan Agent] - ZAtheros Wlan Agent - c:\program files (x86)\dell wireless\ath_wlanagent.exe R3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe R3 - [MSDTC] - Coordenador de transações distribuídas - c:\windows\system32\msdtc.exe R3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe R3 - [TrustedInstaller] - Instalador de Módulos do Windows - c:\windows\servicing\trustedinstaller.exe R3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe S2 - [dbupdate] - Serviço Atualização do Dropbox (dbupdate) - c:\program files (x86)\dropbox\update\dropboxupdate.exe S2 - [Dell Hardware Support] - Dell Hardware Support - c:\program files\dell\supportassistagent\pcdr\supportassist\6.0.7033.2521\dsapi.exe S2 - [gupdate] - Serviço do Google Update (gupdate) - c:\program files (x86)\google\update\googleupdate.exe S2 - [sppsvc] - Proteção de Software - c:\windows\system32\sppsvc.exe S3 - [ALG] - Serviço Gateway de Camada de Aplicativo - c:\windows\system32\alg.exe S3 - [aswbIDSAgent] - aswbIDSAgent - c:\program files\avast software\avast\aswidsagent.exe S3 - [cphs] - Intel(R) Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe S3 - [dbupdatem] - Serviço Atualização do Dropbox (dbupdatem) - c:\program files (x86)\dropbox\update\dropboxupdate.exe S3 - [ehRecvr] - Serviço Receptor do Windows Media Center - c:\windows\ehome\ehrecvr.exe S3 - [ehSched] - Serviço Agendador do Windows Media Center - c:\windows\ehome\ehsched.exe S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe S3 - [GoogleChromeElevationService] - Google Chrome Elevation Service - c:\program files (x86)\google\chrome\application\78.0.3904.108\elevation_service.exe S3 - [gupdatem] - Serviço do Google Update (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe S3 - [PerfHost] - Host de DLL de Contador de Desempenho - c:\windows\syswow64\perfhost.exe S3 - [RpcLocator] - Alocador Remote Procedure Call (RPC) - c:\windows\system32\locator.exe S3 - [SNMPTRAP] - Interceptação SNMP - c:\windows\system32\snmptrap.exe S3 - [vds] - Disco Virtual - c:\windows\system32\vds.exe S3 - [VSS] - Cópia de Sombra de Volume - c:\windows\system32\vssvc.exe S3 - [wbengine] - Serviço de Mecanismo de Backup em Nível de Bloco - c:\windows\system32\wbengine.exe S4 - [AGSService] - Adobe Genuine Software Integrity Service - c:\program files (x86)\common files\adobe\adobegcclient\agsservice.exe S4 - [aspnet_state] - ASP.NET State Service - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe ==== Drivers(whitelist) ====================== Powered by E Dev R0 - [aswbidsh] - aswbidsh - C:\Windows\system32\Drivers\aswbidsh.sys R0 - [aswbuniv] - aswbuniv - C:\Windows\system32\Drivers\aswbuniv.sys R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys R3 - [srv] - Driver SMB 1.xxx do Servidor - C:\Windows\system32\Drivers\srv.sys R3 - [srv2] - Driver SMB 2.xxx do Servidor - C:\Windows\system32\Drivers\srv2.sys R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys R0 - [amdkmpfd] - AMD PCI Root Bus Lower Filter - C:\Windows\system32\Drivers\amdkmpfd.sys R0 - [amdxata] - amdxata - C:\Windows\system32\Drivers\amdxata.sys R0 - [aswArDisk] - aswArDisk - C:\Windows\system32\Drivers\aswArDisk.sys R0 - [aswRvrt] - aswRvrt - C:\Windows\system32\Drivers\aswRvrt.sys R0 - [aswVmm] - aswVmm - C:\Windows\system32\Drivers\aswVmm.sys R0 - [atapi] - Canal de IDE - C:\Windows\system32\Drivers\atapi.sys R0 - [CLFS] - Log Comum (CLFS) - C:\Windows\system32\Drivers\CLFS.sys [x] R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys R0 - [Compbatt] - Microsoft Composite Battery Driver - C:\Windows\system32\Drivers\Compbatt.sys R0 - [Disk] - Driver de disco - C:\Windows\system32\Drivers\Disk.sys R0 - [fvevol] - Driver de Filtro de Criptografia de Unidade de Disco BitLocker - C:\Windows\system32\Drivers\fvevol.sys R0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys R0 - [iusb3hcs] - Driver de comutação do controlador host Intel(R) USB 3.0 - C:\Windows\system32\Drivers\iusb3hcs.sys R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys R0 - [mountmgr] - Gerenciador de Pontos de Montagem - C:\Windows\system32\Drivers\mountmgr.sys R0 - [msahci] - msahci - C:\Windows\system32\Drivers\msahci.sys R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys R0 - [NDIS] - Driver do Sistema NDIS - C:\Windows\system32\Drivers\NDIS.sys R0 - [partmgr] - Gerenciador de Partições - C:\Windows\system32\Drivers\partmgr.sys R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys R0 - [spldr] - Security Processor Loader Driver - C:\Windows\system32\Drivers\spldr.sys R0 - [stdcfltn] - Disk Class Filter Driver for Accelerometer - C:\Windows\system32\Drivers\stdcfltn.sys R0 - [storflt] - Driver de Filtro de Aceleração do Barramento da Máquina Virtual do Disco - C:\Windows\system32\Drivers\storflt.sys [x] R0 - [Tcpip] - Driver de Protocolo TCP/IP - C:\Windows\system32\Drivers\Tcpip.sys R0 - [vdrvroot] - Driver de enumerador da unidade virtual Microsoft - C:\Windows\system32\Drivers\vdrvroot.sys R0 - [volmgr] - Volume Manager Driver - C:\Windows\system32\Drivers\volmgr.sys R0 - [volmgrx] - Gerenciador de Volume Dinâmico - C:\Windows\system32\Drivers\volmgrx.sys R0 - [volsnap] - Volumes de armazenamento - C:\Windows\system32\Drivers\volsnap.sys R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys R1 - [tdx] - Driver de Suporte a TDI Herdado de NetIO - C:\Windows\system32\Drivers\tdx.sys R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2617726091-2471822668-223822095-1000\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Smart Cleaning"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Smart Cleaning"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvLaunch.exe /gui" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeGCInvoker-1.0] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeGCInvoker-1.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\AdobeGCClient\\AGCInvokerUtility.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CCleaner Monitoring" "hkey"="HKCU" "command"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EEventManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EEventManager" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Epson Software\\Event Manager\\EEventManager.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EPLTarget] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EPLTarget\P0000000000000000] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EPLTarget\\P0000000000000000" "hkey"="HKCU" "command"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EPLTarget\P0000000000000001] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EPLTarget\\P0000000000000001" "hkey"="HKCU" "command"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Epson Stylus Photo TX730(Rede)] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Epson Stylus Photo TX730(Rede)" "hkey"="HKCU" "command"="C:\\Windows\\system32\\spool\\DRIVERS\\x64\\3\\E_IATIHQL.EXE /FU \"C:\\Users\\moacir\\AppData\\Local\\Temp\\E_S361.tmp\" /EF \"HKCU\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ETDCtrl] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ETDCtrl" "hkey"="HKLM" "command"="%ProgramFiles%\\Elantech\\ETDCtrl.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HotKeysCmds" "hkey"="HKLM" "command"="C:\\Windows\\system32\\hkcmd.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IgfxTray" "hkey"="HKLM" "command"="C:\\Windows\\system32\\igfxtray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Persistence" "hkey"="HKLM" "command"="C:\\Windows\\system32\\igfxpers.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SmartAudio] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SmartAudio" "hkey"="HKLM" "command"="C:\\Program Files\\CONEXANT\\SA3\\SACpl.exe /sa3 /nv:3.0 /dne /s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StartCCC] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="StartCCC" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\" MSRun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\USB3MON] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="USB3MON" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Intel\\Intel(R) USB 3.0 eXtensible Host Controller Driver\\Application\\iusb3mon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="uTorrent" "hkey"="HKCU" "command"="\"C:\\Users\\moacir\\AppData\\Roaming\\uTorrent\\uTorrent.exe\" /MINIMIZED" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^moacir^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Enviar para o OneNote.lnk] "item"="Enviar para o OneNote" "path"="C:\\Users\\moacir\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Enviar para o OneNote.lnk" "backup"="C:\\Windows\\pss\\Enviar para o OneNote.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~2\\MICROS~1\\root\\Office16\\ONENOTEM.EXE" ==== Startup Folders ====================== 2019-12-09 16:28:30 1247 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\DropboxUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [05/08/2018 14:28] C:\Windows\tasks\DropboxUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [05/08/2018 14:28] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-moacir-PC-moacir" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\SysNative\tasks\AdobeGCInvoker-1.0-moacir-PC-moacir" [C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe] "C:\Windows\SysNative\tasks\Avast Cleanup Update" [C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe] "C:\Windows\SysNative\tasks\Avast Emergency Update" [C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe] "C:\Windows\SysNative\tasks\CCleaner Update" [C:\Program Files\CCleaner\CCUpdate.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\Dell SupportAssistAgent AutoUpdate" [C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineCore" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineUA" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\OneDrive Standalone Update Task-S-1-5-21-2617726091-2471822668-223822095-1000" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe] "C:\Windows\SysNative\tasks\PandaUSBVaccine" ["C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe"] "C:\Windows\SysNative\tasks\Avast Software\Overseer" [C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\Windows\SysNative\tasks\R@1n-KMS\Office16ProPlus" [wmic] ==== Firefox XPI-files found: ====================== - Undetermined - C:\Program Files\Adobe\Adobe Lightroom Classic CC\Helpers\DynamicLinkMediaServer\dynamiclinkmediaserver\1.0\Plug-ins\XMPFiles\MOVOEM_Handler.xpi - Undetermined - C:\Program Files\Adobe\Adobe Lightroom Classic CC\Helpers\DynamicLinkMediaServer\dynamiclinkmediaserver\1.0\Plug-ins\XMPFiles\MP4OEM_Handler.xpi ==== Chromium Look ====================== Google Chrome Version: 78.0.3904.108 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions nladljmabboanhihfkjacnnkgjhnokhj - No path found[] Slides - moacir\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Docs - moacir\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - moacir\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - moacir\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Origin - moacir\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb PassProtect - moacir\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpimldclklpfifolmdnicjnfbjdepjnf TweetDeck - moacir\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddiddklncfgbfaaahngklemobghhjkim Dropbox for Gmail - moacir\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec Page Marker - moacir\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebndmamfmnlmdfcgdkbhbpiacgkmejla Sheets - moacir\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Smith - moacir\AppData\Local\Google\Chrome\User Data\Default\Extensions\fohdagnangcajbeihjhngdeofeeifiin Create your own QR Codes This App generates QR Codes from free text URLs phone numbers SMS messages or contacts vcard. - moacir\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcmhlmapohffdglflokbgknlknnmogbb Google Docs Offline - moacir\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Pinterest Save Button - moacir\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic WhatsApp Web - moacir\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnpfjngllnobngcgfapefoaidbinmjnm TedDireto App - moacir\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkgipodjipefcccfkieimbjcbdjiihip Instagram - moacir\AppData\Local\Google\Chrome\User Data\Default\Extensions\maonlnecdeecdljpahhnnlmhbmalehlm Chrome Web Store Payments - moacir\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - moacir\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - moacir\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10454__181217" "Default_Page_URL"="http://www.dell.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC HKCU\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9} - http://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10454__181217&q={searchTerms} ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 F2 - REG:system.ini: UserInit=userinit.exe ==== EOF on 13/12/2019 at 14:08:52,57 ======================

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas comunidades sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...

minicurso46aulas-popup.jpg

CLIQUE AQUI E ACESSE AGORA MESMO!