Ir ao conteúdo
  • Cadastre-se

Quero descobrir se estou com virus, leiam e me digam com esse escaneamento.


Posts recomendados

Executando a partir de C:\Users\Miguel Lopes\AppData\Local\Temp\scoped_dir2200_1786396492
Windows 7 Ultimate Service Pack 1 (X64) (2020-09-03 17:05:53)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-4285362686-1069883986-400303628-500 - Administrator - Disabled)
Convidado (S-1-5-21-4285362686-1069883986-400303628-501 - Limited - Disabled)
Miguel Lopes (S-1-5-21-4285362686-1069883986-400303628-1001 - Administrator - Enabled) => C:\Users\Miguel Lopes
Priscila Lopes (S-1-5-21-4285362686-1069883986-400303628-1003 - Limited - Enabled) => C:\Users\Priscila Lopes.Priscila-PC

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-4285362686-1069883986-400303628-1001\...\uTorrent) (Version: 3.5.5.45838 - BitTorrent Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version:  - Adobe)
Adobe Shockwave Player + Authorware Web Player (HKLM-x32\...\Adobe Shockwave Player + Authorware Web Player) (Version: v12.1.7.157 - Adobe Systems, Inc.)
Cypress TrackPad (HKLM\...\{7F2F6CC5-434B-4311-9DE2-60C7CAF50B73}_is1) (Version: 2.5.3.59 - Cypress Semiconductor, Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.218 - ALPS ELECTRIC CO., LTD.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.1.34.36 - Synaptics Incorporated)
Everything 1.4.1.1003 (x64) (HKLM\...\Everything) (Version: 1.4.1.1003 - voidtools)
FLV-Media-Player (HKLM-x32\...\{AB7A5DBA-BC45-489A-B4D2-2E8F8CABB9EA}) (Version: 2.0.3.2532 - HYBRIDWEB.de)
Foxit Reader  7.1.3.320 (HKLM\...\Foxit Reader) (Version: v 7.1.3.320 - oszone.net)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.93 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Habbo Launcher 1.0.25 (HKU\S-1-5-21-4285362686-1069883986-400303628-1001\...\b0f95613-ac52-59ec-900c-d7a2b2d9c05d) (Version: 1.0.25 - Sulake Oy)
Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
JPEXS Free Flash Decompiler (HKLM-x32\...\{E618D276-6596-41F4-8A98-447D442A77DB}_is1) (Version: 11.3.0 - JPEXS)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (Português (Brasil)) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1a63c099-febd-4eaf-83ad-a82ea4fdac49}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.0.2 - OBS Project)
Opera GX Stable 73.0.3856.438 (HKU\S-1-5-21-4285362686-1069883986-400303628-1001\...\Opera GX 73.0.3856.438) (Version: 73.0.3856.438 - Opera Software)
Opera Stable 72.0.3815.400 (HKU\S-1-5-21-4285362686-1069883986-400303628-1001\...\Opera 72.0.3815.400) (Version: 72.0.3815.400 - Opera Software)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
SAM CoDeC Pack (HKLM\...\SAM CoDeC Pack) (Version: 5.81 - www.SamLab.ws)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Spotify (HKU\S-1-5-21-4285362686-1069883986-400303628-1003\...\Spotify) (Version: 1.1.55.498.gf9a83c60 - Spotify AB)
TypeFaster Typing Tutor (HKLM-x32\...\TypeFaster) (Version:  - )
Web Companion (HKLM-x32\...\{09e6fe84-a366-4a27-8362-e31ec9f02889}) (Version: 6.0.2279.4130 - Lavasoft)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Wondershare Filmora9(Build 9.3.0) (HKLM\...\Wondershare Filmora9_is1) (Version:  - Wondershare Software)
X-Mouse Button Control 2.19.2 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.19.2 - Highresolution Enterprises)

==================== Exame Personalizado CLSID (Whitelisted): ==============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Nenhum Arquivo
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll -> Nenhum Arquivo
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2015-03-04] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll -> Nenhum Arquivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-01-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Drivers32: [msacm.iac2] => C:\Windows\SysWOW64\iac25_32.ax [197632 2009-07-13] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [VIDC.GEOS] => C:\Windows\SysWOW64\GeoCodecD.dll [622592 2010-10-11] (GeoVision) [Arquivo não assinado]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Arquivo não assinado]

==================== Atalhos & WMI ========================

==================== Módulos Carregados (Whitelisted) =============


==================== Alternate Data Streams (Whitelisted) ========

==================== Modo de Segurança (Whitelisted) ==================

==================== Associação (Whitelisted) =================

==================== Internet Explorer (Versão 11) (Whitelisted) ==========

HKU\S-1-5-21-4285362686-1069883986-400303628-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxps://www.msn.com/pt-br/?ocid=iehp
SearchScopes: HKU\S-1-5-21-4285362686-1069883986-400303628-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll [2021-04-25] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-04-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-4285362686-1069883986-400303628-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-4285362686-1069883986-400303628-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts Conteúdo: =========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-13 23:34 - 2021-01-11 21:53 - 000002109 _____ C:\Windows\system32\drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com

==================== Outras Áreas ===========================

(Atualmente não há nenhuma correção automática para esta seção.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-4285362686-1069883986-400303628-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Miguel Lopes\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4285362686-1069883986-400303628-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Priscila Lopes.Priscila-PC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Se uma entrada for incluída na fixlist, será removida.)

MSCONFIG\Services: AESTFilters => 2
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: AnyDesk => 2
MSCONFIG\Services: bookingdesktopapp => 2
MSCONFIG\Services: bookingdesktopappm => 3
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: McAfee WebAdvisor => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: rtop => 2
MSCONFIG\Services: SparkSvc => 2
MSCONFIG\Services: SparkUpdater => 3
MSCONFIG\Services: STacSV => 2
MSCONFIG\Services: WCAssistantService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AnyDesk.lnk => C:\Windows\pss\AnyDesk.lnk.CommonStartup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCXProcess => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe"
MSCONFIG\startupreg: CyCpIo => C:\Program Files\Cypress\TrackPad\CyCpIo.exe
MSCONFIG\startupreg: CyHidWin => C:\Program Files\Cypress\TrackPad\CyHidWin.exe
MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: Opera Browser Assistant => C:\Users\PRISCILA LOPES\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
MSCONFIG\startupreg: Opera GX Browser Assistant => C:\Users\Miguel Lopes\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe
MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\PRISCILA LOPES\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: Web Companion => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize 
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
MSCONFIG\startupreg: XMouseButtonControl => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe /notportable /delay

==================== Regras do Firewall (Whitelisted) ================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{1CA79748-9188-4CE8-88C8-B0B87B49E9E4}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe => Nenhum Arquivo
FirewallRules: [{46CD128C-135E-4CEA-B26C-2807500B1B73}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe => Nenhum Arquivo
FirewallRules: [{AE7C6713-D984-4914-AF81-11600F089329}] => (Allow) C:\Users\Priscila\AppData\Local\Programs\Opera\71.0.3770.148\opera.exe => Nenhum Arquivo
FirewallRules: [{752033BB-DF8E-442D-82F8-F9C59E869C3C}] => (Allow) C:\Users\Priscila\AppData\Local\Programs\Opera\71.0.3770.171\opera.exe => Nenhum Arquivo
FirewallRules: [{FD4908A3-CA14-4287-8734-8B3AF4E3FB03}] => (Allow) C:\Users\PRISCILA LOPES\AppData\Local\Programs\Opera\71.0.3770.228\opera.exe => Nenhum Arquivo
FirewallRules: [{4927FEF9-EA5C-44F9-9263-822713A9AFD7}] => (Allow) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe => Nenhum Arquivo
FirewallRules: [{035BF2BB-C06C-4094-97F0-26862964F361}] => (Allow) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe => Nenhum Arquivo
FirewallRules: [{A934E997-EB6F-4B3A-B977-43EE9EA11118}] => (Allow) C:\Users\PRISCILA LOPES\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C7DF64B8-EB97-4868-926F-FAAA8AA08251}] => (Allow) C:\Users\PRISCILA LOPES\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6D4D50A0-A9F9-4E8E-98F1-7CE426D26DAB}] => (Allow) C:\Users\PRISCILA LOPES\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4247A050-72A4-4936-995D-CCBE2296FC6B}] => (Allow) C:\Users\PRISCILA LOPES\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7760F761-8F49-4624-9524-02217770B54A}] => (Allow) C:\Users\PRISCILA LOPES\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4A4D174F-5664-4F97-843F-CB5954B23E8E}] => (Allow) C:\Users\PRISCILA LOPES\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2EC3CCA4-0186-4AD8-B8D6-8FD34F2508D2}] => (Allow) C:\Users\PRISCILA LOPES\AppData\Local\Programs\Opera\71.0.3770.271\opera.exe => Nenhum Arquivo
FirewallRules: [{5F0EFD99-312D-4965-AB18-54256C0CF40F}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe => Nenhum Arquivo
FirewallRules: [{1543B513-5D87-4D1D-9386-6593C30BCA8C}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{449492F7-D8BB-4E7E-9013-036DCFF51C5B}C:\users\miguel lopes\appdata\local\programs\opera gx\71.0.3770.302\opera.exe] => (Allow) C:\users\miguel lopes\appdata\local\programs\opera gx\71.0.3770.302\opera.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{CCF6610E-26CE-4335-87EE-A00471098D8E}C:\users\miguel lopes\appdata\local\programs\opera gx\71.0.3770.302\opera.exe] => (Allow) C:\users\miguel lopes\appdata\local\programs\opera gx\71.0.3770.302\opera.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{E2D1E71B-091F-4152-80E2-251A8FD14322}C:\htzin\smartgaga\projecttitan\engine\projecttitan.exe] => (Allow) C:\htzin\smartgaga\projecttitan\engine\projecttitan.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{A5A02777-7BF6-4D10-96E3-4DD95BE1F08B}C:\htzin\smartgaga\projecttitan\engine\projecttitan.exe] => (Allow) C:\htzin\smartgaga\projecttitan\engine\projecttitan.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{7B7FE0D7-45E7-47F5-90D0-4A16A752F577}C:\users\miguel lopes\appdata\local\programs\opera gx\71.0.3770.310\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\71.0.3770.310\opera.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{5E4A5792-76DC-4C58-9179-CC8119064CB2}C:\users\miguel lopes\appdata\local\programs\opera gx\71.0.3770.310\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\71.0.3770.310\opera.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{8E6435B1-5028-4E48-9089-F816B7672BD3}C:\users\miguel lopes\appdata\local\programs\opera gx\71.0.3770.323\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\71.0.3770.323\opera.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{F2D4595C-DAEF-4EF3-9245-43A23770CB11}C:\users\miguel lopes\appdata\local\programs\opera gx\71.0.3770.323\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\71.0.3770.323\opera.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{E59F1994-5052-485B-B0D4-07DA4BE8BF03}C:\users\priscila lopes\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Allow) C:\users\priscila lopes\appdata\local\programs\opera\72.0.3815.186\opera.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{9B5A67B2-7020-442E-8CFA-74C54B799F8B}C:\users\priscila lopes\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Allow) C:\users\priscila lopes\appdata\local\programs\opera\72.0.3815.186\opera.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{39B82FDF-001C-4C4D-8CA9-777E5CCB0C14}C:\users\miguel lopes\appdata\local\programs\opera gx\71.0.3770.441\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\71.0.3770.441\opera.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{1A8EF3A9-089D-40CB-A108-33FDC2F76340}C:\users\miguel lopes\appdata\local\programs\opera gx\71.0.3770.441\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\71.0.3770.441\opera.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{BA588332-99A2-40B9-B04B-BEC9C23A4C9A}C:\program files (x86)\smartgaga\projecttitan\engine\projecttitan.exe] => (Allow) C:\program files (x86)\smartgaga\projecttitan\engine\projecttitan.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{FAA3983B-0D46-44D0-A3CD-77BA2699140F}C:\program files (x86)\smartgaga\projecttitan\engine\projecttitan.exe] => (Allow) C:\program files (x86)\smartgaga\projecttitan\engine\projecttitan.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{1B48DB7A-B13E-4146-96EA-22A14DBC8D7D}C:\users\miguel lopes\appdata\local\programs\opera gx\71.0.3770.456\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\71.0.3770.456\opera.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{8B65C851-2CD5-4EED-B18A-7A21F8798A0F}C:\users\miguel lopes\appdata\local\programs\opera gx\71.0.3770.456\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\71.0.3770.456\opera.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{6CD46372-0522-46B5-8FB3-58AF4645387F}C:\users\miguel lopes\appdata\local\programs\opera gx\72.0.3815.450\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\72.0.3815.450\opera.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{8FD649E6-A232-4710-9437-F7B2A5C37F10}C:\users\miguel lopes\appdata\local\programs\opera gx\72.0.3815.450\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\72.0.3815.450\opera.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{C8DD58C8-BB68-4BE9-86B4-E28C499F2016}C:\users\miguel lopes\appdata\local\programs\opera gx\72.0.3815.454\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\72.0.3815.454\opera.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{30EA3A64-1FAA-4EC1-86D0-0BD4C4BC2952}C:\users\miguel lopes\appdata\local\programs\opera gx\72.0.3815.454\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\72.0.3815.454\opera.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{8A00B535-4C46-4C03-A927-44DC331B62E4}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{D391B3CB-EA45-43BA-9009-136D557B1550}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{A5B25859-66A9-4D95-99AC-D5FDB2EA66BB}C:\users\miguel lopes\appdata\local\programs\opera gx\72.0.3815.459\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\72.0.3815.459\opera.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{ADE51F0F-66B0-47FB-B3A8-EB0851551769}C:\users\miguel lopes\appdata\local\programs\opera gx\72.0.3815.459\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\72.0.3815.459\opera.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{FF9D900C-7E5B-4D3B-9CF9-7E1D30122160}C:\users\miguel lopes\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\miguel lopes\appdata\roaming\utorrent\utorrent.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{42EBAA6C-119A-4726-9D73-D2481D25BB80}C:\users\miguel lopes\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\miguel lopes\appdata\roaming\utorrent\utorrent.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{92E63BC3-FB0F-4C05-9802-CE50DC1082AF}C:\users\priscila lopes\appdata\roaming\utorrent\updates\3.5.5_45838.exe] => (Block) C:\users\priscila lopes\appdata\roaming\utorrent\updates\3.5.5_45838.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{44E3521E-2FFB-4247-A9BD-35D47F76E916}C:\users\priscila lopes\appdata\roaming\utorrent\updates\3.5.5_45838.exe] => (Block) C:\users\priscila lopes\appdata\roaming\utorrent\updates\3.5.5_45838.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{8780C55E-2B27-46BB-A66C-BC2541992DF9}C:\users\miguel lopes\appdata\roaming\utorrent\updates\3.5.5_45852.exe] => (Block) C:\users\miguel lopes\appdata\roaming\utorrent\updates\3.5.5_45852.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{1203DEC0-786C-4BEF-B6A6-6F17753B6A6F}C:\users\miguel lopes\appdata\roaming\utorrent\updates\3.5.5_45852.exe] => (Block) C:\users\miguel lopes\appdata\roaming\utorrent\updates\3.5.5_45852.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{A57BCF0B-8F42-4878-BA71-CA2F14102AEA}C:\users\miguel lopes\appdata\local\programs\opera gx\72.0.3815.465\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\72.0.3815.465\opera.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{EDF57AC2-8413-47DA-A893-7C3506F8BA86}C:\users\miguel lopes\appdata\local\programs\opera gx\72.0.3815.465\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\72.0.3815.465\opera.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{33D2AA70-AD6F-4A0D-BCED-3BFC4641703F}C:\program files\dnplayerext2\ldboxheadless.exe] => (Allow) C:\program files\dnplayerext2\ldboxheadless.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{EEB4E062-02D1-4BDA-AB52-D2C0F9B2B47F}C:\program files\dnplayerext2\ldboxheadless.exe] => (Allow) C:\program files\dnplayerext2\ldboxheadless.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{37640FEF-0919-422A-A0D7-F52FEF026619}C:\users\miguel lopes\appdata\local\programs\opera gx\72.0.3815.473\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\72.0.3815.473\opera.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{8BA1CD20-350B-47D1-8F3A-DFC409AFE5A0}C:\users\miguel lopes\appdata\local\programs\opera gx\72.0.3815.473\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\72.0.3815.473\opera.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{FF4D0382-45A2-4CDD-ABD2-E2597F9A56DE}C:\users\miguel lopes\appdata\local\programs\opera gx\72.0.3815.487\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\72.0.3815.487\opera.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{39392359-4020-4B1A-A3CE-DCB3E78DA63A}C:\users\miguel lopes\appdata\local\programs\opera gx\72.0.3815.487\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\72.0.3815.487\opera.exe => Nenhum Arquivo
FirewallRules: [{010897A5-B0B9-4830-A7DF-A78EC297E4CE}] => (Block) c:\program files\adobe\adobe photoshop 2020\photoshop.exe => Nenhum Arquivo
FirewallRules: [{1783A8B9-2118-45B7-B0FC-FA9CCCE5F351}] => (Block) c:\program files\adobe\adobe photoshop 2020\photoshop.exe => Nenhum Arquivo
FirewallRules: [{5754CC8C-6001-4998-9207-2DC22F8A30E6}] => (Block) c:\program files\adobe\adobe photoshop 2020\photoshop.exe => Nenhum Arquivo
FirewallRules: [{A8BDAAFE-C069-44C0-A834-65D3DCE540E9}] => (Block) c:\program files\adobe\adobe photoshop 2020\photoshop.exe => Nenhum Arquivo
FirewallRules: [{2BAF5377-C812-41B1-8EEA-9F308E6D8B0E}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{5036BA65-6146-48EA-A840-F20D33B2042E}C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.396\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.396\opera.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{546FEC11-6EBE-4E7B-8376-D61CC35DAC2C}C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.396\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.396\opera.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{A20104AC-2B21-47E3-8016-7C6BDA62F36F}C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.400\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.400\opera.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{FA68E12D-8BD3-487F-A622-2E649C0BED03}C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.400\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.400\opera.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{3C212EE1-BA00-4E08-A14F-B25EC7ABF0F6}C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.408\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.408\opera.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{824DBA3B-1FCE-4F0A-8EF2-D5B2B1CA7819}C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.408\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.408\opera.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{E6127949-9AB3-4CFC-B5BB-D70E2E6E5C65}C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.415\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.415\opera.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{675A42A8-0431-498C-A78C-C42331332A6A}C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.415\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.415\opera.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{BD12168A-6798-4AF5-B8DC-3BE1E41D7182}C:\users\miguel lopes\appdata\roaming\utorrent\updates\3.5.5_45966.exe] => (Block) C:\users\miguel lopes\appdata\roaming\utorrent\updates\3.5.5_45966.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{BF61ABCE-6A34-45F9-B315-635A0594074F}C:\users\miguel lopes\appdata\roaming\utorrent\updates\3.5.5_45966.exe] => (Block) C:\users\miguel lopes\appdata\roaming\utorrent\updates\3.5.5_45966.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{6191B125-0475-47C2-B596-E756B789ABE8}C:\users\priscila lopes.priscila-pc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\priscila lopes.priscila-pc\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{6A7CF60A-077D-4A55-B5F5-FC2C4F379619}C:\users\priscila lopes.priscila-pc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\priscila lopes.priscila-pc\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{D634272A-657A-4DC8-930D-4A42F591B933}C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.424\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.424\opera.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{40B4A12C-CAC0-48BB-9A8E-DDE24D8137DB}C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.424\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.424\opera.exe => Nenhum Arquivo
FirewallRules: [{239C7C99-D33B-4FB6-9565-5634EDE79653}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Nenhum Arquivo
FirewallRules: [{31A961DD-70CC-4073-B97D-68EDD7BD3C38}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Nenhum Arquivo
FirewallRules: [{586EAD67-2311-411A-96EF-274929C561DC}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Nenhum Arquivo
FirewallRules: [{7625E047-314C-44A3-A5F1-C6501431CEDA}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Nenhum Arquivo
FirewallRules: [{8404B623-2277-48A4-BDA6-9699C744F031}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Nenhum Arquivo
FirewallRules: [{CBFEE615-BEA3-4C59-AE9D-8059BDEB8AC6}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{7806C5B6-A809-4866-893A-84FFFB66047E}C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.427\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.427\opera.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{89601681-B9FE-4C51-A009-0FE4AE3C85F4}C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.427\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.427\opera.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{8A146770-B401-4301-93CE-04CBCF90BFE2}C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.431\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.431\opera.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{FBF374CC-77C4-474F-9E12-93C2CCD5A599}C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.431\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.431\opera.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{7CC25CCF-454C-4A04-9190-BA6055E3EEB8}C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.434\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.434\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{FE94CAEE-D54E-431B-910C-241FF292416D}C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.434\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.434\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{F4FB4BCB-9D5C-474F-98B0-067A3C94FDD1}C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.438\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.438\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{89F88335-FA82-4BCF-BCC5-1DA2DA0BC314}C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.438\opera.exe] => (Block) C:\users\miguel lopes\appdata\local\programs\opera gx\73.0.3856.438\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{E14548E9-A937-49AE-B8F2-7A460525186F}C:\program files\java\jre1.8.0_261\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_261\bin\javaw.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{EEF5A44B-1229-46E0-91C8-97BA13151025}C:\program files\java\jre1.8.0_261\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_261\bin\javaw.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{A2F86F64-FC50-466C-BCDB-CB7937C56504}C:\program files\java\jre1.8.0_291\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_291\bin\javaw.exe
FirewallRules: [UDP Query User{2DE5CE82-1A79-4C43-BCED-413BA426F5FC}C:\program files\java\jre1.8.0_291\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_291\bin\javaw.exe
FirewallRules: [{4DCB26B6-302F-4EDC-B05B-DC3027292F10}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Pontos de Restauração =========================

22-04-2021 14:04:46 Removed Habbo Launcher
22-04-2021 14:07:41 Removed Habbo Launcher
23-04-2021 18:16:39 Removed Progress® Telerik® JustDecompile R1 2019
26-04-2021 11:43:33 Windows Update
30-04-2021 11:38:11 Windows Update

==================== Dispositivos Apresentando Falhas No Gerenciador ============

Name: LdBoxDrv
Description: LdBoxDrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: LdBoxDrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: SM-J260M
Description: SM-J260M
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Samsung Electronics Co., Ltd.
Service: WUDFRd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Qualcomm Atheros AR3011 Bluetooth 3.0
Description: Qualcomm Atheros AR3011 Bluetooth 3.0
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Erros no Log de eventos: ========================

Erros em Aplicativos:
==================
Error: (05/04/2021 12:07:26 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Habbo.exe versão 0.0.0.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: 1304

Hora de Início: 01d7409291ea95f8

Hora de Término: 9

Caminho do Aplicativo: C:\Users\Miguel Lopes\AppData\Roaming\Habbo Launcher\downloads\air\8\Habbo.exe

Id do Relatório: d7d376e1-ac85-11eb-abc9-d067e5f58875

Error: (05/03/2021 02:53:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa TSearch.exe versão 1.6.0.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: 788

Hora de Início: 01d74043d54726c1

Hora de Término: 11

Caminho do Aplicativo: C:\Users\Miguel Lopes\tsearch 1.6b\tsearch 1.6b\TSearch.exe

Id do Relatório: 79e32eaf-ac38-11eb-929e-d067e5f58875

Error: (05/02/2021 02:02:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Wondershare Filmora9.exe versão 9.3.0.24 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: b4c

Hora de Início: 01d73f6d0111c323

Hora de Término: 205

Caminho do Aplicativo: C:\Program Files\Wondershare\Filmora9\Wondershare Filmora9.exe

Id do Relatório: 1b44fd15-ab68-11eb-b0fc-d067e5f58875

Error: (04/25/2021 08:18:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: HabboLauncher-Setup-1.0.25.exe, versão: 1.0.25.195, carimbo de hora: 0x5c157f86
Nome do módulo de falhas: System.dll, versão: 0.0.0.0, carimbo de hora: 0x5c157efa
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00001581
Identificação do processo com falha: 0x12dc
Hora de início do aplicativo com falha: 0x01d73a293cb58e11
Caminho do aplicativo com falha: C:\Users\MIGUEL~1\AppData\Local\Temp\scoped_dir2968_1635167417\HabboLauncher-Setup-1.0.25.exe
FCaminho do módulo de falhas: C:\Users\MIGUEL~1\AppData\Local\Temp\nsf55A0.tmp\System.dll
Identificação do Relatório: 7cef93cc-a61c-11eb-a37b-d067e5f58875

Error: (04/25/2021 07:07:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa NOTEPAD.EXE versão 6.1.7601.18917 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: 10e4

Hora de Início: 01d73a1f59c66a80

Hora de Término: 7

Caminho do Aplicativo: C:\Windows\system32\NOTEPAD.EXE

Id do Relatório: 9fc7b5c5-a612-11eb-a37b-d067e5f58875

Error: (04/24/2021 05:27:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: Habbo Launcher.exe, versão: 1.0.25.195, carimbo de hora: 0x60301e07
Nome do módulo de falhas: Habbo Launcher.exe, versão: 1.0.25.195, carimbo de hora: 0x60301e07
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00f7d865
Identificação do processo com falha: 0x1020
Hora de início do aplicativo com falha: 0x01d739483a3fa042
Caminho do aplicativo com falha: C:\Users\Miguel Lopes\AppData\Local\Programs\habbo-electron-launcher\Habbo Launcher.exe
FCaminho do módulo de falhas: C:\Users\Miguel Lopes\AppData\Local\Programs\habbo-electron-launcher\Habbo Launcher.exe
Identificação do Relatório: 80bef6fe-a53b-11eb-8b67-d067e5f58875

Error: (04/22/2021 02:09:40 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Priscila-PC)
Description: O aplicativo ou serviço 'HabboLauncher' não pôde ser encerrado.

Error: (04/22/2021 02:09:40 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Priscila-PC)
Description: O aplicativo ou serviço 'HabboLauncher' não pôde ser encerrado.


Erros de Sistema:
=============
Error: (05/04/2021 10:27:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço LdBoxDrv devido ao seguinte erro: 
O sistema não pode encontrar o caminho especificado.

Error: (05/04/2021 10:27:37 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Falha indeterminada do adaptador Bluetooth local; ele não será usado. O driver foi descarregado.

Error: (05/03/2021 11:54:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço LdBoxDrv devido ao seguinte erro: 
O sistema não pode encontrar o caminho especificado.

Error: (05/03/2021 11:54:00 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Falha indeterminada do adaptador Bluetooth local; ele não será usado. O driver foi descarregado.

Error: (05/03/2021 08:51:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço LdBoxDrv devido ao seguinte erro: 
O sistema não pode encontrar o caminho especificado.

Error: (05/03/2021 08:51:25 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Falha indeterminada do adaptador Bluetooth local; ele não será usado. O driver foi descarregado.

Error: (05/03/2021 02:34:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço LdBoxDrv devido ao seguinte erro: 
O sistema não pode encontrar o caminho especificado.

Error: (05/03/2021 02:33:51 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Falha indeterminada do adaptador Bluetooth local; ele não será usado. O driver foi descarregado.


Windows Defender:
================
Date: 2020-10-21 19:20:11.047
Description: 
Windows Defender detectou spyware ou outro software possivelmente indesejado.
Para obter mais informações, consulte:
http://go.microsoft.com/fwlink/?linkid=37020&name=Misleading:Win32/Fybents&threatid=272037
Nome:Misleading:Win32/Fybents
Severidade:Alto
Categoria:Software Potencialmente Indesejado
Caminho Encontrado:file:C:\Program Files\ByteFence\ByteFence.exe;file:C:\Program Files\ByteFence\ByteFenceScan.exe;file:C:\Program Files\ByteFence\ByteFenceService.exe;file:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware\ByteFence Anti-Malware.lnk;file:c:\users\priscila lopes\Desktop\ByteFence Anti-Malware.lnk;file:C:\Windows\System32\Tasks\ByteFence->(UTF-16LE);process:pid:1576,ProcessStart:132477848043748905;process:pid:4812;process:pid:4892;regkey:HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A141DA2-A317-43BC-83E2-41DD6B686E6D};regkey:HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ByteFence;regkey:HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ByteFence;service:ByteFenceService;startup:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware\ByteFence Anti-Malware.lnk;taskscheduler:C:\Windows\System32\Tasks\ByteFence;uninstall:HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Byt
Tipo de Detecção:Concreto
Origem da Detecção:Sistema
Status:Desconhecido
Usuário:AUTORIDADE NT\SISTEMA
Nome do Processo:

Date: 2020-10-21 17:23:17.154
Description: 
Windows Defender detectou spyware ou outro software possivelmente indesejado.
Para obter mais informações, consulte:
http://go.microsoft.com/fwlink/?linkid=37020&name=Misleading:Win32/Fybents&threatid=272037
Nome:Misleading:Win32/Fybents
Severidade:Alto
Categoria:Software Potencialmente Indesejado
Caminho Encontrado:file:C:\Program Files\ByteFence\ByteFence.exe;file:C:\Program Files\ByteFence\ByteFenceScan.exe;file:C:\Program Files\ByteFence\ByteFenceService.exe;file:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware\ByteFence Anti-Malware.lnk;file:c:\users\priscila lopes\Desktop\ByteFence Anti-Malware.lnk;file:C:\Windows\System32\Tasks\ByteFence->(UTF-16LE);process:pid:1576,ProcessStart:132477848043748905;process:pid:4892;regkey:HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A141DA2-A317-43BC-83E2-41DD6B686E6D};regkey:HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ByteFence;regkey:HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ByteFence;service:ByteFenceService;startup:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware\ByteFence Anti-Malware.lnk;taskscheduler:C:\Windows\System32\Tasks\ByteFence;uninstall:HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ByteFence
Tipo de Detecção:Concreto
Origem da Detecção:Sistema
Status:Desconhecido
Usuário:AUTORIDADE NT\SISTEMA
Nome do Processo:

Date: 2020-10-21 17:22:01.210
Description: 
Windows Defender detectou spyware ou outro software possivelmente indesejado.
Para obter mais informações, consulte:
http://go.microsoft.com/fwlink/?linkid=37020&name=Misleading:Win32/Fybents&threatid=272037
Nome:Misleading:Win32/Fybents
Severidade:Alto
Categoria:Software Potencialmente Indesejado
Caminho Encontrado:file:C:\Program Files\ByteFence\ByteFence.exe;file:C:\Program Files\ByteFence\ByteFenceScan.exe;file:C:\Program Files\ByteFence\ByteFenceService.exe;file:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware\ByteFence Anti-Malware.lnk;file:c:\users\priscila lopes\Desktop\ByteFence Anti-Malware.lnk;file:C:\Windows\System32\Tasks\ByteFence->(UTF-16LE);process:pid:1576,ProcessStart:132477848043748905;regkey:HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A141DA2-A317-43BC-83E2-41DD6B686E6D};regkey:HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ByteFence;regkey:HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ByteFence;service:ByteFenceService;startup:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware\ByteFence Anti-Malware.lnk;taskscheduler:C:\Windows\System32\Tasks\ByteFence;uninstall:HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ByteFence
Tipo de Detecção:Concreto
Origem da Detecção:Sistema
Status:Desconhecido
Usuário:AUTORIDADE NT\SISTEMA
Nome do Processo:

Date: 2020-10-21 17:22:01.208
Description: 
Windows Defender detectou spyware ou outro software possivelmente indesejado.
Para obter mais informações, consulte:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Prifou&threatid=224074
Nome:BrowserModifier:Win32/Prifou
Severidade:Alto
Categoria:Modificador de Navegador
Caminho Encontrado:file:C:\Users\PRISCILA LOPES\AppData\Local\022880086a2d0b0e89c268df1246b7ff\Updane.exe;file:C:\Windows\System32\Tasks\Updane\{02288008-6A2D-0B0E-89C2-68DF1246B7FF}->(UTF-16LE);regkey:HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08504AD0-0536-4231-AF95-7B71D346F284};regkey:HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Updane\{02288008-6A2D-0B0E-89C2-68DF1246B7FF};taskscheduler:C:\Windows\System32\Tasks\Updane\{02288008-6A2D-0B0E-89C2-68DF1246B7FF}
Tipo de Detecção:Concreto
Origem da Detecção:Sistema
Status:Desconhecido
Usuário:AUTORIDADE NT\SISTEMA
Nome do Processo:

Date: 2020-10-21 16:54:07.335
Description: 
Windows Defender detectou spyware ou outro software possivelmente indesejado.
Para obter mais informações, consulte:
http://go.microsoft.com/fwlink/?linkid=37020&name=Misleading:Win32/Fybents&threatid=272037
Nome:Misleading:Win32/Fybents
Severidade:Alto
Categoria:Software Potencialmente Indesejado
Caminho Encontrado:file:C:\Program Files\ByteFence\ByteFence.exe;file:C:\Program Files\ByteFence\ByteFenceScan.exe;file:C:\Program Files\ByteFence\ByteFenceService.exe;file:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware\ByteFence Anti-Malware.lnk;file:c:\users\priscila lopes\Desktop\ByteFence Anti-Malware.lnk;file:C:\Windows\System32\Tasks\ByteFence->(UTF-16LE);process:pid:1548,ProcessStart:132477832176449698;regkey:HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A141DA2-A317-43BC-83E2-41DD6B686E6D};regkey:HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ByteFence;regkey:HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ByteFence;service:ByteFenceService;startup:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware\ByteFence Anti-Malware.lnk;taskscheduler:C:\Windows\System32\Tasks\ByteFence;uninstall:HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ByteFence
Tipo de Detecção:Concreto
Origem da Detecção:Sistema
Status:Desconhecido
Usuário:AUTORIDADE NT\SISTEMA
Nome do Processo:

Date: 2021-04-27 12:01:16.850
Description: 
Windows Defender encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura:1.337.2.0
Versão da Assinatura Anterior:1.335.1693.0
Origem da Atualização:Usuário
Tipo de Assinatura:Anti-spyware
Tipo de Atualização:Delta
Usuário:AUTORIDADE NT\SISTEMA
Versão do Mecanismo Atual:1.1.18100.5
Versão do Mecanismo Anterior:1.1.18000.5
Código de erro:0x80070666
Descrição do erro:Outra versão deste produto já está instalada. A instalação desta versão não pode continuar. Para configurar ou remover a versão existente deste produto, use 'Adicionar ou remover programas' no Painel de Controle. 

Date: 2021-04-27 12:01:16.849
Description: 
Windows Defender encontrou um erro ao tentar atualizar o mecanismo.
Versão do Mecanismo Novo:1.1.18100.5
Versão do Mecanismo Anterior:1.1.18000.5
Origem da Atualização:Usuário
Usuário:AUTORIDADE NT\SISTEMA
Código de Erro:0x80070666
Descrição do erro:Outra versão deste produto já está instalada. A instalação desta versão não pode continuar. Para configurar ou remover a versão existente deste produto, use 'Adicionar ou remover programas' no Painel de Controle. 

Date: 2021-01-10 20:53:38.847
Description: 
Windows Defender encontrou um erro ao tentar carregar assinaturas e tentará reverter ao conjunto de assinaturas válidas.
Tentativas de Assinaturas:Atual
Código de Erro:0x80070002
Descrição do erro:O sistema não pode encontrar o arquivo especificado. 
Versão da assinatura:0.0.0.0
Versão do mecanismo:0.0.0.0

Date: 2021-01-10 19:49:13.589
Description: 
Windows Defender encontrou um erro ao tentar carregar assinaturas e tentará reverter ao conjunto de assinaturas válidas.
Tentativas de Assinaturas:Atual
Código de Erro:0x80070002
Descrição do erro:O sistema não pode encontrar o arquivo especificado. 
Versão da assinatura:0.0.0.0
Versão do mecanismo:0.0.0.0

==================== Informações da Memória =========================== 

BIOS: Dell Inc. A06 11/14/2011
placa-mãe: Dell Inc. 0X0DC1
Processador: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentagem de memória em uso: 78%
RAM física total: 4004.28 MB
RAM física disponível: 843.98 MB
Virtual Total: 8006.7 MB
Virtual disponível: 4332.48 MB

==================== Drives ================================

Drive 😄 () (Fixed) (Total:465.66 GB) (Free:388.01 GB) NTFS

\\?\Volume{c2ddee4a-ee06-11ea-aaac-806e6f6e6963}\ (Reservado pelo Sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Tabela de Partições ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 00110155)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt =======================

Link para o post
Compartilhar em outros sites
  • Analista de Segurança

@Miguel Lopes

 

Por favor, atente para o seguinte:

  • Sobre o Fórum: Este é um espaço privado, não público. Seu uso é um privilégio, não um direito;
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • IMPORTANTE: Caso tenha programas de ativação do windows ou de compartilhamento p2p/toŕŕent, sugiro desinstalar. Só irei dar procedimento na analise após a remoção. Regras do forum;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Respeite a ordem das instruções passadas;
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!


Regras da Área de Remoção de Malware << IMPORTANTE A LEITURA

Regras Gerais do Forum Clube do Hardware << IMPORTANTE A LEITURA
 

Siga os passos abaixo:

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

 

ETAPA 1

 

Faça o download do AdwCleaner de um dos links abaixo e salve no desktop.

https://toolslib.net/downloads/viewdownload/1-adwcleaner/

http://www.bleepingcomputer.com/download/adwcleaner/

Clique em DOWNLOAD NOW para baixar o arquivo.

Execute o adwcleaner.exe

OBS: Usuários do Windows Vista, 7, 8/8.1 e windows 10 clique com o direito sobre o arquivo AdwCleaner.exe, depois clique em image.png

Clique em VERIFICAR AGORA/SCAN NOW. Após o termino clique em LIMPAR/CLEAN e aguarde.

Será aberto o bloco de notas com o resultado.

 

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.

 

ETAPA 2

 

Faça o download do ZHPCleaner no link abaixo e salve em sua Área de trabalho (Desktop)

https://www.majorgeeks.com/files/details/zhpcleaner.html

Execute o arquivo ZHPCleaner.exe Como Administrador

  • Clique no botão Scanner.
  • A ferramenta começara o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Em seguida clique no botão Reparar.
  • Será gerado um log chamado ZHPCleaner.txt

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.

Link para o post
Compartilhar em outros sites

ADWCLEANER

 

 

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build:    03-22-2021
# Database: 2021-04-28.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    05-04-2021
# Duration: 00:00:05
# OS:       Windows 7 Ultimate
# Cleaned:  21
# Failed:   0


***** [ Services ] *****

Deleted       WCAssistantService

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\Lavasoft\Web Companion
Deleted       C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted       C:\ProgramData\Lavasoft\Web Companion
Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion

 

 

 

ZHPCLEANNER

 

~ ZHPCleaner v2021.5.1.293 by Nicolas Coolman (2021/05/01)
~ Run by Miguel Lopes (Administrator)  (04/05/2021 14:10:54)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : 
~ Type : Scan
~ Report : C:\Users\Miguel Lopes\Desktop\ZHPCleaner (S).txt
~ Quarantine : C:\Users\Miguel Lopes\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : 
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)


---\\  Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.


---\\  Services (0)
~ No malicious or unnecessary items found.


---\\  Browser internet (0)
~ No malicious or unnecessary items found.


---\\  Hosts file (1)
~ The hosts file is legitimate (66)


---\\  Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.


---\\  Explorer ( File, Folder) (3)
FOUND file: C:\Users\Miguel Lopes\AppData\Local\Google\Chrome\User Data\Default\Preferences    =>ChromiumPreference
FOUND folder: C:\ProgramData\ByteFence\RTOP  =>SUP.Optional.ByteFence
FOUND folder: C:\ProgramData\ByteFence  =>SUP.Optional.ByteFence


---\\  Registry ( Key, Value, Data) (7)
FOUND key: HKLM\SOFTWARE\Classes\*\shell\ByteFence File Scan [AdditionalScan 493]  =>SUP.Optional.ByteFence
FOUND key: HKLM\SOFTWARE\Classes\Directory\Shell\ByteFence Folder Scan [AdditionalScan 497]  =>SUP.Optional.ByteFence
FOUND key: HKLM\System\CurrentControlSet\Services\EventLog\Application\ByteFenceService [AdditionalScan 569]  =>SUP.Optional.ByteFence
FOUND key: HKEY_USERS\S-1-5-21-4285362686-1069883986-400303628-1001\SOFTWARE\bookingDesktopApp []  =>PUP.Optional.Booking
FOUND key: HKCU\Software\bookingDesktopApp []  =>PUP.Optional.Booking
FOUND key: [X64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CyHidWin []  =>PUP.Optional.Yhid
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool]  =>Toolbar.Ask


---\\  Summary of the elements found (5)
https://nicolascoolman.eu/2020/10/01/preferences-navigateurs-chromium/  =>ChromiumPreference
https://nicolascoolman.eu/2017/03/13/superfluous-bytefence/  =>SUP.Optional.ByteFence
https://nicolascoolman.eu/forum/Topic/booking-logiciel-potentiellement-indesirable-pup-lpi/  =>PUP.Optional.Booking
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/  =>PUP.Optional.Yhid
https://nicolascoolman.eu/2017/02/28/toolbar-ask/  =>Toolbar.Ask


---\\ Result of repair
~ Any repair made
~ Google Chrome OK
~ Internet Explorer OK
~ Opera Stable OK


---\\ Statistics
~ Items scanned : 81876
~ Items found : 12
~ Items cancelled : 0
~ Space saving (bytes) : 0
~ Items options : 9/17


---\\ OPTIONS NOT ACTIVES
~ Temporary file analysis
~ Temporary folder analysis
~ Empty Folder CLSID Analysis
~ Empty Other Folder Analysis
~ Empty LocalLow Folder Analysis
~ Empty Local Folder Analysis
~ Obsolete Installer File Analysis
~ Start browsers with extensions removed

~ End of search in 00h27mn57s

---\\  Reports (0)
ZHPCleaner-[S]-04052021-14_38_51.txt
 

 

 

 

 

 

 


 

Link para o post
Compartilhar em outros sites
  • Analista de Segurança

@Miguel Lopes

 

Faça o download do RogueKiller by Tigzy, e salve na sua área de trabalho (Desktop)

roguekiller.exe (x64) << link

  • Feche todos os programas
  • Execute o RogueKiller.exe.
    ** Usuários do Windows Vista, Windows 7, 8, 8.1 e Windows 10:Clique com o direito sobre o arquivo rogueKiller.exe, depois clique em image.png
  • Clique em SCAN
  • Clique no primeiro START "Standard Scan (recommended)" e aguarde o scan...
  • Clique no botão RESULTS
  • Clique na opção REPORT e em EXPORT e selecione a opção Text file...
  • Salve o arquivo na area de trabalho com o nome roguekiller_report

Atente para abrir o arquivo, copiar e colar todo o conteúdo na sua próxima resposta

Link para o post
Compartilhar em outros sites

@Elias Pereira

RogueKiller Anti-Malware V14.8.6.0 (x64) [Mar 24 2021] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits
Started in : Normal mode
User : Miguel Lopes [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20210505_100855, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2021/05/05 09:10:24 (Duration : 01:25:50)
Switches : -minimize

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.Gen0 (Potentially Malicious)] rtop (0) -- "c:\program files\bytefence\rtop\bin\rtop_svc.exe" -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[Suspicious.Path (Potentially Malicious)] \Opera scheduled Autoupdate 1602112517 -- C:\Users\PRISCILA LOPES\AppData\Local\Programs\Opera\launcher.exe [--scheduledautoupdate $(Arg0)] -> Found
[Suspicious.Path (Potentially Malicious)] \Opera scheduled assistant Autoupdate 1602112518 -- C:\Users\PRISCILA LOPES\AppData\Local\Programs\Opera\launcher.exe [--scheduledautoupdate --component-name=assistant --component-path="C:\Users\PRISCILA LOPES\AppData\Local\Programs\Opera\assistant" $(Arg0)] -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> XX - Software
  [PUP.Gen1 (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-4285362686-1069883986-400303628-1001\Software\Tencent -- N/A -> Found
>>>>>> O23 - Services
  [PUP.Gen0 (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\rtop -- "c:\program files\bytefence\rtop\bin\rtop_svc.exe" (missing) -> Found
  [PUP.Gen0 (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\rtop -- "c:\program files\bytefence\rtop\bin\rtop_svc.exe" (missing) -> Found
>>>>>> O87 - Firewall
  [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{AE7C6713-D984-4914-AF81-11600F089329} -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Users\Priscila\AppData\Local\Programs\Opera\71.0.3770.148\opera.exe|Name=Opera Internet Browser (mDNS-In)|Desc=Inbound rule to allow mDNS traffic.|EmbedCtxt=Opera Internet Browser| (C:\Users\Priscila\AppData\Local\Programs\Opera\71.0.3770.148\opera.exe) (missing) -> Found
  [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{752033BB-DF8E-442D-82F8-F9C59E869C3C} -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Users\Priscila\AppData\Local\Programs\Opera\71.0.3770.171\opera.exe|Name=Opera Internet Browser (mDNS-In)|Desc=Inbound rule to allow mDNS traffic.|EmbedCtxt=Opera Internet Browser| (C:\Users\Priscila\AppData\Local\Programs\Opera\71.0.3770.171\opera.exe) (missing) -> Found
  [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{FD4908A3-CA14-4287-8734-8B3AF4E3FB03} -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Users\PRISCILA LOPES\AppData\Local\Programs\Opera\71.0.3770.228\opera.exe|Name=Opera Internet Browser (mDNS-In)|Desc=Inbound rule to allow mDNS traffic.|EmbedCtxt=Opera Internet Browser| (C:\Users\PRISCILA LOPES\AppData\Local\Programs\Opera\71.0.3770.228\opera.exe) (missing) -> Found
  [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{2EC3CCA4-0186-4AD8-B8D6-8FD34F2508D2} -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Users\PRISCILA LOPES\AppData\Local\Programs\Opera\71.0.3770.271\opera.exe|Name=Opera Internet Browser (mDNS-In)|Desc=Inbound rule to allow mDNS traffic.|EmbedCtxt=Opera Internet Browser| (C:\Users\PRISCILA LOPES\AppData\Local\Programs\Opera\71.0.3770.271\opera.exe) (missing) -> Found
  [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{E59F1994-5052-485B-B0D4-07DA4BE8BF03}C:\users\priscila lopes\appdata\local\programs\opera\72.0.3815.186\opera.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\priscila lopes\appdata\local\programs\opera\72.0.3815.186\opera.exe|Name=opera.exe|Desc=opera.exe|Defer=User| (C:\users\priscila lopes\appdata\local\programs\opera\72.0.3815.186\opera.exe) (missing) -> Found
  [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{9B5A67B2-7020-442E-8CFA-74C54B799F8B}C:\users\priscila lopes\appdata\local\programs\opera\72.0.3815.186\opera.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\priscila lopes\appdata\local\programs\opera\72.0.3815.186\opera.exe|Name=opera.exe|Desc=opera.exe|Defer=User| (C:\users\priscila lopes\appdata\local\programs\opera\72.0.3815.186\opera.exe) (missing) -> Found
  [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{AE7C6713-D984-4914-AF81-11600F089329} -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Users\Priscila\AppData\Local\Programs\Opera\71.0.3770.148\opera.exe|Name=Opera Internet Browser (mDNS-In)|Desc=Inbound rule to allow mDNS traffic.|EmbedCtxt=Opera Internet Browser| (C:\Users\Priscila\AppData\Local\Programs\Opera\71.0.3770.148\opera.exe) (missing) -> Found
  [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{752033BB-DF8E-442D-82F8-F9C59E869C3C} -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Users\Priscila\AppData\Local\Programs\Opera\71.0.3770.171\opera.exe|Name=Opera Internet Browser (mDNS-In)|Desc=Inbound rule to allow mDNS traffic.|EmbedCtxt=Opera Internet Browser| (C:\Users\Priscila\AppData\Local\Programs\Opera\71.0.3770.171\opera.exe) (missing) -> Found
  [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{FD4908A3-CA14-4287-8734-8B3AF4E3FB03} -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Users\PRISCILA LOPES\AppData\Local\Programs\Opera\71.0.3770.228\opera.exe|Name=Opera Internet Browser (mDNS-In)|Desc=Inbound rule to allow mDNS traffic.|EmbedCtxt=Opera Internet Browser| (C:\Users\PRISCILA LOPES\AppData\Local\Programs\Opera\71.0.3770.228\opera.exe) (missing) -> Found
  [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{2EC3CCA4-0186-4AD8-B8D6-8FD34F2508D2} -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Users\PRISCILA LOPES\AppData\Local\Programs\Opera\71.0.3770.271\opera.exe|Name=Opera Internet Browser (mDNS-In)|Desc=Inbound rule to allow mDNS traffic.|EmbedCtxt=Opera Internet Browser| (C:\Users\PRISCILA LOPES\AppData\Local\Programs\Opera\71.0.3770.271\opera.exe) (missing) -> Found
  [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{E59F1994-5052-485B-B0D4-07DA4BE8BF03}C:\users\priscila lopes\appdata\local\programs\opera\72.0.3815.186\opera.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\priscila lopes\appdata\local\programs\opera\72.0.3815.186\opera.exe|Name=opera.exe|Desc=opera.exe|Defer=User| (C:\users\priscila lopes\appdata\local\programs\opera\72.0.3815.186\opera.exe) (missing) -> Found
  [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{9B5A67B2-7020-442E-8CFA-74C54B799F8B}C:\users\priscila lopes\appdata\local\programs\opera\72.0.3815.186\opera.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\priscila lopes\appdata\local\programs\opera\72.0.3815.186\opera.exe|Name=opera.exe|Desc=opera.exe|Defer=User| (C:\users\priscila lopes\appdata\local\programs\opera\72.0.3815.186\opera.exe) (missing) -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.InstallCore (Potentially Malicious)] (shortcut) aTube Catcher.lnk -- C:\$Recycle.Bin\S-1-5-21-4285362686-1069883986-400303628-1001\$R7M3XWA\Desktop\aTube Catcher.lnk => C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe -> Found
[PUP.InstallCore (Potentially Malicious)] (shortcut) Music Search MP3.lnk -- C:\$Recycle.Bin\S-1-5-21-4285362686-1069883986-400303628-1001\$R7M3XWA\Desktop\Music Search MP3.lnk => C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe [/MP3DOWNLOADER] -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 

Link para o post
Compartilhar em outros sites

@Elias Pereira

 

 DELETE!

RogueKiller Anti-Malware V14.8.6.0 (x64) [Mar 24 2021] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits
Started in : Normal mode
User : Miguel Lopes [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20210505_100855, Driver : Loaded
Mode : Quick Scan, Delete -- Date : 2021/05/06 11:34:51 (Duration : 00:00:48)
Switches : -minimize

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.Gen0 (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\rtop -- [%ProgramFiles%\bytefence\rtop\bin\rtop_svc.exe] -> Deleted
[PUP.Gen0 (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\rtop -- [%ProgramFiles%\bytefence\rtop\bin\rtop_svc.exe] -> Deleted

 

 

 

 

SCAN

 

RogueKiller Anti-Malware V14.8.6.0 (x64) [Mar 24 2021] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits
Started in : Normal mode
User : Miguel Lopes [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20210505_100855, Driver : Loaded
Mode : Quick Scan, Scan -- Date : 2021/05/06 11:33:48 (Duration : 00:00:48)
Switches : -minimize

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> O23 - Services
  [PUP.Gen0 (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\rtop -- "c:\program files\bytefence\rtop\bin\rtop_svc.exe" (missing) -> Found
  [PUP.Gen0 (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\rtop -- "c:\program files\bytefence\rtop\bin\rtop_svc.exe" (missing) -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 

Link para o post
Compartilhar em outros sites
  • Analista de Segurança

@Miguel Lopes

 

  1. Clique no menu Iniciar, e após isso clique com o botão direito do mouse sob Meu computador e selecione a opção Propriedades.
  2. Em Propriedades, selecione a opção Configurações avançadas do sistema.
  3. Vá na aba Proteção do Sistema, e em Restauração do Sistema, vá na opção Criar.
    fce2f587-5556-456b-93d4-00966ae7f59d
  4. Depois basta seguir as instruções em tela, para criar seu ponto de restauração.OBS: Lembre-se de colocar um nome de fácil entendimento para uma posterior restauração a partir deste ponto.

Pressione as teclas Windows conheca-atalhos-de-teclado-para-dominar-o-windows-8-2.jpg + R e digite: msconfig 

- Clique na guia Serviços, marque a opção Ocultar todos os serviços Microsoft e depois clique em Desativar tudo

- Clique na guia Inicialização de Programas e clique em Desativar tudo 

 

Siga as mensagens ate que seja solicitado a reiniciar.
Me informe se tudo ok ou se ocorreu algum problema.

Link para o post
Compartilhar em outros sites

Crie uma conta ou entre para comentar

Você precisa ser um usuário para fazer um comentário

Criar uma conta

Crie uma nova conta em nossa comunidade. É fácil!

Crie uma nova conta

Entrar

Já tem uma conta? Faça o login.

Entrar agora

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas comunidades sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...

Aprenda a ler resistores e capacitores

EBOOK GRÁTIS!

CLIQUE AQUI E BAIXE AGORA MESMO!