Ir para conteúdo
  • Cadastre-se

A partir do dia 19/11/2018, o foco do Fórum do BABOO é apenas Windows e Segurança Digital conforme informado no início de 2018.
As áreas que não têm relação com esses dois assuntos foram arquivadas e seus tópicos estão disponíveis para consulta na área Tópicos Antigos.

Conheça as novidades de 2019 para o BABOO e Fórum do BABOO

elisausilva

  • Postagens

    6
  • Desde

  • Última visita

Últimos Visitantes

O bloco dos últimos visitantes está desativado e não está sendo visualizado por outros usuários.

  1. elisausilva

    solicitação de analise de log computador devagar

    Obrigado pela ajuda.. obrigado mesmo..Valeu.
  2. elisausilva

    solicitação de analise de log computador devagar

    C:\Windows\ServiceProfiles\LocalService\winhttp\1376883301.cache JS/ProxyChanger.BQ trojan cleaned by deleting C:\Windows\ServiceProfiles\LocalService\winhttp\1980073435.cache JS/ProxyChanger.BQ trojan cleaned by deleting C:\Windows\ServiceProfiles\LocalService\winhttp\2309356734.cache JS/ProxyChanger.BQ trojan cleaned by deleting C:\Windows\ServiceProfiles\LocalService\winhttp\2836426826.cache JS/ProxyChanger.BQ trojan cleaned by deleting C:\Windows\ServiceProfiles\LocalService\winhttp\2872986290.cache JS/ProxyChanger.BQ trojan cleaned by deleting C:\Windows\ServiceProfiles\LocalService\winhttp\3054113646.cache JS/ProxyChanger.BQ trojan cleaned by deleting C:\Windows\ServiceProfiles\LocalService\winhttp\3987003008.cache JS/ProxyChanger.BQ trojan cleaned by deleting D:\COMPUTADOR DO BOZO\Downloads\BullVidSetupV1.exe Win32/Toolbar.SearchSuite potentially unwanted application cleaned by deleting D:\COMPUTADOR DO BOZO\Downloads\cbsidlm-cbsi4_1_1-Pandora_Recovery-10694796.exe a variant of Win32/CNETInstaller.B potentially unwanted application cleaned by deleting D:\COMPUTADOR DO BOZO\Downloads\GraboidVideoSetup-3.26.exe Win32/Graboid potentially unsafe application cleaned by deleting D:\COMPUTADOR DO BOZO\Downloads\GraboidVideoSetup-3.31.exe Win32/Graboid potentially unsafe application cleaned by deleting
  3. elisausilva

    solicitação de analise de log computador devagar

    Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 08/02/2019 Hora da análise: 22:43 Arquivo de registro: c2ad488c-2c03-11e9-950f-08606e8fe0b5.json -Informação do software- Versão: 3.7.1.2839 Versão de componentes: 1.0.538 Versão do pacote de definições: 1.0.9182 Licença: Expirado -Informação do sistema- Sistema operacional: Windows 10 (Build 17134.523) CPU: x64 Sistema de arquivos: NTFS Usuário: Elisa\ElisaDu -Resumo da análise- Tipo de análise: Análise Customizada Análise Iniciada Por: Manual Resultado: Concluído Objetos verificados: 590346 Ameaças detectadas: 49 Ameaças em quarentena: 47 Tempo decorrido: 7 hr, 27 min, 34 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Detectar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 15 PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\TYPELIB\{B0407D14-269B-4E52-893C-440DA17813C3}, Quarentena, [538], [621110],1.0.9182 PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{21A9C99D-CCD8-42BD-AFC9-B074ABCA319F}, Quarentena, [538], [621110],1.0.9182 PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{40BD26C6-3139-47F3-84E6-E33B002ED5DE}, Quarentena, [538], [621110],1.0.9182 PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{70AF754A-8580-4C00-B2BA-857037BE831F}, Quarentena, [538], [621110],1.0.9182 PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{963D710B-65FA-4C8F-A0F8-D1D6D7E39037}, Quarentena, [538], [621110],1.0.9182 PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{21A9C99D-CCD8-42BD-AFC9-B074ABCA319F}, Quarentena, [538], [621110],1.0.9182 PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{40BD26C6-3139-47F3-84E6-E33B002ED5DE}, Quarentena, [538], [621110],1.0.9182 PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{70AF754A-8580-4C00-B2BA-857037BE831F}, Quarentena, [538], [621110],1.0.9182 PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{963D710B-65FA-4C8F-A0F8-D1D6D7E39037}, Quarentena, [538], [621110],1.0.9182 PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{21A9C99D-CCD8-42BD-AFC9-B074ABCA319F}, Quarentena, [538], [621110],1.0.9182 PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{40BD26C6-3139-47F3-84E6-E33B002ED5DE}, Quarentena, [538], [621110],1.0.9182 PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{70AF754A-8580-4C00-B2BA-857037BE831F}, Quarentena, [538], [621110],1.0.9182 PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{963D710B-65FA-4C8F-A0F8-D1D6D7E39037}, Quarentena, [538], [621110],1.0.9182 PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{B0407D14-269B-4E52-893C-440DA17813C3}, Quarentena, [538], [621110],1.0.9182 PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{B0407D14-269B-4E52-893C-440DA17813C3}, Quarentena, [538], [621110],1.0.9182 Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 34 PUP.Optional.DriverHive, C:\ADWCLEANER\QUARANTINE\1XVPFVJCRG\OFFLINE\D4D9B972\46353557\DRIVERHIVEENGINE.DLL, Quarentena, [2929], [542209],1.0.9182 PUP.Optional.DriveTheLife, C:\ADWCLEANER\QUARANTINE\FRAQBC8WSA\DSTUDP.DLL, Quarentena, [424], [478126],1.0.9182 PUP.Optional.DriveTheLife, C:\ADWCLEANER\QUARANTINE\FRAQBC8WSA\DTLPLUG.DLL, Quarentena, [424], [478126],1.0.9182 PUP.Optional.DriverToolkit, C:\ADWCLEANER\QUARANTINE\RQF69AZBLA\DRIVERTOOLKITINSTALLER.EXE, Quarentena, [988], [512879],1.0.9182 PUP.Optional.InstallCore.Generic, C:\PROGRAM FILES (X86)\DSNET CORP\ATUBE CATCHER 2.0\EWORKER.EXE, Quarentena, [538], [621110],1.0.9182 PUP.Optional.InstallCore.Generic, C:\PROGRAM FILES (X86)\DSNET CORP\ATUBE CATCHER 2.0\YCT.EXE, Quarentena, [538], [621110],1.0.9182 PUP.Optional.APNToolBar, D:\COMPUTADOR DO BOZO\DOWNLOADS\ATUBE_CATCHER_SETUP.EXE, Quarentena, [566], [76243],1.0.9182 PUP.Optional.OpenCandy, D:\COMPUTADOR DO BOZO\DOWNLOADS\ATUBE_CATCHER.EXE, Quarentena, [1124], [297667],1.0.9182 Adware.Yontoo, D:\COMPUTADOR DO BOZO\DOWNLOADS\EVERYBODY_HATES_CHRIS_S03E20_EVERYBODY_HATES_THE_NINTH_GRADE_DANCE_HDTV_XVID_FQM_AVI.EXE, Quarentena, [217], [449310],1.0.9182 Adware.Yontoo, C:\DOCUMENTS AND SETTINGS\ALL USERS\NTUSER.POL, Falha ao remover, [217], [-1],0.0.0 Adware.Yontoo, C:\PROGRAMDATA\NTUSER.POL, Falha ao remover, [217], [-1],0.0.0 Adware.Yontoo, C:\USERS\ELISA\NTUSER.POL, Quarentena, [217], [-1],0.0.0 PUP.Optional.InstallRex, D:\COMPUTADOR DO BOZO\DOWNLOADS\DOWNLOADSETUP.EXE, Quarentena, [8436], [53026],1.0.9182 PUP.Optional.InstallRex, D:\COMPUTADOR DO BOZO\DOWNLOADS\FASTDOWNLOAD (1).EXE, Quarentena, [8436], [53026],1.0.9182 PUP.Optional.InstallRex, D:\COMPUTADOR DO BOZO\DOWNLOADS\DOWNLOADSETUP (1).EXE, Quarentena, [8436], [53026],1.0.9182 PUP.Optional.InstallRex, D:\COMPUTADOR DO BOZO\DOWNLOADS\FASTDOWNLOAD (2).EXE, Quarentena, [8436], [53026],1.0.9182 PUP.Optional.InstallRex, D:\COMPUTADOR DO BOZO\DOWNLOADS\DOWNLOADSETUP (2).EXE, Quarentena, [8436], [53026],1.0.9182 PUP.Optional.InstallRex, D:\COMPUTADOR DO BOZO\DOWNLOADS\FASTDOWNLOAD (3).EXE, Quarentena, [8436], [53026],1.0.9182 Adware.Yontoo, D:\COMPUTADOR DO BOZO\DOWNLOADS\EVERYBODY_HATES_CHRIS_S03E20_EVERYBODY_HATES_THE_NINTH_GRADE_DANCE_HDTV_XVID_FQM_AVI (1).EXE, Quarentena, [217], [449310],1.0.9182 Adware.Yontoo, D:\COMPUTADOR DO BOZO\DOWNLOADS\EVERYBODY_HATES_CHRIS_S03E20_EVERYBODY_HATES_THE_NINTH_GRADE_DANCE_HDTV_XVID_FQM_AVI (2).EXE, Quarentena, [217], [449310],1.0.9182 PUP.Optional.InstallRex, D:\COMPUTADOR DO BOZO\DOWNLOADS\FASTDOWNLOAD.EXE, Quarentena, [8436], [53021],1.0.9182 PUP.Optional.OpenCandy, D:\COMPUTADOR DO BOZO\DOWNLOADS\ATUBE_CATCHER.RAR, Quarentena, [1124], [297667],1.0.9182 PUP.Optional.Ilivid, D:\COMPUTADOR DO BOZO\DOWNLOADS\ILIVIDSETUPV1 (2).EXE, Quarentena, [2480], [56018],1.0.9182 PUP.Optional.Ilivid, D:\COMPUTADOR DO BOZO\DOWNLOADS\ILIVIDSETUPV1 (3).EXE, Quarentena, [2480], [56018],1.0.9182 PUP.Optional.Ilivid, D:\COMPUTADOR DO BOZO\DOWNLOADS\ILIVIDSETUPV1.EXE, Quarentena, [2480], [56018],1.0.9182 Adware.Yontoo, D:\COMPUTADOR DO BOZO\DOWNLOADS\MACMILLAN_READERS.EXE, Quarentena, [217], [449310],1.0.9182 Adware.Yontoo, D:\COMPUTADOR DO BOZO\DOWNLOADS\PARENTHOOD_2010_S01E01_PILOT_HDTV_XVID_FQM_AVI (1).EXE, Quarentena, [217], [449310],1.0.9182 Adware.Yontoo, D:\COMPUTADOR DO BOZO\DOWNLOADS\PARENTHOOD-SEASON_4,_EPISODE_1_FAMILY_PORTRAIT_HDTV_XVID-FQM (1).EXE, Quarentena, [217], [449310],1.0.9182 Adware.Yontoo, D:\COMPUTADOR DO BOZO\DOWNLOADS\PARENTHOOD-SEASON_4,_EPISODE_1_FAMILY_PORTRAIT_HDTV_XVID-FQM.EXE, Quarentena, [217], [449310],1.0.9182 PUP.Optional.SweetIM, D:\COMPUTADOR DO BOZO\DOWNLOADS\SWEETIMSETUP (2).EXE, Quarentena, [381], [297640],1.0.9182 Adware.Yontoo, D:\COMPUTADOR DO BOZO\DOWNLOADS\TO_ROME_WITH_LOVE_DVDRIP_XVID_TARGET (2).EXE, Quarentena, [217], [449310],1.0.9182 Adware.Yontoo, D:\COMPUTADOR DO BOZO\DOWNLOADS\TO_ROME_WITH_LOVE_DVDRIP_XVID_TARGET.EXE, Quarentena, [217], [449310],1.0.9182 Adware.Yontoo, D:\COMPUTADOR DO BOZO\DOWNLOADS\TO_ROME_WITH_LOVE_DVDRIP_XVID_TARGET (1).EXE, Quarentena, [217], [449310],1.0.9182 PUP.Optional.Ilivid, D:\COMPUTADOR DO BOZO\DOWNLOADS\ILIVIDSETUPV1 (1).EXE, Quarentena, [2480], [56018],1.0.9182 Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) (end) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:56:51, on 09/02/2019 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.17134.0001) Boot mode: Normal Running processes: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe C:\Users\Elisa\AppData\Local\Microsoft\BingSvc\BingSvc.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe C:\Program Files (x86)\Plex\Plex Media Server\Plex Dlna Server.exe C:\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&PC=UE00 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll" (file missing) O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup O4 - HKCU\..\Run: [Plex Media Server] "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe" O4 - HKCU\..\Run: [BingSvc] C:\Users\Elisa\AppData\Local\Microsoft\BingSvc\BingSvc.exe O4 - HKCU\..\Run: [Spotify] C:\Users\Elisa\AppData\Roaming\Spotify\Spotify.exe --autostart O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'SERVIÇO DE REDE') O4 - Startup: Monitorar alertas de tinta - .lnk = ? O4 - Startup: Monitorar alertas de tinta - HP Deskjet 1000 J110 series.lnk = ? O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.google.com.br O15 - Trusted Zone: www.itau.b.br O15 - Trusted Zone: *.itau.b.br O15 - Trusted Zone: bankline.itau.com.br O15 - Trusted Zone: banklineplus.itau.com.br O15 - Trusted Zone: clickbanking.itau.com.br O15 - Trusted Zone: guardiao.itau.com.br O15 - Trusted Zone: www.itau.com.br O15 - Trusted Zone: http://www.itau.com.br O15 - Trusted Zone: *.itau.com.br O15 - Trusted Zone: www.itaupersonnalite.com.br O15 - Trusted Zone: http://www.itaupersonnalite.com.br O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe O23 - Service: AtcHost - BitDefender S.R.L. Bucharest, ROMANIA - C:\Program Files\Bitdefender antivírus Free\atchost.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: bdredline - Bitdefender - C:\Program Files\Bitdefender antivírus Free\bdredline.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: Update service - Unknown owner - C:\Program Files (x86)\Popcorn Time\Updater.exe (file missing) O23 - Service: Bitdefender Update Service (updatesrv) - Bitdefender - C:\Program Files\Bitdefender antivírus Free\updatesrv.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Bitdefender Security Service (vsserv) - Bitdefender - C:\Program Files\Bitdefender antivírus Free\vsserv.exe O23 - Service: Bitdefender Correlation Service (vsservppl) - Bitdefender - C:\Program Files\Bitdefender antivírus Free\vsservppl.exe O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\Windows\system32\xbgmsvc.exe (file missing) O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- End of file - 15505 bytes
  4. elisausilva

    solicitação de analise de log computador devagar

    ~ ZHPCleaner v2019.2.7.19 by Nicolas Coolman (2019/02/07) ~ Run by ElisaDu (Administrator) (08/02/2019 19:19:48) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\Elisa\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Elisa\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home Single Language, 64-bit (Build 17134) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (15528) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (40) MOVED file: C:\Users\Elisa\Desktop\Popcorn-Time.lnk [Bad : C:\Users\Elisa\AppData\Local\Popcorn-Time\Popcorn-Time.exe](.The NWJS Community.) =>.SUP.PopcornTime MOVED file: C:\Users\Elisa\Desktop\µTorrent.lnk [Bad : C:\Users\Elisa\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..) =>BitTorrent (P2P) MOVED file: C:\Users\Elisa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [Bad : C:\Users\Elisa\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..) =>BitTorrent (P2P) MOVED file: C:\Users\Public\Desktop\Popcorn Time.lnk [Bad : C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe](..) =>.SUP.PopcornTime MOVED file: C:\Windows\Prefetch\POPCORN-TIME.EXE-D2A5EC15.pf =>.SUP.PopcornTime MOVED file: C:\Windows\Installer\wix{526002E5-7D5B-4703-A4E3-BA566AED5D8A}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\wix{9CBA860F-7437-4A75-941C-8EF559F2D145}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\wix{C1424923-74F7-4399-B9D9-5F72FB1B9481}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\wix{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\wix{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\wix{F814D094-197F-43C8-87FA-3210BB780486}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\MSI43F1.tmp =>.SUP.MSIInstaller MOVED file: C:\Windows\Installer\MSI5C6C.tmp [Ask Partner Network - Reporter Application] =>.SUP.MSIInstaller MOVED file: C:\Windows\Installer\103c1e1c.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\1152a763.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\11a9a450.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\158a3ede.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\1eefa332.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\20934e60.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\233e7bcd.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\3ce254a0.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\3e32f345.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\625ed986.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\7964d3b.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\d6c36a8.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\e016990.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Users\Elisa\Downloads\Popcorn-Time-0.3.10-Setup.exe [Popcorn Time - Popcorn-Time 0.3.10 Installer] =>.SUP.PopcornTime MOVED file: C:\Users\Elisa\Downloads\PopcornTime-latest.exe [Popcorn Time - Popcorn Time Setup] =>.SUP.PopcornTime MOVED file: C:\Users\Elisa\Downloads\uTorrent.exe [BitTorrent Inc. - µTorrent] =>BitTorrent (P2P) MOVED file: C:\Users\Elisa\AppData\Local\Temp\~DF2075D909D258952D.TMP =>.SUP.Temporary.Other MOVED file: C:\Users\Elisa\Downloads\BitTorrent.exe [BitTorrent Inc. - BitTorrent] =>BitTorrent (P2P) MOVED file: C:\Users\Elisa\Downloads\uTorrent (1).exe [BitTorrent Inc. - µTorrent] =>BitTorrent (P2P) MOVED file: C:\Program Files (x86)\Popcorn Time\Updater.exe [Popcorn Time - Updater] =>.SUP.PopcornTime MOVED folder^: C:\Program Files (x86)\Popcorn Time =>.SUP.PopcornTime MOVED folder: C:\Program Files (x86)\TorrentsTime Media Player =>.SUP.TorrentsTime MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time =>.SUP.PopcornTime MOVED folder: C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn-Time =>.SUP.PopcornTime MOVED folder: C:\Users\Elisa\AppData\Local\Popcorn-Time =>.SUP.PopcornTime MOVED folder: C:\Users\Elisa\AppData\Local\PopcornTime =>.SUP.PopcornTime MOVED folder: C:\Program Files (x86)\ostotosoft =>.SUP.DriveTheLife ---\\ Registry ( Key, Value, Data) (16) DELETED data: HKCR\.gif\\Default [Bad : qkseeViewer.gif] =>.SUP.TaiwanShuiMu DELETED data: HKCR\.ico\\Default [Bad : qkseeViewer.ico] =>.SUP.TaiwanShuiMu DELETED data: HKCR\.jpe\\Default [Bad : qkseeViewer.jpg] =>.SUP.TaiwanShuiMu DELETED data: HKCR\.png\\Default [Bad : qkseeViewer.png] =>.SUP.TaiwanShuiMu DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrent [BitTorrent Inc.] =>BitTorrent (P2P) DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Popcorn-Time [Popcorn Time] =>.SUP.PopcornTime DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent [BitTorrent Inc.] =>BitTorrent (P2P) DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Popcorn Time_is1 [Popcorn Time] =>.SUP.PopcornTime DELETED value: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\BackgroundHost.exe [9000] =>PUP.Optional.Legacy DELETED value: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs\\C:\Program Files (x86)\Common Files\Spigot\Search Settings\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi [1] =>PUP.Optional.Dealio DELETED value: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\GoogleChromeAutoLaunch_51C54DFE24BC0C702A216483D55A610E [0x020000000000000000000000] =>Heuristic.Suspect DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Intel\BCA\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{21971B12-45E3-48DB-951A-EAEE7C1FC84F} [C:\Program Files (x86)\Popcorn Time\Updater.exe] =>.SUP.PopcornTime DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{D465D5AB-6BD6-42D4-8C9E-EB66C95E8161} [C:\Program Files (x86)\Popcorn Time\Updater.exe] =>.SUP.PopcornTime DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{013B0370-5431-420B-BAF5-74D79E288B94} [C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe] =>.SUP.PopcornTime DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{7D3E3FD3-F710-4EFF-A2AA-5E6DCEF85221} [C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe] =>.SUP.PopcornTime ---\\ Summary of the elements found (13) https://nicolascoolman.eu/2017/02/26/superfluous-popcorntime/ =>.SUP.PopcornTime https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>BitTorrent (P2P) https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Empty https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.MSIInstaller https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Obsolete.Adobe https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Other https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.TorrentsTime https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.DriveTheLife https://www.anti-malware.top/2016/05/05/superfluous-taiwanshuimu/ =>.SUP.TaiwanShuiMu https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Legacy https://www.nicolascoolman.com/fr/pup-dealio/ =>PUP.Optional.Dealio https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Obsolete.NoFolder ---\\ Other deletions. (24) ~ Registry Keys Tracing deleted (22) ~ Remove the old reports ZHPCleaner. (2) ---\\ Result of repair ~ Repair carried out successfully ~ Browser not found (Mozilla Firefox) ~ Browser not found (Opera Software) ~ The system has been restarted. ---\\ Statistics ~ Items scanned : 31901 ~ Items found : 0 ~ Items cancelled : 0 ~ Items options : 12/12 ~ Space saving (bytes) : 114688 ~ End of clean in 00h08mn03s ---\\ Reports (2) ZHPCleaner--08022019-19_11_42.txt ZHPCleaner-[R]-08022019-19_27_51.txt Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:41:05, on 08/02/2019 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.17134.0001) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe C:\Users\Elisa\AppData\Local\Microsoft\BingSvc\BingSvc.exe C:\Users\Elisa\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Users\Elisa\AppData\Roaming\uTorrent\updates\3.5.5_44994\utorrentie.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Users\Elisa\AppData\Roaming\uTorrent\updates\3.5.5_44994\utorrentie.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe C:\Program Files (x86)\Plex\Plex Media Server\Plex Dlna Server.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe C:\HijackThis.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&PC=UE00 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll" (file missing) O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup O4 - HKCU\..\Run: [Plex Media Server] "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe" O4 - HKCU\..\Run: [BingSvc] C:\Users\Elisa\AppData\Local\Microsoft\BingSvc\BingSvc.exe O4 - HKCU\..\Run: [Spotify] C:\Users\Elisa\AppData\Roaming\Spotify\Spotify.exe --autostart O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [uTorrent] "C:\Users\Elisa\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'SERVIÇO DE REDE') O4 - Startup: Monitorar alertas de tinta - .lnk = ? O4 - Startup: Monitorar alertas de tinta - HP Deskjet 1000 J110 series.lnk = ? O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.google.com.br O15 - Trusted Zone: www.itau.b.br O15 - Trusted Zone: *.itau.b.br O15 - Trusted Zone: bankline.itau.com.br O15 - Trusted Zone: banklineplus.itau.com.br O15 - Trusted Zone: clickbanking.itau.com.br O15 - Trusted Zone: guardiao.itau.com.br O15 - Trusted Zone: www.itau.com.br O15 - Trusted Zone: http://www.itau.com.br O15 - Trusted Zone: *.itau.com.br O15 - Trusted Zone: www.itaupersonnalite.com.br O15 - Trusted Zone: http://www.itaupersonnalite.com.br O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe O23 - Service: AtcHost - BitDefender S.R.L. Bucharest, ROMANIA - C:\Program Files\Bitdefender antivírus Free\atchost.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: bdredline - Bitdefender - C:\Program Files\Bitdefender antivírus Free\bdredline.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: Update service - Unknown owner - C:\Program Files (x86)\Popcorn Time\Updater.exe (file missing) O23 - Service: Bitdefender Update Service (updatesrv) - Bitdefender - C:\Program Files\Bitdefender antivírus Free\updatesrv.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Bitdefender Security Service (vsserv) - Bitdefender - C:\Program Files\Bitdefender antivírus Free\vsserv.exe O23 - Service: Bitdefender Correlation Service (vsservppl) - Bitdefender - C:\Program Files\Bitdefender antivírus Free\vsservppl.exe O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\Windows\system32\xbgmsvc.exe (file missing) O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- End of file - 15885 bytes
  5. elisausilva

    solicitação de analise de log computador devagar

    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:22:31, on 08/02/2019 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.17134.0001) Boot mode: Normal Running processes: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe C:\Users\Elisa\AppData\Local\Microsoft\BingSvc\BingSvc.exe C:\Users\Elisa\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Users\Elisa\AppData\Roaming\uTorrent\updates\3.5.5_44994\utorrentie.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Users\Elisa\AppData\Roaming\uTorrent\updates\3.5.5_44994\utorrentie.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe C:\Program Files (x86)\Plex\Plex Media Server\Plex Dlna Server.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&PC=UE00 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll" (file missing) O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup O4 - HKCU\..\Run: [Plex Media Server] "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe" O4 - HKCU\..\Run: [BingSvc] C:\Users\Elisa\AppData\Local\Microsoft\BingSvc\BingSvc.exe O4 - HKCU\..\Run: [Spotify] C:\Users\Elisa\AppData\Roaming\Spotify\Spotify.exe --autostart O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [uTorrent] "C:\Users\Elisa\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'SERVIÇO DE REDE') O4 - Startup: Monitorar alertas de tinta - .lnk = ? O4 - Startup: Monitorar alertas de tinta - HP Deskjet 1000 J110 series.lnk = ? O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.google.com.br O15 - Trusted Zone: www.itau.b.br O15 - Trusted Zone: *.itau.b.br O15 - Trusted Zone: bankline.itau.com.br O15 - Trusted Zone: banklineplus.itau.com.br O15 - Trusted Zone: clickbanking.itau.com.br O15 - Trusted Zone: guardiao.itau.com.br O15 - Trusted Zone: www.itau.com.br O15 - Trusted Zone: http://www.itau.com.br O15 - Trusted Zone: *.itau.com.br O15 - Trusted Zone: www.itaupersonnalite.com.br O15 - Trusted Zone: http://www.itaupersonnalite.com.br O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe O23 - Service: AtcHost - BitDefender S.R.L. Bucharest, ROMANIA - C:\Program Files\Bitdefender antivírus Free\atchost.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: bdredline - Bitdefender - C:\Program Files\Bitdefender antivírus Free\bdredline.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: Update service - Popcorn Time - C:\Program Files (x86)\Popcorn Time\Updater.exe O23 - Service: Bitdefender Update Service (updatesrv) - Bitdefender - C:\Program Files\Bitdefender antivírus Free\updatesrv.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Bitdefender Security Service (vsserv) - Bitdefender - C:\Program Files\Bitdefender antivírus Free\vsserv.exe O23 - Service: Bitdefender Correlation Service (vsservppl) - Bitdefender - C:\Program Files\Bitdefender antivírus Free\vsservppl.exe O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\Windows\system32\xbgmsvc.exe (file missing) O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- End of file - 16153 bytes
  6. Cumpri todas as etapas. analise de log hijack Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:43:45, on 08/02/2019 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.17134.0001) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe C:\Users\Elisa\AppData\Local\Microsoft\BingSvc\BingSvc.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe C:\Program Files (x86)\Plex\Plex Media Server\Plex Dlna Server.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe C:\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&PC=UE00 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll" (file missing) O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup O4 - HKCU\..\Run: [Plex Media Server] "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe" O4 - HKCU\..\Run: [BingSvc] C:\Users\Elisa\AppData\Local\Microsoft\BingSvc\BingSvc.exe O4 - HKCU\..\Run: [Spotify] C:\Users\Elisa\AppData\Roaming\Spotify\Spotify.exe --autostart O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [uTorrent] "C:\Users\Elisa\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'SERVIÇO DE REDE') O4 - Startup: Monitorar alertas de tinta - .lnk = ? O4 - Startup: Monitorar alertas de tinta - HP Deskjet 1000 J110 series.lnk = ? O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.google.com.br O15 - Trusted Zone: www.itau.b.br O15 - Trusted Zone: *.itau.b.br O15 - Trusted Zone: bankline.itau.com.br O15 - Trusted Zone: banklineplus.itau.com.br O15 - Trusted Zone: clickbanking.itau.com.br O15 - Trusted Zone: guardiao.itau.com.br O15 - Trusted Zone: www.itau.com.br O15 - Trusted Zone: http://www.itau.com.br O15 - Trusted Zone: *.itau.com.br O15 - Trusted Zone: www.itaupersonnalite.com.br O15 - Trusted Zone: http://www.itaupersonnalite.com.br O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe O23 - Service: AtcHost - BitDefender S.R.L. Bucharest, ROMANIA - C:\Program Files\Bitdefender antivírus Free\atchost.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Avast antivírus (avast! antivírus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe O23 - Service: bdredline - Bitdefender - C:\Program Files\Bitdefender antivírus Free\bdredline.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: McAfee True Key (TrueKey) - McAfee, LLC. - C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe O23 - Service: McAfee True Key Scheduler (TrueKeyScheduler) - McAfee, LLC. - C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe O23 - Service: McAfee True Key Helper Service (TrueKeyServiceHelper) - McAfee, LLC. - C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: Update service - Popcorn Time - C:\Program Files (x86)\Popcorn Time\Updater.exe O23 - Service: Bitdefender Update Service (updatesrv) - Bitdefender - C:\Program Files\Bitdefender antivírus Free\updatesrv.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Bitdefender Security Service (vsserv) - Bitdefender - C:\Program Files\Bitdefender antivírus Free\vsserv.exe O23 - Service: Bitdefender Correlation Service (vsservppl) - Bitdefender - C:\Program Files\Bitdefender antivírus Free\vsservppl.exe O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\Windows\system32\xbgmsvc.exe (file missing) O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- End of file - 16723 bytes
×