CONHEÇA o BABOO PRO e a Comunidade BABOO que substituirão o site BABOO e esse fórum

Ir para conteúdo
  • Cadastre-se

FilipeLazzarini

Participante
  • Postagens

    3
  • Desde

  • Última visita

  1. ~ ZHPCleaner Trace v1.0 by Nicolas Coolman (2019/03/22) ~ Boot Mode : Normal (Normal boot) ~ Windows Windows 10 Pro,X64 (Build 17763) *** PHASE 1 - Initialisation *** Ecriture de l'entête du rapport : OK Déclaration HotKeyPresses : OK Initialisation du module linguistique: OK FTP Primaire OK Chemin : C:\Users\filip\AppData\Roaming\ZHP\ZHPCleaner.exe Path : https://nicolascoolman.eu/wp-updates/ZHPCleaner.exe N° version Locale: 2019.3.22.36 N° version FTP: 2019.3.22.36 N° version logiciel: 2019.3.22.36 Chemin Lanceur: 3 Contrôle de la version: OK Vérification des conditions d'utilisation: OK Affichage de l'interface principale: OK *** PHASE II : RECHERCHE *** Affichage de la zone GUI: OK *** PHASE II - Chargement des tables *** - Chargement de la table MD5 : OK - Chargement des tables Communes : OK - Chargement de la table FP : OK - Chargement des tables Registre : OK - Chargement des tables Explorer : OK - Chargement de la table DossiersEx : OK - Chargement de la table Keys : OK - Chargement des tables Publisher : OK - Chargement des tables KeyRun : OK - Chargement de la table Services : OK - Chargement de la table CrossRider : OK - Chargement de la table Multiplug : OK - Chargement de la table Sambreel : OK - Chargement de la table InstallCore : OK - Chargement de la table browseFox : OK - Chargement de la table ServiceRDNM : OK - Chargement de la table Serveur DNS : OK - Chargement de la table Shopper : OK - Chargement de la table MalwareFreq : OK - Chargement de la table Generic Roaming : OK - Chargement de la table Key Interface : OK - Chargement de la table KeyPuc : OK - Chargement de la table Classes : OK - Chargement de la table ProgData : OK - Chargement de la table File/Folder Malwares : OK - Chargement de la table Hijackers : OK - Chargement de la table description des Publishers : OK - Chargement de la table Extensions Browser : OK - Chargement de la table URLmalware : OK - Chargement de la table KeyAppPath : OK - Chargement de la table KeyAppID : OK - Chargement de la table KeyDNS : OK - Chargement de la table Shell : OK - Chargement de la table Shell Picture : OK - Chargement de la table des Extentions Chrome : OK - Chargement de la table CLSID BHO/Toolbar : OK - Chargement de la table Toolbar : OK - Chargement de la table ExtFirefoxPref : OK - Chargement de la table Légitime : OK - Chargement de la table des Tâches : OK - Chargement de la table Components : OK - Chargement de la table SearchScopes : OK - Chargement de la table des fichiers de Taches planifiées : OK - Chargement de la table des Clés Feature Control : OK Initialisation des tables : OK Fermeture de tous les navigateurs :OK Initialisation de la quarantaine : OK Initialisation des tableaux de modules: OK Recherche les dossiers profiles de Firefox : OK Traitement du navigateur Firefox : OK Traitement des plugins Firefox (Register) HKEY_CURRENT_USER\Software\MozillaPlugins : OK Traitement des plugins Firefox (Register) HKLM64\SOFTWARE\MozillaPlugins : OK Traitement des plugins Firefox (Register) HKLM64\SOFTWARE\Wow6432Node\MozillaPlugins : OK Réparation des extensions Firefox (\extension) - Cas des fichiers : OK Traitement des extensions Firefox (Register & explorer ) : OK Traitement du navigateur Google Chrome : OK Traitement des extensions Chrome (Explorer - Manifest) : OK Traitement des extensions Chrome (Registre) : OK Traitement des extensions Chrome (Registre) : OK Traitement des extensions Chrome (Registre) : OK Traitement des extensions Chrome (Explorer - Manifest) : OK Traitement des extensions Chrome (Registre) : OK Traitement des extensions Chrome (Registre) : OK Traitement des extensions Chrome (Registre) : OK Traitement de toutes les entrées registre d'IE : OK Traitement de tous les raccourcis : OK Corps du Rapport Navigateur: OK Recherche heuristique - CrossRider #1 OK Recherche heuristique - CrossRider #2 OK Recherche heuristique - CrossRider #3 OK Recherche heuristique - CrossRider #4 OK Recherche heuristique - CrossRider #5 OK Recherche heuristique - All CrossRider OK Recherche heuristique - repairInstallCore OK Recherche heuristique - repairInstallCoreReg OK Recherche heuristique - repairInstallCoreReg2 OK Recherche heuristique - All InstallCore OK Corps du Rapport Heuristic: OK Traitement des taches Provider (Register) HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\ : OK Corps du Rapport Demarrage: OK Recherche heuristique Fichier (Explorateur): OK Recherche heuristique Dossier (Explorateur): OK Recherche heuristique Dossier (Explorateur): OK Corps du Rapport Explorer: OK Recherche des malwares (Registre): OK Recherche des clé PUP: OK Recherche de clés hexa: OK Recherche des clés de registre: OK Recherche des clés de OpenWithProgids: OK Traitement des menus contextuels (Registre) : OK Traitement des menus contextuels (Registre) : OK Traitement des menus contextuels (Registre) : OK Traitement des menus contextuels (Registre) : OK Traitement des menus contextuels (Registre) : OK Traitement des menus contextuels (Registre) : OK Traitement des menus contextuels (Registre) : OK Recherche des clés de menu contextuel: OK Corps du Rapport Registre: OK Fin des 5 corps de rapport : OK *** PHASE IV : REDACTION DU RAPPORT *** Début de l'impression du rapport : OK - Ecriture des lignes Explorer: OK - Ecriture des lignes Registre: OK - Fin d'attribution des liens d'article: OK - Fin d'écriture du bilan : OK - Fin de rédaction du rapport: OK - Fin du module Quarantaine : OK Début de la copie des fichiers rapport : OK - Copie du fichier txt dans le dossier ZHP : OK - Copie du fichier txt dans le Bureau : OK *** PHASE V : TRANSFERT DU RAPPORT S *** - Fichier de rapport Scan à transférer : PRESENT - Nom du rapport: C:\Users\filip\AppData\Roaming\ZHP\ZHPCleaner-[S]-23032019-22_02_32.html - Transfert du fichier HTML demandé - Fichier rapport tranféré Scan : OK *** Fin de la phase V (Scan) : OK Bilan - Module Web : OK Bilan - Fin d'affichage de l'Interface (GUI) : OK Bilan - Sortie de l'Interface : OK Fin de rapport - Module Bilan : OK Fin d'impression du rapport : OK *** Fin de traitement du rapport *** *** PHASE III : REPARATION *** Affichage de la zone GUI: OK Fermeture de tous les navigateurs :OK Initialisation de la quarantaine : OK Initialisation des tableaux de modules: OK Recherche les dossiers profiles de Firefox : OK Traitement du navigateur Firefox : OK Traitement du navigateur Google Chrome : OK Traitement des extensions Chrome (Explorer - Manifest) : OK Traitement des extensions Chrome (Registre) : OK Traitement des extensions Chrome (Registre) : OK Traitement des extensions Chrome (Registre) : OK Traitement des extensions Chrome (Explorer - Manifest) : OK Traitement des extensions Chrome (Registre) : OK Traitement des extensions Chrome (Registre) : OK Traitement des extensions Chrome (Registre) : OK Traitement de toutes les entrées registre d'IE : OK Traitement de tous les raccourcis : OK Corps du Rapport Navigateur: OK Corps du Rapport Heuristic: OK Corps du Rapport Demarrage: OK Corps du Rapport Explorer: OK Recherche des malwares (Registre): OK Corps du Rapport Registre: OK Fin des 5 corps de rapport : OK *** PHASE IV : REDACTION DU RAPPORT *** Début de prise en charge de l'interface de réparation : OK - Traitement de la réparation Fichier: OK - Traitement de la réparation Dossier: OK - Traitement de la réparation Clés registre: OK - Traitement de la réparation Valeur registre: OK Fin de prise en charge de l'interface de réparation : OK Début de l'impression du rapport : OK - Ecriture des lignes Explorer: OK - Ecriture des lignes Registre: OK - Fin d'attribution des liens d'article: OK - Fin de suppression des anciens rapports : OK - Fin d'écriture du bilan : OK - Fin de rédaction du rapport: OK - Fin d'écriture du fichier de Quarantaine: OK - Fin du module Quarantaine : OK Début de la copie des fichiers rapport : OK - Copie du fichier txt dans le dossier ZHP : OK - Copie du fichier txt dans le Bureau : OK *** PHASE V : TRANSFERT DU RAPPORT R *** - Fichier de rapport Réparation à transférer : PRESENT - Nom du rapport: C:\Users\filip\AppData\Roaming\ZHP\ZHPCleaner-[R]-23032019-22_03_52.html - Transfert du fichier HTML demandé *** Fin de la phase V (Réparation) : KO Début de la procédure de redémarrage : OK - Redémarrage programmé : OK Fin d'impression du rapport : OK *** Fin de traitement du rapport ***
  2. <!DOCTYPE html> <HTML> <HEAD> <meta charset="UTF-8" /> <h1 style="background-color: #1393ef; text-align: center; color: #ffffff; padding: 15px;">NEWS</h1> <A HREF="https://nicolascoolman.eu/2019/03/20/multiples-vulnerabilites-dans-mozilla-firefox/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/02/cert-e1488893148643.png"TITLE=Multiples vulnérabilités dans Mozilla Firefox width=200 height=200</A> <A HREF="https://nicolascoolman.eu/2019/03/19/decouverte-dune-nouvelle-variante-du-botnet-mirai/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2019/03/Botnet-Zone-AntiMalware-ZAM.png"TITLE=Découverte nouvelle variante du botnet Mirai. width=200 height=200</A> <A HREF="https://nicolascoolman.eu/2019/03/13/microsoft-patch-tuesday-de-mars-2019-inclut-les-correctifs-de-64-vulnerabilites/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2019/03/Microsoft-Patch-Tuesday-Zone-Antimalware.png"TITLE=Patch Tuesday mars 2019 inclut correctifs 64 vulnérabilités. width=200 height=200</A> <A HREF="https://nicolascoolman.eu/2019/03/08/decouverte-de-multiples-vulnerabilites-dans-certains-produits-cisco/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/02/cert-e1488893148643.png"TITLE=Découverte de multiples vulnérabilités dans produits Cisco. width=200 height=200</A> <A HREF="https://nicolascoolman.eu/2019/03/06/one-clickbooster-logiciel-potentiellement-superflu/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2019/03/OneClickBooster-Zone-Antimalware.png"TITLE=One Click~Booster, Logiciel Potentiellement Superflu width=200 height=200</A> <A HREF="https://nicolascoolman.eu/2019/03/04/adobe-coldfusion-mise-a-jour-faille-zero-day/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2019/03/Adobe-ColdFusion-Zone-antimalware.png"TITLE=Adobe ColdFusion, Mise à jour faille Zero Day. width=200 height=200</A> <A HREF="https://nicolascoolman.eu/2019/03/02/decouverte-dune-vulnerabilite-presente-depuis-19-ans-dans-winrar/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2019/03/CheckPointResearch-Zone-Antimalware.png"TITLE=Découverte d’une vulnérabilité vieille de 19 ans dans WinRAR. width=200 height=200</A> <A HREF="https://nicolascoolman.eu/2019/03/01/conflit-de-certificats-entre-kasperky-av-et-google-chromecast/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2019/03/Kasperky-Chromecast-Zone-Antimalware.png"TITLE=Conflit de certificats entre Kasperky AV et Google Chromecast width=200 height=200</A> <A HREF="https://nicolascoolman.eu/2019/02/26/les-fans-dapex-legends-cibles-par-des-campagnes-descroquerie/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2019/02/ApexLegends.png"TITLE=Fans d'Apex Legends ciblés par des campagnes d’escroquerie. width=200 height=200</A> <A HREF="https://nicolascoolman.eu/2019/02/26/multiples-vulnerabilites-dans-le-noyau-linux-de-suse/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/02/cert-e1488893148643.png"TITLE=Multiples vulnérabilités dans le noyau Linux de SUSE. width=200 height=200</A> <A HREF="https://nicolascoolman.eu/2019/02/25/le-ransomware-b0r0nt0k-infecte-les-serveurs-linux/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/12/Ransomware-Zone-Anti-Malware-ZAM.jpg"TITLE=Le ransomware B0r0nt0K infecte les serveurs Linux. width=200 height=200</A> <A HREF="https://nicolascoolman.eu/2019/02/21/firefox-va-detecter-la-presence-des-sites-endommages/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/10/Firefox-Zone-AntiMalware.png"TITLE=Firefox va détecter la présence des sites endommagés. width=200 height=200</A> <A HREF="https://nicolascoolman.eu/2019/02/20/faille-decouverte-dans-lapplication-mirc/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2019/02/mIRC-Zone-Antimalware.png"TITLE=Faille découverte dans l'application mIRC. width=200 height=200</A> <A HREF="https://nicolascoolman.eu/2019/02/17/google-chrome-permet-la-connexion-directe-a-un-mot-ou-a-une-phrase/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2019/02/ChromeGoogle-Zone-Antimalware.png"TITLE=Chrome permet la connexion directe à un mot ou à une phrase. width=200 height=200</A> <A HREF="https://nicolascoolman.eu/2019/02/15/le-dark-web-propose-127-millions-de-comptes-voles/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2019/01/Informations-Sécurité-Zone-antimalware.jpg"TITLE=Le Dark Web propose 127 millions de comptes volés. width=200 height=200</A> <A HREF="https://nicolascoolman.eu/2019/02/12/le-cert-annonce-des-vulnerabilites-adobe/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/02/cert-e1488893148643.png"TITLE=Multiples vulnérabilités dans Adobe. width=200 height=200</A> <A></A><h1 style="background-color: #1393ef; text-align: center; color: #ffffff; padding: 15px;">ZHPCleaner Report</h1></HEAD> <BODY> <PRE> <SCRIPT LANGUAGE="Javascript"> document.writeln("~ ZHPCleaner v2019.3.22.36 by Nicolas Coolman (2019/03/22)"); document.writeln("~ Run by filip (Administrator) (23/03/2019 18:53:49)"); document.writeln("~ Web: https://www.nicolascoolman.com"); document.writeln("~ Blog: https://nicolascoolman.eu/"); document.writeln("~ Facebook : https://www.facebook.com/nicolascoolman1"); document.writeln("~ State version : Version OK"); document.writeln("~ Certificate ZHPCleaner: Legal"); document.writeln("~ Type : Repair"); document.writeln("~ Report : B:\\Desktop\\ZHPCleaner (R).txt"); document.writeln("~ Quarantine : 😄\\Users\\filip\\AppData\\Roaming\\ZHP\\ZHPCleaner_Reg.txt"); document.writeln("~ UAC : Activate"); document.writeln("~ Boot Mode : Normal (Normal boot)"); document.writeln("Windows 10 Pro, 64-bit (Build 17763)"); document.writeln(""); document.writeln("<b>---\\ Alternate Data Stream (ADS). (0)</b>"); document.writeln("~ No malicious or unnecessary items found. (ADS)"); document.writeln(""); document.writeln("<b>---\\ Services (0)</b>"); document.writeln("~ No malicious or unnecessary items found. (Service)"); document.writeln(""); document.writeln("<b>---\\ Browser internet (1)</b>"); document.writeln("REPLACED Desktop: B:\\Desktop\\Install Now Autodesk Inventor 2019.lnk [Bad : /URL 'http://edutrial.autodesk.com/NetSWDLD/2019/INVNTOR/FC2A7A80-FF67-4FAA-9F95-918FFFCE2B6B/WI/Inventor_2019_English_Win_64bit_wi_en-us_Setup.exe?dummy=0' /skipPI /SN 901-34942717 /PK 797K1 /Trial /akamai](.Autodesk, Inc..) =>.SUP.AkamaiHD".fontcolor("#0d1df4")); document.writeln(""); document.writeln("<b>---\\ Hosts file (0)</b>"); document.writeln("~ No malicious or unnecessary items found. (Hosts)"); document.writeln(""); document.writeln("<b>---\\ Scheduled automatic tasks. (0)</b>"); document.writeln("~ No malicious or unnecessary items found. (Task)"); document.writeln(""); document.writeln("<b>---\\ Explorer ( File, Folder) (2)</b>"); document.writeln("MOVED file: B:\\Desktop\\µTorrent.lnk [Bad : 😄\\Users\\filip\\AppData\\Roaming\\uTorrent\\uTorrent.exe](.BitTorrent Inc..) =>BitTorrent (P2P)".fontcolor("#0d1df4")); document.writeln("MOVED file: 😄\\Users\\filip\\AppData\\Roaming\\Microsoft\\Internet Explorer\\Quick Launch\\µTorrent.lnk [Bad : 😄\\Users\\filip\\AppData\\Roaming\\uTorrent\\uTorrent.exe](.BitTorrent Inc..) =>BitTorrent (P2P)".fontcolor("#0d1df4")); document.writeln(""); document.writeln("<b>---\\ Registry ( Key, Value, Data) (0)</b>"); document.writeln("~ No malicious or unnecessary items found. (Register)"); document.writeln(""); document.writeln("<b>---\\ Summary of the elements found (2)</b>"); document.writeln("https://nicolascoolman.eu/2017/12/26/sup-akamaihd/ =>.SUP.AkamaiHD".fontcolor("#0d1df4")); document.writeln("https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>BitTorrent (P2P)".fontcolor("#f20d47")); document.writeln(""); document.writeln("<b>---\\ Other deletions. (26)</b>"); document.writeln("~ Registry Keys Tracing deleted (26)"); document.writeln("~ Remove the old reports ZHPCleaner. (0)"); document.writeln(""); document.writeln("<b>---\\ Result of repair</b>"); document.writeln("~ Repair carried out successfully"); document.writeln("~ Browser not found (Mozilla Firefox)"); document.writeln("~ Browser not found (Opera Software)"); document.writeln(""); document.writeln("<b>---\\ Statistics</b>"); document.writeln("~ Items scanned : 711"); document.writeln("~ Items found : 0"); document.writeln("~ Items cancelled : 0"); document.writeln("~ Items options : 12/12"); document.writeln("~ Space saving (bytes) : 186732"); document.writeln("~ End of clean in 00h00mn05s"); document.writeln(""); document.writeln("<b>---\\ Reports (3)</b>"); document.writeln("ZHPCleaner--23032019-18_52_16.txt"); document.writeln("ZHPCleaner--23032019-18_53_35.txt"); document.writeln("ZHPCleaner-[R]-23032019-18_53_54.txt"); </SCRIPT> </PRE> <h1 style="background-color: #1393ef; text-align: center; color: #ffffff; padding: 15px;">Items cleaned by ZHPCleaner</h1> <br><A HREF="https://nicolascoolman.eu/2017/12/26/sup-akamaihd/ " TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/02/AkamaiHD-Zone-Antimalware-1.png"TITLE=.SUP.AkamaiHD width=200 height=200</A> <A HREF="https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ " TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/02/BitTorrent-Zone-Antimalware.png"TITLE=BitTorrent (P2P) width=200 height=200</A> <A></A><h1 style="background-color: #1393ef; text-align: center; color: #ffffff; padding: 15px;">Information about modules</h1><A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/20/zhpdiag-module-g0-gcsp/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/google-chrome-navigateur-anti-malware-zone.jpg"TITLE=G0 Google Chrome Page de démarrage width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/02/zhpdiag-module-g2-gce/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/11/google-chrome-store-zone-antimalware-nicolas-coolman.png"TITLE=G2 Google Chrome Extension width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/10/zhpdiag-module-m2-mfep/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/11/DoNotTrakMe-Mozilla-Firefox-Extensions-Zone-Antimalware.png"TITLE=M2 Mozilla Firefox Extension width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/26/zhpdiag-module-p2-fpn/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/extension_de_Mozilla_zone-antimalware.png"TITLE=P2 Mozilla Firefox Extension width=100 height=100</A> <A HREF="https://www.nicolascoolman.com/fr//r5-internet-explorer-proxy-management-iepm/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/04/proxy-server.jpg"TITLE=R5 Proxy Management width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/23/zhpdiag-module-o1-ush/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/hosts_dns_O1_ZHPDiag.png"TITLE=O1 Redirection du fichier Hosts width=100 height=100</A> <A HREF="https://www.nicolascoolman.com/fr//o2-browser-helper-objects-de-navigateur/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/IoT-internet-des-objets-anti-malware-zone.png"TITLE=O2 Browser Helper Objects de navigateur width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/26/zhpdiag-module-o3-barre-doutils-de-navigateurs/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/09/Toolbars-Anti-Malware-Zone.png"TITLE=O3 Internet Explorer Toolbars width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/02/zhpdiag-module-o4-adar/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/11/zhpdiag-module-O4-clé-run-zone-antimalware.png"TITLE=O4 Applications démarrées par le système width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/27/zhpdiag-module-o4-global-startup/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/11/zhpdiag-module-O4-clé-run-zone-antimalware.png"TITLE=O4G Raccourcis Global Startup width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/19/zhpdiag-module-o10-lsp/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/winsock-module-o10-zhpdiag.png"TITLE=O10 Winsock hijacker width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/19/zhpdiag-module-o17-mdad/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/DNS-Server-module-o17-zhpdiag.png"TITLE=O17 Modification Adresse/Domaine DNS width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/05/zhpdiag-module-o18-papp/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/11/protocoles-zhpdiag-module-o18-zone-antimalware.png"TITLE=O18 Protocoles Additionnels width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/30/zhpdiag-module-o22-sharedtaskscheduler-sts/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/sharedtaskscheduler-zhpdiag-module-o22-zone-antimalware.png"TITLE=O22 Clé Registre SharedTaskScheduler width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/20/zhpdiag-module-o23-smnd/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/services-Windows-zhpdiag-module-o23.png"TITLE=O23 Services NT non Microsoft width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/27/zhpdiag-module-o34-bootexecute-bex/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/session-manager-zhpdiag-zone-antimalware.png"TITLE=O34 BootExecute width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/18/zhpdiag-module-o38-apt/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/windows10-taches-planifiées-module-o38-zhpdiag.png"TITLE=O38 Tâches planifiées Automatique width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/18/zhpdiag-module-o40-asic/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/activesetup-installed-components-asic-o40-zhpdiag.png"TITLE=O40 ActiveSetup Installed Components width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/01/zhpdiag-module-o42-loin/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/11/logiciels-applications-Windows-ZAM-ZHPDiag3.png"TITLE=O42 Logiciels installés width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/12/zhpdiag-module-o43-cfd/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/windows10-laptop.png"TITLE=O43 Contenu des dossiers Programes width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/22/zhpdiag-module-o45-lfp/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/prefetch-ram-Windows.png"TITLE=O45 Derniers fichiers Prefetcher width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/22/zhpdiag-module-o46-seh/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/Shell-Execute-hook2.png"TITLE=O46 ShellExecuteHooks width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/03/24/module-zhpdiag-o50/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/03/ifeo-image-file-execution-options-zhpdiag-o50.png"TITLE=O50 Image File Execution Options width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/31/zhpdiag-module-o53-smsr/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/ZHPDiag-Module-O53-SMSR-ZAM.png"TITLE=O53 ShareTools MSconfig StartupReg width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/21/zhpdiag-module-o58-sdl/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/Pilotes-module-058-zhpdiag.png"TITLE=O58 Pilotes du Système width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/21/zhpdiag-module-o68-smi/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/Windows-registre-start-menu-inernet.png"TITLE=O68 Start Menu Internet width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/04/zhpdiag-module-o69-sbi/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/11/searchscopes-registre-module-o69-zone-antimalware.png"TITLE=O69 Search Browser Infection width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/24/zhpdiag-module-o83-sss/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/svchosts-services-zhpdiag-o83.jpg"TITLE=O83 Services démarrés par Svchost width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/24/zhpdiag-module-o87-fael/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/FirewallRules-zhpdiag-o87.jpg"TITLE=O87 Firewall Activ Exception List width=100 height=100</A> <A HREF="https://nicolascoolman.eu/wp-content/uploads/ads-alternate-data-stream/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/01/ADS-NTFS.png"TITLE=O108 Raccourcis de menu contextuels width=100 height=100</A> <A></A><h1 style="background-color: #1393ef; text-align: center; color: #ffffff; padding: 15px;">ZHPCleaner report End</h1></BODY> </HTML> Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:55:24, on 23/03/2019 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.17763.0001) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe b:\Programas\Malwarebytes\Anti-Malware\mbamtray.exe B:\Programas\Razer\Synapse3\Service\..\UserProcess\Razer Synapse Service Process.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe B:\Programas\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe C:\Program Files (x86)\Avira\Safe Shopping\Avira Safe Shopping.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe C:\Users\filip\AppData\Local\Akamai\netsession_win.exe C:\Users\filip\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Serasa Experian\Service\eSfUpdateForm.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\Avira\antivírus\avgnt.exe C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe B:\Programas\Steam\Steam.exe B:\Downloads\ZHPCleaner.exe C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.3.3042.0_x86__8wekyb3d8bbwe\Solitaire.exe B:\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = www.google.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" O4 - HKLM\..\Run: [Avira System Speedup User Starter] "C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe" O4 - HKLM\..\Run: [Autodesk Desktop App] "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray O4 - HKCU\..\Run: [OneDrive] "C:\Users\filip\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart O4 - HKCU\..\Run: [Steam] "B:\Programas\Steam\steam.exe" -silent O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe O4 - HKCU\..\Run: [Synapse3] "B:\Programas\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe" /StartMinimized O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" O4 - HKCU\..\Run: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_24AFD6F248B8D5A6DE7F13A9E2FA5532] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\filip\AppData\Local\Akamai\netsession_win.exe" O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-18\..\Run: [Synapse3] B:\Programas\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (User 'SISTEMA') O4 - HKUS\.DEFAULT\..\Run: [Synapse3] B:\Programas\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (User 'Default user') O4 - Global Startup: Aplicativo de Download Automático do SOLIDWORKS.lnk = ? O4 - Global Startup: Serasa Update.lnk = C:\Program Files (x86)\Serasa Experian\Service\eSfUpdateForm.exe O4 - Global Startup: SOLIDWORKS 2017 Fast Start.lnk = ? O4 - Global Startup: SOLIDWORKS 2019 Fast Start.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL O23 - Service: Autodesk Desktop App Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ANSYS, Inc. License Manager - ANSYS, Inc. - B:\Programas\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe O23 - Service: ANSYS Licensing Tomcat (ANSYSLicensingTomcat) - Apache Software Foundation - B:\Programas\ANSYS Inc\Shared Files\Licensing\tools\tomcat\bin\tomcat9.exe O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\avmailc7.exe O23 - Service: Avira Serviço protegido (AntivirProtectedService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\ProtectedService.exe O23 - Service: Avira Agendamento (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\avguard.exe O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\avwebg7.exe O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe O23 - Service: Avira Optimizer Host (AviraOptimizerHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe O23 - Service: Avira Phantom VPN (AviraPhantomVPN) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe O23 - Service: Avira Updater Service (AviraUpdaterService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: DTSInterops (CoordinatorServiceHost) - Dassault Systèmes SolidWorks Corporation - B:\Programas\SOLIDWORKS Corp\SOLIDWORKS (2)\swScheduler\DTSCoordinatorService.exe O23 - Service: Serviço Atualização do Dropbox (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe O23 - Service: Serviço Atualização do Dropbox (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe O23 - Service: DbxSvc - Unknown owner - C:\Windows\system32\DbxSvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: SOLIDWORKS Electrical Collaborative Server (ewserver) - Unknown owner - B:\Programas\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.86\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel(R) MPI Library Hydra Process Manager (impi_hydra) - Intel Corporation - C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - b:\Programas\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Autodesk Simulation Moldflow MITSI 2018 Job Manager (mitsijm2018) - Autodesk, Inc. - B:\Programas\Autodesk\Inventor 2019\Moldflow\bin\mitsijm.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe O23 - Service: OPC DDE Manager (opcddemg) - Unknown owner - C:\Windows\opcddemg.exe O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Razer Chroma SDK Server - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe O23 - Service: Razer Chroma SDK Service - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe O23 - Service: Razer Game Manager (Razer Game Manager Service) - Razer Inc - C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe O23 - Service: Razer Synapse Service - Unknown owner - B:\Programas\Razer\Synapse3\Service\Razer Synapse Service.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Razer Central Service (RzActionSvc) - Razer Inc. - C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: Serasa Update (SerasaUpdate) - Serasa Experian - C:\Program Files (x86)\Serasa Experian\Service\SerasaUpdate.exe O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing) O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: SolidWorks Flexnet Server - Flexera Software LLC - B:\SolidWorks_Flexnet_Server\lmgrd.exe O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: SWVisualize2019.BoostService - Dassault Systèmes - B:\Programas\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.4.3.242\WsAppService.exe -- End of file - 19913 bytes
  3. Prezados, gostaria de pedir auxilio na remoção de algumas pragas q se instauraram no meu PC. As principais anomalias que eu encontrei é o COM Surrogate. abaixo segue o codigo hijack. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:47:42, on 22/03/2019 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.17763.0001) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe b:\Programas\Malwarebytes\Anti-Malware\mbamtray.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe B:\Programas\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Program Files (x86)\Serasa Experian\Service\eSfUpdateForm.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe C:\Program Files (x86)\Avira\antivírus\avgnt.exe C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe C:\Program Files (x86)\Avira\Safe Shopping\Avira Safe Shopping.exe C:\Users\filip\AppData\Local\Akamai\netsession_win.exe C:\Users\filip\AppData\Local\Akamai\netsession_win.exe B:\Programas\Steam\Steam.exe C:\Windows\SysWOW64\DllHost.exe C:\Users\filip\AppData\Local\Temp\SOLIDWORKS\Installation Manager Data\Remove_20190-40200-1100\sldIM.exe C:\Users\filip\AppData\Roaming\uTorrent\uTorrent.exe C:\Users\filip\AppData\Roaming\uTorrent\updates\3.5.5_45095\utorrentie.exe C:\Users\filip\AppData\Roaming\uTorrent\updates\3.5.5_45095\utorrentie.exe B:\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = www.google.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" O4 - HKLM\..\Run: [Avira System Speedup User Starter] "C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe" O4 - HKLM\..\Run: [Autodesk Desktop App] "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray O4 - HKCU\..\Run: [OneDrive] "C:\Users\filip\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart O4 - HKCU\..\Run: [Steam] "B:\Programas\Steam\steam.exe" -silent O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe O4 - HKCU\..\Run: [Synapse3] "B:\Programas\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe" /StartMinimized O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" O4 - HKCU\..\Run: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_24AFD6F248B8D5A6DE7F13A9E2FA5532] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\filip\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\RunOnce: [Application Restart #2] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --restore-last-session --flag-switches-begin --flag-switches-end --flag-switches-begin --flag-switches-end --flag-switches-begin --flag-switches-end --flag-switches-begin --flag-switches-end O4 - HKCU\..\RunOnce: [IM_Resume] "C:\Windows\SolidWorks\IM_20190-40200-1100-100\sldim\sldIM.exe" /resume_state 28 /context 4 /rtype 100 O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-18\..\Run: [Synapse3] B:\Programas\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (User 'SISTEMA') O4 - HKUS\.DEFAULT\..\Run: [Synapse3] B:\Programas\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (User 'Default user') O4 - Global Startup: Aplicativo de Download Automático do SOLIDWORKS.lnk = ? O4 - Global Startup: Serasa Update.lnk = C:\Program Files (x86)\Serasa Experian\Service\eSfUpdateForm.exe O4 - Global Startup: SOLIDWORKS 2019 Fast Start.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL O23 - Service: Autodesk Desktop App Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ANSYS, Inc. License Manager - ANSYS, Inc. - B:\Programas\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe O23 - Service: ANSYS Licensing Tomcat (ANSYSLicensingTomcat) - Apache Software Foundation - B:\Programas\ANSYS Inc\Shared Files\Licensing\tools\tomcat\bin\tomcat9.exe O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\avmailc7.exe O23 - Service: Avira Serviço protegido (AntivirProtectedService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\ProtectedService.exe O23 - Service: Avira Agendamento (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\avguard.exe O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\avwebg7.exe O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe O23 - Service: Avira Optimizer Host (AviraOptimizerHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe O23 - Service: Avira Phantom VPN (AviraPhantomVPN) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe O23 - Service: Avira Updater Service (AviraUpdaterService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: DTSInterops (CoordinatorServiceHost) - Dassault Systèmes SolidWorks Corporation - B:\Programas\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe O23 - Service: Serviço Atualização do Dropbox (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe O23 - Service: Serviço Atualização do Dropbox (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe O23 - Service: DbxSvc - Unknown owner - C:\Windows\system32\DbxSvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: SOLIDWORKS Electrical Collaborative Server (ewserver) - Unknown owner - B:\Programas\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.86\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel(R) MPI Library Hydra Process Manager (impi_hydra) - Intel Corporation - C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - b:\Programas\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Autodesk Simulation Moldflow MITSI 2018 Job Manager (mitsijm2018) - Autodesk, Inc. - B:\Programas\Autodesk\Inventor 2019\Moldflow\bin\mitsijm.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe O23 - Service: OPC DDE Manager (opcddemg) - Unknown owner - C:\Windows\opcddemg.exe O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Razer Chroma SDK Server - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe O23 - Service: Razer Chroma SDK Service - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe O23 - Service: Razer Game Manager (Razer Game Manager Service) - Razer Inc - C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe O23 - Service: Razer Synapse Service - Unknown owner - B:\Programas\Razer\Synapse3\Service\Razer Synapse Service.exe O23 - Service: Remote Solver for COSMOSFloWorks 2008 (RemoteSolverDispatcher) - Mentor Graphics Corporation - B:\Programas\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Razer Central Service (RzActionSvc) - Razer Inc. - C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: Serasa Update (SerasaUpdate) - Serasa Experian - C:\Program Files (x86)\Serasa Experian\Service\SerasaUpdate.exe O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing) O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: SolidWorks Flexnet Server - Flexera Software LLC - B:\SolidWorks_Flexnet_Server\lmgrd.exe O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: SWVisualize2019.BoostService - Dassault Systèmes - B:\Programas\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe O23 - Service: SWVisualize2019.Queue.Server - Dassault Systèmes - B:\Programas\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.4.3.242\WsAppService.exe -- End of file - 20308 bytes
×
×
  • Criar Novo...