Este fórum foi descontinuado. LEIA AQUI e participe da Comunidade BABOO :)

Ir para conteúdo

augustomaciel

Participante
  • Postagens

    6
  • Desde

  • Última visita

Tudo que augustomaciel postou

  1. Olá, agradeço imensamente a disponibilidade em ter me auxiliado em todo o processo. Grande Abraço!
  2. C:\Users\pccli\Desktop\desktop\icq_rfrset.exe a variant of Win32/MailRu.O potentially unwanted application cleaned by deleting C:\Users\pccli\Documents\Downloads\Compressed\Internet Download Manager 6.18 build 4 Final Retail [ChingLiu].rar a variant of Win32/HackTool.Patcher.BY potentially unsafe application deleted C:\Users\pccli\Downloads\ccsetup402.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting F:\desktop\desktop\Design Science MathType 6.7.rar a variant of Win32/Keygen.BH potentially unsafe application deleted F:\desktop\desktop\icq_rfrset.exe a variant of Win32/MailRu.O potentially unwanted application cleaned by deleting F:\desktop\desktop\Design Science MathType 6.7\Senhas\MathType.6.7a.keygen-CORE.rar a variant of Win32/Keygen.BH potentially unsafe application deleted F:\soft\Design Science MathType 6.7\Senhas\MathType.6.7a.keygen-CORE.exe a variant of Win32/Keygen.BH potentially unsafe application cleaned by deleting F:\soft\Design Science MathType 6.7\Senhas\MathType.6.7a.keygen-CORE.rar a variant of Win32/Keygen.BH potentially unsafe application deleted F:\UFSM\2014_1\Estatistica A\uTorrent.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application cleaned by deleting
  3. Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 09/04/2019 Hora da análise: 11:52 Arquivo de registro: 0fbe63a2-5ad7-11e9-aa57-00ff45ac5b50.json -Informação do software- Versão: 3.7.1.2839 Versão de componentes: 1.0.563 Versão do pacote de definições: 1.0.10068 Licença: Versão de Avaliação -Informação do sistema- Sistema operacional: Windows 7 Service Pack 1 CPU: x86 Sistema de arquivos: NTFS Usuário: pccli-HP\pccli -Resumo da análise- Tipo de análise: Análise de Ameaças Análise Iniciada Por: Manual Resultado: Concluído Objetos verificados: 223081 Ameaças detectadas: 10 Ameaças em quarentena: 10 Tempo decorrido: 15 min, 24 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Detectar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 1 PUP.Optional.ASK, HKU\S-1-5-21-3561672157-2773084743-3070276630-501\SOFTWARE\MICROSOFT\Internet Explorer\SEARCHSCOPES\{2fa28606-de77-4029-af96-b231e3b8f827}, Quarentena, [2], [184156],1.0.10068 Valor de registro: 1 PUP.Optional.ASK, HKU\S-1-5-21-3561672157-2773084743-3070276630-501\SOFTWARE\MICROSOFT\Internet Explorer\SEARCHSCOPES\{2fa28606-de77-4029-af96-b231e3b8f827}|URL, Quarentena, [2], [184156],1.0.10068 Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 8 PUP.Optional.ASK.OPC, C:\USERS\PCCLI\APPDATA\ROAMING\UTORRENT\UPDATES\3.4.2_32354.EXE, Quarentena, [12943], [639652],1.0.10068 PUP.Optional.Catalina, C:\PROGRAM FILES\B1 FREE ARCHIVER\B1.EXE, Quarentena, [509], [635491],1.0.10068 PUP.Optional.Catalina, C:\PROGRAM FILES\B1 FREE ARCHIVER\B1SHELLEXT32.DLL, Quarentena, [509], [635491],1.0.10068 PUP.Optional.Catalina, C:\PROGRAM FILES\B1 FREE ARCHIVER\WINSETUP32.EXE, Quarentena, [509], [635491],1.0.10068 PUP.Optional.Catalina, C:\PROGRAM FILES\B1 FREE ARCHIVER\B1MANAGER.EXE, Quarentena, [509], [635491],1.0.10068 Generic.Malware/Suspicious, C:\USERS\PCCLI\DOWNLOADS\CUTEWRITER.EXE, Quarentena, [0], [392686],1.0.10068 RiskWare.Tool.CK, C:\USERS\PCCLI\DESKTOP\DESKTOP\DESIGN SCIENCE MATHTYPE 6.7\SENHAS\MATHTYPE.6.7A.KEYGEN-CORE.RAR, Quarentena, [5730], [55248],1.0.10068 RiskWare.Tool.CK, C:\USERS\PCCLI\DESKTOP\DESKTOP\DESIGN SCIENCE MATHTYPE 6.7.RAR, Quarentena, [5730], [55248],1.0.10068 Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) (end) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:22:07, on 09/04/2019 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17937) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Program Files\Diebold\Warsaw\core.exe C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\avpui.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Windows\System32\igfxpers.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe C:\Program Files\ActivIdentity\ActivClient\acevents.exe C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe C:\Program Files\Lexmark\ErrorApp\LMab1err.EXE C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\McAfee Security Scan\3.11.427\SSScheduler.exe C:\Users\pccli\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Windows\system32\taskeng.exe C:\Program Files\CCleaner\CCleaner.exe C:\Windows\system32\igfxsrvc.exe C:\Users\pccli\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Users\pccli\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe C:\Users\pccli\AppData\Roaming\Dropbox\bin\QtWebEngineProcess.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\pccli\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe, O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (file missing) O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} - C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll O3 - Toolbar: Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [IMSS] "C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [acevents] "C:\Program Files\ActivIdentity\ActivClient\acevents.exe" O4 - HKLM\..\Run: [accrdsub] "C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe" O4 - HKCU\..\Run: [LMab1err] C:\Program Files\Lexmark\ErrorApp\LMab1err.exe O4 - HKCU\..\Run: [Google Update] C:\Users\pccli\AppData\Local\Google\Update\1.3.34.7\GoogleUpdateCore.exe O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\pccli\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE') O4 - Startup: Dropbox.lnk = C:\Users\pccli\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.427\SSScheduler.exe O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\Windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\Windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: aapj.bb.com.br O15 - Trusted Zone: seg.bb.com.br O15 - Trusted Zone: www.bb.com.br O15 - Trusted Zone: http://www.bb.com.br O15 - Trusted Zone: imagem.caixa.gov.br O15 - Trusted Zone: internetbanking.caixa.gov.br O15 - Trusted Zone: internetbankingpf.caixa.gov.br O15 - Trusted Zone: www.caixa.gov.br O15 - Trusted Zone: http://www.caixa.gov.br O15 - Trusted Zone: cloud.gastecnologia.com.br O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (file missing) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing) O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Serviço do Kaspersky Anti-Virus 19.0.0 (AVP19.0.0) - AO Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe O23 - Service: Bloqueio de Dispositivos / Auditoria do HP ProtectTools (FLCDLOCK) - Hewlett-Packard Ltd - C:\Windows\system32\flcdlock.exe O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files\Google\Chrome\Application\73.0.3683.86\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Serviço do Kaspersky Secure Connection 3.0.0 (KSDE3.0.0) - AO Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe O23 - Service: lmab_device - - C:\Windows\system32\LMabcoms.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.427\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: YSearchUtilSvc - Yahoo Inc. - C:\Program Files\Yahoo!\yset\{103A5537-49E1-2B40-8D86-D33CAEEBF055}\YSearchUtilSvc.exe -- End of file - 11912 bytes
  4. Segue os logs: ~ ZHPCleaner v2019.4.7.44 by Nicolas Coolman (2019/04/07) ~ Run by pccli (Administrator) (09/04/2019 10:50:58) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\pccli\Desktop\ZHPCleaner (R).txt ~ Quarantine : C:\Users\pccli\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 7 Professional, 32-bit Service Pack 1 (Build 7601) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (2) REPLACED: 0.0.0.1 mssplus.mcafee.com Number of found redirections 1/33 ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (56) MOVED file: C:\Users\pccli\AppData\Roaming\unins000.exe [ - Setup/Uninstall] =>Adware.Pirrit MOVED file: C:\Users\pccli\AppData\Roaming\unins001.exe [ - Setup/Uninstall] =>Adware.Pirrit MOVED file: C:\Program Files\Skillbrains\lightshot\Lightshot.exe [Copyright 2009 - Starter Module] =>.SUP.Skillbrains MOVED file: C:\Windows\System32\drivers\mcaudrv.sys [Visicom Media Inc. - ManyCam Virtual Microphone] =>ManyCam LLC MOVED file: C:\Windows\System32\drivers\mcvidrv.sys [Visicom Media Inc. - ManyCam Virtual Webcam Driver] =>ManyCam LLC MOVED file: C:\Windows\Installer\wix{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\44ae7.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\6f8e7.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\eb50d.msp =>.SUP.Obsolete.Adobe MOVED folder^: C:\Program Files\Skillbrains =>.SUP.Skillbrains MOVED folder: C:\Users\pccli\AppData\Local\Google\Update =>Heuristic.Suspect MOVED folder: C:\Users\pccli\AppData\Local\{02A1FBF7-9B74-43AB-8EE6-5055147A007D} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{0B2BEB11-2A21-47A6-A671-0EFAB7FCF37E} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{1216355E-3DCC-4474-8648-E5F9A31F4F62} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{1379C3A7-FE83-4FFD-9EC6-5F7731BD63E7} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{16DB4486-F790-4A8C-BAFE-C9186A676FFA} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{1CD9AF7D-F6D9-4D0D-A131-080FB02E6B27} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{25C3EED7-7CB4-4194-A40E-DF7C2E5A2829} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{290FDA3B-822B-4D8B-9833-0DD324C78EDB} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{2CB4E9FC-2E81-4180-8289-237F57E6264A} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{2FDB523B-F1AF-4321-9C21-40A56AB1E733} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{3AFB4D70-3FBE-4967-A555-EAED605ED100} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{4011F03D-07ED-4E46-9785-E90CE0178DFA} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{4627122B-4DE4-49E2-9A20-186A36BA62C4} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{4A4758E7-AADF-42CA-8D85-8F77AD25DAE5} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{4F6329CE-C524-4141-81B7-4A701882D7CF} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{5EC5B025-2C20-4F25-8D8D-E37AC1622A27} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{661E5EB9-4812-47EE-A729-D0FBB4C96C19} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{76E58DCF-8B4B-4947-A35D-F84AC03D346A} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{79DEDD32-A384-49CA-9F1F-9626B5865309} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{7A34F6B5-5E72-4C78-A387-37B8781BF60C} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{804BB5BE-0F58-437A-BE03-19603E76CE4D} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{897612B9-FE4E-46CF-8325-2377A1F0B87B} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{91924E2B-A937-475E-A84D-10ED5AF64B45} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{92EF7A11-69A2-4037-BDEE-F4B8E6826195} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{960119EB-3090-439F-94DE-C3848EF1817F} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{9EDF0075-897F-4738-B480-D4E8E9492E51} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{9EDFA52A-7856-45ED-8F95-A95BB60EE232} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{A081FC85-F5EF-4210-93D3-AF64F92BA2FE} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{A27515BB-0F3F-4D6F-AD36-0EE53FF74F9A} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{A2FDF454-FF59-4376-B01F-3ACC16E5C255} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{A3EBA9E0-8EE2-4EAB-BB14-D38B6161C92E} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{AC151288-7A21-4153-8B49-BBB733E8F479} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{B3D7753E-F436-4D2F-83F8-902A226A5308} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{BA2016DF-A2C3-4CB5-8E0D-DEEC0387EA7B} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{C57DC8EB-B017-45A8-A498-5D2CDD74C4C0} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{CB83823F-3904-4D2B-85A0-C2C8F4083C70} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{CE4A0138-450F-4FD7-B750-5CE8048BBEEC} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{CED7A9F1-4A9D-4C36-A569-6A624B5A5C28} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{D00CA623-0906-42FA-98E7-867981E98F7C} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{D93B8C8A-1809-40E2-9AF5-3EBEB9526047} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{E047BAE9-0415-4EDD-B19D-904E31853A77} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{E23DDAD9-A738-4DA6-BC27-DBB045757EBB} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{F7857244-7073-4250-AED4-93F219C694BC} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\Local\{FF9C89A1-D7A2-4E8A-AECE-1F655E70D6E6} =>.SUP.Empty MOVED folder: C:\Users\pccli\AppData\LocalLow\Oracle =>.SUP.Empty ---\\ Registry ( Key, Value, Data) (173) DELETED key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} [http://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF] [Ask.com] =>Toolbar.Ask DELETED key: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} [http://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF] [Ask.com] =>Toolbar.Ask DELETED key**: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} [http://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF] =>Toolbar.Ask DELETED key**: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} [http://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF] =>Toolbar.Ask DELETED key*: HKLM\SOFTWARE\DT soft\Daemon Tools toolbar [] =>PUP.Optional.DaemonToolsToolbar DELETED key*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\B1FreeArchiver [Catalina Group Ltd] =>.SUP.CatalinaMarketing DELETED key*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1 [Skillbrains] =>.SUP.Skillbrains DELETED value: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Lightshot [C:\Program Files\Skillbrains\lightshot\Lightshot.exe] =>.SUP.Skillbrains DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre7\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\de\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\es\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\fr\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\it\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\ja\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\ko\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\ru\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\zh-Hans\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\zh-Hant\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\ar\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\bg\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\ca\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\cs\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\da\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\el\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\et\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\eu\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\fi\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\he\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\hr\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\hu\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\id\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\lt\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\lv\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\ms\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\nl\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\no\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\pl\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\pt-BR\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\pt\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\ro\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\sk\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\sl\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\sr-Cyrl-CS\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\sr-Latn-CS\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\sv\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\th\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\tr\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\uk\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\4.1.10329.0\vi\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\de\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\es\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\fr\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\it\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\ja\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\ko\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\ru\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\zh-Hans\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\zh-Hant\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\ar\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\bg\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\ca\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\cs\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\da\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\el\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\et\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\eu\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\fi\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\he\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\hr\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\hu\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\id\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\lt\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\lv\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\ms\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\nl\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\no\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\pl\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\pt-BR\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\pt\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\ro\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\sk\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\sl\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\sr-Cyrl-CS\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\sr-Latn-CS\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\sv\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\th\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\tr\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\uk\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.20125.0\vi\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\de\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\es\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\fr\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\it\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\ja\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\ko\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\ru\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\zh-Hans\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\zh-Hant\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\ar\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\bg\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\ca\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\cs\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\da\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\el\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\et\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\eu\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\fi\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\he\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\hr\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\hu\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\id\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\lt\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\lv\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\ms\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\nl\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\no\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\pl\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\pt-BR\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\pt\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\ro\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\sk\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\sl\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\sr-Cyrl-CS\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\sr-Latn-CS\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\sv\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\th\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\tr\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\uk\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40416.0\vi\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\de\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\es\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\fr\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\it\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\ja\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\ko\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\ru\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\zh-Hans\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\zh-Hant\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\ar\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\bg\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\ca\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\cs\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\da\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\el\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\et\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\eu\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\fi\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\he\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\hr\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\hu\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\id\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\lt\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\lv\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\ms\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\nl\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\no\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\pl\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\pt-BR\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\pt\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\ro\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\sk\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\sl\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\sr-Cyrl-CS\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\sr-Latn-CS\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\sv\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\th\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\tr\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\uk\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Microsoft Silverlight\5.1.40728.0\vi\ [No Folder] =>.SUP.Obsolete.NoFolder ---\\ Summary of the elements found (10) https://nicolascoolman.eu/2017/02/25/adware-pirrit/ =>Adware.Pirrit https://nicolascoolman.eu/2019/01/sup-skillbrains =>.SUP.Skillbrains https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>ManyCam LLC https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Empty https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Obsolete.Adobe https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect https://nicolascoolman.eu/2017/02/28/toolbar-ask/ =>Toolbar.Ask https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.DaemonToolsToolbar https://nicolascoolman.eu/2017/09/16/sup-catalinamarketing/ =>.SUP.CatalinaMarketing https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Obsolete.NoFolder ---\\ Other deletions. (152) ~ Registry Keys Tracing deleted (152) ~ Remove the old reports ZHPCleaner. (0) ---\\ Result of repair ~ Repair carried out successfully ~ Browser not found (Opera Software) ~ The system has been restarted. ---\\ Statistics ~ Items scanned : 2242 ~ Items found : 0 ~ Items cancelled : 0 ~ Items options : 12/12 ~ Space saving (bytes) : 0 ~ End of clean in 00h00mn42s ---\\ Reports (2) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:59:41, on 09/04/2019 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17937) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Diebold\Warsaw\core.exe C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\avpui.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Windows\System32\igfxpers.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe C:\Program Files\ActivIdentity\ActivClient\acevents.exe C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe C:\Program Files\Lexmark\ErrorApp\LMab1err.EXE C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\McAfee Security Scan\3.11.427\SSScheduler.exe C:\Windows\system32\taskeng.exe C:\Users\pccli\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\CCleaner\CCleaner.exe C:\Users\pccli\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Users\pccli\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe C:\Users\pccli\AppData\Roaming\Dropbox\bin\QtWebEngineProcess.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Users\pccli\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe, O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (file missing) O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} - C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll O3 - Toolbar: Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [IMSS] "C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [acevents] "C:\Program Files\ActivIdentity\ActivClient\acevents.exe" O4 - HKLM\..\Run: [accrdsub] "C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe" O4 - HKCU\..\Run: [LMab1err] C:\Program Files\Lexmark\ErrorApp\LMab1err.exe O4 - HKCU\..\Run: [Google Update] C:\Users\pccli\AppData\Local\Google\Update\1.3.34.7\GoogleUpdateCore.exe O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\pccli\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE') O4 - Startup: Dropbox.lnk = C:\Users\pccli\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.427\SSScheduler.exe O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\Windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\Windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: aapj.bb.com.br O15 - Trusted Zone: seg.bb.com.br O15 - Trusted Zone: www.bb.com.br O15 - Trusted Zone: http://www.bb.com.br O15 - Trusted Zone: imagem.caixa.gov.br O15 - Trusted Zone: internetbanking.caixa.gov.br O15 - Trusted Zone: internetbankingpf.caixa.gov.br O15 - Trusted Zone: www.caixa.gov.br O15 - Trusted Zone: http://www.caixa.gov.br O15 - Trusted Zone: cloud.gastecnologia.com.br O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (file missing) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing) O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Serviço do Kaspersky Anti-Virus 19.0.0 (AVP19.0.0) - AO Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe O23 - Service: Bloqueio de Dispositivos / Auditoria do HP ProtectTools (FLCDLOCK) - Hewlett-Packard Ltd - C:\Windows\system32\flcdlock.exe O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files\Google\Chrome\Application\73.0.3683.86\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Serviço do Kaspersky Secure Connection 3.0.0 (KSDE3.0.0) - AO Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe O23 - Service: lmab_device - - C:\Windows\system32\LMabcoms.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.427\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: YSearchUtilSvc - Yahoo Inc. - C:\Program Files\Yahoo!\yset\{103A5537-49E1-2B40-8D86-D33CAEEBF055}\YSearchUtilSvc.exe -- End of file - 11793 bytes
  5. OI, obrigado pela rapidez. Acontece que ai clicar pra baixar o ZHPCleaner, depois da contagem regressiva vai para um site e esta aparecendo 403 forbidden. Tentei até na rede do celular pra ver se não era problema da rede do computador. Posso baixar esse: https://nicolascoolman.eu/download/zhpcleaner/ ?
  6. Prezados, gostaria por favor de pedir uma ajuda com a análise do log. No ultimos dias tenho recebido alertas de atividades suspeitas em redes sociais e estou receoso de algum programa estar rodando no PC e enviando dados a alguém. Fiz todos os procedimentos e li as instruções do Tópico. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 09:05:39, on 09/04/2019 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17937) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe C:\Windows\system32\Dwm.exe C:\Program Files\Diebold\Warsaw\core.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Windows\System32\igfxpers.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Skillbrains\lightshot\5.4.0.10\Lightshot.exe C:\Program Files\ActivIdentity\ActivClient\acevents.exe C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe C:\Program Files\Lexmark\ErrorApp\LMab1err.EXE C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\avpui.exe C:\Program Files\McAfee Security Scan\3.11.427\SSScheduler.exe C:\Users\pccli\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Windows\system32\taskeng.exe C:\Program Files\CCleaner\CCleaner.exe C:\Users\pccli\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Users\pccli\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe C:\Users\pccli\AppData\Roaming\Dropbox\bin\QtWebEngineProcess.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Users\pccli\Desktop\HijackThis.exe C:\Windows\system32\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe, O1 - Hosts: 0.0.0.1 mssplus.mcafee.com O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (file missing) O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} - C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll O3 - Toolbar: Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [Lightshot] C:\Program Files\Skillbrains\lightshot\Lightshot.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [IMSS] "C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [acevents] "C:\Program Files\ActivIdentity\ActivClient\acevents.exe" O4 - HKLM\..\Run: [accrdsub] "C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe" O4 - HKCU\..\Run: [LMab1err] C:\Program Files\Lexmark\ErrorApp\LMab1err.exe O4 - HKCU\..\Run: [Google Update] C:\Users\pccli\AppData\Local\Google\Update\1.3.34.7\GoogleUpdateCore.exe O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\pccli\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE') O4 - Startup: Dropbox.lnk = C:\Users\pccli\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.427\SSScheduler.exe O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\Windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\Windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: aapj.bb.com.br O15 - Trusted Zone: seg.bb.com.br O15 - Trusted Zone: www.bb.com.br O15 - Trusted Zone: http://www.bb.com.br O15 - Trusted Zone: imagem.caixa.gov.br O15 - Trusted Zone: internetbanking.caixa.gov.br O15 - Trusted Zone: internetbankingpf.caixa.gov.br O15 - Trusted Zone: www.caixa.gov.br O15 - Trusted Zone: http://www.caixa.gov.br O15 - Trusted Zone: cloud.gastecnologia.com.br O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (file missing) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing) O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Serviço do Kaspersky Anti-Virus 19.0.0 (AVP19.0.0) - AO Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe O23 - Service: Bloqueio de Dispositivos / Auditoria do HP ProtectTools (FLCDLOCK) - Hewlett-Packard Ltd - C:\Windows\system32\flcdlock.exe O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files\Google\Chrome\Application\73.0.3683.86\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Serviço do Kaspersky Secure Connection 3.0.0 (KSDE3.0.0) - AO Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe O23 - Service: lmab_device - - C:\Windows\system32\LMabcoms.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.427\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: YSearchUtilSvc - Yahoo Inc. - C:\Program Files\Yahoo!\yset\{103A5537-49E1-2B40-8D86-D33CAEEBF055}\YSearchUtilSvc.exe -- End of file - 12060 bytes
×
×
  • Criar Novo...