Este fórum foi descontinuado. LEIA AQUI e participe da Comunidade BABOO :)

Ir para conteúdo

Melll

Participante
  • Postagens

    8
  • Desde

  • Última visita

Perfil

  • Estado
    Rio de Janeiro
  • Sexo
    feminino
  • Escolaridade
    Superior completo
  • Área Profissional
    Comunicação / Marketing
  • Nível Profissional
    Aposentado
  1. Olá boa tarde! Desde ontem, estava ouvindo música no meu computador, de repente ele fez um chiado e o som parou do nada. Achei que o PC estava travado, reiniciei a máquina e quando voltei, não conseguia ouvir mais nada. Já testei todos os cabos de caixa de som, e está tudo ok. Não tenho som nenhum no computador. Nem das midis, nem dos videos, nem do próprio Windows. Será que foi a placa de som? Como posso resolver isso? Desde já agradeço toda ajuda que puderem me oferecer. Melll PS. Meu sistema é o win 8.1
  2. Ok, muito obrigada pela ajuda. Só gostaria de tirar uma dúvida. Os arquivos infectados que apareceram no Eset não são deletados? Melll
  3. Olá, boa noite, Segue abaixo o log solicitado. Obrigada C:\Program Files (x86)\Legendas-3.5\nfregdrv.exe Win32/RiskWare.NetFilter.V application cleaned by deleting C:\Users\Ma Luna\AppData\Local\Mozilla\Firefox\Profiles\ghaigvso.default\cache2\entries\8E79B1C6C96CC6819B1A5BF7E36FE27E137D0086 a variant of MSIL/WebCompanion.A potentially unwanted application cleaned by deleting C:\Users\Ma Luna\AppData\Local\Mozilla\Firefox\Profiles\ghaigvso.default\cache2\entries\AE29F43F3BC91B348CB1BE90CE77943215BD91BA a variant of Win32/InstallCore.AYB potentially unwanted application cleaned by deleting C:\Users\Ma Luna\AppData\Roaming\uTorrent\updates\3.4.8_42449.exe Win32/OpenCandy.J potentially unsafe application deleted C:\Users\Ma Luna\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\Advanced SystemCare\Advanced SystemCare\ActionCenterDownloader.exe a variant of Win32/IObit.L potentially unwanted application cleaned by deleting C:\Users\Ma Luna\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\Advanced SystemCare\Advanced SystemCare\AutoUpdate.exe a variant of Win32/IObit.M potentially unwanted application cleaned by deleting C:\Users\Ma Luna\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\Advanced SystemCare\Advanced SystemCare\Register.exe a variant of Win32/IObit.M potentially unwanted application cleaned by deleting C:\Users\Ma Luna\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\Advanced SystemCare\Advanced SystemCare\UninstallPromote.exe a variant of Win32/IObit.J potentially unwanted application cleaned by deleting C:\Users\Ma Luna\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\Advanced SystemCare\Advanced SystemCare\Database\AutoUpdate.dat a variant of Win32/IObit.M potentially unwanted application cleaned by deleting C:\Users\Ma Luna\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\Driver Booster\Driver Booster\Downloader\db5\Advanced SystemCare 11.exe a variant of Win32/IObit.E potentially unwanted application cleaned by deleting C:\Users\Ma Luna\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\KMSpico\scripts\AddExceptionsWD.reg Win32/HackKMS.AZ potentially unsafe application cleaned by deleting C:\Users\Ma Luna\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\KMSpico\scripts\Silent.cmd Win32/HackKMS.AZ potentially unsafe application cleaned by deleting C:\Users\Ma Luna\Desktop\uTorrent.exe a variant of MSIL/WebCompanion.A potentially unwanted application cleaned by deleting C:\Users\Ma Luna\Documents\CDBurnerXP\cdbxp_setup_4.5.7.6521.exe a variant of Win32/FusionCore.I potentially unwanted application cleaned by deleting C:\Users\Ma Luna\Documents\Programas\aTube-catcher\aTube_Catcher_2567238702.exe Win32/InstallCore.Gen.A potentially unwanted application cleaned by deleting C:\Users\Ma Luna\Documents\Programas\ccleaner\ccsetup556.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting C:\Users\Ma Luna\Documents\Programas\Driver Booster 6\driver_booster_setup.exe a variant of Win32/IObit.U potentially unwanted application cleaned by deleting C:\Users\Ma Luna\Documents\Programas\IObit\iobit-software-updater-setup-final.exe a variant of Win32/IObit.X potentially unwanted application cleaned by deleting C:\Users\Ma Luna\Documents\Programas\Legenda Brasil (programa para achar legendas\Legendas36.exe multiple threats cleaned by deleting C:\Users\Ma Luna\Documents\Programas\Legenda Brasil (programa para achar legendas\Legendas36.zip multiple threats deleted C:\Users\Ma Luna\Documents\Programas\Microsoft Office 2016 Professional Plus + Ativador - WWW.DTORRENT.COM.BR\ATIVADOR\KMSAuto.exe a variant of Win32/HackKMS.Q potentially unsafe application cleaned by deleting C:\Users\Ma Luna\Documents\Programas\MiPony\Mipony-Installer_3691972494.exe Win32/InstallCore.Gen.A potentially unwanted application cleaned by deleting C:\Users\Ma Luna\Documents\Programas\Office Professional Plus 2016 x86-x64\AT O2016 By Baixar Seguro.rar a variant of MSIL/HackTool.IdleKMS.E potentially unsafe application deleted C:\Users\Ma Luna\Documents\Programas\Paltalk\pal_install118b803.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application cleaned by deleting C:\Users\Ma Luna\Documents\Programas\Photoscape\photoscape-3-7-multi-win.exe Win32/OpenCandy potentially unsafe application cleaned by deleting C:\Users\Ma Luna\Documents\Programas\Programa que procura legenda para séries e filmes\Legendas36.exe multiple threats cleaned by deleting C:\Users\Ma Luna\Documents\Programas\Programa que procura legenda para séries e filmes\Legendas36.zip multiple threats deleted C:\Users\Ma Luna\Documents\Programas\Torrent\Baixaki_utorrent.exe Win32/OpenCandy.J potentially unsafe application deleted C:\Users\Ma Luna\Documents\Programas\Torrent\Baixaki_utorrent_V23x9D.exe Win32/InstallCore.Gen.A potentially unwanted application cleaned by deleting C:\Users\Ma Luna\Documents\Programas\VSO ConvertXtoDVD 5.3.0.20 Final + Patch\VSO ConvertXtoDVD\vso.converters.v1.4-Cerberus.exe a variant of Win32/HackTool.Patcher.AD potentially unsafe application cleaned by deleting C:\Windows\System32\drivers\legendasdrv.sys a variant of Win64/NetFilter.A potentially unsafe application cleaned by deleting C:\Windows\System32\drivers\vivadrv.sys a variant of Win64/NetFilter.A potentially unsafe application cleaned by deleting D:\Minhas Anotações\Microsoft Office 2016 Professional Plus + Ativador - WWW.DTORRENT.COM.BR\ATIVADOR\KMSAuto.exe a variant of Win32/HackKMS.Q potentially unsafe application cleaned by deleting E:\Programas\The KM Player\The KM Player Portable\KMPlayer.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application cleaned by deleting E:\Programas\The KM Player\The KM Player Portable\KMPlayer.zip a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted E:\Programas\UTorrent\utorrent.exe a variant of Win32/Toolbar.Conduit.AY potentially unwanted application cleaned by deleting
  4. Olá, boa tarde! Conforme solicitado, seguem os logs do MB e do HijackThis Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 25/04/2019 Hora da análise: 14:10 Arquivo de registro: f546bc92-677c-11e9-be2a-001a7dda7113.json -Informação do software- Versão: 3.7.1.2839 Versão de componentes: 1.0.563 Versão do pacote de definições: 1.0.10338 Licença: Gratuita -Informação do sistema- Sistema operacional: Windows 8.1 CPU: x64 Sistema de arquivos: NTFS Usuário: Luna\Ma Luna -Resumo da análise- Tipo de análise: Análise de Ameaças Análise Iniciada Por: Manual Resultado: Concluído Objetos verificados: 288584 Ameaças detectadas: 1 Ameaças em quarentena: 0 Tempo decorrido: 20 min, 11 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Detectar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 0 (Nenhum item malicioso detectado) Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 1 Adware.InstallCore, C:\$RECYCLE.BIN\S-1-5-21-3462242355-2652938135-2815238690-1001\$RX7ERTK.EXE, Nenhuma ação do usuário, [436], [615405],1.0.10338 Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) (end) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:46:01, on 25/04/2019 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.19036) Boot mode: Normal Running processes: C:\Program Files (x86)\scpbrad\scpbradguard.exe C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe C:\WYYnttMeqqREPP\ZIIwbOOuTHHSLK.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Users\Ma Luna\Desktop\HijackThis.exe C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [BeyluxeMessenger] "C:\Program Files (x86)\Beyluxe Messenger\Beyluxe Messenger.exe" /hide O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe" -bootmode O4 - HKCU\..\Run: [Lync] "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe" /fromrunkey O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [uTorrent] "C:\Users\Ma Luna\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [ZIIwbOOuTHHSLK] C:\WYYnttMeqqREPP\ZIIwbOOuTHHSLK.exe O4 - HKUS\S-1-5-18\..\Run: [Paltalk] "C:\Program Files (x86)\Paltalk\Paltalk.exe" minimized (User 'SISTEMA') O4 - HKUS\S-1-5-18\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (User 'SISTEMA') O4 - HKUS\.DEFAULT\..\Run: [Paltalk] "C:\Program Files (x86)\Paltalk\Paltalk.exe" minimized (User 'Default user') O4 - Startup: PalTalk.lnk = C:\Program Files (x86)\Paltalk Messenger\paltalk.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Baixar com Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.google.com.br O15 - Trusted Zone: www.itau.b.br O15 - Trusted Zone: *.itau.b.br O15 - Trusted Zone: bankline.itau.com.br O15 - Trusted Zone: banklineplus.itau.com.br O15 - Trusted Zone: clickbanking.itau.com.br O15 - Trusted Zone: guardiao.itau.com.br O15 - Trusted Zone: internet.itau.com.br O15 - Trusted Zone: www.itau.com.br O15 - Trusted Zone: http://www.itau.com.br O15 - Trusted Zone: *.itau.com.br O15 - Trusted Zone: www.itaupersonnalite.com.br O15 - Trusted Zone: http://www.itaupersonnalite.com.br O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - https://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Paltalk Update Service (paltalk_update_service) - AVM Software - C:\Program Files (x86)\Paltalk\update\pt_update_service.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Componente de Segurança Bradesco (scpbradserv) - Scopus Soluções em TI Ltda - C:\Program Files (x86)\scpbrad\scpbradserv.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10102 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: TeamViewer 14 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @oem36.inf,%WirelessKB850NotificationSvcDisplayName%;Wireless Keyboard 850 Notification Service (WirelessKB850NotificationService) - Unknown owner - C:\Windows\system32\WirelessKB850NotificationService.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12593 bytes
  5. Desculpe eu tentei colar, mas estava dando erro, vou tentar novamente. ~ ZHPCleaner v2019.4.21.51 by Nicolas Coolman (2019/04/21) ~ Run by Ma Luna (Administrator) (24/04/2019 19:47:15) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\Ma Luna\Desktop\ZHPCleaner (R).txt ~ Quarantine : C:\Users\Ma Luna\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 8.1 Pro, 64-bit (Build 9600) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (2) DELETED data: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\webcompanion.com\\http [Bad : Sensitive Websites] =>PUP.Optional.LavasoftWebCompanion DELETED data: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [Bad : 127.0.0.1;localhost;] =>Hijacker.Proxy ---\\ Hosts file (1) ~ The hosts file is legitimate (21) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (42) MOVED file: C:\Users\Ma Luna\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [Bad : C:\Users\Ma Luna\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..) =>BitTorrent (P2P) MOVED file: C:\Users\Ma Luna\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\µTorrent.lnk [Bad : C:\Users\Ma Luna\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..) =>BitTorrent (P2P) MOVED file: C:\Windows\Installer\MSI11F.tmp =>.SUP.MSIInstaller MOVED file: C:\Windows\Installer\MSI2717.tmp =>.SUP.MSIInstaller MOVED file: C:\Windows\Installer\MSI55E1.tmp =>.SUP.MSIInstaller MOVED file: C:\Users\Ma Luna\AppData\Local\Temp\aria-debug-5528.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\Ma Luna\AppData\Local\Temp\aria-debug-5536.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\Ma Luna\AppData\Local\Temp\config.xml =>.SUP.Temporary.Empty MOVED file: C:\Users\Ma Luna\AppData\Local\Temp\resource.h =>.SUP.Temporary.Empty MOVED file: C:\Users\Ma Luna\AppData\Local\Temp\wctCA7E.tmp =>.SUP.Temporary.Office MOVED file: C:\Program Files (x86)\Popcorn Time\Updater.exe [Popcorn Time - Updater] =>.SUP.PopcornTime MOVED folder^: C:\Program Files (x86)\Popcorn Time =>.SUP.PopcornTime MOVED folder: C:\Program Files\KMSpico =>HackTool.KMSpico MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare =>.SUP.AdvancedSystemCare MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico MOVED folder: C:\Users\Ma Luna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn-Time =>.SUP.PopcornTime MOVED folder: C:\Users\Ma Luna\AppData\Local\Popcorn-Time =>.SUP.PopcornTime MOVED folder: C:\Users\Ma Luna\AppData\Local\PopcornTime =>.SUP.PopcornTime MOVED folder: C:\Users\MALUNA~1\AppData\Local\Temp\scoped_dir4132_12171 =>.SUP.Temporary.Steam MOVED folder: C:\Program Files (x86)\IOBIT\Driver Booster =>.SUP.Energize MOVED folder: C:\Program Files (x86)\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare MOVED folder: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare MOVED folder: C:\ProgramData\IOBIT\Driver Booster =>.SUP.Energize MOVED folder: C:\ProgramData\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare MOVED folder: C:\ProgramData\Application Data\IObit\ASCDownloader =>.SUP.AdvancedSystemCare MOVED folder: C:\ProgramData\IObit\ASCDownloader =>.SUP.AdvancedSystemCare MOVED folder: C:\Users\Ma Luna\AppData\LocalLow\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare MOVED folder: C:\Users\Ma Luna\AppData\Roaming\IOBIT\Driver Booster =>.SUP.Energize MOVED folder: C:\Users\Ma Luna\AppData\Roaming\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare MOVED folder: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare MOVED folder: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare MOVED folder: C:\Windows\Installer\MSI9EA2.tmp- =>.SUP.Empty MOVED folder: C:\Windows\Installer\MSIA0F5.tmp- =>.SUP.Empty MOVED folder: C:\Windows\Installer\MSIA2DA.tmp- =>.SUP.Empty MOVED folder: C:\Windows\Installer\MSIA686.tmp- =>.SUP.Empty MOVED folder: C:\Windows\Installer\MSIA84C.tmp- =>.SUP.Empty MOVED folder: C:\Windows\Installer\MSIB03E.tmp- =>.SUP.Empty MOVED folder: C:\Windows\Installer\MSIB1A6.tmp- =>.SUP.Empty MOVED folder: C:\Windows\Installer\MSIC2DE.tmp- =>.SUP.Empty MOVED folder: C:\Windows\Installer\MSIC446.tmp- =>.SUP.Empty MOVED folder: C:\Users\Ma Luna\AppData\LocalLow\EmieSiteList =>.SUP.Empty MOVED folder: C:\Users\Ma Luna\AppData\LocalLow\EmieUserList =>.SUP.Empty ---\\ Registry ( Key, Value, Data) (33) DELETED key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9} [http://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10420__190304&q={search[...]] [Ad-Aware SecureSearch] =>PUP.Optional.LavasoftSecureSearch DELETED key**: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9} [http://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10420__190304&q={searchTerms}] =>PUP.Optional.LavasoftSecureSearch DELETED key*: HKEY_USERS\S-1-5-21-3462242355-2652938135-2815238690-1001\SOFTWARE\APN PIP [] =>.SUP.Conduit DELETED key*: HKEY_USERS\S-1-5-21-3462242355-2652938135-2815238690-1001\SOFTWARE\Popcorn Time [] =>.SUP.PopcornTime DELETED key*: HKEY_USERS\S-1-5-21-3462242355-2652938135-2815238690-1001\SOFTWARE\PopcornTime [] =>.SUP.PopcornTime DELETED key**: HKCU\Software\APN PIP [] =>.SUP.Conduit DELETED key**: HKCU\Software\Popcorn Time [] =>.SUP.PopcornTime DELETED key**: HKCU\Software\PopcornTime [] =>.SUP.PopcornTime DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Popcorn-Time [Popcorn Time] =>.SUP.PopcornTime DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent [BitTorrent Inc.] =>BitTorrent (P2P) DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99} [ICExtMenu] =>.SUP.AdvancedSystemCare DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99} [ICExtMenu] =>.SUP.AdvancedSystemCare DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare_is1 [IObit] =>.SUP.AdvancedSystemCare DELETED key*: HKEY_USERS\.DEFAULT\Software\Lavasoft\Web Companion [] =>PUP.Optional.LavasoftWebCompanion DELETED key**: HKEY_USERS\S-1-5-18\Software\Lavasoft\Web Companion [] =>PUP.Optional.LavasoftWebCompanion DELETED key*: HKU\S-1-5-21-3462242355-2652938135-2815238690-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com [] =>PUP.Optional.LavasoftWebCompanion DELETED key*: HKCU\Software\Lavasoft\Web Companion [] =>PUP.Optional.LavasoftWebCompanion DELETED key*: HKCU\Software\ProductSetup [] =>Adware.InstallCore DELETED key**: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com [] =>PUP.Optional.LavasoftWebCompanion DELETED key*: HKLM\SOFTWARE\Wow6432Node\IObit\RealTimeProtector [] =>.SUP.AdvancedSystemCare DELETED key*: HKLM\SOFTWARE\Wow6432Node\IObit\Advanced SystemCare [] =>.SUP.AdvancedSystemCare DELETED key*: HKLM\SOFTWARE\Wow6432Node\IObit\ASC [] =>.SUP.AdvancedSystemCare DELETED key*: HKLM\SOFTWARE\Wow6432Node\Lavasoft\Web Companion [] =>PUP.Optional.LavasoftWebCompanion DELETED key*: HKLM\SOFTWARE\Wow6432Node\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B} [] =>.SUP.AdvancedSystemCare DELETED key**: HKLM\SOFTWARE\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B} [] =>.SUP.AdvancedSystemCare DELETED key*: [X64] HKLM\SOFTWARE\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D} [CExtMenu Class] =>.SUP.AdvancedSystemCare DELETED key**: [X64] HKLM\SOFTWARE\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D}\InprocServer32 [C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll (Not File)] =>.SUP.AdvancedSystemCare DELETED key*: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Advanced SystemCare [{2803063F-4B8D-4dc6-8874-D1802487FE2D}] =>.SUP.AdvancedSystemCare DELETED key*: HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\Advanced SystemCare [{2803063F-4B8D-4dc6-8874-D1802487FE2D}] =>.SUP.AdvancedSystemCare DELETED key*: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Advanced SystemCare [{2803063F-4B8D-4dc6-8874-D1802487FE2D}] =>.SUP.AdvancedSystemCare DELETED key*: HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Advanced SystemCare [{2803063F-4B8D-4dc6-8874-D1802487FE2D}] =>.SUP.AdvancedSystemCare DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{95CF3148-215B-4ECF-B294-0A991674A58E} [C:\Program Files (x86)\Popcorn Time\Updater.exe] =>.SUP.PopcornTime DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{7568605D-0AB5-4F67-9ED0-22D390954606} [C:\Program Files (x86)\Popcorn Time\Updater.exe] =>.SUP.PopcornTime ---\\ Summary of the elements found (16) https://nicolascoolman.eu/2017/03/12/superfluous-lavasoftwebcompanion/ =>PUP.Optional.LavasoftWebCompanion https://nicolascoolman.eu/2017/04/03/hijacker-proxy/ =>Hijacker.Proxy https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>BitTorrent (P2P) https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.MSIInstaller https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.OneDrive https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Empty https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Office https://nicolascoolman.eu/2017/02/26/superfluous-popcorntime/ =>.SUP.PopcornTime https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico https://nicolascoolman.eu/2017/12/26/sup-advancedsystemcare/ =>.SUP.AdvancedSystemCare https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Steam https://www.anti-malware.top/2016/11/06/superfluous-energize/ =>.SUP.Energize https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Empty https://www.nicolascoolman.com/fr/pup-lavasoftsecuresearch/ =>PUP.Optional.LavasoftSecureSearch https://nicolascoolman.eu/2017/02/06/superfluous-conduit/ =>.SUP.Conduit https://nicolascoolman.eu/2017/09/19/adware-installcore-3/ =>Adware.InstallCore ---\\ Other deletions. (29) ~ Registry Keys Tracing deleted (27) ~ Remove the old reports ZHPCleaner. (2) ---\\ Result of repair ~ Repair carried out successfully ~ The system has been restarted. ---\\ Statistics ~ Items scanned : 5954 ~ Items found : 0 ~ Items cancelled : 0 ~ Items options : 12/12 ~ Space saving (bytes) : 18024 ~ End of clean in 00h02mn50s ---\\ Reports (2) ZHPCleaner--24042019-19_45_42.txt ZHPCleaner-[R]-24042019-19_50_05.txt Logo do HijackThis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:04:02, on 24/04/2019 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.19036) Boot mode: Normal Running processes: C:\Program Files (x86)\scpbrad\scpbradguard.exe C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe C:\WYYnttMeqqREPP\ZIIwbOOuTHHSLK.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe C:\Users\Ma Luna\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [BeyluxeMessenger] "C:\Program Files (x86)\Beyluxe Messenger\Beyluxe Messenger.exe" /hide O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe" -bootmode O4 - HKCU\..\Run: [Lync] "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe" /fromrunkey O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [uTorrent] "C:\Users\Ma Luna\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [ZIIwbOOuTHHSLK] C:\WYYnttMeqqREPP\ZIIwbOOuTHHSLK.exe O4 - HKUS\S-1-5-18\..\Run: [Paltalk] "C:\Program Files (x86)\Paltalk\Paltalk.exe" minimized (User 'SISTEMA') O4 - HKUS\S-1-5-18\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (User 'SISTEMA') O4 - HKUS\.DEFAULT\..\Run: [Paltalk] "C:\Program Files (x86)\Paltalk\Paltalk.exe" minimized (User 'Default user') O4 - Startup: PalTalk.lnk = C:\Program Files (x86)\Paltalk Messenger\paltalk.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Baixar com Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.google.com.br O15 - Trusted Zone: www.itau.b.br O15 - Trusted Zone: *.itau.b.br O15 - Trusted Zone: bankline.itau.com.br O15 - Trusted Zone: banklineplus.itau.com.br O15 - Trusted Zone: clickbanking.itau.com.br O15 - Trusted Zone: guardiao.itau.com.br O15 - Trusted Zone: internet.itau.com.br O15 - Trusted Zone: www.itau.com.br O15 - Trusted Zone: http://www.itau.com.br O15 - Trusted Zone: *.itau.com.br O15 - Trusted Zone: www.itaupersonnalite.com.br O15 - Trusted Zone: http://www.itaupersonnalite.com.br O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - https://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Paltalk Update Service (paltalk_update_service) - AVM Software - C:\Program Files (x86)\Paltalk\update\pt_update_service.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Componente de Segurança Bradesco (scpbradserv) - Scopus Soluções em TI Ltda - C:\Program Files (x86)\scpbrad\scpbradserv.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10102 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: TeamViewer 14 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Update service - Unknown owner - C:\Program Files (x86)\Popcorn Time\Updater.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @oem36.inf,%WirelessKB850NotificationSvcDisplayName%;Wireless Keyboard 850 Notification Service (WirelessKB850NotificationService) - Unknown owner - C:\Windows\system32\WirelessKB850NotificationService.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12562 bytes
  6. Olá, Conforme solicitado, estou anexando os logs do ZHPCleaner e do HijackThis para sua avaliação. Desde já agradeço sua gentileza e atenção. Melll hijackthis.log ZHPCleaner.txt
  7. Boa noite, Meu computador está infectado. Quando acesso minha página do banco, aparece um instalador que o banco informou ser virus. Agradeço a ajuda de quem puder me ajudar, pois trata-se de um problema sério e não estou querendo formatar meu computador. Melll Abaixo segue o log do HijackThis, conforme solicitado. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:59:49, on 24/04/2019 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.19036) Boot mode: Normal Running processes: C:\Program Files (x86)\scpbrad\scpbradguard.exe C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe C:\WYYnttMeqqREPP\ZIIwbOOuTHHSLK.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Windows\SysWOW64\DllHost.exe C:\Users\Ma Luna\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [BeyluxeMessenger] "C:\Program Files (x86)\Beyluxe Messenger\Beyluxe Messenger.exe" /hide O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe" -bootmode O4 - HKCU\..\Run: [Lync] "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe" /fromrunkey O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [uTorrent] "C:\Users\Ma Luna\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [ZIIwbOOuTHHSLK] C:\WYYnttMeqqREPP\ZIIwbOOuTHHSLK.exe O4 - HKUS\S-1-5-18\..\Run: [Paltalk] "C:\Program Files (x86)\Paltalk\Paltalk.exe" minimized (User 'SISTEMA') O4 - HKUS\S-1-5-18\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (User 'SISTEMA') O4 - HKUS\.DEFAULT\..\Run: [Paltalk] "C:\Program Files (x86)\Paltalk\Paltalk.exe" minimized (User 'Default user') O4 - Startup: PalTalk.lnk = C:\Program Files (x86)\Paltalk Messenger\paltalk.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Baixar com Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.google.com.br O15 - Trusted Zone: www.itau.b.br O15 - Trusted Zone: *.itau.b.br O15 - Trusted Zone: bankline.itau.com.br O15 - Trusted Zone: banklineplus.itau.com.br O15 - Trusted Zone: clickbanking.itau.com.br O15 - Trusted Zone: guardiao.itau.com.br O15 - Trusted Zone: internet.itau.com.br O15 - Trusted Zone: www.itau.com.br O15 - Trusted Zone: http://www.itau.com.br O15 - Trusted Zone: *.itau.com.br O15 - Trusted Zone: www.itaupersonnalite.com.br O15 - Trusted Zone: http://www.itaupersonnalite.com.br O15 - Trusted Zone: http://*.webcompanion.com O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - https://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Paltalk Update Service (paltalk_update_service) - AVM Software - C:\Program Files (x86)\Paltalk\update\pt_update_service.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Componente de Segurança Bradesco (scpbradserv) - Scopus Soluções em TI Ltda - C:\Program Files (x86)\scpbrad\scpbradserv.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10102 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: TeamViewer 14 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Update service - Popcorn Time - C:\Program Files (x86)\Popcorn Time\Updater.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @oem36.inf,%WirelessKB850NotificationSvcDisplayName%;Wireless Keyboard 850 Notification Service (WirelessKB850NotificationService) - Unknown owner - C:\Windows\system32\WirelessKB850NotificationService.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12793 bytes
×
×
  • Criar Novo...