moicanofacul
Members-
Content count
110 -
Joined
-
Last visited
Community Reputation
0 ComumAbout moicanofacul
-
[Resolvido] Atividades Suspeitas ao Reiniciar o PC
moicanofacul replied to moicanofacul's topic in Tópicos Resolvidos (Seguranca & Malwares)
Aparentemente, tudo ok. Funcionamento sem engasgos. Reiniciei duas vezes para testar e tudo ocorreu normalmente. Power Point não está mais abrindo sozinho como antes. Muito obrigado!!- 7 replies
-
- hotkey listener
- reinicialização
-
(and 1 more)
Tagged with:
-
[Resolvido] Atividades Suspeitas ao Reiniciar o PC
moicanofacul replied to moicanofacul's topic in Tópicos Resolvidos (Seguranca & Malwares)
Segue relatório Fixlog: Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 17-05-2021 Executado por Robson (18-05-2021 19:44:33) Run:1 Executando a partir de C:\Users\Robson\Desktop Perfis Carregados: Robson Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** CloseProcesses: GroupPolicy: Restrição ? <==== ATENÇÃO Policies: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO HKU\S-1-5-21-3420095182-3288103807-331900730-1001\...\MountPoints2: {ccebac3a-14f7-11eb-82a8-707781fefb2c} - "E:\autorun.exe" HKU\S-1-5-21-3420095182-3288103807-331900730-1001\...\MountPoints2: {ccebac6b-14f7-11eb-82a8-707781fefb2c} - "F:\autorun.exe" Task: {3FFBC4F8-90E4-4EA9-97BA-2B699C177C97} - \PCDEventLauncherTask -> Nenhum Arquivo <==== ATENÇÃO Task: {4077F1FA-904D-4B0C-9D5E-42F86BD0207C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO Task: {430EC537-7FBF-4E50-9D97-44D072EC165F} - System32\Tasks\Rerun Warsaw's CoreFixer => C:\WINDOWS\TEMP\is-84NR2.tmp\corefixer.exe <==== ATENÇÃO Task: {5FFBB97D-C547-4839-93C3-EB909C69DD39} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO Task: {6BF32412-AAE7-40A7-AB20-88FFB4B310FF} - System32\Tasks\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 => C:\Windows\TEMP\DeleteFolderTask.exe <==== ATENÇÃO Task: {06AB26C2-A59D-4BC0-AD3B-7EE9832A88F7} - \SystemToolsDailyTest -> Nenhum Arquivo <==== ATENÇÃO Task: {A31277B3-FD24-48A3-91EF-A9D6A25B5E10} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {C7EA19F1-5CF4-43DF-9A1B-DD38DCA929D8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO Task: {C9851E9D-6DB4-4AB4-BA08-346ADBE18A23} - \PCDoctorBackgroundMonitorTask -> Nenhum Arquivo <==== ATENÇÃO Task: {E97E8CE1-F358-4E03-80A2-237D0F7FD9BE} - \Microsoft\Windows\Setup\gwx\runappraiser -> Nenhum Arquivo <==== ATENÇÃO FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-01-28] <==== ATENÇÃO (Aponta para arquivo *.cfg) FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-01-28] <==== ATENÇÃO ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Nenhum Arquivo ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo AlternateDataStreams: C:\ProgramData:YXVtLmh6aQ [11218] AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410] AlternateDataStreams: C:\Users\All Users:YXVtLmh6aQ [11218] AlternateDataStreams: C:\Users\Todos os Usuários:YXVtLmh6aQ [11218] AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:YXVtLmh6aQ [11218] SearchScopes: HKU\S-1-5-21-3420095182-3288103807-331900730-1001 -> DefaultScope {D221009F-5261-4843-8A59-38A119204017} URL = SearchScopes: HKU\S-1-5-21-3420095182-3288103807-331900730-1001 -> {D221009F-5261-4843-8A59-38A119204017} URL = Toolbar: HKU\S-1-5-21-3420095182-3288103807-331900730-1001 -> Sem Nome - {C500C267-63BF-451F-8797-4D720C9A2ED9} - Nenhum Arquivo Toolbar: HKU\S-1-5-21-3420095182-3288103807-331900730-1001 -> Sem Nome - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - Nenhum Arquivo Toolbar: HKU\S-1-5-21-3420095182-3288103807-331900730-1001 -> Sem Nome - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Nenhum Arquivo FirewallRules: [{D52C824B-D55E-4AEF-8217-B0A9C4B6892B}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiProxy.exe => Nenhum Arquivo FirewallRules: [{DDDE576B-24B1-44CF-AD1C-D1F028A8AA2A}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiWad.exe => Nenhum Arquivo FirewallRules: [{7D70959D-E2BD-48E4-A654-CF915C083BAF}] => (Allow) C:\Users\Robson\AppData\Roaming\Zoom\bin\airhost.exe => Nenhum Arquivo FirewallRules: [{BCEF7AE4-8F98-49C6-9CAD-9937F95EDB31}] => (Allow) C:\Users\Robson\AppData\Roaming\Zoom\bin\airhost.exe => Nenhum Arquivo StartPowershell: sfc /scannow DISM /Online /Cleanup-image /Restorehealth EndPowershell: CreateRestorePoint: RemoveProxy: EmptyTemp: Reboot: Hosts: ***************** Processos fechados com sucesso. C:\WINDOWS\system32\GroupPolicy\Machine => movido com sucesso C:\WINDOWS\system32\GroupPolicy\GPT.ini => movido com sucesso C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => movido com sucesso C:\ProgramData\NTUSER.pol => movido com sucesso HKLM\SOFTWARE\Policies\Google => removido (a) com sucesso. HKU\S-1-5-21-3420095182-3288103807-331900730-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ccebac3a-14f7-11eb-82a8-707781fefb2c} => removido (a) com sucesso. HKU\S-1-5-21-3420095182-3288103807-331900730-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ccebac6b-14f7-11eb-82a8-707781fefb2c} => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3FFBC4F8-90E4-4EA9-97BA-2B699C177C97}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3FFBC4F8-90E4-4EA9-97BA-2B699C177C97}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDEventLauncherTask" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4077F1FA-904D-4B0C-9D5E-42F86BD0207C}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4077F1FA-904D-4B0C-9D5E-42F86BD0207C}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{430EC537-7FBF-4E50-9D97-44D072EC165F}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{430EC537-7FBF-4E50-9D97-44D072EC165F}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Rerun Warsaw's CoreFixer => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Rerun Warsaw's CoreFixer" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FFBB97D-C547-4839-93C3-EB909C69DD39}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FFBB97D-C547-4839-93C3-EB909C69DD39}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6BF32412-AAE7-40A7-AB20-88FFB4B310FF}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BF32412-AAE7-40A7-AB20-88FFB4B310FF}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{06AB26C2-A59D-4BC0-AD3B-7EE9832A88F7}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06AB26C2-A59D-4BC0-AD3B-7EE9832A88F7}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SystemToolsDailyTest" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A31277B3-FD24-48A3-91EF-A9D6A25B5E10}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A31277B3-FD24-48A3-91EF-A9D6A25B5E10}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C7EA19F1-5CF4-43DF-9A1B-DD38DCA929D8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7EA19F1-5CF4-43DF-9A1B-DD38DCA929D8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C9851E9D-6DB4-4AB4-BA08-346ADBE18A23}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9851E9D-6DB4-4AB4-BA08-346ADBE18A23}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDoctorBackgroundMonitorTask" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E97E8CE1-F358-4E03-80A2-237D0F7FD9BE}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E97E8CE1-F358-4E03-80A2-237D0F7FD9BE}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\runappraiser" => removido (a) com sucesso. C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js => movido com sucesso C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg => movido com sucesso HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removido (a) com sucesso. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removido (a) com sucesso. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removido (a) com sucesso. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removido (a) com sucesso. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removido (a) com sucesso. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removido (a) com sucesso. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removido (a) com sucesso. HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removido (a) com sucesso. HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removido (a) com sucesso. HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removido (a) com sucesso. HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removido (a) com sucesso. HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removido (a) com sucesso. HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removido (a) com sucesso. HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removido (a) com sucesso. HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removido (a) com sucesso. C:\ProgramData => ":YXVtLmh6aQ" ADS removido (a) com sucesso. C:\WINDOWS\system32\Drivers\wsddfac.sys => ":X5ZN8aGXs4" ADS removido (a) com sucesso. "C:\Users\All Users" => ":YXVtLmh6aQ" ADS não encontrado (a). "C:\Users\Todos os Usuários" => ":YXVtLmh6aQ" ADS não encontrado (a). "C:\ProgramData\Dados de Aplicativos" => ":YXVtLmh6aQ" ADS não encontrado (a). "HKU\S-1-5-21-3420095182-3288103807-331900730-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removido (a) com sucesso. HKU\S-1-5-21-3420095182-3288103807-331900730-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D221009F-5261-4843-8A59-38A119204017} => removido (a) com sucesso. "HKU\S-1-5-21-3420095182-3288103807-331900730-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C500C267-63BF-451F-8797-4D720C9A2ED9}" => removido (a) com sucesso. "HKU\S-1-5-21-3420095182-3288103807-331900730-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF293C5A-9F37-49FD-91C4-2B867063FC54}" => removido (a) com sucesso. "HKU\S-1-5-21-3420095182-3288103807-331900730-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => removido (a) com sucesso. "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D52C824B-D55E-4AEF-8217-B0A9C4B6892B}" => removido (a) com sucesso. "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DDDE576B-24B1-44CF-AD1C-D1F028A8AA2A}" => removido (a) com sucesso. "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7D70959D-E2BD-48E4-A654-CF915C083BAF}" => removido (a) com sucesso. "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BCEF7AE4-8F98-49C6-9CAD-9937F95EDB31}" => removido (a) com sucesso. ========= Powershell: ========= I n i c i a n d o v e r i f i c a þ Ò o d e a r q u i v o s . O p r o c e s s o l e v a r ß a l g u n s m i n u t o s p a r a s e r c o n c l u Ý d o . I n i c i a n d o f a s e d e v e r i f i c a þ Ò o d e v e r i f i c a þ Ò o d o s i s t e m a . V e r i f i c a þ Ò o 0 % c o n c l u Ý d a . V e r i f i c a þ Ò o 1 % c o n c l u Ý d a . V e r i f i c a þ Ò o 1 % c o n c l u Ý d a . V e r i f i c a þ Ò o 2 % c o n c l u Ý d a . V e r i f i c a þ Ò o 3 % c o n c l u Ý d a . V e r i f i c a þ Ò o 3 % c o n c l u Ý d a . V e r i f i c a þ Ò o 4 % c o n c l u Ý d a . V e r i f i c a þ Ò o 5 % c o n c l u Ý d a . V e r i f i c a þ Ò o 5 % c o n c l u Ý d a . V e r i f i c a þ Ò o 6 % c o n c l u Ý d a . V e r i f i c a þ Ò o 7 % c o n c l u Ý d a . V e r i f i c a þ Ò o 7 % c o n c l u Ý d a . V e r i f i c a þ Ò o 8 % c o n c l u Ý d a . V e r i f i c a þ Ò o 9 % c o n c l u Ý d a . V e r i f i c a þ Ò o 9 % c o n c l u Ý d a . V e r i f i c a þ Ò o 1 0 % c o n c l u Ý d a . V e r i f i c a þ Ò o 1 1 % c o n c l u Ý d a . V e r i f i c a þ Ò o 1 1 % c o n c l u Ý d a . V e r i f i c a þ Ò o 1 2 % c o n c l u Ý d a . V e r i f i c a þ Ò o 1 2 % c o n c l u Ý d a . V e r i f i c a þ Ò o 1 3 % c o n c l u Ý d a . V e r i f i c a þ Ò o 1 4 % c o n c l u Ý d a . V e r i f i c a þ Ò o 1 4 % c o n c l u Ý d a . V e r i f i c a þ Ò o 1 5 % c o n c l u Ý d a . V e r i f i c a þ Ò o 1 6 % c o n c l u Ý d a . V e r i f i c a þ Ò o 1 6 % c o n c l u Ý d a . V e r i f i c a þ Ò o 1 7 % c o n c l u Ý d a . V e r i f i c a þ Ò o 1 8 % c o n c l u Ý d a . V e r i f i c a þ Ò o 1 8 % c o n c l u Ý d a . V e r i f i c a þ Ò o 1 9 % c o n c l u Ý d a . V e r i f i c a þ Ò o 2 0 % c o n c l u Ý d a . V e r i f i c a þ Ò o 2 0 % c o n c l u Ý d a . V e r i f i c a þ Ò o 2 1 % c o n c l u Ý d a . V e r i f i c a þ Ò o 2 2 % c o n c l u Ý d a . V e r i f i c a þ Ò o 2 2 % c o n c l u Ý d a . V e r i f i c a þ Ò o 2 3 % c o n c l u Ý d a . V e r i f i c a þ Ò o 2 3 % c o n c l u Ý d a . V e r i f i c a þ Ò o 2 4 % c o n c l u Ý d a . V e r i f i c a þ Ò o 2 5 % c o n c l u Ý d a . V e r i f i c a þ Ò o 2 5 % c o n c l u Ý d a . V e r i f i c a þ Ò o 2 6 % c o n c l u Ý d a . V e r i f i c a þ Ò o 2 7 % c o n c l u Ý d a . V e r i f i c a þ Ò o 2 7 % c o n c l u Ý d a . V e r i f i c a þ Ò o 2 8 % c o n c l u Ý d a . V e r i f i c a þ Ò o 2 9 % c o n c l u Ý d a . V e r i f i c a þ Ò o 2 9 % c o n c l u Ý d a . V e r i f i c a þ Ò o 3 0 % c o n c l u Ý d a . V e r i f i c a þ Ò o 3 1 % c o n c l u Ý d a . V e r i f i c a þ Ò o 3 1 % c o n c l u Ý d a . V e r i f i c a þ Ò o 3 2 % c o n c l u Ý d a . V e r i f i c a þ Ò o 3 3 % c o n c l u Ý d a . V e r i f i c a þ Ò o 3 3 % c o n c l u Ý d a . V e r i f i c a þ Ò o 3 4 % c o n c l u Ý d a . V e r i f i c a þ Ò o 3 5 % c o n c l u Ý d a . V e r i f i c a þ Ò o 3 5 % c o n c l u Ý d a . V e r i f i c a þ Ò o 3 6 % c o n c l u Ý d a . V e r i f i c a þ Ò o 3 6 % c o n c l u Ý d a . V e r i f i c a þ Ò o 3 7 % c o n c l u Ý d a . V e r i f i c a þ Ò o 3 8 % c o n c l u Ý d a . V e r i f i c a þ Ò o 3 8 % c o n c l u Ý d a . V e r i f i c a þ Ò o 3 9 % c o n c l u Ý d a . V e r i f i c a þ Ò o 4 0 % c o n c l u Ý d a . V e r i f i c a þ Ò o 4 0 % c o n c l u Ý d a . V e r i f i c a þ Ò o 4 1 % c o n c l u Ý d a . V e r i f i c a þ Ò o 4 2 % c o n c l u Ý d a . V e r i f i c a þ Ò o 4 2 % c o n c l u Ý d a . V e r i f i c a þ Ò o 4 3 % c o n c l u Ý d a . V e r i f i c a þ Ò o 4 4 % c o n c l u Ý d a . V e r i f i c a þ Ò o 4 4 % c o n c l u Ý d a . V e r i f i c a þ Ò o 4 5 % c o n c l u Ý d a . V e r i f i c a þ Ò o 4 6 % c o n c l u Ý d a . V e r i f i c a þ Ò o 4 6 % c o n c l u Ý d a . V e r i f i c a þ Ò o 4 7 % c o n c l u Ý d a . V e r i f i c a þ Ò o 4 7 % c o n c l u Ý d a . V e r i f i c a þ Ò o 4 8 % c o n c l u Ý d a . V e r i f i c a þ Ò o 4 9 % c o n c l u Ý d a . V e r i f i c a þ Ò o 4 9 % c o n c l u Ý d a . V e r i f i c a þ Ò o 5 0 % c o n c l u Ý d a . V e r i f i c a þ Ò o 5 1 % c o n c l u Ý d a . V e r i f i c a þ Ò o 5 1 % c o n c l u Ý d a . V e r i f i c a þ Ò o 5 2 % c o n c l u Ý d a . V e r i f i c a þ Ò o 5 3 % c o n c l u Ý d a . V e r i f i c a þ Ò o 5 3 % c o n c l u Ý d a . V e r i f i c a þ Ò o 5 4 % c o n c l u Ý d a . V e r i f i c a þ Ò o 5 5 % c o n c l u Ý d a . V e r i f i c a þ Ò o 5 5 % c o n c l u Ý d a . V e r i f i c a þ Ò o 5 6 % c o n c l u Ý d a . V e r i f i c a þ Ò o 5 7 % c o n c l u Ý d a . V e r i f i c a þ Ò o 5 7 % c o n c l u Ý d a . V e r i f i c a þ Ò o 5 8 % c o n c l u Ý d a . V e r i f i c a þ Ò o 5 8 % c o n c l u Ý d a . V e r i f i c a þ Ò o 5 9 % c o n c l u Ý d a . V e r i f i c a þ Ò o 6 0 % c o n c l u Ý d a . V e r i f i c a þ Ò o 6 0 % c o n c l u Ý d a . V e r i f i c a þ Ò o 6 1 % c o n c l u Ý d a . V e r i f i c a þ Ò o 6 2 % c o n c l u Ý d a . V e r i f i c a þ Ò o 6 2 % c o n c l u Ý d a . V e r i f i c a þ Ò o 6 3 % c o n c l u Ý d a . V e r i f i c a þ Ò o 6 4 % c o n c l u Ý d a . V e r i f i c a þ Ò o 6 4 % c o n c l u Ý d a . V e r i f i c a þ Ò o 6 5 % c o n c l u Ý d a . V e r i f i c a þ Ò o 6 6 % c o n c l u Ý d a . V e r i f i c a þ Ò o 6 6 % c o n c l u Ý d a . V e r i f i c a þ Ò o 6 7 % c o n c l u Ý d a . V e r i f i c a þ Ò o 6 8 % c o n c l u Ý d a . V e r i f i c a þ Ò o 6 8 % c o n c l u Ý d a . V e r i f i c a þ Ò o 6 9 % c o n c l u Ý d a . V e r i f i c a þ Ò o 7 0 % c o n c l u Ý d a . V e r i f i c a þ Ò o 7 0 % c o n c l u Ý d a . V e r i f i c a þ Ò o 7 1 % c o n c l u Ý d a . V e r i f i c a þ Ò o 7 1 % c o n c l u Ý d a . V e r i f i c a þ Ò o 7 2 % c o n c l u Ý d a . V e r i f i c a þ Ò o 7 3 % c o n c l u Ý d a . V e r i f i c a þ Ò o 7 3 % c o n c l u Ý d a . V e r i f i c a þ Ò o 7 4 % c o n c l u Ý d a . V e r i f i c a þ Ò o 7 5 % c o n c l u Ý d a . V e r i f i c a þ Ò o 7 5 % c o n c l u Ý d a . V e r i f i c a þ Ò o 7 6 % c o n c l u Ý d a . V e r i f i c a þ Ò o 7 7 % c o n c l u Ý d a . V e r i f i c a þ Ò o 7 7 % c o n c l u Ý d a . V e r i f i c a þ Ò o 7 8 % c o n c l u Ý d a . V e r i f i c a þ Ò o 7 9 % c o n c l u Ý d a . V e r i f i c a þ Ò o 7 9 % c o n c l u Ý d a . V e r i f i c a þ Ò o 8 0 % c o n c l u Ý d a . V e r i f i c a þ Ò o 8 1 % c o n c l u Ý d a . V e r i f i c a þ Ò o 8 1 % c o n c l u Ý d a . V e r i f i c a þ Ò o 8 2 % c o n c l u Ý d a . V e r i f i c a þ Ò o 8 2 % c o n c l u Ý d a . V e r i f i c a þ Ò o 8 3 % c o n c l u Ý d a . V e r i f i c a þ Ò o 8 4 % c o n c l u Ý d a . V e r i f i c a þ Ò o 8 4 % c o n c l u Ý d a . V e r i f i c a þ Ò o 8 5 % c o n c l u Ý d a . V e r i f i c a þ Ò o 8 6 % c o n c l u Ý d a . V e r i f i c a þ Ò o 8 6 % c o n c l u Ý d a . V e r i f i c a þ Ò o 8 7 % c o n c l u Ý d a . V e r i f i c a þ Ò o 8 8 % c o n c l u Ý d a . V e r i f i c a þ Ò o 8 8 % c o n c l u Ý d a . V e r i f i c a þ Ò o 8 9 % c o n c l u Ý d a . V e r i f i c a þ Ò o 9 0 % c o n c l u Ý d a . V e r i f i c a þ Ò o 9 0 % c o n c l u Ý d a . V e r i f i c a þ Ò o 9 1 % c o n c l u Ý d a . V e r i f i c a þ Ò o 9 2 % c o n c l u Ý d a . V e r i f i c a þ Ò o 9 2 % c o n c l u Ý d a . V e r i f i c a þ Ò o 9 3 % c o n c l u Ý d a . V e r i f i c a þ Ò o 9 4 % c o n c l u Ý d a . V e r i f i c a þ Ò o 9 4 % c o n c l u Ý d a . V e r i f i c a þ Ò o 9 5 % c o n c l u Ý d a . V e r i f i c a þ Ò o 9 5 % c o n c l u Ý d a . V e r i f i c a þ Ò o 9 6 % c o n c l u Ý d a . V e r i f i c a þ Ò o 9 7 % c o n c l u Ý d a . V e r i f i c a þ Ò o 9 7 % c o n c l u Ý d a . V e r i f i c a þ Ò o 9 8 % c o n c l u Ý d a . V e r i f i c a þ Ò o 9 9 % c o n c l u Ý d a . V e r i f i c a þ Ò o 9 9 % c o n c l u Ý d a . V e r i f i c a þ Ò o 1 0 0 % c o n c l u Ý d a . A P r o t e þ Ò o d e R e c u r s o s d o W i n d o w s n Ò o e n c o n t r o u n e n h u m a v i o l a þ Ò o d e i n t e g r i d a d e . Ferramenta de Gerenciamento e Manutenção de Imagens de Implantação Versão: 10.0.19041.844 Versão da Imagem: 10.0.19042.985 [== 3.8% ] [== 4.2% ] [== 4.5% ] [== 4.8% ] [== 5.0% ] [=== 5.3% ] [=== 5.6% ] [=== 6.0% ] [=== 6.4% ] [=== 6.7% ] [==== 7.1% ] [==== 7.4% ] [==== 7.8% ] [==== 8.1% ] [===== 8.7% ] [===== 8.8% ] [===== 9.1% ] [===== 9.7% ] [====== 10.4% ] [====== 10.6% ] [====== 10.8% ] [====== 11.0% ] [====== 11.4% ] [====== 11.6% ] [====== 11.7% ] [====== 11.8% ] [======= 12.2% ] [======= 12.5% ] [======= 12.7% ] [======= 12.9% ] [======= 13.1% ] [======= 13.7% ] [======== 14.7% ] [========= 15.7% ] [========= 16.3% ] [========= 17.0% ] [========== 17.4% ] [========== 18.0% ] [========== 18.5% ] [=========== 19.0% ] [=========== 19.6% ] [=========== 20.4% ] [============ 21.0% ] [============ 21.3% ] [============ 21.7% ] [============ 21.9% ] [============ 22.1% ] [============= 22.5% ] [============= 22.9% ] [============= 23.1% ] [============= 23.3% ] [============= 23.4% ] [============= 23.5% ] [============= 23.5% ] [============= 23.6% ] [============= 23.7% ] [============= 24.1% ] [============== 24.2% ] [============== 24.5% ] [============== 24.7% ] [============== 25.1% ] [============== 25.4% ] [=============== 25.9% ] [=============== 26.3% ] [=============== 26.5% ] [=============== 26.9% ] [=============== 27.2% ] [=============== 27.5% ] [================ 27.9% ] [================ 28.2% ] [================ 28.5% ] [================ 28.7% ] [================ 29.0% ] [================ 29.2% ] [================= 29.4% ] [================= 29.7% ] [================= 29.9% ] [================= 30.1% ] [================= 30.3% ] [================= 30.4% ] [================= 30.6% ] [================= 30.8% ] [================== 31.1% ] [================== 31.2% ] [================== 31.3% ] [================== 31.6% ] [================== 31.8% ] [================== 32.1% ] [================== 32.2% ] [================== 32.4% ] [================== 32.8% ] [=================== 33.1% ] [=================== 33.1% ] [=================== 33.3% ] [=================== 33.4% ] [=================== 33.5% ] [=================== 33.7% ] [=================== 34.2% ] [==================== 34.5% ] [==================== 34.7% ] [==================== 34.9% ] [==================== 35.5% ] [==================== 35.8% ] [==================== 36.1% ] [===================== 36.5% ] [===================== 36.8% ] [===================== 36.9% ] [===================== 37.0% ] [===================== 37.1% ] [===================== 37.1% ] [===================== 37.1% ] [===================== 37.2% ] [===================== 37.3% ] [===================== 37.3% ] [===================== 37.4% ] [===================== 37.4% ] [===================== 37.4% ] [===================== 37.6% ] [===================== 37.7% ] [===================== 37.8% ] [===================== 37.8% ] [====================== 38.0% ] [====================== 38.0% ] [====================== 38.1% ] [====================== 38.2% ] [====================== 38.3% ] [====================== 38.4% ] [====================== 38.6% ] [====================== 38.6% ] [====================== 38.7% ] [====================== 38.8% ] [====================== 38.8% ] [====================== 38.9% ] [====================== 38.9% ] [====================== 39.0% ] [====================== 39.1% ] [====================== 39.1% ] [====================== 39.2% ] [====================== 39.2% ] [====================== 39.4% ] [====================== 39.5% ] [====================== 39.5% ] [======================= 39.7% ] [======================= 39.8% ] [======================= 40.0% ] [======================= 40.0% ] [======================= 40.2% ] [======================= 40.3% ] [======================= 40.4% ] [======================= 40.5% ] [======================= 40.5% ] [======================= 40.6% ] [======================= 40.8% ] [======================= 40.8% ] [======================= 40.9% ] [======================= 41.0% ] [======================= 41.1% ] [======================= 41.1% ] [======================= 41.1% ] [======================= 41.2% ] [======================= 41.4% ] [======================== 41.4% ] [======================== 41.4% ] [======================== 41.6% ] [======================== 41.7% ] [======================== 42.0% ] [======================== 42.3% ] [======================== 42.6% ] [======================== 43.0% ] [======================== 43.1% ] [========================= 43.2% ] [========================= 43.3% ] [========================= 43.4% ] [========================= 43.5% ] [========================= 43.7% ] [========================= 43.8% ] [========================= 44.0% ] [========================= 44.3% ] [========================= 44.6% ] [========================== 44.8% ] [========================== 45.0% ] [========================== 45.3% ] [========================== 45.5% ] [========================== 45.7% ] [========================== 45.9% ] [========================== 46.1% ] [========================== 46.5% ] [===========================46.9% ] [===========================46.9% ] [===========================47.5% ] [===========================47.7% ] [===========================48.2% ] [===========================48.2% ] [===========================48.6% ] [===========================49.1% ] [===========================49.4% ] [===========================50.0% ] [===========================50.7% ] [===========================51.2% ] [===========================51.4% ] [===========================51.5% ] [===========================51.8% ] [===========================51.8% ] [===========================51.8% ] [===========================51.8% ] [===========================51.8% ] [===========================51.8% ] [===========================51.9% ] [===========================51.9% ] [===========================52.0% ] [===========================52.1% ] [===========================52.1% ] [===========================52.2% ] [===========================52.2% ] [===========================52.2% ] [===========================52.2% ] [===========================52.2% ] [===========================52.2% ] [===========================52.3% ] [===========================52.3% ] [===========================52.3% ] [===========================52.4% ] [===========================52.4% ] [===========================52.4% ] [===========================52.5% ] [===========================52.5% ] [===========================52.5% ] [===========================52.5% ] [===========================52.5% ] [===========================52.5% ] [===========================52.6% ] [===========================52.7% ] [===========================52.7% ] [===========================52.7% ] [===========================52.8% ] [===========================52.8% ] [===========================52.8% ] [===========================52.8% ] [===========================52.9% ] [===========================53.0% ] [===========================53.0% ] [===========================53.1% ] [===========================53.2% ] [===========================53.2% ] [===========================53.3% ] [===========================53.4% ] [===========================53.4% ] [===========================53.4% ] [===========================53.4% ] [===========================53.5% ] [===========================53.5% ] [===========================53.6% ] [===========================53.7% ] [===========================53.7% ] [===========================53.7% ] [===========================53.7% ] [===========================53.8% ] [===========================53.8% ] [===========================53.8% ] [===========================53.9% ] [===========================53.9% ] [===========================53.9% ] [===========================54.0% ] [===========================54.0% ] [===========================54.0% ] [===========================54.0% ] [===========================54.0% ] [===========================54.0% ] [===========================54.0% ] [===========================54.1% ] [===========================54.1% ] [===========================54.1% ] [===========================54.2% ] [===========================54.2% ] [===========================54.2% ] [===========================54.3% ] [===========================54.3% ] [===========================54.3% ] [===========================54.3% ] [===========================54.3% ] [===========================54.3% ] [===========================54.4% ] [===========================54.5% ] [===========================54.5% ] [===========================54.5% ] [===========================54.6% ] [===========================54.6% ] [===========================54.6% ] [===========================54.6% ] [===========================54.8% ] [===========================54.9% ] [===========================54.9% ] [===========================54.9% ] [===========================55.0% ] [===========================55.0% ] [===========================55.1% ] [===========================55.1% ] [===========================55.2% ] [===========================55.2% ] [===========================55.2% ] [===========================55.2% ] [===========================55.2% ] [===========================55.2% ] [===========================55.3% ] [===========================55.3% ] [===========================55.3% ] [===========================55.4% ] [===========================55.5% ] [===========================55.5% ] [===========================55.5% ] [===========================55.5% ] [===========================55.6% ] [===========================55.6% ] [===========================55.7% ] [===========================55.7% ] [===========================55.7% ] [===========================55.8% ] [===========================55.8% ] [===========================56.2% ] [===========================56.4% ] [===========================56.7% ] [===========================56.8% ] [===========================56.8% ] [===========================56.8% ] [===========================56.8% ] [===========================56.9%= ] [===========================56.9%= ] [===========================57.0%= ] [===========================57.1%= ] [===========================57.1%= ] [===========================57.5%= ] [===========================57.7%= ] [===========================58.7%== ] [===========================59.5%== ] [===========================59.5%== ] [===========================60.0%== ] [===========================60.1%== ] [===========================62.3%==== ] [===========================84.9%================= ] [==========================100.0%==========================] Operação de restauração concluída com êxito. A operação foi concluída com êxito. ========= Fim de Powershell: ========= Ponto de Restauração criado com sucesso. ========= RemoveProxy: ========= "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso. "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso. "HKU\S-1-5-21-3420095182-3288103807-331900730-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso. "HKU\S-1-5-21-3420095182-3288103807-331900730-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso. ========= Fim de RemoveProxy: ========= C:\Windows\System32\Drivers\etc\hosts => movido com sucesso Hosts restaurado com sucesso. =========== EmptyTemp: ========== BITS transfer queue => 10510336 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 54143913 B Java, Flash, Steam htmlcache => 1170 B Windows/system/drivers => 20908204 B Edge => 21010 B Chrome => 1156443513 B Firefox => 136600564 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 22642 B NetworkService => 22642 B Robson => 75044324 B RecycleBin => 0 B EmptyTemp: => 1.4 GB de dados temporários Removidos. ================================ O sistema precisou ser reiniciado. ==== Fim de Fixlog 20:22:14 ====- 7 replies
-
- hotkey listener
- reinicialização
-
(and 1 more)
Tagged with:
-
[Resolvido] Atividades Suspeitas ao Reiniciar o PC
moicanofacul replied to moicanofacul's topic in Tópicos Resolvidos (Seguranca & Malwares)
Bom dia, DigRam! Seguem os links dos relatórios: FRST: https://www.cjoint.com/c/KEsoZ3BhyuV Addition: https://www.cjoint.com/c/KEso0NuQGHV Cordialmente,- 7 replies
-
- hotkey listener
- reinicialização
-
(and 1 more)
Tagged with:
-
[Resolvido] Atividades Suspeitas ao Reiniciar o PC
moicanofacul posted a topic in Tópicos Resolvidos (Seguranca & Malwares)
Olá, pessoas! Como vão? Espero que todos bem! Nas duas últimas semanas, tenho notado alguns comportamentos estranhos no meu computador: - Às vezes ocorre de alguns mini-travamentos. Não chega a travar de fato, mas você percebe o 'engasgo' no movimento do mouse e a lentidão para executar algumas tarefas; - Para resolver, eu reinicio o pc, daí o Windows tem dificuldade para encerrar por conta de um tal de "Hotkey Listener" e outro aplicativo que ainda não consegui ver o nome, pois esse encerra logo quando notificado, enquanto que o "Hotkey Listener" demora para encerrar; - Quando o pc inicia novamente, abre sozinho o Power Point. Numa pesquisa rápida, vi que o HotKey pode estar acobertando malwares ou cavalos de troia. Como meu conhecimento digital só vai até aqui, venho novamente solicitar a ajuda de vocês para verificar se está tudo ok com meu pc e resolver os casos relatados. A seguir envio relatório do HijackThis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:01:01, on 11/05/2021 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.19041.0001) Boot mode: Normal Running processes: C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\Dropbox\Client\121.4.4267\QtWebEngineProcess.exe C:\Program Files (x86)\Dropbox\Client\121.4.4267\QtWebEngineProcess.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Microsoft Office 15\Root\Office15\POWERPNT.EXE C:\WINDOWS\SysWOW64\DllHost.exe C:\Users\Robson\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit= O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.56\BHO\ie_to_edge_bho.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: aapj.bb.com.br O15 - Trusted Zone: seg.bb.com.br O15 - Trusted Zone: www.bb.com.br O15 - Trusted Zone: cloud.gastecnologia.com.br O17 - HKLM\System\CCS\Services\Tcpip\..\{08cf89ec-af83-48f2-82f7-d89fd7cacecb}: NameServer = 10.1.4.54,10.1.4.217 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = sefaz.net O17 - HKLM\System\CS1\Services\Tcpip\..\{08cf89ec-af83-48f2-82f7-d89fd7cacecb}: NameServer = 10.1.4.54,10.1.4.217 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = sefaz.net O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Serviço do Kaspersky Anti-Virus 21.3 (AVP21.3) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing) O23 - Service: CredentialEnrollmentManagerUserSvc_72e3d - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing) O23 - Service: Serviço Atualização do Dropbox (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe O23 - Service: Serviço Atualização do Dropbox (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing) O23 - Service: Dell Customer Connect - Dell Inc. - C:\Program Files (x86)\Dell Customer Connect\DCCService.exe O23 - Service: Dell Digital Delivery Services - Unknown owner - C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe O23 - Service: Dell Client Management Service (DellClientManagementService) - Unknown owner - C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe O23 - Service: Dell Product Registration Manager (DellProdRegManager) - Aviata, Inc. - C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: FortiClient Service Scheduler (FA_Scheduler) - Fortinet Inc. - C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.93\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Kaspersky Volume Shadow Copy Service Bridge 21.3 (klvssbridge64_21.3) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\vssbridge64.exe O23 - Service: Kaspersky Password Manager Service (kpm_launch_service) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe O23 - Service: Serviço do Kaspersky VPN Secure Connection 5.2 (KSDE5.2) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksde.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - CyberLink - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Componente de Segurança Bradesco (scpbradserv) - Scopus Soluções em TI Ltda - C:\Program Files (x86)\scpbrad\scpbradserv.exe O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing) O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: Warsaw Technology - Diebold Nixdorf - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13460 bytes Durante a execução do HijackThis, surgiu uma mensagem de erro que envio em anexo.- 7 replies
-
- hotkey listener
- reinicialização
-
(and 1 more)
Tagged with:
-
Olá, pessoas! Como vão? Espero que todos bem! Nas duas últimas semanas, tenho notado alguns comportamentos estranhos no meu computador: - Às vezes ocorre de alguns mini-travamentos. Não chega a travar de fato, mas você percebe o 'engasgo' no movimento do mouse e a lentidão para executar algumas tarefas; - Para resolver, eu reinicio o pc, daí o Windows tem dificuldade para encerrar por conta de um tal de "Hotkey Listener" e outro aplicativo que ainda não consegui ver o nome, pois esse encerra logo quando notificado, enquanto que o "Hotkey Listener" demora para encerrar; - Quando o pc inicia novamente, abre sozinho o Power Point. Numa pesquisa rápida, vi que o HotKey pode estar acobertando malwares ou cavalos de troia. Como meu conhecimento digital só vai até aqui, venho novamente solicitar a ajuda de vocês para verificar se está tudo ok com meu pc e resolver os casos relatados. A seguir envio relatório do HijackThis, caso seja útil para o meu caso: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:15:39, on 29/04/2021 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.19041.0001) Boot mode: Normal Running processes: C:\Program Files (x86)\Fortinet\FortiClient\FortiTray.exe C:\Program Files (x86)\scpbrad\scpbradguard.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Dropbox\Client\121.4.4267\QtWebEngineProcess.exe C:\Program Files (x86)\Dropbox\Client\121.4.4267\QtWebEngineProcess.exe C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE C:\Users\Robson\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit= O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.49\BHO\ie_to_edge_bho.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO DE REDE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: aapj.bb.com.br O15 - Trusted Zone: seg.bb.com.br O15 - Trusted Zone: www.bb.com.br O15 - Trusted Zone: cloud.gastecnologia.com.br O17 - HKLM\System\CCS\Services\Tcpip\..\{08cf89ec-af83-48f2-82f7-d89fd7cacecb}: NameServer = 10.1.4.54,10.1.4.217 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = sefaz.net O17 - HKLM\System\CS1\Services\Tcpip\..\{08cf89ec-af83-48f2-82f7-d89fd7cacecb}: NameServer = 10.1.4.54,10.1.4.217 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = sefaz.net O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Serviço do Kaspersky Anti-Virus 21.3 (AVP21.3) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing) O23 - Service: CredentialEnrollmentManagerUserSvc_8ac4b - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing) O23 - Service: Serviço Atualização do Dropbox (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe O23 - Service: Serviço Atualização do Dropbox (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing) O23 - Service: Dell Customer Connect - Dell Inc. - C:\Program Files (x86)\Dell Customer Connect\DCCService.exe O23 - Service: Dell Digital Delivery Services - Unknown owner - C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe O23 - Service: Dell Client Management Service (DellClientManagementService) - Unknown owner - C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe O23 - Service: Dell Product Registration Manager (DellProdRegManager) - Aviata, Inc. - C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: FortiClient Service Scheduler (FA_Scheduler) - Fortinet Inc. - C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.93\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Kaspersky Volume Shadow Copy Service Bridge 21.3 (klvssbridge64_21.3) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\vssbridge64.exe O23 - Service: Kaspersky Password Manager Service (kpm_launch_service) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe O23 - Service: Serviço do Kaspersky VPN Secure Connection 5.2 (KSDE5.2) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksde.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - CyberLink - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Componente de Segurança Bradesco (scpbradserv) - Scopus Soluções em TI Ltda - C:\Program Files (x86)\scpbrad\scpbradserv.exe O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing) O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: Warsaw Technology - Diebold Nixdorf - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13832 bytes
-
- hotkey listener
- reinicialização
-
(and 1 more)
Tagged with: