Ir para conteúdo

Pesquisar na Comunidade

Mostrando resultados para as tags ''usbfix''.

  • Pesquisar por Tags

    Digite tags separadas por vírgulas

  • Pesquisar por Autor

Tipo de Conteúdo


Todas as áreas do Fórum

  • Q&A Desenvolvimento
    • Perguntas e respostas rápidas
  • Desenvolvimento Web
    • Desenvolvimento frontend
    • Javascript
    • PHP
    • Ruby
    • Python
    • Java
    • .NET
    • Docker, Kubernets e outros ambientes
    • Desenvolvimento com Wordpress
    • Desenvolvimento de apps
    • Desenvolvimento ágil
    • Desenvolvimento de Games
    • Banco de Dados
    • Design e UX
    • Algoritmos & Outras Tecnologias
  • Entretenimento e uso pessoal
    • Segurança & Malwares
    • Geral
    • Boteco iMasters

Encontrar resultados em...

Encontrar resultados que...


Data de Criação

  • Início

    FIM

Data de Atualização

  • Início

    FIM

Filtrar pelo número de...

Data de Registro

  • Início

    FIM

Grupo

Google+

Hangouts

Skype

Twitter

deviantART

Github

Flickr

LinkedIn

Pinterest

Facebook

Site Pessoal

Localização

Interesses

Encontrado 1 registro

  1. RUY

    Arquivo Suspeito - Autorum.ini

    RUY postou um tópico no fórum Remoção de Malwares

    Foi encontrado um arquivo no modem de acesso a internet autorun.ini na unidade E: Foi feito um exame com USBfix , seguem os logs incluindo o FRST Desde de já agradeço a atenção dada FRST Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 05-06-2021 01 Executado por User (administrador) em USER-PC (Standard L41II8 anf L41II9) (05-06-2021 16:19:27) Executando a partir de C:\Users\User\Desktop Perfis Carregados: User Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Idioma: Português (Brasil) Navegador padrão: IE Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Optimizer Host\Avira.OptimizerHost.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Security\Avira.Spotlight.Service.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\VPN\Avira.VpnService.exe (Google Inc -> Google Inc.) C:\Program Files\Google\Update\GoogleUpdate.exe <2> (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <10> (Google LLC -> Google LLC) C:\Program Files\Google\Update\Install\{0EE6530F-1A84-4413-AA98-D1643A0EE2AD}\91.0.4472.77_90.0.4430.212_chrome_updater.exe (Google LLC -> Google LLC) C:\Program Files\Google\Update\Install\{0EE6530F-1A84-4413-AA98-D1643A0EE2AD}\CR_979D9.tmp\setup.exe <2> (Google LLC -> Google) C:\Users\User\AppData\Local\Google\Chrome\User Data\SwReporter\90.262.200\software_reporter_tool.exe <4> (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe (MEDIATEK INC. -> Mediatek Inc.) [Arquivo não assinado] C:\Program Files\MediatekWiFi\Common\RaUI.exe (MEDIATEK INC. -> Mediatek Inc.) C:\Program Files\MediatekWiFi\Common\RaRegistry.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\lpksetup.exe (SOSVIRUS (LE BOZEC CEDRIC, DOMINIQUE, MARIE) -> ) C:\Program Files\UsbFix\Modules\UsbFixMonitor.exe (SOSVIRUS (LE BOZEC CEDRIC, DOMINIQUE, MARIE) -> ) C:\Program Files\UsbFix\UsbFix.exe <4> (ZTE CORPORATION -> ) C:\Program Files\Claro 3G\CMUpdater.exe (ZTE CORPORATION -> ) C:\Program Files\Claro 3G\UIMain.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [706192 2021-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) HKLM\...\Run: [] => [X] HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\RunOnce: [] => [X] HKU\S-1-5-21-2968044519-3865384213-3263409630-1000\...\MountPoints2: {0d6e9a60-3668-11ea-9d2d-00030d6d7281} - E:\Windows/AutoRun.exe HKU\S-1-5-21-2968044519-3865384213-3263409630-1000\...\MountPoints2: {4e4d4976-a443-11eb-baec-00030d6d7281} - E:\Windows/AutoRun.exe HKU\S-1-5-21-2968044519-3865384213-3263409630-1006\...\MountPoints2: {0d6e9a60-3668-11ea-9d2d-00030d6d7281} - E:\Windows/AutoRun.exe HKU\S-1-5-21-2968044519-3865384213-3263409630-1007\...\Run: [] => [X] HKU\S-1-5-21-2968044519-3865384213-3263409630-1007\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6490904 2015-08-19] (Piriform Ltd -> Piriform Ltd) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-12] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2021-04-20] (Adobe Inc. -> Adobe Systems, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mediatek Wireless Utility.lnk [2021-06-05] ShortcutTarget: Mediatek Wireless Utility.lnk -> C:\Program Files\MediatekWiFi\Common\RaUI.exe (MEDIATEK INC. -> Mediatek Inc.) [Arquivo não assinado] ==================================================================================================================================================== FRST-Addition Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão: 05-06-2021 01 Executado por User (05-06-2021 16:24:16) Executando a partir de C:\Users\User\Desktop Microsoft Windows 7 Professional Service Pack 1 (X86) (2006-05-21 05:37:38) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-2968044519-3865384213-3263409630-500 - Administrator - Disabled) Auditorio (S-1-5-21-2968044519-3865384213-3263409630-1005 - Limited - Disabled) => C:\Users\Auditorio Aula (S-1-5-21-2968044519-3865384213-3263409630-1006 - Limited - Disabled) => C:\Users\Aula Convidado (S-1-5-21-2968044519-3865384213-3263409630-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2968044519-3865384213-3263409630-1004 - Limited - Enabled) secretaria (S-1-5-21-2968044519-3865384213-3263409630-1007 - Limited - Enabled) => C:\Users\secretaria Teste (S-1-5-21-2968044519-3865384213-3263409630-1008 - Limited - Enabled) => C:\Users\Teste User (S-1-5-21-2968044519-3865384213-3263409630-1000 - Administrator - Enabled) => C:\Users\User ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Avira Antivirus (Enabled - Up to date) {8EAC8D5C-B3AA-95AA-3DF1-2845CDD09CBE} AS: Avira Antivirus (Enabled - Up to date) {35CD6CB8-9590-9A24-0741-1337B657D603} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated) Avira (HKLM\...\{21098ed5-59e9-4203-b79e-63f3c373e022}) (Version: 1.2.155.4877 - Avira Operations GmbH & Co. KG) Hidden Avira (HKLM\...\{2CA8B2E7-B4B7-4553-83E6-448A543EA5AD}) (Version: 1.2.155.4877 - Avira Operations GmbH & Co. KG) Hidden Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.2104.2083 - Avira Operations GmbH & Co. KG) Hidden Avira Phantom VPN (HKLM\...\Avira Phantom VPN) (Version: 2.37.4.17510 - Avira Operations GmbH & Co. KG) Hidden Avira Security (HKLM\...\Avira Security_is1) (Version: 1.1.49.18598 - Avira Operations GmbH & Co. KG) Hidden Avira Security (HKLM\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG;) Avira Software Updater (HKLM\...\{5FFF909D-D88F-42B9-9A85-328A1290611C}) (Version: 2.0.6.48309 - Avira Operations GmbH & Co. KG) Hidden Avira System Speedup (HKLM\...\Avira System Speedup_is1) (Version: 6.9.0.11050 - Avira Operations GmbH & Co. KG) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform) Claro 3G (HKLM\...\{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}) (Version: 1.0.0.1 - ) D-Link DWA-131 - V5.02b04 (HKLM\...\{B7C11488-750D-4E48-A9A4-7207A335984D}) (Version: 5.00.0000 - D-Link) Google Chrome (HKLM\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC) Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation) K-Lite Mega Codec Pack 11.3.6 (HKLM\...\KLiteCodecPack_is1) (Version: 11.3.6 - ) Mediatek RT2870 Wireless LAN Card (HKLM\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.38.101 - MediatekWiFi) Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation) Microsoft .NET Framework 4.8 (Português (Brasil)) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.8.03761 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 64.0.2 (x86 pt-BR) (HKLM\...\Mozilla Firefox 64.0.2 (x86 pt-BR)) (Version: 64.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0.2.6947 - Mozilla) Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) UsbFix Anti-Malware Premium (HKLM\...\Usbfix) (Version: 11.0.3.2 - SOSVirus (SOSVirus.Net)) WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) Zoom (HKU\S-1-5-21-2968044519-3865384213-3263409630-1007\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.) ==================== Exame Personalizado CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-16] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-16] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [216064 2011-12-07] () [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw.dll [3591680 2015-02-28] (x264vfw project) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [240128 2015-06-22] () [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [112128 2015-08-03] () [Arquivo não assinado] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [122880 2012-07-21] (fccHandler) [Arquivo não assinado] ==================== Atalhos & WMI ======================== (As entradas podem ser listadas para serem restauradas ou removidas.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] ==================== Módulos Carregados (Whitelisted) ============= 2019-07-26 18:42 - 2009-05-01 11:51 - 001069056 _____ (Cisco Systems, Inc.) [Arquivo não assinado] C:\Program Files\MediatekWiFi\Common\CiscoEapFast.dll 2019-03-27 23:48 - 2019-03-27 23:48 - 000115200 _____ (Microsoft Corporation) [Arquivo não assinado] [O arquivo está em uso] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Modo de Segurança (Whitelisted) ================== ==================== Associação (Whitelisted) ================= ==================== Internet Explorer (Versão 11) (Whitelisted) ========== HKU\S-1-5-21-2968044519-3865384213-3263409630-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://login.latinamweb.com/ HKU\S-1-5-21-2968044519-3865384213-3263409630-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxps://www.msn.com/pt-br/?ocid=iehp HKU\S-1-5-21-2968044519-3865384213-3263409630-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-13 23:04 - 2009-06-10 18:39 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-2968044519-3865384213-3263409630-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-2968044519-3865384213-3263409630-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Auditorio\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-2968044519-3865384213-3263409630-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\Aula\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-2968044519-3865384213-3263409630-1007\Control Panel\Desktop\\Wallpaper -> C:\Users\secretaria\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-2968044519-3865384213-3263409630-1008\Control Panel\Desktop\\Wallpaper -> C:\Users\Teste\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.43.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Se uma entrada for incluída na fixlist, será removida.) MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{693D4740-FB12-4B3F-B7BE-F7D883014547}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{DCB374FE-8789-471F-AADB-9394FC4DBD1B}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{CE8CBC0B-07D1-4AAD-8FEF-1A9C43BAB48C}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6FD5CA16-B1BA-4B62-B9B6-3421D210FA94}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{174D11B4-5251-4D07-A15E-9C9D5876A97A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{B5697BB9-C96F-4A63-BCF5-E56E197B7BF2}] => (Allow) C:\Program Files\D-Link\DWA-131 revE\IHV\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek) FirewallRules: [{FF056310-57AF-405E-A347-F356F222EBCC}] => (Allow) C:\Program Files\D-Link\DWA-131 revE\IHV\PortableWiFi.exe (D-LINK CORPORATION -> D-Link Corp.) FirewallRules: [{6AA5A65C-C670-40D3-9138-BF20056B41F8}] => (Allow) C:\Program Files\MediatekWiFi\Common\RaMediaServer.exe (Ralink) [Arquivo não assinado] FirewallRules: [{C2E38C2D-E9C2-45F2-8F8F-76BCE370F2B9}] => (Allow) C:\Program Files\MediatekWiFi\Common\RaMediaServer.exe (Ralink) [Arquivo não assinado] FirewallRules: [{D9632D92-5854-404D-8938-6D32B0C8F19C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{6373FBFE-E103-4462-A4B5-5038ADCF9A1D}] => (Block) C:\Program Files\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) FirewallRules: [{D82718DB-BD9B-4847-9D01-BE69D3949FD2}] => (Allow) C:\Program Files\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) FirewallRules: [{0A625BEB-BC15-4D53-91D8-AD2973329779}] => (Allow) C:\Program Files\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ==================== Pontos de Restauração ========================= 28-05-2021 12:06:35 Ponto de Verificação Agendado ==================== Dispositivos Apresentando Falhas No Gerenciador ============ ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (06/05/2021 03:59:14 PM) (Source: RasClient) (EventID: 20227) (User: ) Description: CoId={C7675311-F968-4D59-B80C-F1F04910A8F1}: o usuário User-PC\User discou uma conexão de nome Banda Larga 3G que falhou. O código do erro retornado na falha é 633. Error: (06/05/2021 03:59:04 PM) (Source: RasClient) (EventID: 20227) (User: ) Description: CoId={3F1D5EB8-9F55-4145-A050-C2F1155DB138}: o usuário User-PC\User discou uma conexão de nome Banda Larga 3G que falhou. O código do erro retornado na falha é 633. Error: (06/05/2021 03:21:34 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (06/02/2021 10:38:23 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/31/2021 02:26:31 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/28/2021 01:49:46 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/28/2021 10:55:12 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/28/2021 10:40:44 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Erros de Sistema: ============= Error: (06/05/2021 04:16:52 PM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT) Description: O seguinte alerta fatal foi recebido: 70. Error: (06/05/2021 04:03:51 PM) (Source: Server) (EventID: 2505) (User: ) Description: O servidor não pôde ligar-se com o transporte \Device\NetBT_Tcpip_{4FD35F81-BB13-4102-90B0-385B371E2834} porque outro computador na rede tem o mesmo nome. Não foi possível iniciar o servidor. Error: (06/05/2021 04:02:37 PM) (Source: Server) (EventID: 2505) (User: ) Description: O servidor não pôde ligar-se com o transporte \Device\NetBT_Tcpip_{4FD35F81-BB13-4102-90B0-385B371E2834} porque outro computador na rede tem o mesmo nome. Não foi possível iniciar o servidor. Error: (06/05/2021 04:01:31 PM) (Source: Server) (EventID: 2505) (User: ) Description: O servidor não pôde ligar-se com o transporte \Device\NetBT_Tcpip_{4FD35F81-BB13-4102-90B0-385B371E2834} porque outro computador na rede tem o mesmo nome. Não foi possível iniciar o servidor. Error: (06/05/2021 03:57:55 PM) (Source: Server) (EventID: 2505) (User: ) Description: O servidor não pôde ligar-se com o transporte \Device\NetBT_Tcpip_{F7947425-9DE5-41EC-B41C-2433C7CDD62D} porque outro computador na rede tem o mesmo nome. Não foi possível iniciar o servidor. Error: (06/05/2021 03:26:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Serviço de Compartilhamento de Rede do Windows Media Player devido ao seguinte erro: O serviço não respondeu à requisição de início ou controle em tempo hábil. Error: (06/05/2021 03:26:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Serviço de Compartilhamento de Rede do Windows Media Player. Error: (06/05/2021 03:25:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Microsoft .NET Framework NGEN v4.0.30319_X86. ==================== Informações da Memória =========================== BIOS: Standard 1.10 03/15/2007 placa-mãe: Standard L41II8 anf L41II9 Processador: Intel(R) Celeron(R) M CPU 410 @ 1.46GHz Percentagem de memória em uso: 89% RAM física total: 2038.18 MB RAM física disponível: 207.75 MB Virtual Total: 4076.36 MB Virtual disponível: 1334.96 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:55.79 GB) (Free:21.67 GB) NTFS Drive e: (ZTEMODEM) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS \\?\Volume{94b629c0-e884-11da-8c87-806e6f6e6963}\ (Reservado pelo Sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Tabela de Partições ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 55.9 GB) (Disk ID: 0001791D) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=55.8 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ======================= =========================================================================================== USB Fix -log 1 # ---------------------------------------------------- # UsbFix Antivirus Premium # ---------------------------------------------------- # Version : 11.032 # Database : # Contact : https://www.usb-antivirus.com/contact # ---------------------------------------------------- # Scan type : USB # User : User (Administrator) # Device : USER-PC # Started : 05/06/2021 15:46:59 # ---------------------------------------------------- ------------ | Analyzed disks | No devices detected for this scan type. ------------ | Infected elements | ~ No element detected ~ ------------ | Run | F2 - HKLM\..\Winlogon : [Shell] explorer.exe F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\System32\Userinit.exe, 04 - HKLM\..\Run : [Avira SystrayStartTrigger] "C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe" 04 - HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe 04 - HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe 04 - HKLM\..\Run : [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices 04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun 04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun 04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe 04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe 04GS - Start.lnk : C:\Users\User\AppData\Roaming\skujmyc\avisyfw32.exe 04GS - Mediatek Wireless Utility.lnk : C:\Program Files\MediatekWiFi\Common\RaUI.exe ------------ | Tasks | Task - Adobe Acrobat Update Task --> C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe Task - AviraSystemSpeedupUpdate --> "C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe" /VERIFY /VERYSILENT /NOSTART /NODOTNET /NORESTART Task - Avira_Antivirus_Systray --> "C:\Program Files\Avira\Antivirus\avgnt.exe" /min Task - Avira_Security_Update --> "C:\Program Files\Avira\Security\Avira.Spotlight.Common.Updater.exe" /CheckAndInstall Task - GoogleUpdateTaskMachineCore --> C:\Program Files\Google\Update\GoogleUpdate.exe /c Task - GoogleUpdateTaskMachineUA --> C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler Task - limpeza --> "C:\Program Files\CCleaner\CCleaner.exe" Task - UsbFix Boot Scan --> "C:\Program Files\UsbFix\UsbFix.exe" -scanonstart Task - UsbFix Monitor --> "C:\Program Files\UsbFix\Modules\UsbFixMonitor.exe" Task - User_Feed_Synchronization-{CBA7B802-89AC-4FD6-B9C1-4CA586D62793} --> C:\Windows\system32\msfeedssync.exe sync Infected elements : 0 Analyzed elements : 23109 in 00h 00m 20s # UsbFix-Report-01.txt [2665B] ------------ | E.O.F | ===================================================================================================================== USB FIX log 2 ------------ | Infected elements | Deleted! C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start.lnk ------------ | Run | F2 - HKLM\..\Winlogon : [Shell] explorer.exe F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\System32\Userinit.exe, 04 - HKLM\..\Run : [Avira SystrayStartTrigger] "C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe" 04 - HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe 04 - HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe 04 - HKLM\..\Run : [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices 04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun 04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun 04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe 04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe 04GS - Mediatek Wireless Utility.lnk : C:\Program Files\MediatekWiFi\Common\RaUI.exe ------------ | Tasks | Task - Adobe Acrobat Update Task --> C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe Task - AviraSystemSpeedupUpdate --> "C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe" /VERIFY /VERYSILENT /NOSTART /NODOTNET /NORESTART Task - Avira_Antivirus_Systray --> "C:\Program Files\Avira\Antivirus\avgnt.exe" /min Task - Avira_Security_Update --> "C:\Program Files\Avira\Security\Avira.Spotlight.Common.Updater.exe" /CheckAndInstall Task - GoogleUpdateTaskMachineCore --> C:\Program Files\Google\Update\GoogleUpdate.exe /c Task - GoogleUpdateTaskMachineUA --> C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler Task - limpeza --> "C:\Program Files\CCleaner\CCleaner.exe" Task - UsbFix Boot Scan --> "C:\Program Files\UsbFix\UsbFix.exe" -scanonstart Task - UsbFix Monitor --> "C:\Program Files\UsbFix\Modules\UsbFixMonitor.exe" Task - User_Feed_Synchronization-{CBA7B802-89AC-4FD6-B9C1-4CA586D62793} --> C:\Windows\system32\msfeedssync.exe sync ------------ | C:\ %SystemDrive% - Fixed drive (NTFS) | [10/06/2009 - 18:42:20 | A | 0 Ko] - config.sys [05/06/2021 - 15:19:46 | ASH | 1565320 Ko] - hiberfil.sys [05/06/2021 - 15:19:49 | ASH | 2087096 Ko] - pagefile.sys [12/05/2021 - 11:02:17 | SHD] - Config.Msi [26/04/2021 - 10:10:37 | SHD] - $Recycle.Bin [10/06/2009 - 18:42:20 | A | 0 Ko] - autoexec.bat [10/04/2006 - 00:02:19 | SHD] - found.000 [21/05/2006 - 02:37:26 | SHD] - Arquivos de Programas [21/05/2006 - 02:37:27 | SHD] - Recovery [13/07/2009 - 23:37:05 | D] - PerfLogs [14/07/2009 - 01:53:55 | SHD] - Documents and Settings [28/03/2017 - 17:59:14 | RHD] - MSOCache [27/09/2017 - 18:30:02 | D] - hp12c [10/06/2019 - 17:53:24 | D] - a742de876fe6412155d5cb816aac101b [19/04/2021 - 15:06:47 | HD] - ProgramData [26/04/2021 - 10:10:18 | RD] - Users [12/05/2021 - 11:00:13 | D] - Windows [05/06/2021 - 15:45:04 | RD] - Program Files Infected elements : 2 Analyzed elements : 30388 in 00h 00m 14s # UsbFix-Report-03.txt [3570B] ------------ | E.O.F |
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito