rodmoretti

Membro
  • Total de itens

    56
  • Registro em

  • Última visita

Reputação

0 Neutral

Sobre rodmoretti

  • Rank
    Membro

Últimos Visitantes

445 visualizações
  1. Olá Sam! Tudo ok com o computador. Muito Obrigado!
  2. Olá Sam, boa tarde! Aparentemente tudo ok com o computador. Por favor, qual a melhor maneira de desinstalar estes softwares que instalei neste processo? Valeu!
  3. Olá Sam, Segue a cópia do log do Security Check: SecurityCheck by glax24 & Severnyj v.1.4.0.49 [15.04.17] WebSite: www.safezone.cc DateLog: 21.05.2017 02:51:33 Path starting: C:\Users\rkmor\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe Log directory: C:\SecurityCheck\ IsAdmin: True User: rkmor VersionXML: 4.26is-20.05.2017 ___________________________________________________________________________ Windows 10(6.3.14393) (x64) Professional Release: 1607 Lang: Portuguese(0416) Installation date OS: 10.04.2017 15:28:41 LicenseStatus: Office 16, Office16HomeStudentR_Grace edition Windows is in Notification mode LicenseStatus: Office 16, Office16O365HomePremR_SubTrial5 edition Extended grace period ends :684 minutes LicenseStatus: Windows(R), Professional edition The machine is permanently activated. LicenseStatus: Office 16, Office16O365HomePremR_Grace edition Windows is in Notification mode Boot Mode: Normal Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe SystemDrive: C: FS: [NTFS] Capacity: [105.8 Gb] Used: [91 Gb] Free: [14.8 Gb] ------------------------------- [ Windows ] ------------------------------- Internet Explorer 11.1198.14393.0 User Account Control enabled Windows Update (wuauserv) - The service has stopped Central de Segurança (wscsvc) - The service is running Registro remoto (RemoteRegistry) - The service has stopped Descoberta SSDP (SSDPSRV) - The service is running Serviços de Área de Trabalho Remota (TermService) - The service has stopped Windows Remote Management (WS-Management) (WinRM) - The service has stopped ---------------------------- [ Antivirus_WMI ] ---------------------------- Windows Defender (disabled and up to date) Malwarebytes (disabled and up to date) McAfee VirusScan (enabled) ---------------------------- [ Firewall_WMI ] ----------------------------- McAfee Firewall --------------------------- [ AntiSpyware_WMI ] --------------------------- Malwarebytes (disabled and up to date) Windows Defender (disabled and up to date) McAfee VirusScan (enabled) ---------------------- [ AntiVirusFirewallInstall ] ----------------------- McAfee LiveSafe v.14.0 R13 McAfee WebAdvisor v.4.0.127 -------------------------- [ SecurityUtilities ] -------------------------- Malwarebytes versão 3.0.6.1469 v.3.0.6.1469 --------------------------- [ OtherUtilities ] ---------------------------- WinRAR 5.40 (64-bit) v.5.40.0 --------------------------- [ AppleProduction ] --------------------------- QuickTime 7 v.7.79.80.95 Warning! This software is no longer supported. Please uninstall it and use another software. ------------------------------- [ Browser ] ------------------------------- Google Chrome v.58.0.3029.110 --------------------------- [ RunningProcess ] ---------------------------- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.58.0.3029.110 ------------------ [ AntivirusFirewallProcessServices ] ------------------- Malwarebytes Service (MBAMService) - The service has stopped C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe v.15.6.0.1220 McAfee Validation Trust Protection Service (mfevtp) - The service is running C:\Windows\System32\mfevtps.exe C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe v.1.5.0.2512 McAfee Firewall Core Service (mfefire) - The service is running C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe v.15.6.0.1220 McAfee AP Service (McAPExe) - The service is running C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe v.6.0.4041.0 McAfee Personal Firewall Service (McMPFSvc) - The service is running C:\Program Files\Common Files\McAfee\platform\mcsvchost\McSvHost.exe v.6.4.4016.0 C:\PROGRA~1\COMMON~1\McAfee\platform\McUICnt.exe v.8.4.4019.0 McAfee CSP Service (mccspsvc) - The service is running C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\McCSPServiceHost.exe v.2.3.322.0 McAfee Scanner (McODS) - The service has stopped McAfee SiteAdvisor Service (McAfee SiteAdvisor Service) - The service has stopped McAfee Service Controller (mfemms) - The service is running C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe v.15.6.0.1220 McAfee Module Core Service (ModuleCoreService) - The service is running C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe v.1.6.121.0 McAfee Home Network (HomeNetSvc) - The service is running McAfee VirusScan Announcer (McNaiAnn) - The service is running McAfee Platform Services (mcpltsvc) - The service is running McAfee Proxy Service (McProxy) - The service is running McAfee Boot Delay Start Service (McBootDelayStartSvc) - The service is running McAfee Platform Services (mcpltsvc) - The service is running Serviço Windows Defender (WinDefend) - The service has stopped Serviço de Inspeção de Rede do Windows Defender (WdNisSvc) - The service has stopped ----------------------------- [ End of Log ] ------------------------------
  4. Olá Sam, boa tarde! Seguem os logs. Abraço! Addition.txt FRST.txt
  5. Olá Sam, boa tarde! Segue o log do ZAScan: ZA-Scan V1.0.0.5 Updated 30-09-2015 Tool run by rkmor on 14/05/2017 at 12:22:09,13. Microsoft Windows 10 Pro 10.0.14393 x64 Running in: Normal Mode No Internet Access Detected Launched: C:\Users\rkmor\Desktop\ZA-Scan.exe Script used: C:\Users\rkmor\Desktop\zascript.txt ==== System Restore Info ====================== 14/05/2017 12:22:23 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\defaultuser0\AppData\Local\VirtualStore deleted successfully C:\Users\rkmor\AppData\Local\BorisFX deleted successfully C:\Users\rkmor\AppData\Local\NetworkTiles deleted successfully C:\Users\rkmor\AppData\Local\PeerDistRepub deleted successfully C:\Users\rkmor\AppData\Local\VirtualStore deleted successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~3\{423CE5CB-22CB-40B0-ABB2-FC8387A15102} deleted C:\PROGRA~3\Package Cache deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi" [14/02/2017 17:07] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi" [14/02/2017 17:07] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fheoggkfdfchfphceeifdbepaooicaho - No path found[] DIM - rkmor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apghicjnekejhfancbkahkhdckhdagna McAfee® WebAdvisor - rkmor\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho videospeed - rkmor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffaoalbilbmmfgbnbgppjihopabppdk Chrome Media Router - rkmor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Chromium Fix ====================== C:\Users\rkmor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\rkmor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Reset Google Chrome ====================== C:\Users\rkmor\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\rkmor\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\rkmor\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot C:\Users\rkmor\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot ==== shortcuts on Users Desktops ====================== C:\Users\rkmor\Desktop\Adobe After Effects CC 2017.lnk - C:\Program Files\Adobe\Adobe After Effects CC 2017\Support Files\AfterFX.exe C:\Users\rkmor\Desktop\Cronus PRO.lnk - C:\Program Files (x86)\CronusPRO\Cronus.exe C:\Users\rkmor\Desktop\Photoshop - Atalho.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop CC 2015\Photoshop.exe C:\Users\rkmor\Desktop\ZHPCleaner.lnk - C:\Users\rkmor\AppData\Roaming\ZHP\ZHPCleaner.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Adobe Creative Cloud.lnk - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe C:\Users\Public\Desktop\Estúdio Conversor de Vídeo Apowersoft.lnk - C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\Malwarebytes.lnk - C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe C:\Users\Public\Desktop\QuickTime Player.lnk - C:\Users\rkmor\AppData\Roaming\ZHP\Quarantine\QuickTime\QuickTimePlayer.exe C:\Users\Public\Desktop\Uso remoto do PS4.lnk - C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe C:\Users\Public\Desktop\Vegas Pro 14.0 (64-bit).lnk - C:\Program Files (x86)\VEGAS\VEGAS Pro 14.0\vegas140.exe ==== shortcuts in Users Start Menu ====================== C:\Users\rkmor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk - C:\Users\rkmor\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Users\rkmor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\rkmor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CronusPRO\Cronus PRO.lnk - C:\Program Files (x86)\CronusPRO\Cronus.exe C:\Users\rkmor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CronusPRO\Uninstall.lnk - C:\Program Files (x86)\CronusPRO\uninst.exe C:\Users\rkmor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files (x86)\WinRAR\Rar.txt C:\Users\rkmor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt C:\Users\rkmor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm C:\Users\rkmor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2017.lnk - C:\Program Files\Adobe\Adobe After Effects CC 2017\Support Files\AfterFX.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk - C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk - C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 20 GB.lnk - C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe manualstartmenu C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uso remoto do PS4.lnk - C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves MaxxAudioPro.lnk - C:\Program Files (x86)\Waves\MaxxAudio\MaxxAudioPro.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft\Video Converter Studio\Desinstalar Estúdio Conversor de Vídeo Apowersoft.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft\Video Converter Studio\Estúdio Conversor de Vídeo Apowersoft.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\Dell Customer Connect.lnk - C:\Program Files (x86)\Dell Customer Connect\DCCTrayApp.exe shortcut C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\Dell Digital Delivery.lnk - C:\Program Files (x86)\Dell Digital Delivery\DeliveryTray.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\Dell Notifications.lnk - C:\Program Files (x86)\Dell\Dell Foundation Services\ShellHelper.exe /FromShortcut C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\Dell Update.lnk - C:\Program Files (x86)\Dell Update\DellUpTray.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\Registro de produto Dell.lnk - C:\Program Files\Dell\Dell Product Registration\ProductRegistration.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\Dell Help & Support\Dell Help & Support.lnk - C:\Program Files (x86)\Dell\Dell Help & Support\Dell Help & Support.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\Power Manager\Dell Power Manager Lite.lnk - C:\Program Files (x86)\Dell\QuickSet\DPMLite.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\SupportAssist\SupportAssist.lnk - C:\Program Files\Dell\SupportAssist\pcdlauncher.exe -lloc dsc C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /home C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016\Centro de Carregamento do Office 2016.lnk - C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe "C:\Program Files (x86)\Microsoft Office\Root\Office16\MSOUC.EXE" C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016\Preferências de Idioma do Office 2016.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Rapid Storage Technology.lnk - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Malwarebytes.lnk - C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Uninstall Malwarebytes.lnk - C:\Program Files (x86)\Malwarebytes\Anti-Malware\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee\McAfee LiveSafe.lnk - C:\Program Files (x86)\Common Files\McAfee\platform\McUICnt.exe /desktopicon /platui C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue 3D Explosions for Windows\Manage Activation 64bit.lnk - C:\Program Files\NewBlue\3D Explosions for Windows\ManageActivation64.exe D3DExplosions64.dll C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue 3D Explosions for Windows\Uninstall.lnk - C:\Program Files (x86)\NewBlue\3D Explosions for Windows\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue 3D Transformations for Windows\Manage Activation 64bit.lnk - C:\Program Files\NewBlue\3D Transformations for Windows\ManageActivation64.exe D3DTransformations64.dll C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue 3D Transformations for Windows\Uninstall.lnk - C:\Program Files (x86)\NewBlue\3D Transformations for Windows\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Art Blends for Windows\Manage Activation 64bit.lnk - C:\Program Files\NewBlue\Art Blends for Windows\ManageActivation64.exe ArtBlends64.dll C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Art Blends for Windows\Manage Activation.lnk - C:\Program Files (x86)\NewBlue\Art Blends for Windows\ActivateArtBlends.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Art Blends for Windows\Uninstall.lnk - C:\Program Files (x86)\NewBlue\Art Blends for Windows\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Art Effects for Windows\Manage Activation 64bit.lnk - C:\Program Files\NewBlue\Art Effects for Windows\ManageActivation64.exe ArtEffects64.dll C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Art Effects for Windows\Manage Activation.lnk - C:\Program Files (x86)\NewBlue\Art Effects for Windows\ActivateArtEffects.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Art Effects for Windows\Uninstall.lnk - C:\Program Files (x86)\NewBlue\Art Effects for Windows\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue ColorFast for Windows\Manage Activation 64bit.lnk - C:\Program Files\NewBlue\ColorFast for Windows\ManageActivation64.exe ColorFast64.dll C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue ColorFast for Windows\Manage Activation.lnk - C:\Program Files (x86)\NewBlue\ColorFast for Windows\ActivateColorFast.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue ColorFast for Windows\Uninstall.lnk - C:\Program Files (x86)\NewBlue\ColorFast for Windows\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Film Effects for Windows\Manage Activation 64bit.lnk - C:\Program Files\NewBlue\Film Effects for Windows\ManageActivation64.exe FilmEffects64.dll C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Film Effects for Windows\Manage Activation.lnk - C:\Program Files (x86)\NewBlue\Film Effects for Windows\ActivateFilmEffects.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Film Effects for Windows\Uninstall.lnk - C:\Program Files (x86)\NewBlue\Film Effects for Windows\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Light Blends for Windows\Manage Activation 64bit.lnk - C:\Program Files\NewBlue\Light Blends for Windows\ManageActivation64.exe LightBlends64.dll C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Light Blends for Windows\Manage Activation.lnk - C:\Program Files (x86)\NewBlue\Light Blends for Windows\ActivateLightBlends.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Light Blends for Windows\Uninstall.lnk - C:\Program Files (x86)\NewBlue\Light Blends for Windows\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Light Effects for Windows\Manage Activation 64bit.lnk - C:\Program Files\NewBlue\Light Effects for Windows\ManageActivation64.exe LightEffects64.dll C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Light Effects for Windows\Manage Activation.lnk - C:\Program Files (x86)\NewBlue\Light Effects for Windows\ActivateLightEffects.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Light Effects for Windows\Uninstall.lnk - C:\Program Files (x86)\NewBlue\Light Effects for Windows\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Motion Blends for Windows\Manage Activation 64bit.lnk - C:\Program Files\NewBlue\Motion Blends for Windows\ManageActivation64.exe MotionBlends64.dll C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Motion Blends for Windows\Manage Activation.lnk - C:\Program Files (x86)\NewBlue\Motion Blends for Windows\ActivateMotionBlends.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Motion Blends for Windows\Uninstall.lnk - C:\Program Files (x86)\NewBlue\Motion Blends for Windows\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Motion Effects for Windows\Manage Activation 64bit.lnk - C:\Program Files\NewBlue\Motion Effects for Windows\ManageActivation64.exe MotionEffects64.dll C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Motion Effects for Windows\Manage Activation.lnk - C:\Program Files (x86)\NewBlue\Motion Effects for Windows\ActivateMotionEffects.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Motion Effects for Windows\Uninstall.lnk - C:\Program Files (x86)\NewBlue\Motion Effects for Windows\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Paint Blends for Windows\Manage Activation 64bit.lnk - C:\Program Files\NewBlue\Paint Blends for Windows\ManageActivation64.exe PaintBlends64.dll C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Paint Blends for Windows\Manage Activation.lnk - C:\Program Files (x86)\NewBlue\Paint Blends for Windows\ActivatePaintBlends.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Paint Blends for Windows\Uninstall.lnk - C:\Program Files (x86)\NewBlue\Paint Blends for Windows\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Paint Effects for Windows\Manage Activation 64bit.lnk - C:\Program Files\NewBlue\Paint Effects for Windows\ManageActivation64.exe PaintEffects64.dll C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Paint Effects for Windows\Manage Activation.lnk - C:\Program Files (x86)\NewBlue\Paint Effects for Windows\ActivatePaintEffects.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Paint Effects for Windows\Uninstall.lnk - C:\Program Files (x86)\NewBlue\Paint Effects for Windows\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Video Essentials for Windows\Manage Activation 64bit.lnk - C:\Program Files\NewBlue\Video Essentials for Windows\ManageActivation64.exe VideoEssentials64.dll C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Video Essentials for Windows\Manage Activation.lnk - C:\Program Files (x86)\NewBlue\Video Essentials for Windows\Activatevideoessentials.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Video Essentials for Windows\Uninstall.lnk - C:\Program Files (x86)\NewBlue\Video Essentials for Windows\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Video Essentials II for Windows\Manage Activation 64bit.lnk - C:\Program Files\NewBlue\Video Essentials II for Windows\ManageActivation64.exe VideoEssentials264.dll C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Video Essentials II for Windows\Manage Activation.lnk - C:\Program Files (x86)\NewBlue\Video Essentials II for Windows\ActivateVideoEssentials2.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Video Essentials II for Windows\Uninstall.lnk - C:\Program Files (x86)\NewBlue\Video Essentials II for Windows\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Video Essentials III for Windows\Manage Activation 64bit.lnk - C:\Program Files\NewBlue\Video Essentials III for Windows\ManageActivation64.exe VideoEssentials364.dll C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Video Essentials III for Windows\Manage Activation.lnk - C:\Program Files (x86)\NewBlue\Video Essentials III for Windows\ActivateVideoEssentials3.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Video Essentials III for Windows\Uninstall.lnk - C:\Program Files (x86)\NewBlue\Video Essentials III for Windows\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Video Essentials IV for Windows\Manage Activation 64bit.lnk - C:\Program Files\NewBlue\Video Essentials IV for Windows\ManageActivation64.exe VideoEssentials464.dll C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Video Essentials IV for Windows\Manage Activation.lnk - C:\Program Files (x86)\NewBlue\Video Essentials IV for Windows\ActivateVideoEssentials4.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Video Essentials IV for Windows\Uninstall.lnk - C:\Program Files (x86)\NewBlue\Video Essentials IV for Windows\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Video Essentials V for Windows\Manage Activation 64bit.lnk - C:\Program Files\NewBlue\Video Essentials V for Windows\ManageActivation64.exe VideoEssentials564.dll C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Video Essentials V for Windows\Manage Activation.lnk - C:\Program Files (x86)\NewBlue\Video Essentials V for Windows\ActivateVideoEssentials5.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Video Essentials V for Windows\Uninstall.lnk - C:\Program Files (x86)\NewBlue\Video Essentials V for Windows\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Video Essentials VI for Windows\Manage Activation 64bit.lnk - C:\Program Files\NewBlue\Video Essentials VI for Windows\ManageActivation64.exe VideoEssentials664.dll C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Video Essentials VI for Windows\Manage Activation.lnk - C:\Program Files (x86)\NewBlue\Video Essentials VI for Windows\ActivateVideoEssentials6.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Video Essentials VI for Windows\Uninstall.lnk - C:\Program Files (x86)\NewBlue\Video Essentials VI for Windows\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Video Essentials VII for Windows\Manage Activation 64bit.lnk - C:\Program Files\NewBlue\Video Essentials VII for Windows\ManageActivation64.exe VideoEssentials764.dll C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Video Essentials VII for Windows\Manage Activation.lnk - C:\Program Files (x86)\NewBlue\Video Essentials VII for Windows\ActivateVideoEssentials7.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Video Essentials VII for Windows\Uninstall.lnk - C:\Program Files (x86)\NewBlue\Video Essentials VII for Windows\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant\Red Giant Link.lnk - C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant\Uninstall Magic Bullet Suite.lnk - C:\Program Files (x86)\Red Giant\unins001.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant\Uninstall Trapcode Suite.lnk - C:\Program Files (x86)\Red Giant\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueColor\True Color.lnk - C:\Program Files (x86)\TrueColor\TrueColorUI.exe preferences C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS\VEGAS Pro 14.0\Vegas Pro 14.0 (64-bit).lnk - C:\Program Files (x86)\VEGAS\VEGAS Pro 14.0\vegas140.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS\VEGAS Pro 14.0\VEGAS Pro 14.0 Readme.lnk - C:\Program Files (x86)\VEGAS\VEGAS Pro 14.0\readme\Vegas_readme.htm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS\VEGAS Pro 14.0\Video Capture 6.0 Readme.lnk - C:\Program Files (x86)\VEGAS\VEGAS Pro 14.0\readme\Videocapture_readme.htm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files (x86)\WinRAR\Rar.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\rkmor\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\rkmor\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\rkmor\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\rkmor\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe After Effects CC 2017.lnk - C:\Program Files\Adobe\Adobe After Effects CC 2017\Support Files\AfterFX.exe C:\Users\rkmor\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Estúdio Conversor de Vídeo Apowersoft.lnk - C:\Users\rkmor\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\rkmor\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Vegas Pro 14.0 (64-bit).lnk - C:\Program Files (x86)\VEGAS\VEGAS Pro 14.0\vegas140.exe C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\rkmor\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\rkmor\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\rkmor\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== Empty Temp Folders ====================== C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\rkmor\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\rkmor\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found "C:\Users\rkmor\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found "C:\Users\rkmor\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted "C:\Users\rkmor\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted "C:\Users\rkmor\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted "C:\Users\rkmor\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted "C:\Users\rkmor\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted ==== EOF on 14/05/2017 at 12:36:37,97 ======================
  6. Olá, Segue o novo log: ZA-Scan V1.0.0.5 Updated 30-09-2015 Tool run by rkmor on 06/05/2017 at 8:12:50,62. Microsoft Windows 10 Pro 10.0.14393 x64 Running in: Normal Mode No Internet Access Detected Launched: C:\Users\rkmor\Desktop\ZA-Scan.exe [Z-Analyse Scan] ==== Running Processes ====================== C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe C:\Windows\sysWOW64\wbem\wmiprvse.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Users\rkmor\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Users\rkmor\Desktop\ZA-Scan.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Users\rkmor\AppData\Local\Temp\ZAScan.exe ==== Drivers(whitelist) ====================== Powered by E Dev R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys R0 - [Wof] - Windows Overlay File System Filter Driver - C:\Windows\system32\Drivers\Wof.sys R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys R2 - [srv] - Driver SMB 1.xxx do Servidor - C:\Windows\system32\Drivers\srv.sys R3 - [srv2] - Driver SMB 2.xxx do Servidor - C:\Windows\system32\Drivers\srv2.sys R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys R0 - [acpiex] - Microsoft ACPIEx Driver - C:\Windows\system32\Drivers\acpiex.sys R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys R0 - [disk] - Driver de disco - C:\Windows\system32\Drivers\disk.sys R0 - [fvevol] - Driver de Filtro de Criptografia de Unidade de Disco BitLocker - C:\Windows\system32\Drivers\fvevol.sys R0 - [iaStorA] - iaStorA - C:\Windows\system32\Drivers\iaStorA.sys R0 - [intelpep] - Driver Intel(R) Power Engine Plug-in - C:\Windows\system32\Drivers\intelpep.sys R0 - [iorate] - iorate - C:\Windows\system32\Drivers\iorate.sys R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys R0 - [mfehidk] - McAfee Inc. mfehidk - C:\Windows\system32\Drivers\mfehidk.sys R0 - [mfewfpk] - McAfee Inc. mfewfpk - C:\Windows\system32\Drivers\mfewfpk.sys R0 - [mountmgr] - Gerenciador de Pontos de Montagem - C:\Windows\system32\Drivers\mountmgr.sys R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys R0 - [NDIS] - Driver do Sistema NDIS - C:\Windows\system32\Drivers\NDIS.sys R0 - [partmgr] - Driver de partição - C:\Windows\system32\Drivers\partmgr.sys R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys R0 - [pdc] - pdc - C:\Windows\system32\Drivers\pdc.sys R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys R0 - [spaceport] - Driver de Espaços de Armazenamento - C:\Windows\system32\Drivers\spaceport.sys R0 - [Tcpip] - Driver de Protocolo TCP/IP - C:\Windows\system32\Drivers\Tcpip.sys R0 - [vdrvroot] - Enumerador de Unidade Virtual Microsoft - C:\Windows\system32\Drivers\vdrvroot.sys R0 - [volmgr] - Driver de Gerenciador de Volumes - C:\Windows\system32\Drivers\volmgr.sys R0 - [volmgrx] - Gerenciador de Volume Dinâmico - C:\Windows\system32\Drivers\volmgrx.sys R0 - [volsnap] - Volume Shadow Copy driver - C:\Windows\system32\Drivers\volsnap.sys R0 - [volume] - Driver do volume - C:\Windows\system32\Drivers\volume.sys R0 - [Wdf01000] - Serviço de Estruturas de Driver em Modo Kernel - C:\Windows\system32\Drivers\Wdf01000.sys R0 - [WFPLWFS] - Plataforma para Filtros do Microsoft Windows - C:\Windows\system32\Drivers\WFPLWFS.sys R0 - [WindowsTrustedRT] - Windows Trusted Execution Environment Class Extension - C:\Windows\system32\Drivers\WindowsTrustedRT.sys R0 - [WindowsTrustedRTProxy] - Serviço de Proteção de Tempo de Execução Confiável do Microsoft Windows - C:\Windows\system32\Drivers\WindowsTrustedRTProxy.sys R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys R1 - [tdx] - Driver de Suporte a TDI Herdado de NetIO - C:\Windows\system32\Drivers\tdx.sys R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys S0 - [EhStorClass] - Enhanced Storage Filter Driver - C:\Windows\system32\Drivers\EhStorClass.sys S0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys S0 - [mfeelamk] - McAfee Inc. mfeelamk - C:\Windows\system32\Drivers\mfeelamk.sys S3 - [atapi] - Canal de IDE - C:\Windows\system32\Drivers\atapi.sys S3 - [Tcpip6] - @todo.dll,-100;Microsoft IPv6 Protocol Driver - C:\Windows\system32\Drivers\Tcpip6.sys [x] ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-1785629803-1052134911-1818003617-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\rkmor\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\rkmor\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QuickSet"="c:\Program Files\Dell\QuickSet\QuickSet.exe" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "WavesSvc"="C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe -Jack" "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" "TrueColor UI"="C:\Program Files\TrueColor\TrueColorUI.exe" "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "Malwarebytes TrayApp"="C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\0057001492723274mcinstcleanup] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeUpdateService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AGSService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AtherosSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ClientAnalyticsService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\cphs] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\cplspcon] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\dbupdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\dbupdatem] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\DbxSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Dell Customer Connect] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Dell Foundation Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Dell Help & Support] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Dell SupportAssist Remediation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\DellDataVault] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\DellDataVaultWiz] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\DellDigitalDelivery] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\DellUpdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\esifsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\GfExperienceService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\HomeNetSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IAStorDataMgrSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\igfxCUIService2.0.0.0] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Intel(R) Capability Licensing Service TCP IP Interface] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\jhi_service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\LMS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MBAMService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\McAfee SiteAdvisor Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\McAWFwk] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\McBootDelayStartSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\mccspsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\McNaiAnn] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\McODS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\mcpltsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\McProxy] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MSK80Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NvNetworkService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NvStreamNetworkSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NvStreamSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\nvsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\PEFService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Product Registration] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RtkAudioService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SupportAssistAgent] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TrueColorALS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WavesSysSvc] ==== Task Scheduler Jobs ====================== C:\Windows\tasks\DropboxUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [10/04/2017 12:29] C:\Windows\tasks\DropboxUpdateTaskMachineUA.job --a-------- [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Dell Cleanup" [c:\windows\system32\oem\startmenufix.vbs] "C:\Windows\SysNative\tasks\Dell SupportAssistAgent AutoUpdate" [C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe] "C:\Windows\SysNative\tasks\DropboxOEM" ["%ProgramFiles(x86)%\Dropbox\DropboxOEM\DropboxOEM.exe"] "C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineCore" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineUA" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Intel PTT EK Recertification" ["C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe"] "C:\Windows\SysNative\tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse" [C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe] "C:\Windows\SysNative\tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse" [C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe] "C:\Windows\SysNative\tasks\McAfeeLogon" [C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe] "C:\Windows\SysNative\tasks\OneDrive Standalone Update Task v2" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe] "C:\Windows\SysNative\tasks\PCDDataUploadTask" ["uaclauncher.exe"] "C:\Windows\SysNative\tasks\Red Giant Link" ["C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe"] "C:\Windows\SysNative\tasks\RtHDVBg_PushButton" ["C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe"] "C:\Windows\SysNative\tasks\SystemToolsDailyTest" ["uaclauncher.exe"] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi" [14/02/2017 17:07] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi" [14/02/2017 17:07] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fheoggkfdfchfphceeifdbepaooicaho - No path found[] Google Slides - rkmor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - rkmor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - rkmor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf DIM - rkmor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apghicjnekejhfancbkahkhdckhdagna YouTube - rkmor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Sheets - rkmor\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap McAfee® WebAdvisor - rkmor\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Google Docs Offline - rkmor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi videospeed - rkmor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffaoalbilbmmfgbnbgppjihopabppdk Chrome Web Store Payments - rkmor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - rkmor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - rkmor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell17win10.msn.com/?pc=DCTE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 F2 - REG:system.ini: UserInit= O2 - BHO: McAfee WebAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll ==== EOF on 06/05/2017 at 8:13:53,27 ======================
  7. Olá Fallen, bom dia!

    Tive meu tópico arquivado e gostaria de finalizar a assistência que o Sam estava me dando.

    Se puder reabir eu agradeço muito.

     

    Um abraço.

    1. Breaker

      Breaker

      @rodmoretti,

      Bom dia!

      Tópico reaberto. Obs: Para esse tipo de comunicação, use o "Denunciar" dentro do seu tópico.

       

      @Sam Spade, para conhecimento.

       

      Att,

  8. Olá Sam, bom dia! Seguem os log´s solicitados: # AdwCleaner v6.046 - Relatório criado 02/05/2017 às 09:01:41 # Atualizado em 24/04/2017 por Malwarebytes # Banco de dados : 2017-05-01.2 [Servidor] # Sistema operacional : Windows 10 Pro (X64) # Usuário : rkmor - DESKTOP-KI4LSLA # Executando de : C:\Users\rkmor\Desktop\adwcleaner_6.046.exe # Modo: Digitalizar # Apoio : https://www.malwarebytes.com/support ***** [ Serviços ] ***** Não foram encontrados serviços maliciosos. ***** [ Pastas ] ***** Nenhuma pasta maliciosa encontrada. ***** [ Arquivos ] ***** Nenhum arquivo malicioso encontrado. ***** [ DLL ] ***** Não foram encontradas DLLs mal-intencionadas. ***** [ WMI ] ***** Nenhuma chave mal-intencionada encontrada. ***** [ Atalhos ] ***** Nenhum atalho infectado encontrado. ***** [ Atividades agendadas ] ***** Nenhuma tarefa maliciosa encontrada. ***** [ Registro ] ***** Nenhuma entrada de registro malicioso encontrada. ***** [ Navegadores ] ***** Nenhum item de navegador baseado em Firefox malicioso encontrado. Nenhum item de navegador baseado em Chromo malicioso encontrado. ************************* C:\AdwCleaner\AdwCleaner[S0].txt - [1167 Bytes] - [02/05/2017 09:01:41] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1240 Bytes] ########## =============================================================== ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.3 (04.10.2017) Operating System: Windows 10 Pro x64 Ran by rkmor (Administrator) on 02/05/2017 at 9:03:15,36 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 2 Successfully deleted: C:\Windows\system32\Tasks\PCDEventLauncherTask (Task) Successfully deleted: C:\Windows\system32\Tasks\PCDoctorBackgroundMonitorTask (Task) Registry: 1 Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\0057001492723274mcinstcleanup (Registry Key) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 02/05/2017 at 9:04:36,63 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ =============================================================== ~ ZHPCleaner v2017.5.1.75 by Nicolas Coolman (2017/05/01) ~ Run by rkmor (Administrator) (02/05/2017 09:11:30) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Reparo ~ Report : C:\Users\rkmor\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\rkmor\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Pro, 64-bit (Build 14393) ---\\ Serviços (0) ---\\ Navegadores de Internet (0) ~ Nenhum ítem malicioso o desnecessários foi encontrado. ---\\ Arquivo hosts (2) SUBSTITUIDO: 74.86.5.247 apowersoft.com Número de redirecionamentos encontrados 1/31 ---\\ Tarefas automáticas agendadas. (0) ~ Nenhum ítem malicioso o desnecessários foi encontrado. ---\\ Explorer ( Arquivos, Pastas) (138) MOVIDO pasta: C:\Program Files\TrueColor\TrueColorALS.exe =>PUP.Optional.Youndoo MOVIDO pasta: C:\Windows\Installer\wix{99B7C4B5-DC14-441D-A5B6-7340F682BC81}.SchedServiceConfig.rmi =>.Superfluous.Empty MOVIDO pasta: C:\Windows\Installer\wix{BDB50421-E961-42F3-B803-6DAC6F0DB834}.SchedServiceConfig.rmi =>.Superfluous.Empty MOVIDO pasta: C:\Windows\Installer\wix{BDB50421-E961-42F3-B803-6DAC6F173834}.SchedServiceConfig.rmi =>.Superfluous.Empty MOVIDO pasta: C:\Windows\Installer\wix{F255C3B6-F053-4592-9325-34898BF5EB46}.SchedServiceConfig.rmi =>.Superfluous.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\12692_375293109_MVM_0.tmp =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\3764_603312171_MVM_0.tmp =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\4772_614497828_MVM_0.tmp =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\668_5354093_MVM_0.tmp =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\amt3.log =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\badext.txt =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\cef_debug.log =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\CMcUploader.log =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\databases.txt =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\DDA8.tmp =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\DFSSystray.log =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\iex64.reg =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\LocalStorage.txt =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_20170411_155620803.html =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20170411_155626409.html =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\Rar$LS0.312 =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\Rar$LS0.664 =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\rp-version-win.json =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.00D57B0F-01FA-B79F-08D6-878ED20C4C9B_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.0116DC02-781B-D1D1-FC1C-C80195511E17_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.0862A72D-A96C-83E5-AD0F-78B6AA06F9C6_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.0C8CF327-9D17-CCDE-18AF-DFF4F20070E5_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.18DDC675-D472-0DB4-9563-7DF7C34F512C_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.1FE89C0B-9BED-CC5D-7426-9E4025D6BDD9_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.3BFD26C9-8DA9-B940-F638-55890012AAB4_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.50611331-FE19-D366-B049-694B8AC9D758_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.557EA3BB-623E-ADD9-4DFB-629A8648A038_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.558F5D32-0827-EB7B-6AD6-D5DB4138B3AA_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.62B49C0A-499E-A02D-EBCB-EB168E148E52_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.664AA17A-2D25-0823-3315-3708FE16147A_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.674C4C14-7BAA-F782-E214-956DC3BEDF39_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.68BC3251-2D8B-A604-92BA-893638CA72EA_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.68E019EB-0B92-5E08-5D86-9BFE6DBA8517_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.69F3BCAB-8975-C526-30F5-39FA70C77AD9_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.6D151227-6BD9-726D-B30E-A8A018DCC82B_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.6EA6FC2E-9305-586B-3411-02826D151533_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.6F5A9E8F-F920-1658-72FF-16C1448402F9_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.97612282-D1E8-1D6A-9E92-C271E7F177EF_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.9D4DED89-CABC-F4FB-8133-BC5EDB1C7EDA_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.9NBLGGH1ZRPV_0_0010_.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.9NBLGGH1ZRPV_0__.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.9NBLGGH2JHXJ_0_0011_.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.9NBLGGH2JHXJ_0__.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.9NBLGGH33ZDV_0_0010_.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.9NBLGGH33ZDV_0__.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.9WZDNCRFHVFW_0_0010_.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.9WZDNCRFHVFW_0__.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.9WZDNCRFJ140_0_0010_.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.9WZDNCRFJ140_0__.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.9WZDNCRFJ2WL_0_0010_.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.9WZDNCRFJ2WL_0__.Public.InstallAgent.dat =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.A90B8400-D36D-8235-8BF2-A21A53D3FB65_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.DFBE09D0-1F22-A9C0-2D3D-3F4C6351E58F_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.E336BB8F-16ED-7CBE-AFEE-971DD3041585_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.E6658C19-4221-2EBE-763A-F0493FBA2BB0_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.E6D3B497-80AF-7F14-F9E6-9606EE369FC3_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\sa.FACF9DDE-1FF1-B57D-4D1D-CE479FDD42AF_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\Setup Log 2017-04-27 #001.txt =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\tmp16780aaaaaa =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\tmp28144aaaaaa =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\tmp35376aaaaaa =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\tmp5476aaaaaa =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\tmp5636aaaaaa =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\tmp5904aaaaaa =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\tmp608aaaaaa =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\tmp6716aaaaaa =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\wct14F3.tmp =>.Superfluous.Temporary.Various MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\wct21AC.tmp =>.Superfluous.Temporary.Various MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\wct25DB.tmp =>.Superfluous.Temporary.Various MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\wct31A.tmp =>.Superfluous.Temporary.Various MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\wct4E1B.tmp =>.Superfluous.Temporary.Various MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\wct617C.tmp =>.Superfluous.Temporary.Various MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\wct61B0.tmp =>.Superfluous.Temporary.Various MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\wct63D6.tmp =>.Superfluous.Temporary.Various MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\wct6518.tmp =>.Superfluous.Temporary.Various MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\wct8669.tmp =>.Superfluous.Temporary.Various MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\wct97DF.tmp =>.Superfluous.Temporary.Various MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\wctB4.tmp =>.Superfluous.Temporary.Various MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\wctBD92.tmp =>.Superfluous.Temporary.Various MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\wctC05C.tmp =>.Superfluous.Temporary.Various MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\wctC318.tmp =>.Superfluous.Temporary.Various MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\wctC503.tmp =>.Superfluous.Temporary.Various MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\wctE88D.tmp =>.Superfluous.Temporary.Various MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\wctE90E.tmp =>.Superfluous.Temporary.Various MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\wctEBDA.tmp =>.Superfluous.Temporary.Various MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\wctF787.tmp =>.Superfluous.Temporary.Various MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\{741AE934-6F29-468A-806D-A5FCE81675A3} - OProcSessId.dat =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Temp\{EC90F179-4E94-4C75-8754-752CF07BF0AD} - OProcSessId.dat =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\rkmor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage =>PUP.Optional.Generic MOVIDO pasta: C:\Users\rkmor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal =>PUP.Optional.Generic MOVIDO arquivo: C:\Users\rkmor\AppData\Local\Tempzxpsign85b6af5b50b31008 =>.Superfluous.Temporary MOVIDO arquivo: C:\Users\rkmor\AppData\Local\Tempzxpsignb2ce829c4ec6d64b =>.Superfluous.Temporary MOVIDO arquivo: C:\Users\rkmor\AppData\Local\Temp\scoped_dir12472_29368 =>.Superfluous.Temporary.Steam MOVIDO arquivo: C:\Users\rkmor\AppData\Local\Temp\scoped_dir12768_2748 =>.Superfluous.Temporary.Steam MOVIDO arquivo: C:\Users\rkmor\AppData\Local\Temp\scoped_dir13332_27648 =>.Superfluous.Temporary.Steam MOVIDO arquivo: C:\Users\rkmor\AppData\Local\Temp\scoped_dir14780_6662 =>.Superfluous.Temporary.Steam MOVIDO arquivo: C:\Users\rkmor\AppData\Local\Temp\scoped_dir1480_20452 =>.Superfluous.Temporary.Steam MOVIDO arquivo: C:\Users\rkmor\AppData\Local\Temp\scoped_dir16652_8817 =>.Superfluous.Temporary.Steam MOVIDO arquivo: C:\Users\rkmor\AppData\Local\Temp\scoped_dir21780_15076 =>.Superfluous.Temporary.Steam MOVIDO arquivo: C:\Users\rkmor\AppData\Local\Temp\scoped_dir28708_3581 =>.Superfluous.Temporary.Steam MOVIDO arquivo: C:\Users\rkmor\AppData\Local\Temp\scoped_dir3260_19044 =>.Superfluous.Temporary.Steam MOVIDO arquivo: C:\Users\rkmor\AppData\Local\Temp\scoped_dir5324_15706 =>.Superfluous.Temporary.Steam MOVIDO arquivo: C:\Users\rkmor\AppData\Local\Temp\scoped_dir6636_19115 =>.Superfluous.Temporary.Steam MOVIDO arquivo: C:\Users\rkmor\AppData\Local\Temp\scoped_dir8332_17307 =>.Superfluous.Temporary.Steam MOVIDO arquivo: C:\Users\rkmor\AppData\Local\Temp\scoped_dir8436_8951 =>.Superfluous.Temporary.Steam MOVIDO arquivo: C:\Users\rkmor\AppData\Local\Temp\scoped_dir8456_7389 =>.Superfluous.Temporary.Steam MOVIDO arquivo: C:\Program Files (x86)\QuickTime =>Riskware.QuickTime MOVIDO arquivo: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime =>Riskware.QuickTime MOVIDO arquivo: C:\Windows\Installer\MSI3681.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI4B62.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI4E14.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI6370.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI7258.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI951F.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI96C6.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSIB1C3.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSIB34C.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSIBF25.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSIC129.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSIC1E6.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSIC2D1.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSIC505.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSIC69C.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSIC768.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSICF33.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSICFA7.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSICFD0.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSID010.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSID04F.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSID064.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSID0CE.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSID11E.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSID6FF.tmp- =>.Superfluous.Empty ---\\ Registro ( Chaves, Valores, Dados ) (1) SUPRIMIDO chave*: HKLM\SYSTEM\CurrentControlSet\Services\TrueColorALS [C:\Program Files\TrueColor\TrueColorALS.exe (Not File)] =>PUP.Optional.Youndoo ---\\ Resumo dos elementos encontrados na sua estação de trabalho (8) https://nicolascoolman.eu/2017/03/11/superfluous-youndoo/ =>PUP.Optional.Youndoo https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Empty https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Temporary.Empty https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Temporary https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Temporary.Various https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Generic https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Temporary.Steam https://nicolascoolman.eu/2017/01/15/riskware-quicktime/ =>Riskware.QuickTime ---\\ Dodatkowe oczyszczenie. (39) ~ Chave de registro Tracing Supprimido (39) ~ Remover os relatórios antigos ZHPCleaner. (0) ---\\ Resultado de reparação Reparação efectuada com sucesso ~ Este navegador está faltando ! (Mozilla Firefox) ~ Este navegador está faltando ! (Opera Software) ---\\ Estatísticas ~ Items scan : 514 ~ Items encontrado : 1 ~ items cancelados : 0 ~ Items réparo : 140 ~ End of clean in 00h00mn10s ~==================== ZHPCleaner-[R]-02052017-09_11_40.txt ZHPCleaner--02052017-09_09_42.txt
  9. Olá Sam, bom dia! Segue o log do mbam: Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 27/04/17 Hora da análise: 11:16 Arquivo de registro: mbam-log.txt Administrador: Sim -Informação do software- Versão: 3.0.6.1469 Versão de componentes: 1.0.103 Versão do pacote de definições: 1.0.1819 Licença: Versão de avaliação -Informação do sistema- Sistema operacional: Windows 10 CPU: x64 Sistema de arquivos: NTFS Usuário: DESKTOP-KI4LSLA\rkmor -Resumo da análise- Tipo de análise: Análise de Ameaças Resultado: Concluído Objetos verificados: 335834 Tempo decorrido: 3 min, 23 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Habilitado PUM: Habilitado -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 0 (Nenhum item malicioso detectado) Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 0 (Nenhum item malicioso detectado) Setor físico: 0 (Nenhum item malicioso detectado) (end) Fico no aguardo.
  10. Olá Sam, agradeço pela ajuda. Vou anexar um print dos locais onde ele apareceu. Contudo já verifiquei que se trata de algo que veio junto com um programa que instalei na minha máquina. A minha dúvida é que se a remoção deste "vírus" vai prejudicar o uso do software ... Segue. Um abraço.
  11. Olá Linha Defensiva! Após uma varredura completa do sistema, o McAfee detectou "Artemis!72602DD3ED55" e o classifica como um programa potencialmente indesejado e o enviou para a quarentena. Não sei do que se trata, por isso quero "deletar" este programa do meu computador. Agradeço muito a ajuda. Seguem os log´s. Um abraço! FSS.txt MbrScan.log ZA-Scan.txt
  12. Olá Sam Spade, bom dia! Realizei as orientações finais. O PC aparentemente não tem mais nenhum comprometimento. Muito obrigado pela ajuda! Abraço!
  13. Olá Sam Spade, boa noite! Deletar o arquivo first, a principio não resolveu. Abri as configurações do Chrome e o próprio software solicitou a permissão de redefinir aos padrões originais o Chrome, este procedimento deu certo e a página do "hao" não voltou a aparecer. Abraço!
  14. Olá Sam Spade, boa noite! Conforme mencionei no post anterior, consegui desinstalar os softwares. Agora para o Google Chrome quando eu o instalei já apareceu a mensagem, do próprio Chrome, dizendo que "o Chrome detectou um comportamento incomum" e apareceu o endereço da página do br.hao123. Esta página contém uma infinidade de anúncios indesejados e fica como página principal. Não fiz nada, não tentei alterar nem tirar esse "hao". Abraço!
  15. Olá Sam Spade, boa tarde! Consegui desinstalar os softwares. Agora para o Google Chrome quando eu o instalei já apareceu a mensagem, do próprio Chrome, dizendo que "o Chrome detectou um comportamento incomum" e apareceu o endereço da página do br.hao123. Esta página contém uma infinidade de anúncios indesejados e fica como página principal. Não fiz nada, não tentei alterar nem tirar esse "hao". Abraço!